PrivacyEntitlement or Illusion
Mind boggling capabilities, to be sure. But that's just part of the overall equation. Vast databases provide entree into a world of personal information about an applicant or employee—his or her driving record, credit history, medical records and much more. Finding out who a person is and whether he or she might represent a future problem based on past information is as easy as a phone call or an online session. Not surprisingly, an entire industry has sprung up to conduct background checks on applicants and dig into existing employees' histories. And now, companies are developing badges with electronic sensors that let a boss know where a worker is at any given minute of the workday.
Orwellian? Perhaps. Scary? That depends on which side of the eavesdropping device you're sitting. These days, mention the word privacy in the same breath as the workplace and you're likely to stir a hornets' nest of emotions. Although the U.S. Constitution carries no specific guarantee of personal privacy, a 1992 Louis Harris poll found that 78% of all Americans express concern about their personal privacy—up from approximately one-third in 1970. A 1991 poll by Time/CNN found that 93% of all respondents believed companies selling personal data should be required to gain permission from the individual in advance. Yet, as Pincus puts it: "There's no simple method for determining what's right and what's wrong in the workplace. Neither Congress nor the courts have decided, and companies haven't come to a consensus." And, Evan Hendrix, publisher of the Washington D.C.-based newsletter Privacy Times adds: "There's a greater capability to snoop into people's lives now more than ever before."
Of course, employers argue that monitoring and surveillance are essential for a safe and secure workplace. Companies say this is to protect people and assets and limit legal liability. Some also believe that monitoring workers for speed or accuracy allows companies to boost productivity, improve customer service and weed out problem employees. There's plenty of evidence to support what these employers say. And there's a solid legal framework to bolster this position. Federal law backs the employer's right to monitor workers, and the laws of individual states follow that lead. Indeed, the courts consistently rule that employers can do—without authorization—what government officials and police officers are forbidden from doing without a court order: bug phones, install cameras, scan e-mail and browse through desks, lockers and file cabinets. The workplace, after all, is a privately owned enterprise.
Naturally, workers feel their rights to privacy are being trampled. Sitting under the watchful eye of Big Brother isn't good for morale or overall productivity, they insist. Fearing that every move is being scrutinized isn't conducive to building an environment of trust, and can sometimes lead to physical and mental ailments from the stress. "When you worry that you can't have a private conversation with your spouse or send an important e-mail message to a friend without someone knowing about it and possibly reprimanding you, it affects your attitude and feelings about the company," says a manager for a large East Coast-based food manufacturer.
As always, human resources is caught in the crossfire—because it's the department charged with developing policies and dealing with labor issues. "It's an issue you have to take seriously. There are ethical reasons, legal reasons and practical reasons for devising a plan," says Bobbi LaPlante, corporate manager of human resources at Atmel Corp., a San Jose, California-based semiconductor manufacturer.
Society constantly changes the definition of privacy.
In many respects, the battle over privacy is nothing new. For decades, civil libertarians and corporations have feuded over what's an acceptable policy and what data can be used to make a hiring or firing decision. In the early 1900s, Henry Ford was known to send investigative teams into the community to check on the morals and hygiene of assembly-line workers. Company towns, popular in the late 1800s and early 1900s, provided a highly effective way for a boss to monitor virtually every aspect of an employee's life: their sexual orientation, political and religious affiliations, and what activities they engaged in after hours.
Over the years, general standards and legal principles have emerged. Today, it's clear that employers face liability for employees' actions. In fact, the "negligent hiring" tort mandates that an employer can be sued for failing to check adequately the background of a worker. But sudden and rapid advancements in technology have ratcheted up the stakes—pushing the debate squarely into the boardrooms and courtrooms of America. Says David Szwak, a Shreveport, Louisiana-based attorney who specializes in privacy infringement cases: "Unfortunately, in the attempt to improve efficiency and reduce risk, people lose sight of the fact that privacy isn't an abstract principle. When it's abused, people's lives are affected. Inaccurate information, leaked medical records and other breaches can create lifelong problems."
And there are plenty of horror stories to support his claim. Consider the case of James Russell Wiggins, who took a job with District Cablevision in Washington, D.C. a couple of years back. Six weeks into the new job, which paid nearly twice his previous position at Philip Morris, his boss promptly fired him because a background check from Atlanta-based Equifax noted that a James Wiggins had been previously convicted of cocaine possession. Wiggins protested that the information was wrong, but to no avail. Only later was it discovered that his identity had been confused with a James Ray Wiggins. By the time the dust had settled, the unemployed Wiggins had slapped a $10 million lawsuit against Equifax and Cablevision. The case currently is tied up in the courts. And it's only one of hundreds of such cases.
