Is That Lawful? Data Privacy and Fitness Trackers in the Workplace

IF 0.8 Q3 INDUSTRIAL RELATIONS & LABOR

International Journal of Comparative Labour Law and Industrial Relations Pub Date : 2021-02-01 DOI:10.54648/ijcl2021003

Philippa Collins, S. Marassi

{"title":"Is That Lawful? Data Privacy and Fitness Trackers in the Workplace","authors":"Philippa Collins, S. Marassi","doi":"10.54648/ijcl2021003","DOIUrl":null,"url":null,"abstract":"Data collected from fitness trackers worn by employees could be very useful for businesses. The sharing of this data with employers is already a well-established practice in the United States, and companies in Europe are showing an interest in the introduction of such devices among their workforces. Our argument is that employers processing their employees’ fitness trackers data is unlikely to be lawful under the General Data Protection Regulation (GDPR). Wearable fitness trackers, such as Fitbit and AppleWatch devices, collate intimate data about the wearer’s location, sleep and heart rate. As a result, we consider that they not only represent a novel threat to the privacy and autonomy of the wearer, but that the data gathered constitutes ‘health data’ regulated by Article 9. Processing health data, including, in our view, fitness tracking data, is prohibited unless one of the specified conditions in the GDPR applies. After examining a number of legitimate bases which employers can rely on, we conclude that the data processing practices considered do not comply with the principle of lawfulness that is central to the GDPR regime. We suggest alternative schema by which wearable fitness trackers could be integrated into an organization to support healthy habits amongst employees, but in a manner that respects the data privacy of the individual wearer.\nFitness Trackers, GDPR, Privacy, Data Protection, Employment, Principle of Lawfulness, Fitbit, Apple Watch","PeriodicalId":44213,"journal":{"name":"International Journal of Comparative Labour Law and Industrial Relations","volume":null,"pages":null},"PeriodicalIF":0.8000,"publicationDate":"2021-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Comparative Labour Law and Industrial Relations","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.54648/ijcl2021003","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"INDUSTRIAL RELATIONS & LABOR","Score":null,"Total":0}

引用次数: 7

Abstract

Data collected from fitness trackers worn by employees could be very useful for businesses. The sharing of this data with employers is already a well-established practice in the United States, and companies in Europe are showing an interest in the introduction of such devices among their workforces. Our argument is that employers processing their employees’ fitness trackers data is unlikely to be lawful under the General Data Protection Regulation (GDPR). Wearable fitness trackers, such as Fitbit and AppleWatch devices, collate intimate data about the wearer’s location, sleep and heart rate. As a result, we consider that they not only represent a novel threat to the privacy and autonomy of the wearer, but that the data gathered constitutes ‘health data’ regulated by Article 9. Processing health data, including, in our view, fitness tracking data, is prohibited unless one of the specified conditions in the GDPR applies. After examining a number of legitimate bases which employers can rely on, we conclude that the data processing practices considered do not comply with the principle of lawfulness that is central to the GDPR regime. We suggest alternative schema by which wearable fitness trackers could be integrated into an organization to support healthy habits amongst employees, but in a manner that respects the data privacy of the individual wearer. Fitness Trackers, GDPR, Privacy, Data Protection, Employment, Principle of Lawfulness, Fitbit, Apple Watch

查看原文本刊更多论文

这合法吗?工作场所的数据隐私和健身追踪器

从员工佩戴的健身追踪器中收集的数据对企业非常有用。在美国，与雇主分享这些数据已经是一种成熟的做法，欧洲的公司也对在员工中引入此类设备表现出了兴趣。我们的论点是，根据《通用数据保护条例》(GDPR)，雇主处理员工的健身追踪器数据不太可能合法。Fitbit和AppleWatch等可穿戴健身追踪器会整理佩戴者的位置、睡眠和心率等私密数据。因此，我们认为它们不仅对佩戴者的隐私和自主权构成了新的威胁，而且所收集的数据构成了第9条规定的“健康数据”。我们认为，除非GDPR中的特定条件之一适用，否则禁止处理健康数据，包括健身跟踪数据。在审查了雇主可以依赖的一些合法基础之后，我们得出结论认为，所考虑的数据处理实践不符合作为GDPR制度核心的合法性原则。我们建议将可穿戴健身追踪器集成到组织中，以支持员工的健康习惯，但同时尊重个人佩戴者的数据隐私。健身追踪器，GDPR，隐私，数据保护，就业，合法原则，Fitbit, Apple Watch

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Comparative Labour Law and Industrial Relations INDUSTRIAL RELATIONS & LABOR-

CiteScore

1.00

自引率

12.50%

发文量

期刊介绍： Published four times a year, the International Journal of Comparative Labour Law and Industrial Relations is an essential source of information and analysis for labour lawyers, academics, judges, policymakers and others. The Journal publishes original articles in the domains of labour law (broadly understood) and industrial relations. Articles cover comparative and international (or regional) analysis of topical issues, major developments and innovative practices, as well as discussions of theoretical and methodological approaches. The Journal adopts a double-blind peer review process. A distinguished editorial team, with the support of an International Advisory Board of eminent scholars from around the world, ensures a continuing high standard of scientific research dealing with a range of important issues.