The snack machine wants to scan Alice’s fingerprints.
Alice — not her real name — would prefer not to surrender her biometric data just to get a candy bar, but it’s the preferred option in the break room. She could input a personal code, instead, but either way everything she orders from the machine will be tracked. She’s not sure exactly where the data goes — or what it will be used for.
Maybe snack-tracking isn’t such a big deal, considering that all her colleagues are wearing Fitbits — their data automatically sent to a third-party company contracted by her employer. Or considering that once a year, they’re required have a full blood workup, through yet another third party. If Alice opts out, her health insurance gets more expensive. She isn’t sure where that data goes either, or even if it’s shared with her employer.
“Everything seems like a black box,” she said. “I’m mostly just confused, because nobody seems to bat an eyelash. Everyone signs up for the blood tests and a significant portion are walking around with fitness trackers.”
Alice describes her office as a “panopticon” — a structure built for total surveillance. Your office may be one, too. Whether through “voluntary” corporate wellness programs, smart badges that record voices and GPS locations, or surveillance apps in their mobile phones and personal computers, Americans are offering up more and more personal data at work. Most of them don’t have much idea of where that data goes, or how it will be used — and there aren’t that many limits on what employers can find out about their employees, or what they can do with the data. The more people who opt in now, the harder it will be to opt out in the future.
And it’s about to get much worse.
In January, new rules went into effect allowing third-party wellness companies to share much more medical data with employers. And a bill currently moving through Congress would make it legal for employers to force workers to share their entire DNA sequence, taking employee scrutiny to a previously-illegal level — while also allowing companies to punish workers who don’t comply.
“The short story is, surveillance is increasing, and the capability to do surveillance is increasing,” said Anna Slomovic, a privacy consultant.
Wellness programs are perhaps the most common way for employers to gain access to their workers’ intimate data. These programs have flourished over the last few years, after a clause in the Affordable Care Act raised the limit on how much companies could offer in incentives.
A 2013 congressionally funded study by the RAND think tank found that just over half of all organizations with 50 or more employees had wellness programs, and that number has almost certainly climbed since then. Last year, a survey of larger companies by brokerage and consultancy firm Willis Towers Watson found that a third of them offered Fitbits or other fitness trackers to their workers — a percentage that could increase to half by next year. And another marketing firm estimated that 202 million Americans are wearing fitness trackers handed out by their employers.
For now, this kind of program is “voluntary.” But participants at her company are rewarded with discounts of up to 25 percent on their health care, plus $250 gift certificates for racking up a certain amount of fitness points.
“How voluntary is it?” asked Lee Tien, a senior staff attorney for the Electronic Frontier Foundation, a nonprofit civil liberties organization that focuses on technology. In a workplace situation, he said, the politics of peer pressure can combine with pressure from a boss to make a voluntary choice less voluntary. “If everyone says, ‘Hey, you should be doing this [tracking program],’ it’s no more voluntary than ‘Hey everyone else is contributing to XYZ charity,’ or ‘Hey we’re all putting in a thousand dollars in so-and-so’s political action committee,’” he said.
And as monetary “incentives” for participants rise in value, they start to look more like punitive measures for nonparticipants.
“Instead of, ‘Participate and get a company hat,’ it’s now ’We’ll give you $500,’” Slomovic said. (In some cases, like that of a Wisconsin plastics worker, outright punitive measures are used: participate or lose your insurance.)
Slomovic cited a study that found that the more these incentives increased — that is, the more expensive it became not to participate — the wealthier the segment opting out of wellness programs became. Eventually, she said, protecting employee privacy will be limited to people wealthy enough to pay for their own insurance.
But wellness programs, after all, are just one method for surveilling workers. There are others: for example, the smart badges developed by Humanyze. When Jeff Moir wore one last year at Deloitte, the multinational professional services firm where he is a partner, they were the size of a pack of cards; now, he says, Humanyze has shrunk them down to the size of a regular ID card. The badges contain, among other things, microphones and a gyrometer.
Humanyze emphasizes that the microphones in its badges don’t actually record your conversations — rather, they say, they let the badge analyze things like how often you and the person you’re talking to interrupt each other, relative voice volume, and “mood.” It can also count how often you use keywords like “happy” or “proud.” The gyrometer registers your affect: it can literally tell if you’re “leaning in.”
At the time, Deloitte was redesigning one of its offices and wanted to know exactly how its inhabitants spent their time all day. Those who didn’t want to participate got a “dummy badge” — a placebo — so they wouldn’t stand out as a nonconformer.
For those who participated, the badges recorded their activity in intimate detail. In theory, the company wouldn’t be able to use the badges to check up on individual workers, only to analyze behavior in aggregate — but the workers themselves were able to access individual records of their own activity. “You basically get a link and you go to a website,” Moir said. “The dashboard would give you indicators like conversation quality, your activity, who did you talk to, where were you.”
That’s what worries experts like Slomovic. If individualized data exists, she said, it can be exploited. “If data is collected for any reason it can always be used for other purposes,” she says. “And employers are not the only threat.” Once data is being generated, it can be requested by law enforcement, sold to vendors, or simply hacked. “Simply blithely making statement ‘We don’t give data to employers so it’s fine’ is not the whole story.”
As a “human capital” consultant, Moir envisions badges like Humanyze’s allowing companies to quantify what makes a good worker. For example, he said, the badges might allow management to define exactly the traits that differentiate high performers from mediocre ones, then fine-tune hiring decisions and performance evaluations accordingly.
“I would say this is something that is coming,” he said. “This kind of technology is part of an overall trend … monitoring is high and it’s going to get a whole lot higher.”
To Tien, the EFF lawyer, that’s dangerous — especially because Americans are at their most vulnerable when they’re at work.
“You don’t have a whole lot of protection in the workplace,” he said. “Workers don’t have many rights — they just don’t.”
In any work situation, he said, employers hold disproportionate power. “They can deny you a promotion. They can put you on a bad shift. There’s a gazillion things your employer can do to make your life worse, short of firing you — and the whole time threatening to fire you,” he said. “That’s why people suck it up in the workplace and take indignities, take pain and suffering being inflicted on them. I don’t think privacy as a practical matter in the workplace is any different.”
As The Atlantic put it in a recent article: “If local police or the FBI wants to track your car, they have to ask a judge for a warrant first. But if your boss wants to track your phone, it’s likely within his or her rights.”
In some cases, employees have pushed back — so far, without much success. In California, a woman named Myrna Arias discovered that a company app she’d installed on her phone was tracking her whereabouts 24/7 — yet another form of employee surveillance. She uninstalled the app — and was fired. She sued, her complaint stating that, “Her manager made it clear that he was using the program to continuously monitor her, during company as well as personal time.” The case was settled out of court.
Alice, who must choose between being fingerprinted and bringing her own snacks to work, knows this better than most. She works in healthcare analytics herself. As part of her job she collects sensitive medical information about individuals. “People are really lax about it,” she said. “It’s never really an aggregate — it’s individualized somewhere. I can access it in the database any time I want.”
That’s part of her discomfort with her company’s own practices, she said. “I just don’t like it. I’m just not ok with it,” she said. “I think a lot of it is because I’ve worked in industry and seen how fast and loose people are with that data.”
She added, “I’m definitely in the process of trying to leave.”