BC FIPA has made its submission regarding the Draft Employment Privacy Guidelines to the Information and Privacy Commissioner of BC today.
FIPA is in support of a large part of the Draft Guidelines – on the whole, they are clear,
reasonable, and support a meaningful interpretation of the legislation.
However, there are also several areas of concern, and these are brought to the attention of the OIPC in this submission with the hope that this will assist in the improvement of the Draft Guidelines throughout this consultation process. FIPA asserts that employees in British Columbia deserve the highest possible protection of their privacy rights.
To this end, FIPA recommends that the OIPC take the following actions in relation to the
1. Recognize the status of privacy rights as fundamental, constitutionally protected rights.
2. Recognize that neither individual nor collective employment contracts can detract from an employee’s privacy rights.
3. Support the view that privacy rights generate benefits for both employers and employees.
4. Adopt a rigorous and contextual interpretation of what is “reasonable.”
5. Require a meaningful kind of “demonstration” of any justification for infringing on privacy rights, such as a written explanation, showing a logical justification for the action, and some evidence to support that justification.
6. Amend the Draft Guidelines to provide that employers must specify the aspect of an employment relationship that is being “managed,” and how, in order to justify the reasonableness of any invasion of employee privacy.
7. Adopt the Draft Guidelines relating to covert surveillance in full, reinforcing the limitation of covert surveillance to investigations of a reasonably founded specific allegation.
8. Adopt further measures to ensure the protection of any health or medical information about employees, including introducing an important role for health professionals whenever such information is collected, used or disclosed.
9. Adopt the Draft Guidelines on the notification requirement in full, and include concrete examples of what might qualify as notification. In different circumstances, the notifying document might be posted on a bulletin board, sent directly to all employees, or described during a meeting.
10. Amend the Draft Guidelines to explicitly state that any collection, use or disclosure of employee personal information without consent must meet both the reasonableness and notification requirements. Employers cannot fulfill their obligations under the Act by notifying employees of a surveillance practice, where it is unreasonable.
11. Add a provision to the Draft Guidelines affirming that information used for the
purpose of managing an employment relationship is always subject to the reasonableness and notification requirements, regardless of whether that information is also related to an insurance or benefit plan.
12. Require employers to publish and distribute information about employee privacy rights and the role of the OIPC in all workplaces.