Requesting Employer to Delete My Data after Resigning

[Deactivated] on 28/07/2018 - 12:16
Last edited 28/07/2018 - 12:44 by 1 other user

I soon plan on resigning from my casual position at a retailer that I've been working at for 6+ years. A few years ago they introduced a new way of clocking in where you have to scan your fingerprint. I was not happy about a random multi national having my fingerprints on file and questioned it. Despite mentioning that this was not included in the contract that I signed they implied the situation was a matter of "do you want to keep your job or not?".

Now that I'm resigning, I'm looking for advice on what legal rights I have to request any biometric data be deleted and proof that this has happened. I'm not sure where to start looking for such advice hence I have turned to the "lawyers" at OzBargain.

Some important notes that need to be added or restated:

  • This was not in the contract that I signed
  • I don't recall being asked to sign a new contract or waiver for this
Education & Work

closed Comments

  • pjetson on 28/07/2018 - 18:06
    +12

    As a number of posters have pointed out, biometric time and attendance terminals do not store an image of your fingerprint in any meaningful way, and what is stored is not able to be turned back into a fingerprint. The same goes for the fingerprint scanners in phones. Source: I work in the industry.

    • [Deactivated] on 28/07/2018 - 12:23
      +19

      Thank you for your contribution.

      • Zedsdeadbabyzedsdead on 28/07/2018 - 12:56
        +25

        A lot of people don't value their privacy and can't fathom why another person would. Sad but true OP.

        • [Deactivated] on 28/07/2018 - 12:58
          +7

          These are the types of people who use the "If you have nothing to hide, then you don't need to worry" quote.

        • Zedsdeadbabyzedsdead on 28/07/2018 - 13:18
          +4

          @nurries:The same people that use the word racist to win arguments!

        • poboy on 28/07/2018 - 14:01
          +3

          The lollypop man is a Nazi!

        • Zedsdeadbabyzedsdead on 28/07/2018 - 14:04
          -1

          @Smatters 14: Now, that's sexist. I win…

        • harrywwc on 29/07/2018 - 13:09

          @nurries: as long as these same people are willing to remove the blinds and curtains from their bedroom windows - afterall, they have nothing to hide, right?

    • [Deactivated] on 28/07/2018 - 12:24
      +20

      That's besides the point. I don't want a company having my prints on record. Is that too much for you to comprehend?

    • krisspy on 29/07/2018 - 11:57
      +4

      Biometrics isn't something you want getting stolen. You can't change that sh*t if the company leaks or gets hacked.

    • [Deactivated] on 28/07/2018 - 12:33

      I think you underestimate how many people past and present have touched the same things I've touched at work. Highly unlikely a retailer is going to be able to isolate any of these.

      • whooah1979 on 28/07/2018 - 12:38
        -2

        Do you’ve a lanyard with an ID card or a locker? How about company keys? A desk or a personal drawer? All of these hard surfaces may have your biometric.

        • [Deactivated] on 28/07/2018 - 12:39
          +1

          In order:

          No
          Yes, an unused locker.
          No.
          No.
          No.

        • [Deactivated] on 28/07/2018 - 13:59
          +34

          There is a difference between leaving behind finger prints which could really belong to anyone, versus a part of your fingerprint stored in a database against your name.

        • whooah1979 on 28/07/2018 - 16:37
          -2

          @Drew22:

          your fingerprint stored in a database against your name.

          Is op alleging that an employee at the company coerced op to provide them with the biometric data either by force or threats.

          If that is the case then why hasn’t op reported this person to the lac?

        • [Deactivated] on 28/07/2018 - 20:52

          @whooah1979:
          Yeah, but that has nothing to do with your post about "bio-metric" "data"

  • MathNerd on 28/07/2018 - 12:34
    +4

    Looks like they've well and truly Target-ted you.

    • [Deactivated] on 28/07/2018 - 12:34
      +1

      Okay that's a good one hahah

  • [Deactivated] on 28/07/2018 - 12:41
    +10

    It's been a long week. No arrests. No new leads. Just a pile of boxes filled with cold cases. A constant reminder that the law doesn't have such long arms after all.

    It was as if intuition guided the wrinkled blood spotted hand to the fraying edge of an overworked folder.

    "Enchance. Zoom in. Enhance. Cross-check fingerprints." The figure behind the husky and androgenous voice can be seen pacing around a manned desk.

    No matches.

    "Widen the paramaters. Use the spider and crawl pedestrian database." Now growing more impatient

    "But…," the desk jockey protests the unorthodox and probably illegal use of resources but before he could finish his sentence, he could hear the click of enter key.

