Workplace Privacy & Biometrics

Click for PDF
Put your business on the right side of change by seizing the advantages of workplace technology while remaining compliant with the privacy laws that govern it.

Workplace privacy is a two-sided coin. While employees are concerned about protecting their personal information, employers are concerned about protecting confidential and proprietary information. Employers have an obligation to protect their employees’ personal information, and there can be significant consequences when security incidents or data breaches occur involving personal information of employees. Employers must navigate through an expanding maze of laws, regulations, and enforcement actions relating to privacy and security in the workplace, including those that govern the monitoring of electronic communications by and among employees that are sent through social media platforms, text and group messaging services, personal web-based email accounts, and video surveillance. Many privacy concerns in the workplace arise as a result of technology being deployed in the workplace. Employers who roll out employee-facing apps or internal messaging platforms need to think strategically about the privacy implications of these technology platforms. Moreover, as biometric technology has become more advanced and affordable, more and more businesses are rolling out technology in the workplace that uses biometric identifiers (such as retina or iris scans, fingerprints, voiceprints, and scans of hand or face geometry) or related biometric data causing a number of states to propose and enact legislation that regulates the collection, storage and destruction of biometric data.

HOW WE HELP

We advise businesses across the country on a wide array of workplace privacy compliance issues, including:

  • Helping businesses who have already been using biometric technology get into compliance.
  • Proactively advising businesses that are considering their first forays into the use of biometric technology.
  • Legally monitoring electronic communications by and among employees through social media, text and group messaging, personal internet-based email accounts, and video and audio surveillance.
  • Properly conducting workplace searches and investigations.
  • Complying with requirements under the FCRA and related state laws including subsequent litigation.
  • Developing and implementing Bring Your Own Device (BYOD) programs
  • Drafting policies relating to workplace privacy issues.
  • Advising employers who have experienced security incidents or data breaches involving employee information.

We also regularly defend employers and background screening vendors in litigation alleging violations of biometric privacy laws or the Fair Credit Reporting Act (FCRA) and other statutes that govern use and access to employees’ personal information. Our team consistently maintains a robust docket of biometric privacy class action cases, including defending companies in a wide range of industries, such as hotels, airlines, restaurants, and health care systems in class action lawsuits asserting violations of the Illinois Biometric Privacy Act (BIPA).

We also have extensive experience helping clients navigate the implications of the Illinois Genetic Information Privacy Act (GIPA) that focuses on the use of genetic testing to determine suitability for insurance coverage or employment. Trending GIPA lawsuits allege that employers solicited “family medical history” from an applicant in connection with a pre-employment examination. It's essential for businesses to stay informed about the evolving regulatory landscape surrounding the collection of genetic information. In our role as advisors, we assist businesses nationwide in comprehending and complying with GIPA regulations, ensuring they are well prepared to navigate the complexities of employee data protection and privacy in the modern workplace.

THE SEYFARTH EXPERIENCE

Seyfarth is always monitoring the ever-changing and evolving social media privacy laws and regulations. We develop compliant policies and best practices that follow National Labor Relations Board (NLRB) guidelines. We also help clients manage where and how electronic information is stored and establish information governance programs that ensure compliance with litigation discovery, data security, and privacy obligations, as well as manage risks associated with the implementation of new technologies.

We defend companies against class action litigation and regulatory investigations when accused of having violated the applicable laws protecting the privacy of consumer information. Our attorneys have collectively obtained a comprehensive understanding of the details and procedural nuances specific to this type of class action case. We have developed strategies designed to both defeat biometric privacy class actions and significantly reduce potential exposure for our clients.