When wireless is perfectly applied the whole earth will be converted into a huge brain, which in fact it is, all things being particles of a real and rhythmic whole. We shall be able to communicate with one another instantly, irrespective of distance. . . . and the instruments through which we shall be able to do his will be amazingly simple compared with our present telephone. A man will be able to carry one in his vest pocket.
–Nikola Tesla, 1926
While we may now take Tesla’s connected world for granted, one cannot help but wonder what readers thought of his predictions in 1926 when he made the above statements in a magazine interview. It remains to be seen whether a similar pattern of skepticism, realization, and acceptance will eventually emerge regarding news that a vending machine company is offering its employees the opportunity to have microchips embedded in their hands to allow more convenient access to facilities, computers, and financial accounts.
The Wisconsin-based employer is reportedly the first in the United States to offer microchips (at a cost to the employer of $300 each) to employees on a voluntary basis. The microchip, roughly the size of a grain of rice, would be inserted into an employee’s hand between the thumb and forefinger, and could be used instead of a key to access buildings, log onto computers or printers, and even pay for goods in the company’s break room. It is not unlike fingerprint or other biometric technology that is becoming more widely used. In this case, however, the pertinent information is stored on the embedded microchip.
The company noted that in the future, the chip may also be able to store medical information or be used for transactions outside of the company. The chip’s technology is not, however, currently able to use GPS to track employees’ whereabouts.
Employers considering whether to implement such emerging technology may want to carefully assess whether the convenience outweighs the risks. Among the legal issues are the following:
Personal Privacy
While the company making headlines has stated that it will not use the technology to track its employees’ whereabouts (and the technology cannot currently support GPS monitoring), embedded microchips like this could create an electronic trail of the employee’s whereabouts whenever the employee is scanned to access secured locations.
Depending on where access points are installed, an employer could gain useful information, such as how long an employee spent in the break room, in the same vicinity as another employee who was allegedly harassed, or where material went missing. Further, having a record of frequent “check-ins” throughout the day as the employee accesses buildings, printers, computers, vehicles, etc. might aid in verifying time records for payroll purposes or compliance with delivery schedules and other customer expectations. This technology is already available to employers through access cards, login PINs, and other devices. The embedded chip would be another technology to use for that purpose, and it would be more difficult to trick the system with “buddy punches” and other surreptitious behavior with microchip technology. On the other hand, an employer could also theoretically confirm how long an employee spent in the restroom, at a union meeting, or complaining to human resources.
If embedded chips ever advance to the point of supporting GPS, a current body of case law regarding non-embedded GPS devices (like phones and devices installed on company vehicles) offers insights into potential legal risks. Companies use these technologies to track the whereabouts of employees, but that also gives companies information that could form the basis of a discrimination claim. For example, a company may learn that an employee is regularly at a medical clinic, which the employee might use to claim disability discrimination. Or, in Wisconsin where state law protects against discrimination based on the use or non-use of lawful products, the employer might learn that the employee spends a lot of off-duty time at the neighborhood bar, which could lead to a claim that the employee was discriminated against for using legal products while not on duty.
In addition, requiring GPS tracking of employees’ whereabouts is a mandatory subject of bargaining for unionized employees. Even for non-union employees, courts have found that employers go too far if they track employees’ whereabouts in places where employees would have a reasonable expectation of privacy (like their homes). Public employers face even greater risks in using GPS technology because courts have found that GPS technology may qualify as a search under the Fourth Amendment.
Data Privacy
Information from the chip (e.g., banking information and medical information) has value and could be the target of theft. Just as personal information could be hacked from other company databases and infrastructure, hacking may be a possibility with this new technology. Because the chip is provided by the employer, would the employer be liable for damages resulting from the misappropriation of stolen information? If an employer were negligent in implementing security protocols on the microchips, there could be litigation over the employer’s liability.
Workers’ Compensation
If an employee has a medical reaction from the implant or the procedure of implanting the chip (for example, developing an infection), there is a possibility that the medical reaction could give rise to a workers’ compensation claim because the chip was provided by the employer for work-related reasons.
Medical and Religious Accommodation
The employer in question here is not requiring employees to embed the chips, but requiring employees to do so would be difficult. Employees would likely have a right to opt out of the requirement based on medical or religious objections. It is not unlike requiring employees to get an annual flu vaccine. Some employees are medically unable and must be granted a medical accommodation under the Americans with Disabilities Act and applicable state laws (absent an undue hardship to the employer). Others may object on religious grounds and therefore qualify for accommodations on that basis. At least one court has supported an employee’s right to decline on religious grounds far less invasive biometric access technology.
A Look Into the Future
While the microchips currently in use appear to serve limited purposes, it is not farfetched that the technology will continue to develop and allow new uses. Employees may be comfortable with the current use, but not with future uses. Clear communication with employees as to the capabilities and uses of the chip would be essential to minimizing legal risk.
Even more practically, the technology of the chip itself may become outdated or employees might leave their employment with the company and the company would need to determine what to do with the chip already embedded into the employee. This could create medical challenges in removing the chip or controversies with the employee over who has rights to the chip itself or is obligated to pay for its removal.
While the company at issue here has not made implanting a microchip a condition of employment, social, economic, and practical influences could leave employees with little alternative. Just like the convenience of direct deposit has made paper payroll checks virtually obsolete, so too the convenience of chip technology may render physical keys, identification badges, and similar access control measures a thing of the past. Why risk losing or forgetting your identification badge when you can guarantee the necessary data is with you at all times? Financially, it seems likely that an employer could offer an incentive to employees who make use of the chip technology much like auto insurance companies offer premium reductions to those who permit tracking of their driving habits. Many employers already offer shift premiums, are chip premiums on the horizon?
Ultimately, while this developing technology may certainly provide some added convenience and may not be all that significant a departure from our society’s current reliance on mobile devices, embedding a microchip into an employee’s body takes the invasiveness of the technology and the legal ramifications one step further and requires a thoughtful weighing of the risks versus the benefits.
More legal analysis is added daily at The National Law Review.
Check Point Software indicated that Locky was the second most prevalent piece of malware worldwide in November 2016. Microsoft detected Locky in more than 500,000 computers in 2016. First discovered in February 2016, Locky is typically delivered via an email attachment (including Microsoft Office documents and compressed attachments) in phishing campaigns designed to entice unsuspecting individuals to click on the attachment. Of course, as the most recent global attacks demonstrate, hackers are devising and deploying new variants of ransomware with different capabilities all the time.
