This weekend, I found myself in a mall for the first time in a while, returning something one of my kids bought. In the store, the cashier, who was a seasonal hire, had to call a manager to approve the return. The manager used his fingerprint to sign off on it.
The manager used his fingerprint to sign off on it.
I was sort of stunned to see this technology in the wild, and asked the cashier about it–he said, “oh yeah, they’re everywhere now–my other job is at a gas station, and I have to use my fingerprint to turn the gas pumps on in the morning when I get to work.” I asked him what kind of online security he thought the gas pumps had, and he laughed.
I’m not going to lie, knowing what I know about the ability of corporate America to keep credit card data safe, the idea that retail and other service sector employers are suddenly going to up their data security game to keep their employees’ biometric data secure from prying eyes seems…unlikely, at best.
What does it mean for low-wage workers, if employers demand sensitive personal data, and then fail to keep it safe?
This technology has been around since 2009, apparently. Companies who have implemented it seem to be focused on protecting themselves from theft–after all, a worker can’t swipe someone else in to cover their lateness, if they need to use their finger. But who is protecting the workers from the dangers of having their fingerprints stolen? After all, you can’t buy yourself a new fingerprint, if your employer’s personnel database gets hacked.
Apple’s Touch ID wasn’t yet invented, when this technology rolled out–but now it is very common for people to use their fingerprint to lock and unlock their phones. Banks and credit card companies are also starting to roll out fingerprint ID as a method of additional security for customers, as well. One can imagine a not-too-distant future where it is possible for those with malicious intent to reverse-engineer an individual’s fingerprint from a stored scan, to steal from or impersonate victims.
It’s time for the labor movement generally to get behind the push for a GDPR-like law in the US, or a national expansion of California’s new CCPA. Low-wage workers (and the rest of us) need protection from employers that demand our most unique identifiers.