The British Columbia Information & Privacy Commissioner has recently released her decision in Schindler Elevator Corporation 2012 BCIPC No. 25 (“Schindler”).
In Schindler, the Commissioner considered the application of the B.C. Personal Information Protection Act (“PIPA”) to an employer’s use of a GPS-enabled data collection system used to monitor vehicles owned by the organization and operated by its employees, including the Complainant. The case has implications for employers who plan to use, or who are currently using GPS or similar technologies to monitor employees while they use corporate vehicles as part of their work.
The Facts in Schindler
The Complainant was a maintenance and repair mechanic who, during the course of his employment, travelled to various customer sites to perform repair and maintenance work on elevators and escalators. He was the Complainant in both his personal and representative capacity on behalf of a number of fellow maintenance and repair mechanics employed by Schindler. The employer maintained a fleet of vehicles that it assigned to its mechanics to use in performing off-site maintenance and repair work. The employer began using a GPS and engine monitoring system on its vehicles called “Fleet Complete”. The system collected a variety of information about the vehicle use such as distance travelled, speed, incidents of harsh accelerating or braking, idling time, when the vehicle was turned on and off and location of the vehicle. There were thus two types of information gathered by Fleet Complete: GPS data about the location of the vehicle and engine status data about the operation of the vehicle.
The employer put forward several justifications for employing Fleet Complete, specifically, the technology allowed the employer to dispatch more efficiently, schedule vehicle maintenance more efficiently, identify and address unsafe driving habits, track employee time at job sites, help locate employees who were unaccounted for and locate lost or stolen vehicles.
The employer had a “Vehicle Global Positioning System (GPS) Policy” which stated that GPS data would be used to reduce instances of unsafe driving and to ensure employees were reporting to job sites on time. The Policy was introduced prior to Fleet Complete being implemented.
The Complainant argued that the information collected was information about the movements, location and driving habits of identifiable employees and was thus “personal information” within the meaning of PIPA. The Complainant alleged that the employer’s collection and use of this “personal information” was not reasonable.
The Commissioner found that the information collected constituted employee personal information, but that its collection and use was reasonable for the purposes of establishing, managing or terminating an employment relationship. In reaching this conclusion, the Commissioner rejected the arguments made by the employer that the information in issue was not “personal information” and was instead more in the nature of work product or contact information.
Employee personal information is defined in section 1 of PIPA as follows:
Means personal information about an individual that is collected, used or disclosed solely for the purposes reasonably required to establish, manage or terminate an employment relationship between the organization and that individual, but does not include personal information that is not about an individual’s employment
The Commissioner determined that the information was about the employees and was collected and used solely for purposes reasonably required to establish, manage or terminate the employment relationship because there was a legitimate business purpose for using the information such as ensuring employees met employer standards.
Employee personal information is subject to specific collection use and disclosure requirements under PIPA; specifically, employee personal information may be collected, used and disclosed by an organization where it can be shown to be reasonable for the purposes of establishing, managing or terminating the employment relationship and where sufficient prior notice has been given to affected employees. The Commissioner considered a number of factors in her analysis: the sensitivity of the information, how much employee personal information was collected and the likelihood the information would be effective in achieving the objectives set out by the employer. In discussing these factors the Commissioner made several comments of note:
- The Commissioner explicitly rejected the approach advocated by the Complainant that the least privacy intrusive alternative must be followed regardless of reasonableness or cost. The Commissioner held that the employer need only show that it gave alternative measures reasonable consideration;
- The employer does not have to show that the information will be necessarily effective in achieving the stated purpose to a measure of certainty; only that there is a reasonable likelihood of effectiveness;
- Covert surveillance of employees such as monitoring e-mail or computer use will likely result in the collection of more sensitive information which will normally tend to weigh against a finding that the collection and use are reasonable.
In applying the relevant factors, the Commissioner determined that the information collected via Fleet Complete was not overly sensitive given that it was related to the employees’ geographic location while they were working, as opposed to information in which the employee would have a higher expectation of privacy (such as health information, information about marital status or computer keystroke data). Further, information about the engine status of the employer’s vehicles was not overly sensitive. The Commissioner was also convinced that the information was reasonably effective in ensuring that employees drove safely, lawfully and in accordance with the employer’s policies and that the employees actually worked the hours they were being paid to work.
Lessons from Schindler
It is clear from Schindler that an employer’s monitoring of the use of its business assets by employees will usually be considered a collection and use of “employee personal information” (at least by the B.C. Commissioner1 ) and thus will be protected information under PIPA. Information which only indirectly relates to information about an individual, for example, a propensity to speed while driving, is nonetheless captured by the definition of “employee personal information” under B.C. PIPA. Employers using GPS and other electronic monitoring equipment should be careful to ensure that the information being captured relates only to the employment relationship and does not inadvertently capture more private information about employees such as locations visited on personal time (assuming employees are allowed to use corporate vehicles for some personal use, such as meal breaks).
Further, in Schindler, the Commissioner emphasized the importance of the fact that the employer was not routinely and continuously monitoring the GPS and engine status data in her analysis of the reasonableness of the collection and use. In Schindler, the employer had programed Fleet Complete to generate “exception reports” which summarized any occasion where a rule or policy appeared to have been broken (such as where a vehicle accelerated beyond a certain speed or braked harshly). There was no constant monitoring of the data generated by Fleet Complete by management to look for possible problems. Employers should consider Schindler carefully before employing a more privacy-invasive use of these or similar technologies as this could be considered unreasonable and therefore contrary to PIPA or other applicable privacy legislation.
Finally, Schindler highlights the fact that where an organization is collecting, using or disclosing employee personal information, PIPA requires that the employees be given prior notification that the organization is engaging in these practices (this is often best achieved through an appropriate policy which has been provided to employees prior to the introduction of the technology).