The widespread availability of such personal information presents vexing challenges—particularly within the human resources field. Dozens of companies provide detailed information—information you think is private—in database form, including motor vehicle records, credit reports, criminal records, telephone usage patterns and insurance coverage. That alone can raise questions about privacy and confidentiality, says Szwak. Factor in the sobering reality that nearly half of all credit reports and background checks include errors, according to a recent Congressional study, and it's easy to see why the James Russell Wiggins of the world are seething mad.
As database companies such as TRW, Equifax and Trans Union clamor to offer ever greater capabilities and one-stop shopping, the stakes inevitably become higher. "There's nothing intrinsically wrong with a company conducting a background check," says Szwak. "If an applicant is informed that the company conducts a check, and the company gathers only applicable information, that takes care of the privacy issue." But, he adds, "Too often, private information is publicly available. There's little or no consideration for what is private and what isn't."
Part of the problem is that no clear guidelines exist as to what should remain private. Is it a good idea for a company to use a credit report as a basis for hiring an accountant or money handler? Most HR professionals would say yes. But some also would argue the report is useful for making value judgments about an applicant's character. That gets trickier. "Using information that doesn't directly relate to the position can open the door to legal challenges," explains Claudia Terrazas, an attorney at the Privacy Right Clearinghouse, part of the University of California, San Diego's Center for Public Interest Law. Ditto the concerns over how motor vehicle records are used.
Now, some are rejecting the idea of credit checks entirely. "It's a gray area," says Sandra Penney, director of team member services for HR at Sovereign Bank, an $8.5 billion, 120-branch institution headquartered in the suburbs of Redding, Pennsylvania. "It can become a quagmire because you wind up with inaccuracies, spouses who are at fault for financial problems, and people who may have had one episode in their lives in which they had a financial problem. So, where do you draw the line on what's acceptable and what isn't?"
Added to the fact that no clear guidelines about what should be private exist, society's definition of privacy itself changes over time. In the 1980s, the idea of testing for illegal drugs met fierce resistance. Civil libertarians attacked the effort and cases streamed into the courts. A decade later, with legality no longer in question thanks to a 1989 Supreme Court ruling, drug testing is used by thousands of companies, and many employees expect—even welcome—testing as a way to keep the workplace free of crime and problems. Some companies even hire undercover investigators to ferret out drug dealers.
Likewise, as recently as 1992, an employer could use an online databank legally to determine whether or not a jobseeker had ever filed a workers' compensation claim. Not surprisingly, many companies simply had refused to offer a job to anyone who had ever filed a claim. The Americans with Disabilities Act changed that. It limited the use of electronic database searches until after a job offer is made. If an employer then discovers a history of claims, the company can shift that individual into another position that's deemed less risky or—if no safe job is available—rescind the offer.
The debate over legal boundaries continues to escalate. And, increasingly, the battle is spilling out of the workplace and into the home—as a growing number of companies examine aspects of an individual's life formerly considered private. Indeed, employer advocates argue that a company has the right to hire the best qualified individual for the job. They also insist that companies have a responsibility to find employees who can adhere to quality-control, safety and health-care cost-containment standards. In fact, a 1994 survey by the Society of Human Resource Management found that 77% of human resources professionals endorse a company's right to establish differentials in insurance premiums for employees who smoke.
Critics contend that such thinking raises serious questions about where the line between work and private activities should be drawn. Diet, exercise, hypertension and genetic abnormalities could easily become factors in hiring, they say. Hobbies, such as scuba diving or hang gliding, could disqualify job applicants. Already, some companies have opted to ban the consumption of alcohol after hours, even an occasional glass of wine with dinner. And government is getting into the act too. In 1993, the City of Athens, Georgia, proposed mandatory cholesterol testing for all job applicants—automatically eliminating those who tested in the highest 20%. After a chorus of protests, the idea was scrapped.
The emergence of electronic eyes and ears.
Technology and electronic equipment have also transformed the workplace itself. A 1993 study conducted by Macworld magazine found that at companies with 1,000 or more employees, 30% of the firms have searched employees' computer files, electronic mail and voicemail. Altogether, it estimated that at least 20 million Americans may be subject to electronic monitoring through their computers. Of course, that doesn't include the use of telephones and video cameras, which could boost the number to 50 million or more. In addition, data-entry clerks, word-processing clerks and customer-support specialists often work on terminals that allow monitoring for speed, accuracy and time spent working.
It's an issue that's attracting plenty of attention. And no topic seems to be as widely discussed as electronic mail, which has exploded in popularity in recent years. In fact, many workers simply aren't aware their e-mail can be monitored and examined by managers. "They believe it's private and that by deleting a message there's no longer any chance that anyone can see it," says DePaul University's Pincus. "They don't understand that deleted messages can be retrieved; they aren't aware that what they write can be used against them or cost them their jobs—particularly if they have made disparaging remarks against the company or a boss."
