The hottest new subject area for legal academics is privacy law. The field is still in its infancy, which means that many of the foundational issues of categorization and taxonomy remain to be worked out. Even defining privacy is thorny, as the label is applied liberally to all sorts of invasions, intrusions, disclosures, and interests, with questions about how to delineate and frame privacy concerns arising in several sub-categories. In the labor and employment context, the Restatement of Employment Law has divided privacy interests into three categories: interests in the privacy of persons and locations (including electronic ones); interests in the privacy of personal information; and interests in the nondisclosure of information that was disclosed to the employer confidentially.1 Within these broad contours, a myriad of different types of violations sit uncomfortably next to one another, each raising its own specific issues.
In Limitless Worker Surveillance, Ifeoma Ajunwa, Kate Crawford, and Jason Schultz take on one specific type of privacy invasion: workplace surveillance. Because of employers’ ownership and control of the workplace, courts have generally interpreted the common law to allow employer surveillance of working areas. Moreover, employers can expand their observation into private areas when employees give their consent to the intrusion. Management has generally run into trouble only when it surreptitiously and secretly records employees in private areas, such as bathrooms, medical examination offices, and employee homes. But routinized, disclosed surveillance is commonplace and seen as part of the job. Ajunwa, Crawford, and Schultz, however, want to disrupt this equilibrium. They argue that freedom from surveillance should be a non-waivable right, and they propose three different federal statutes, varying in scope, to enforce variations of this right against employers.
The article does not spend a lot of time exploring why surveillance, at root, is problematic as a practice—the authors assume that sustained and continuous observation is noxious and enervating. Instead, they dig into the technological changes that afford companies cheaper and easier ways of observing, measuring, and tracking their employees than existed in the days of Frederick Taylor and Henry Ford. Now, digital cameras can record an eternity of activity without the cost of film or videotape. RFID tags and GPS tracking can follow workers all over town without significant investment. Computer software can record everything an employee does online without the employee ever knowing. There really has been a sea change in the levels and types of information available to most employers about their employees. The authors single out wellness plans and productivity apps for special attention, discussing how these programs generally work and how they access workers’ private information in the name of health outcomes and improved productivity.
Ajunwa, Crawford, and Schultz survey the existing legal protections for workers and find them wanting. They point out the absence of regulation in privacy statutes such as the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act. Federal discrimination statutes likewise do not address surveillance; the NLRA does address surveillance, but only in limited circumstances. There are state-level regulations of video and audio monitoring, as well as a growing number of state restrictions on employer access to employee social media accounts. But these protections are spotty and often limited, sometimes allowing surveillance with notice (or even without it). (Interestingly, the authors use state statutes protecting off-duty smoking as a proxy for privacy, even when these statutes were often more a result of tobacco-industry lobbying than an interest in workers’ rights.) Although states like California have fairly robust surveillance regulations, many states offer little to no protection.
The solution, according to the authors, comes in the form of a federal statute to regulate surveillance on the job. They begin with the possibility of a comprehensive privacy regime along the lines of the European Union’s General Data Protection Regulation. Ironically, they argue such a wide-ranging approach might fail because it would necessarily be susceptible to too many exceptions based on consent or work-related data collection. Instead, they suggest a federal “Employee Privacy Protection Act” that would prohibit surveillance outside the workplace as a mandatory, non-waivable rule. A third possibility would be a federal “Employee Health Information Privacy Act,” which would fill the existing gap left by HIPAA regarding employer responsibility over personally identifiable health information. This act would give employees the right to consent to use of their health data as well as the right to have data destroyed at the end of the employment relationship.
Limitless Work Surveillance takes on an important area of workplace concern and provides a set of legislative solutions for consideration. And the authors savvily ascertain how technological changes are driving—and will continue to drive—the ways in which employees will find their personal privacy invaded and degraded. By calling attention to the issue of surveillance in the workplace at this particular moment in our history, Ajunwa, Crawford, and Schultz have made an important contribution to the literature. The article will hopefully spur additional research into the ways in which employers and employees can work together to manage their legitimate interests while protecting the core of human dignity.