Contact Tracing Apps: Employment Law Concerns featured image

Contact Tracing Apps: Employment Law Concerns

by John DiGiacomo

Partner

Corporate Employment Law

In various parts of the world, the COVID-19 pandemic has prompted the development and deployment of various contact tracing applications that are designed to help mitigate contagion risks and facilitate medical intervention. There are many variations in how the apps work, but, generally, the idea is that the software uses geo-location and user-provided data to notify a person if that person has come in contact with someone that has tested positive for the COVID-19 virus. Generally, this allows public health officials to track the virus spread and allows impacted individuals to seek medical care.

As the US moves toward opening up the economy and allowing employees to return to work, some employers are considering use of contact tracing apps in the workplace. However, there are some important legal issues that must be evaluated. Essentially, tracing apps are another form of data collection. As such, all legal requirements with respect to data collection must be honored. Here are the key legal concerns:

  • Notice to employees — employees are entitled to notice with respect to any workplace application that will be tracking their movements and collecting other data; the notice disclosure must be full and complete including what data is being collected, where the information is stored, what the business purpose is for which the data is being collected, etc.
  • Consent from employees — employees must consent to the data collection; consent can be obtained contractually in the same manner as other workplace rules and regulations
  • Biometrics — some apps record health information like heartbeat, blood pressure, temperature, etc.; consideration should be given to whether such information is biometric data and such should be factored into the choice of app; notice and consent must be obtained according to various biometric data privacy statutes
  • Business purpose — generally, protecting the health and safety of workers and consumers is a legitimate business purpose for requiring contract tracing; geo-location data is clearly legitimate since areas where an infected employee worked must be sanitized, for example; but the software used must be narrowly tailored to the business purpose
  • Which app to choose? — ​​​legal and financial risks to the employer are increased as the level of data collection increases; these risks should be balanced against the business purpose; more intrusive tracing apps will draw more attention from privacy and employee advocates
  • Impact on worker collective action — where applicable, employers should evaluate any adverse impacts of the tracing app on worker collective action, which is protected by state and federal laws
  • Privacy protection of the collected data — as with any data collected, the privacy of the individuals involved must be protected; the data must be secured, used only for authorized purposes, access limited, not shared with outside vendors, and more
  • Repurposed use of the data — similarly, the data must be guarded against later repurposed use for which no notice was provided or consent obtained; for example, likely, the contact tracing geo-location data cannot be used in a worker in-house disciplinary hearing
  • Availability to law enforcement — along the same lines, the data might be available to law enforcement through proper applications of warrants; were employees informed of this possibility and did they consent?
  • Cybersecurity — the data must be reasonably protected from hacking and exfiltration by cybercriminals

A simple example can demonstrate some of the complex legal issues. Assume that the app choice is a simple geo-location app, but that it operates constantly without the ability of the employee to disable the tracking feature. Potentially, there is a legal problem with notice and consent if the employees are not informed that the app operates during non-working hours. Further, there are debatable reasons why an employer might want the app to run constantly, for example, because an employee infected outside of work is not infected “while working,” which has implications for workers compensation liability. However, there are strong arguments on the other side. Round-the-clock data collection may also have a chilling effect on unionizing activity which could cause complaints to be filed with the National Labor Relations Board.

As can be seen, contact tracing apps in the workplace present complex legal issues. Your company will need to retain the experienced data privacy and business lawyers at Revision Legal. Contact us at 231-714-0100.

Extra, Extra!
Related Posts

Top Legal Issues an Internet Lawyer Can Help Your Online Business Solve

Top Legal Issues an Internet Lawyer Can Help Your Online Business Solve

Revision Legal

Running an online business has never been more accessible — but the legal risks that come with it are just as real as those facing any brick-and-mortar operation, and often more complex. A website, a social media presence, and a digital product catalog create exposure across privacy law, intellectual property, consumer protection, and online reputation […]

Read more about Top Legal Issues an Internet Lawyer Can Help Your Online Business Solve

5 Reasons to Hire an Internet Lawyer Before Launching Your E-Commerce Website

5 Reasons to Hire an Internet Lawyer Before Launching Your E-Commerce Website

Revision Legal

Launching an e-commerce website involves far more than choosing a platform, uploading products, and opening for business. From the moment you start collecting customer data to the first sale you process, your business is subject to a complex web of federal and state regulations. Mistakes made at launch — incomplete disclosures, unenforceable terms, unregistered trademarks […]

Read more about 5 Reasons to Hire an Internet Lawyer Before Launching Your E-Commerce Website

How Strong Are Your Terms and Conditions? Legal Gaps E-Commerce Owners Miss

How Strong Are Your Terms and Conditions? Legal Gaps E-Commerce Owners Miss

Revision Legal

Most e-commerce businesses invest heavily in acquiring customers — paid ads, SEO, influencer campaigns — but give almost no attention to the legal documents that govern what happens after a customer lands on their site. Terms and conditions are not a formality. They are a contract. When they are vague, outdated, or copied from another […]

Read more about How Strong Are Your Terms and Conditions? Legal Gaps E-Commerce Owners Miss

Put Revision Legal on your side

Let's Discuss Your Case