news + views + events
Biometric Technology in the Workplace:
Preventing "Buddy Punching"

Employers face many challenges in managing the attendance of their employees. Employers who use time card or swipe card systems to track the arrival and departure of their employees may also have to deal with the issue of “buddy punching”. Buddy punching occurs when one employee clocks into a payroll system using another employee’s card, making it appear that an employee who has not actually arrived at work, is in fact at work for the full duration of their shift.

In response, some employers have implemented biometric systems to track employee attendance. These scanners require the employee to scan his or her hand, fingerprint, or voice in order to clock in and out.

Some employers who have implemented such technology for attendance monitoring have faced challenges from employees who felt that the system infringed upon their privacy. For example, in Investigation Report P2008-IR-005, a recent decision of the Alberta Office of the Information and Privacy Commissioner, an employee challenged her employer’s ability to implement a thumbprint scan system to track attendance. The employer, the Empire Ballroom, fell under Alberta’s Personal Information Protection Act (“PIPA”).

PIPA sets out the provisions under which private sector organizations in Alberta may collect, use or disclose personal information. Under PIPA, employers do not require the consent of their employees to collect, use or disclose personal employee information if the employer meets certain conditions. These conditions require that the employer’s purpose for the collection of the personal information must be reasonable, that the information collected relate only to the person’s employment, that the employer notify the employee that the information will be collected and of the purpose for the collection.

The Empire Ballroom had informed its employees that it would be implementing a thumbprint scanning system for attendance monitoring purposes. However, it failed to inform the employees that the thumbprint scanner did not retain an actual “thumbprint”, but rather a unique number identifying the employee. This unique identifier is still considered to be personal information under PIPA since it can be linked with and identify an individual.

The Adjudicator determined that attendance monitoring for payroll was a reasonable endeavour for the employer. The Adjudicator noted that it was significant that the employer did not collect actual thumbprints. The Adjudicator was also satisfied that the information collected and used by the Empire Ballroom consisted only of information related to the employment relationship. However, Empire Ballroom’s failure to inform the employees that the information collected would not be an actual thumbprint, but rather a numerical identifier generated from the thumbprint, constituted a violation of PIPA. As a result, the Empire Ballroom was ordered to notify its employees in writing about the mechanics of the biometric sign-in system and clarify precisely what information is collected and how it would be used. It was further ordered to revise its privacy policy regarding thumbprint templates and to provide of a copy of the revised policy to all employees.

A similar decision (Investigation Report F2008-IR-001) permitting the use of a handprint scanner was also made under Alberta’s legislation governing public body employers, the Freedom of Information and Protection of Privacy Act.