Kim Smith was not given terms and conditions when her employer offered her a fitness tracker last year. The 27-year-old, who holds a junior position in a big media company, entered data such as how much water she drank and her weight on the GPS-enabled device. The number of steps she — and her colleagues who joined the programme — took each day were recorded on a tally that was available for anyone in the company to see.
“I liked fitness apps, and thought it was a free bit of cool kit,” she says. “I didn’t think about it as giving up information about myself, but looking back that was quite naive.”
She is not alone. About 202m wearable devices were given out by companies in 2016 and that figure will rise to more than 500m by 2021, predicts marketing group ABI Research.
From sensors tracking how long staff spend at their desks to software that takes screen grabs capturing in real time how they work, the use of technology is advancing rapidly across all sections of the workforce. Nearly a third of large employers surveyed by Willis Towers Watson, a professional services group, handed out wearable devices last year.
HR professionals, lawyers and unions say this creates an ethical quandary and that employers should act quickly to develop codes of conduct about how they collect, store and use data about their workers. As Ms Smith’s experience highlights, employers and employees are scrambling to keep pace with technological change as they hand out gadgets that can track highly personal data without formal guidelines governing their use.
Edward Houghton, an adviser on data analytics at the Chartered Institute of Personnel and Development, says employers must not only protect individuals’ rights in line with laws such as the UK’s Data Protection Act, but also behave ethically. Drawing conclusions about a workforce from analytics is fine. Sacking a worker after monitoring their computer without telling them may be legal, but it is morally wrong, he says.
“The ethics around employee-related data is the most keenly debated area with my clients,” says Laurence Collins, a director at professional services firm Deloitte, who specialises in human resources analytics.
Communication is very important. Who owns the data? Can it be sold?
While organisations have a reasonable demand for tools that allow them to assess productivity and plan strategy, he says: “Organisations have a duty of care about how they use that data and should talk to employees to develop an ethical structure around that.”
Transparency is crucial in forming that strategy, says Phoebe Moore, an academic who works with multinational companies and unions to devise codes of conduct about their data gathering practices.
She adds that often workers do not realise the extent to which they are being observed, from their emails being read to voice and motion technology being used to analyse how great a contribution they make in meetings.
Ms Moore recommends that employees are involved in the process of formulating a data policy and that the guidelines are very clear in stating why data are captured and what they are used for. “Communication [with staff] is very important,” she says. “Who owns the data? Who stores it? Can it be sold?”
Addressing such questions is paramount when considering whether employees have the opportunity to consent to being tracked and monitored, says Pav Akhtar, Uni Global Union’s director for professionals and managers. Uni, which represents about 20m workers from more than 900 trade unions in 120 countries, has started to look at how unions should organise and bargain in the age of the digital workplace. Unions in Sweden and France have been the most active in negotiating for workers’ rights eroded by the rise of digitisation.
One example of this pressure bearing fruit is a French law enacted in January that gives employees the right to ignore emails out of office hours. Mr Akhtar has come across areas that are not yet covered by legislation — where workers say they feel discriminated against, where the technology has been misused or where the employer can see metrics the employee does not know exist.
Regulation on data management is scant. One of the few initiatives is the EU’s General Data Protection Regulation, which requires companies to gain consent from those whose data they log. It envisages fines of up to 4 per cent of a company’s annual global turnover or €20m, whichever is greater, for breaches of the rules. However, the regulation is not set to come into force until May 2018, and Britain’s expected exit from the EU makes it less clear whether it would affect UK employers.
Tim Van Canneyt, partner at European law firm Fieldfisher, says while some companies have started the process of becoming compliant with the new law, most underestimate what it will mean and how long it will take to obey. “It’s not something you can do overnight,” he says.
While employers will need to develop guidelines about the collection and use of personal data, they will also have to think carefully about what they hope to gain from the data analysis. Data scientists are needed to scrutinise numbers but are in short supply.
Anthony Bruce leads the HR consulting practice at PwC, the professional services firm, and says there is a tendency among companies to rush to embrace big data without properly considering what they will get out of it. Large global organisations often build expensive systems to analyse statistics before bosses decide what specific business needs must be addressed.
“There needs to be clear-headed approach to what the problem is — you’d be surprised how often that isn’t the case,” he says. “You can end up with a £150m sunk cost and a hammer looking for a nail.”