Biometric Scanning Clocking Systems
Do you want a secure solution that is buddy clocking proof – are biometrics the answer? Surprisingly, probably not!
The recent enforcement notice by the ICO regarding the use of biometrics for employee monitoring means that you need to be very careful when deploying biometrics of any sort in the UK for Time and Attendance. You must ensure your policies and communications are in line with the evolving legislation and rulings and that you can demonstrate you have tried every other method first, and they have failed on a widespread basis.
If biometric fingerprint scanning clocking is not the right fit for your business requirements, learn more about Capture it™ clocking solutions by clicking the button below.
A small number of employees buddy clocking is not considered an adequate reason for a biometric implementation:
“The use of biometric technology to monitor attendance is not a targeted means of paying employees correctly or a proportionate method of overcoming the issue of a small number of employees having abused previous systems”.
Nor is the convenience or reduction of cost to an organisation:
“The processing of biometric data cannot be considered “necessary” when less intrusive means could be used to verify attendance. The less intrusive means of recording attendance times that are available to ****** include using RFID cards or fobs, or manual sign-in and sign-out sheets”.
The full ICO ruling can be found below.
Regarding the recent landmark ruling John Edwards, UK Information Commissioner, said:
“******** did not fully consider the risks before introducing biometric technology to monitor staff attendance, prioritising business interests over its employees’ privacy. There is no clear way for staff to opt out of the system, increasing the power imbalance in the workplace and putting people in a position where they feel like they have to hand over their biometric data to work there”.
“This is neither fair nor proportionate under data protection law, and, as the UK regulator, we will closely scrutinise organisations and act decisively if we believe biometric data is being used unlawfully”.
Mr Edwards added:
“This action serves to put industry on notice that biometric technologies cannot be deployed lightly. We will intervene and demand accountability, and evidence that they are proportional to the problem organisations are seeking to solve”.
As a summary:
- Employees must have a meaningful alternative to using biometrics with no penalty.
- You must be able to prove employees have this clearly communicated to them (including the mechanism to activate the alternative) – and probably regularly re-communicated.
- You must prove that you have exhausted less intrusive alternative methods before deploying biometrics.
- You must consider the security and currency of the data, and review this.
- You must conduct the appropriate DPIA assessments.
Our Position:
Given the positions outlined by the ICO as we feel that it appears most organisations will not be able to meet the hurdles for deploying them. Those organisations that can and do will likely not get the benefits they seek due to the implied limitations placed upon their use. We have therefore, regretfully, taken the decision to suspend the sales of biometric terminals in the UK at this time.
It may be argued this is not our decision to make (as we are not legally responsible for a client’s deployment) – but we feel it is the responsible position to take for the time being. After 20+ years of successfully deploying biometrics into our market space you can be assured it was not a decision we have taken lightly.
