Privacy and Ethics of Enterprise Wearables

Written BY

Emily Friedman

June 18, 2015

Today, we will turn to the cultural and organizational challenges of enterprise wearables, beginning with privacy & ethics.

Cultural & Organizational Challenges

Privacy & Ethics

As with all mobile devices (and apps), privacy is a major concern when it comes to wearable technology. Specifically, it is the privacy of wearable users’ data, or rather the sensitive information that may be revealed by this data, that is “at stake.” Let’s get one thing straight: Privacy is not the same as security. In Part 4, we discussed the security risk posed by wearable devices in the workplace. This risk applied to both corporate and personal data either accessed or collected by the technology. Data security is a challenge of enterprise wearables that magnifies the privacy issue; but they are not one and the same.

Whereas the security challenge of wearables in the workplace involves potential data leaks, privacy goes well beyond a “mere” breach of corporate information or personal data. It involves the data from wearables becoming public when not intended, falling into the “wrong” hands, and/or revealing unwanted information; or being used somehow inappropriately, unethically or in otherwise unforeseen and damaging ways not only by perhaps unknown third parties but also by employers themselves.

Some sources argue that privacy is not as big a concern in the enterprise space as it is for consumers. After all, employees are more or less used to being monitored in the workplace; and wearable tech is only a new way of monitoring workers. Furthermore, employees are unlikely to resist new technology that helps them do their jobs better by providing the right information when and where it is needed, or so the argument goes. While these are certainly legitimate points, they fail to really address (or mollify) any privacy concerns. So what if employees are used to bosses paying close attention to how they spend their workdays? So what if wearable tech makes their jobs easier and/or safer? A worker would still be pissed (pardon my language) if his sensitive data were leaked or used unethically, and rightfully so!

Wearable technology can capture information related to individuals’ habits, behavior and health on top of enterprise information; and all that data could be deemed personal or intellectual property (We’ll have to wait for the law to catch up to the tech on that one). Enterprises should not only understand the privacy risks that wearables introduce but they should also make sure employees understand those risks. Policies will have to be written or adjusted to account for the safe and proper usage and integration of workers’ wearable data when in corporate boundaries and beyond.

So yes, an employee will probably embrace any technology that facilitates or improves his efficiency, productivity, and/or safety at work; but he is far more likely to do so if he understands how the information collected by his new wearable work gadget is going to be used by the company. In this new age of mobile technology, businesses will need to be open about the data they are collecting via wearable devices, and why. Transparency establishes trust; even though in these early days it is sometimes not entirely clear just how to use the data collected by wearables towards significant change in the workplace; companies should still be very clear with employees about what kinds of data are being collected and how it is intended that that data be put to use.

A good governing “philosophy” is the give-to-get ratio: What users get out of wearable devices (say, increased productivity and other job performance benefits) has to be worth more to them than what they give up—i.e. their data along with a measure of privacy. Not only do there need to be rules in place to prevent employers from using wearable technology – or rather, the data it creates – to the detriment of employees (for ex. firing or otherwise persecuting an employee based upon wearable data); but employees should also be able to opt out of any kind of data interaction in which they feel their privacy may be violated, and to have their data “returned” (or wiped) if requested. This brings up perhaps an even more troublesome concept, and that is data ownership: Who exactly owns the data from wearable tech in the workplace? The law could fall on either the employees’ side – those who supply the data – or else that of the employers to whom employees give up their “data rights.”

At the end of the day, privacy is a boundary that wearable manufacturers and enterprise adopters will have to test and navigate over time. Some currently proposed solutions include ensuring that employers see only anonymous data from workplace wearables, that participation in corporate wearable tech programs be optional, and that there are no punitive implications (applying to both the collected information and the decision to opt out of using the devices). Geofences, which would disable the technology in off-limits places such as bathrooms, R&D labs and private homes, have also been suggested as a viable solution.

Further Reading