    The young man tasked with the chore of operating the nation's surveillance database is clearly uncomfortable. It didn't take long enough for a second round of protest before the search turned up a hit - Match Found

    A young man posing with his thumbs up. He has just won a competition posted on a bargain site. His smile was a giveaway - an actor's smile. A good attempt to mimic sincerity but his weary eyes would fail him.

    "Got you".

    • [Deactivated] on 28/07/2018 - 12:44
      -5

      Enhance* androgynous* parameters*

      ftfy :)

      • [Deactivated] on 28/07/2018 - 12:47

        Sorry. Speed typing on phone. :)

        • [Deactivated] on 28/07/2018 - 12:48
          +1

          Oh wow, didn't realise you typed that yourself. Nicely written! :)

        • [Deactivated] on 28/07/2018 - 15:16

          @nurries:
          Thanks. Need something to do while waiting for the wife to get in the car.

          I should leave a bucket and sponge. Can probably detail the car while I'm at it.

    • outlander on 28/07/2018 - 15:02

      oh my god, I love this

  • Cartman2530 on 28/07/2018 - 12:53
    +14

    Depending on the machine used, the biometric data it gathers cannot be used to compare with a fingerprint from you at a later date. It also has to be encrypted as to ensure the privacy of the users, so it won't be usable to anyone in your company.
    They don't actually have your fingerprint on file, just a set of encrypted data points that is linked to a number in their employee database. Thats all. They can't give the data to the police if thats what you are worried about.
    Your biometric data will most likely be removed anyway from the clock system anyway so you can't clock on/off again, so i wouldn't worry.

    I know this as I asked the same question at 2 different workplaces that brought in fingerprint scanners. Both were different types, one optical based and the other capacitive. Everything was encrypted at the scanner so all anyone in the company could access was the fact that you had clocked on or off.

    • [Deactivated] on 28/07/2018 - 12:57
      -3

      Finally, a good response. Would you happen to know the brand of the 2 scanners your workplaces had? Because I recall being told that it also stores an image of your prints on the system.

      • Cartman2530 on 28/07/2018 - 14:41
        +1

        Sorry, I can't remember off the top of my head, it was a while ago.

        Better off finding the make of the one at your work and looking it up and how the biometric data is stored.

        When I resigned from both of those jobs they deleted my clock information from the system which included my biometric profile in the scanner system.
        Talk to someone in HR and make sure they understand your concerns and also make sure they follow it up with someone in IT to clear all your data. Go up the chain if you have to, sometimes people need a push from above to get things done.

        Which I'm sure will be done anyway as if it isn't done you could still go in there and clock in and still get paid!

      • Gnosh on 29/07/2018 - 12:22

        I’ll jump in, we use Mitrefinch scanners at my workplace.

    • McMoots on 29/07/2018 - 13:39
      +3

      Dafuq do you think you are doing by providing a helpful answer, rather than just arguing with others?

      Get out of here and don't come back.. We don't take kindly to your type around here!

  • chumlee on 28/07/2018 - 13:12

    What did your union rep say when you asked him/her?

  • onetwothreefour on 28/07/2018 - 14:13
    +3

    If you believe that strongly against this why didn't you find out the answer to your question before they started scanning your finger prints? You could have then decided to stay or leave.

    • [Deactivated] on 28/07/2018 - 16:27

      Because it was only compulsory for new staff until one day i came into work and was surprised to find out they wanted to get my prints there and then. So no, I couldn't have.

    • veej on 29/07/2018 - 11:27

      I'm not sure what the deal is because I doubt one of the big two is doing anything with the fingerprints. It's only being used as a unique identifier to unlock the timeclock for time keeping purposes.

      I like privacy too, I also think the concerns are excessively paranoid.

    • grasstown on 29/07/2018 - 14:36

      The OP is asking what can be done now that they have it and is now leaving. Op decided to give it and stay. This is a different question

  • CheapskateQueen on 28/07/2018 - 14:59
    +6

    The Australian Privacy Principals under the Priavcy Act protect your personal and sensitive information.

    Under the APPs you have a right to request and require an entity ensure information it has is correct and relevant with regard to the purpose it collected it. Since you will no longer work for them, request that trey destroy your fingerprint, it being no longer relevant or necessary.

    The list of APPs are here https://www.oaic.gov.au/individuals/privacy-fact-sheets/gene…

    • [Deactivated] on 28/07/2018 - 16:27

      Thanks will look into this further.

