Panoptic Employment

Remote workers are subjected to constant and intrusive surveillance by employers and health technology companies. Working from home became commonplace as a result of COVID-19, and increasingly employers use health and location tracking software, as well as webcams and facial recognition, to monitor their employees. This surveillance exacerbates risks of discrimination based on health data and other lifestyle factors that have no bearing on work performance, implicates the privacy rights of family members and roommates, and sharpens the power asymmetry between employers and employees. Particularly as States seek to criminalize women seeking abortions following the Supreme Court’s overturning of Roe v. Wade, the safeguarding of health data on fertility-tracking applications has never been more important. Given the novelty and rapidity of this transition, state and federal laws fall short of adequately protecting remote workers from incessant surveillance, particularly of their health data. Although several federal laws and agencies appear to address certain aspects of this threat, in practice laws such as HIPAA at the federal level and BIPA and CCPA in Illinois and California, respectively, do not sufficiently regulate the collection of health data from remote workers. In addition to these practical issues, U.S. privacy law generally places undue exclusive emphasis on the individual, relying on notice-and-consent provisions and anonymization. However, the case of remote worker surveillance highlights the deficiencies of this individualized focus. This Note details the prevalence and harm of remote worker surveillance, discusses how the current data privacy legal regime falls short, and offers proposals for strengthening privacy protections for remote workers and their health data.