Aug 24, 2009

Please Do Not Microchip the Employees (But Biometric Scanning May Be OK)

Did you know that at least four states have passed laws that prohibit mandatory or coerced microchipping, including installing a microchip or radio frequency identification (RFID) tag as a condition of employment? A number of states have legislation addressing the improper use of RFID tags or the information from them (for example, to surreptitiously gather private information). But California, North Dakota, Ohlahoma, and Wisconsin have gone further to ban employers from implanting microchips in their employees as a condition of employment. You can find a list of state RFID laws, with links, here, at the website of the National Conference of State Legislatures.)

California's statute (Cal. Civil Code section 52.7), for example, prohibits requiring, coercing, or compelling anyone to undergo "the subcutaneous implanting of an identification device," including conditioning any private or public benefit on consent to implantation, "including employment, promotion, or other employment benefit, or by any means that causes a reasonable person of ordinary susceptibilities to acquiesce to implantation when he or she otherwise would not." The law imposes penalties of $10,000 per violation, with an additional $1,000 penalty for each day the violation continues; it also creates a right of action, with punitive damages, attorney fees, and litigation costs (including the cost of hiring expert witnesses).

And speaking of high-tech information gathering, one of the fixes currently under consideration for the E-Verify system, the government's online system for authenticating an employee's authorization to work in the United States, involves biometric data. Senator Schumer, Chairman of the Senate Judiciary Committee's Subcommittee on Immigration, Refugees, and Border Security, recently said that E-Verify should include a biometric component -- based on fingerprints, retinal scans, or DNA, for example -- to make sure that the employee is who he or she claims to be. Employment lawyers have raised a number of concerns about the proposal, from privacy violations to concerns about the cost, according to a recent article in the National Law Journal.

Certainly, any employer that requires employees to provide biometric information will have to guard the privacy of that information very carefully. If biometric information is leaked or stolen, the term "identity theft" could take on a whole new meaning -- to include not only identification numbers or bank account information but also the ridges on our fingertips and the unique structure of our faces (or our genes). You can apply for a new Social Security number, but not a new eyeball. And this issue is already on the legislative radar: For example, Illinois recently enacted a law requiring companies that gather biometric data to do so only with written consent, to use reasonable care to store and protect that information (and to refrain from selling it), and to establish a timetable for retaining and destroying the information