      • Hessian Sack on 29/07/2018 - 10:17
        +1

        But make sure you look into the Employee Record Exemption too

        https://www.oaic.gov.au/individuals/faqs-for-individuals/wor…

        'a private sector employer does not need to comply with the Australian Privacy Principles (APPs) in the Privacy Act when it handles current and past employee records for something that is directly related to the employment relationship'

  • myusername on 28/07/2018 - 15:19
    +5

    your employer will be happy to see you leave

    • [Deactivated] on 28/07/2018 - 16:28
      -4

      Yeh, because caring about my privacy tells you everything you need to know about my personality and work ethic to be able to make that judgement. Go stick it where the sun doesn't shine :)

      • try2bhelpful on 29/07/2018 - 07:44
        +2

        No, your obnoxious personal attacks tell us everything about your personality and work ethic. If you showed these responses to your next, potential, employer you won’t get the job. Given the examples here I would agree your current place of work is unlikely to miss you.

  • robbyjones on 28/07/2018 - 15:27
    +4

    You sound like a fun guy.

    • [Deactivated] on 28/07/2018 - 16:29
      -3

      Caring about your privacy is always fun. Not caring makes you a sheep like almost every person that has commented on my post.

      • Mrbean007 on 28/07/2018 - 17:09

        Lol I understand where your coming from as my work has one as well sooner or later I'm sure it will be mandatory with every job and anything you do that's the way the future is heading unfortunately.

        Passports have face detection.

        Clubs have photo scanning when entering
        Swimming pools have it as well.

        Unfortunately we are just another number sooner or later I'm sure every person will have a chip planted on there arms or somewhere in the future.

        • payton on 28/07/2018 - 17:21

          wait till pools make urine sampling mandatory.
          The days of kids peeing in the pool will be relegated to history!

  • [Deactivated] on 28/07/2018 - 16:26
    +9

    I have just completed hacking into the finger print reader at your work and forwarded the biometric data to asio and the immigration office.

    • [Deactivated] on 28/07/2018 - 16:30
      -6

      Forward it to your tight bottom too so you can keep it with all the other shit.

      • [Deactivated] on 28/07/2018 - 16:31
        +10

        Thanks for the tip. Done

  • Strahany on 28/07/2018 - 16:47
    +4

    Low level identity theft is something everyone should be concerned about. Many people are careless with sensitive information like their licenses, medicare cards, bills in the rubbish bins etc, and open themselves up to coughing up 100+ points of ID which can be used for lines of credit. In these cases, the criminals don't discriminate between people - so long as your credit rating is healthy enough to open said accounts, then it doesn't matter if you're earning 40K per year or 500K.

    But I honestly don't understand when the average person becomes so paranoid for situations outside of this. You have to ask yourself what someone could do with your data, the motivation to do it, and the difficulty in doing so. For someone like a multi-national corporation (I believe someone said it was Target?) what possible motive could they have to use their employee's fingerprints? Here we have a company with billions of dollars to lose in potential lawsuits, over what? Can you imagine how little someone could do with a finger print on one of these machines (which are actually fairly low in accuracy, for what its worth)?

    Are we suggesting that Target might want to frame an ex-employee of a crime? That's absurd, but let's entertain the idea. Firstly they would have to somehow recreate an accurate representation of the fingerprint from an inaccurate machine. Let's assume that the machine is 100% accurate though, for argument's sake; okay, then what? They would then have to have a crime they wish to commit and benefit from (since we can safely assume the average (read: all) ex-employees have zero leverage against target, e.g blackmail material, so therefore they have no malicious motivation). So even if we could find such a crime, this crime would need to be framed such that a given ex-employee would appear to have a motive, the capability to do it (e.g can't use it overseas when you have an alibi for being in Australia), whilst also leaving no trace AND preventing each and every one of the several people required to execute this plan from whistleblowing. We're talking a situation whereby there are only a handful of extremely difficult ways in which this biometric data could be used for malicious intent. You almost necessarily require top level government co-operation to pull this off.
    Even if we flip the scenario and suggest that Target could suffer from a data breach and hackers could acquire these biometrics, you might then have the motivation (the data in the hands of a criminal or criminal organisation) but then all the other hurdles pop up.

    Sure, the only way to guarantee that this doesn't happen is to have your data scrubbed, so therefore there is a possibility that it could happen. But there's also a possibility that unicorns actually do exist, but you don't live your life according to this possibility, nor do you say that they might exist - you say that they don't exist because the probability is so absurdly low. So, unless you are going to live your life worried about unicorns, gremlins, human spontaneous combustion, or the ManBearPig, then there's no need to worry about this.

    • loulou1 on 28/07/2018 - 21:43

      Wait….
      Unicorns aren’t real? I want my mummy

  • myusername on 28/07/2018 - 16:54
    -4

    future 'disabled user'

    • [Deactivated] on 28/07/2018 - 17:03
      +6

      I'm not a little bitch. My parents raised me to have thick skin.

      • [Deactivated] on 28/07/2018 - 18:45
        +9

        Is that too much for you to comprehend?