Of course any misuse of the e-mail system can be cause for discipline. Penney describes a situation that happened at Sovereign Bank. A year-and-a-half ago, two employees began zapping racy messages to each other over the bank's e-mail system. The notes contained long and often graphic descriptions of various sexual acts. All this came to the company's attention only after the woman sent one of the messages to the bank's top executives by mistake. Ultimately, both were fired for misusing company time and resources, and Sovereign Bank immediately drafted an e-mail policy spelling out that private use of the network wasn't allowed. It also added a brief warning, which pops up anytime an employee composes a new message, that e-mail must be job- or work-related. And the company scans the mail system randomly to ensure compliance. Yet, even with such rules, Sovereign Bank does allow workers to send "brief and expedient" messages of a personal nature. You certainly don't want to create a Gestapo-type organization," Penney says. "You have to use some common sense."
Voicemail is another hotbed of controversy. Many workers believe the messages they receive are private, and that they alone have access to their voicemail boxes. But that's simply not the case. In many instances, managers have access codes that allow them to listen to messages anywhere on the system. And, depending on how they monitor voicemail, it can lead to enormous problems. In fact, in what appears to be the first voicemail privacy case to hit U.S. courts, the manager of a McDonald's in Elmira, New York, Michael Huffcut, is currently suing the owner of the franchise, Fred Remillard, over invasion of privacy. The manager, who had been an employee of McDonald's for more than 20 years, began a romantic relationship with an assistant manager of another McDonald's in a neighboring town. The couple left racy messages on each other's voicemail—part of a system that linked a dozen franchises. At some point, Remillard and another employee retrieved the couple's messages and eventually played them to Huffcut's wife. The $2 million lawsuit is winding through the courts.
Then there's the Internet and the online world—which are supposed to help workers find information and stay up-to-date with news and trends. Unfortunately, unauthorized use of the Internet has forced many companies—such as Unocal Corp. and Rockwell International Corp.—to crack down on a new breed of cyberloafers who surf the World Wide Web, newsgroups and commercial services looking for sports scores, stock quotes and sexually explicit materials. In some cases, companies have found it necessary to track online usage and even monitor what appears on an employee's computer screen at any given moment.
Rules and regulations balance security and privacy.
Privacy advocates seldom argue that all monitoring should be eliminated. The problem, they say, is that many employers approach the issue from the basic viewpoint that workers can't be trusted. "The fact is, there are valid reasons for monitoring the workplace. Quality control, crime and misuse of company resources are all legitimate concerns. But too many companies apply blanket policies without considering the consequences. When you have an environment in which there's a lack of trust on all sides, you wind up in a downward spiral that has negative consequences for everyone," says Pincus.
Attempts to create laws that deal with the emerging technology have largely failed. Retiring U.S. Senator Paul Simon of Illinois continually has pushed for tighter standards that would require companies to alert workers about electronic monitoring, forcing an explanation about how the data is used. His most recent attempt, the Privacy for Consumers and Workers Act, has never been able to gain the necessary support. Although some states also have attempted to deal with the issue, the verdict is still out on how successful these attempts have been. Last December, Illinois Governor Jim Edgar signed a measure that allows an employer to listen in for "educational, training or research purposes." Although the law states that employers must gain permission before eavesdropping, it's unclear whether a one-time warning would suffice or if notice must be given each time listening is planned. And that has unions and worker advocacy groups howling mad.
Law or no law, part of the solution for employers is to develop clear policies and guidelines so that workers know what to expect, says Terrazas. That means outlining how e-mail and voicemail should be used, as well as when and how telephones and computers are monitored. "An employer can legally monitor e-mail without notifying employees," she says. "But that doesn't make it right." It's also important to "honor an employee's reasonable expectation to privacy. Videotaping a dressing room or using surveillance devices in a break room can constitute a violation of an employee's rights and create potential legal problems. Providing an employee with a locker and then searching without reasonable cause is damaging," Farrazas adds.
Some companies have gotten the message loud and clear. "It's far better to be proactive and upfront about your policy," says Margaret Phillips, director of human resources, contracts and legal for DHL Systems, the Burlingame, California-based technology services company of DHL Worldwide Express. "It's important to remember that you're dealing with human beings and not ants." Last year, with input from employees, DHL Systems developed a concise but comprehensive policy to deal with privacy issues related to computers and e-mail. Says Phillips: "You can't have a totalitarian state, but you also can't allow total freedom. The key is striking a balance that's fair for everyone."
Personnel Journal, May 1996, Vol. 75, No. 5, pp. 74-88.