Login Register Subscribe
Current Issue

Wearable devices soar in popularity and pose new privacy risks to employers

Reprints

Employers should prepare for thorny privacy and liability issues likely to emerge with the growing popularity of wearable devices, such as Google Glass, and their inevitable appearance in the workplace.

The Apple Watch, expected to be available to buy starting in January, will add another hot consumer gadget to the mix.

While the wearable electronic devices — ranging from headgear to footwear — still are relatively new to the marketplace, their popularity is exploding among consumers.

They are expected to appear more in the workplace, whether via consumers bringing their own devices or by companies that

use them to improve workplace health and safety.

There will be an estimated 90 million wearable computing devices shipped in 2014, according to New York-based Allied Business Intelligence Inc.

The devices include Mountain View, California-based Google Inc.'s Google Glass, glasses that permit the user to record data and consult the Internet; Seoul–based Samsung Group's Galaxy Gear smartwatch; Stockholm-based Narrative's Narrative Clip, a wearable, automatic camera; and Cupertino, California-based Apple Inc.'s Apple Watch, which was introduced with a big splash last week.

Risks associated with the gadgets' presence in the workplace include privacy, security and liability. However, companies generally have not addressed the risks or incorrectly assume their existing workplace policies will cover any problems, experts say.

Potential intellectual property loss “is the scariest part,” said Jerry Irvine, chief information officer at Schaumburg, Illinois-based information technology and consulting firm Prescient Solutions.

People using many of the devices “have the ability to — without touching them, and in a very discreet fashion — record, take pictures of and transfer documentation,” Mr. Irvine said.

While the same could be said of a cellphone, it is “a lot easier and a lot more covert” with wearables, said Tom Srail, Cleveland-based technology, media and telecommunications industry leader at Willis North America Inc.

“It could simply be an accident, because there's very little security in the devices” and “there is no antivirus solution for these products,” so a “malicious hacker should could use them as spying devices,” Mr. Irvine said.

Employees' privacy also is an issue.

“What happens if you're wearing a Google Glass or a smartwatch and walk into the bathroom and suddenly you're recording people?” said Keith E. Sonderling, an associate at law firm Gunster, Yoakley & Stewart P.A. in West Palm Beach, Florida. An employee could easily sue an employer “for creating an environment” allowing such an invasion of privacy.

Furthermore, while Google Glass does display what is being recorded, it may not be present in newer devices or could be illicitly removed, experts say.

In addition, several states prohibit recording without prior consent.

“It's just like walking into a room with a tape recorder, and if you're in a jurisdiction that requires multiple party consents to record a conversation, there could be very serious liabilities attached,” said Gerald J. Ferguson, a partner at Baker & Hostetler L.L.P. in New York.

In addition, data from employees' health monitoring devices inadvertently could end up on company networks, opening their private information to exposure.

Experts warn the concerns associated with wearable devices are likely to heighten as they become smaller, cheaper and more widely used.

But these issues are generally not being addressed in employers' internal policies, experts say.

“There are a handful of employers who are probably at least taking initial steps to get some policies in place and controls in place over how they're going to handle this situation. I think the vast, vast majority have not,” said Jonathan T. Cain, a member of Mintz Levin Cohen Ferris Glovsky & Popeo P.C. in Washington.

Even policies on workers bringing their own devices on the job need to be refined, Mr. Ferguson said. Such policies are not “focused on some of the new threats, such as the use of this device in a harassing way” or stealing trade secrets.

Meanwhile, Mike Heembrock, vice president of executive specialty at Chubb Corp. in Whitehouse Stations, New Jersey, said insurance coverage in connection with these devices depends on the particular scenario and facts.

Employers could forbid them in the workplace, but experts say that may not be feasible.

It depends on the circumstances of the employer, the nature of its business, with whom the company deals and the purposes of information collected, Mr. Cain said.

Tom Quigley, U.S. communications, media and technology practice leader at Marsh L.L.C. in Boston, said firms also must question whether they have the technical infrastructure to prevent these devices from being used in a company building.

“It comes down to the technical infrastructure and security protocols,” he said. These protocols are easier to put in place if the company, rather than the employee, owns the device, he said.