Privacy Ref Blog
Wearable technology is coming, but will anyone notice?
When I look through corporate handbooks I often find prohibitions on the use of cameras or recording devices while on a company’s premises. It’s not something that gets brought up in new hire orientation nor something that gets brought up very often at all. Let’s face it, there is a certain amount of convenience to taking out your smartphone and snapping a picture of the notes on the whiteboard or recording a meeting to create the minutes later.
While you can get technology that can perform these functions surreptitiously, main stream commercial technology would require you to be fairly overt when taking a picture or making a recording. Since people will know you are capturing something they can object (or report you to corporate security if they want to be nasty). Wearable technology will change this.
Chris Barrett, the founder of PRserve, has been wearing Google Glass in public places and posting videos he has captured with them on his YouTube channel. On July 4th he posted a video showing an arrest on a New Jersey boardwalk that gained a lot of attention.
What interested me about this video was that no one seemed to notice that he was making a video recording, You can make a case that Chris may not have stood out in that festive environment, but a second video posted by Chris took him to an environment that is very conscious of technology being used by their customers, a casino. In fact, according to an article in cnet.com, Chris went to three casinos and no one asked him about what he was wearing until the roulette dealer at the end of the video below brought it up.
So what does this mean for a privacy professional? We all recognize that the introduction of new technology outpaces the introduction of related new statutes and policies. Here is an opportunity for privacy professionals to get ahead of technological evolution by working within our organizations to define policies and practices related to wearable technology as well as raise awareness.
There are some organizations that have already begun this process. I suggest there are a few things that must be kept in mind when you do:
- First, your organization is not always in control of the environment where their staff works. Staff members go to conferences, work on airplanes, stay in hotels, work in restaurants, and visit your customers, vendors, and partners. These environments may not care about the use of wearable technology by their customers or staff. Providing guidance on how your team should protect information outside of your facilities should be a significant part of your policies, training, and awareness programs.
- Next, keep in mind that today’s products represent the initial foray into commercially available wearable technology. As wearable technology evolves it will become more capable, less detectable, and more accessible to the general public.
- Finally, wearable technology will be hacked and there will be viruses introduced. What may this put at risk? Think about a camera being turned on in your HR, R&D, Finance, or IT department without detection and let your imagination run wild.
So what are some steps you may want to take? Ultimately you will want to define a corporate stance on the use of wearable technology that meets business needs and fits into your privacy framework. In support of this you may want to
- Meet with your organization’s business leaders to determine if there are plans for use of wearable technology within their operations. They may have plans, but may not have considered the privacy aspects to the introduction of the technology.
- Review your organization’s policies for the use of cameras or recording devices by employees and others working on your behalf. The policies in existence may already cover concerns about wearable technology or they may require some modification.
- Review your organization’s Bring Your Own Device policy to see if wearable technology is acceptable under that program’s terms.
Privacy Ref provides consulting and assessment services to build and improve organizational privacy programs. For more information call Privacy Ref at (888) 470-1528 or email us at email@example.com Posted on August 21, 2013 by Bob Siegel
, Privacy Program Governance
, Wearable Technology
Want to find out more?
Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to firstname.lastname@example.org or call (888) 470-1528.
April 16, 2018
IAPP Training Classes
Privacy Ref is proud to announce that we are an official training partner of the IAPP. You now have the opportunity to learn from one of our knowledgeable privacy professionals using the most respected training content in the industry. The robust interactive training offered, aids in the understanding of critical privacy concepts. The contents of the courses are integral to obtaining your privacy certifications and to educate your new team. Learn more here
Latest Blog Posts
July 9, 2018
Most of us have been wrapped up in GDPR preparations for several months. While there are many organizations "not quite there yet", many others have made great strides towards compliance. As we continue to do assessments for clients, both GDPR and General Privacy, I have been surprised at the frequency of the gap between a privacy official describing their organization's data subjects, information collected, and business processes with the reality of what is happening.
Continue reading this post...
Starting January 1, 2020, if you are a for-profit company doing business in California, you may have new data privacy compliance obligations. Specifically, California just enacted the California Consumer Privacy Act of 2018 (the country’s strictest data privacy law to date), placing new privacy mandates on certain businesses with respect to the personal information of consumers (defined as natural persons who are California residents). Many aspects of the new law smack of EU-GDPR influences, such as a new and improved (in other words, broader) definition of personal information and the inclusion of guaranteed consumer rights with respect to such personal information. If your business is already in compliance with the EU’s GDPR, the California law will be nothing new to you. For other businesses, however, you have 18 months to get with the program.
Continue reading this post...
Other Recent Posts