FB pixel

Biometric time and attendance systems restricted by European data protection rules, Dutch authority issues fine

Biometric time and attendance systems restricted by European data protection rules, Dutch authority issues fine

Biometric time and attendance tracking of employees through a fingerprint-based system has been ruled illegal in Germany unless exceptional circumstances make it necessary, according to a court decision covered by Lexology.

The court ordered a pair of warnings issued to an employee who refused to use the biometric system be struck from the person’s employment file, as the system was not being used in compliance with the relevant data protection law. As the employee had not given consent or signed a contract specifying the use of the system, the labor court reviewed the system’s legality under the European Union’s General Data Protection Rule (GDPR) and the German Federal Data Protection Act.

The criteria established by the court for the use of a biometric employee tracking system includes a history of misuse of a previous manual system at the workplace, a significant risk of misuse of a different type of system if introduced, and past misrepresentations by the employee of his or her working hours. As a general rule, the more past time recording abuse there has been, and the less effective other measures of preventing future abuses would be, the stronger the legal case for special circumstances becomes.

The article also notes that consent by employees could be challenged on the grounds that it does not meet the standard for being truly voluntary.

Dutch authority issues fine

The Dutch Data Protection Authority, meanwhile, has levied a €725,000 (roughly US$791,000) fine against a company for scanning its employee’s biometrics with a fingerprint time and attendance system.

The Autoriteit Persoonsgegevens ruled that the company did not establish the exceptional grounds for the system’s implementation which would have provided a legal basis for its use.

Exceptions to the prohibition against the use of fingerprints or other biometrics for employee tracking are cases of explicit consent, or necessity for security purposes, according to the authority’s announcement. The latter reason is only acceptable if biometrics collection is necessitated by the inadequacy of other measures, and the authority notes that good alternatives will be available in many cases.

“This category of personal data is extra protected by law. If these data get into the wrong hands, this could potentially lead to irreparable damage. Such as blackmail or identity fraud,” comments AP Vice President Monique Verdier, per Google translation. “A fingerprint cannot be replaced, such as a password. If things go wrong, the impact can be huge and have a lifelong negative effect on someone.”

The relationship between employers and employees also generally prevents legal consent, which “must be unambiguous, specific, informed and free.”

The organization fined has not been identified by the regulator.

France’s CNIL set rules for biometric time and attendance systems for employees a year ago.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News


Asian banks deploy biometrics and digital ID for security, additional services

As digital identity gains prominence in a financial industry beset by fraud, nations in Asia are enabling banks to lead…


Mobile ID combats fraud, gives holder control of personal data: USPF report

The U.S. Payments Forum (USPF) has published a new white paper entitled “The Role of Mobile IDs in Payments.” Authored…


Wyoming plots mobile driver’s license launch for 2025

Wyoming is moving towards the issuance of digital ID in the form of an optional mobile driver’s license, but it…


EU publishes rollout schedule for AI Act

The European Union has published the final text of the Artificial Intelligence Act, outlining the most important deadlines for complying…


World Bank identifies priority actions for DPI in Equatorial Guinea

A World Bank team has identified immediate actions which the government of Equatorial Guinea should undertake in ramping up its…


Some sort of ID could be ‘inevitable’ for UK: lawmakers

The UK is still debating national identity documents and digital identities, with lawmakers and experts arguing that the creation of…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events