        But there is a difference between thick skin and just plain rude

        • [Deactivated] on 28/07/2018 - 18:49
          +17

          This is a public light hearted forum. A person with thick skin would accept that and choose to either ignore or respond back with a bit of humour.

          Again, there is a difference between thick skin and rudeness. Just like there is a difference between confident and cocky.

        • try2bhelpful on 29/07/2018 - 07:38

          @TightBottom: completely agree.

        • Zachary on 29/07/2018 - 14:42

          @TightBottom: ooooooh he's got you there….

  • JimmyF on 28/07/2018 - 17:06
    +1

    legal rights I have to request any biometric data be deleted and proof that this has happened

    The 'finger print' the software has isn't a picture/scan of your finger, but just datapoints etc that it checks to verfiy its you.

    Its not like they can print out a 3d finger of yours and frame you.

    This was not in the contract that I signed

    I'm pretty sure they have some wild open ended catch all statements in there to say it is.

  • sahh on 28/07/2018 - 17:30

    Do you use an iPhone/smart phone that uses finger print sign in? A few of my friends have stayed in passcode sign in for the same reason, to protect their privacy.

    • [Deactivated] on 28/07/2018 - 17:42

      Yes, I do. I refuse to use any form of biometric security on my phone.

      • smuggler on 29/07/2018 - 10:51
        +5

        lol

        Where do you buy your aluminium foil from?

  • boomramada on 28/07/2018 - 19:17
    +8

    So you wouldn't be travelling to Japan/Singapore? I like to see you asking immigration officer to delete your records upon departure 😂

    • kaleidoscope on 29/07/2018 - 10:38

      Exactly what came to my mind too 😂😂😂.

    • JimmyF on 29/07/2018 - 15:36

      USA is the same as well.

  • Piranha2004 on 29/07/2018 - 09:26

    Surely they would have a privacy policy for these sort of things. Maybe ask what their processes are for offboarding employees

  • DiscoJango on 29/07/2018 - 09:38
    +1

    my years ago on my way to canada we stopped over in hawai. since its part of the usa we had to get finger printed and retina scanned. felt like a criminal being entered into the system.

  • Black Brown Blue on 29/07/2018 - 09:58

    What else are you going to ask to be removed
    Home address, phone number, your name?
    Your fingerprint is stored under your name. If you are worried about it falling under wrongs hands, how is that different to having your card details stolen. In your situation since there is no privacy declaration signed, there is nothing you can do except just ask them nicely.

    Also, millions of iPhone users also have their fingerprints stored on phones.

  • Powershopz on 29/07/2018 - 10:10
    +5

    I think your tin foil hat is on too tight.

  • peterpeterpumpkin on 29/07/2018 - 12:03

    You've come to the right place :)

    The answer is yes, according to the Office of the Australian Information Commissioner (OAIC), a private company must either destroy or de-identify your personal and biometric data when it is no longer needed. You can follow the links in here: https://www.oaic.gov.au/agencies-and-organisations/faqs-for-…, and contact OAIC for any concerns you may have.

    Unfortunately, this is one of those areas where a company can say they've destroyed the data but the truth will only be revealed upon auditing or hacking revelations. The truth is that most application developers and business people aren't that knowledgeable of security to begin with (I'm not). It was already discovered that the Android app for India's massive Aadhaar system was storing biometric data in an easily accessible local database.

    I just felt I should point out that today's biometrics aren't very secure to begin with so hopefully their identity-theft black market value decreases with time. Despite how cool it looks in old movies, it's only ever useful for consumer-grade multi-factor authentication. With advances and cost-reductions in 3D printing, fingerprinting as a security measure will be harder to defend in court.

  • No on 29/07/2018 - 12:48

    I think its a bit harsh to say OP is wearing a tin toil hat etc.. The less data that is out there on you the less chance you accidentally become a easy suspect in a crime where the cops lifted the wrong prints or something .

  • justwii on 29/07/2018 - 12:51

    Should have posted on ozbargain asking where do they sell bargain fake finger tip before they started taking your fingerprints.

  • [Deactivated] on 29/07/2018 - 13:43

    just dont have a job :p

    employers require signature too when accepting the role… who knows they could use your signature to open a home loan!

  • errorius on 29/07/2018 - 14:21

    We have a finger scanner in our company. Same one that Qantas has. Qantas workers went to court and tried to ban it but because system doesn't store your actual finger print and it only stores partial data they lost the case as it is not considered a finger print scanner.
    Thing is that data is useless to a 3rd party. Even police won't be able to use it to identify a person if it comes to it.

  • Moderatorneil on 29/07/2018 - 16:25

    Discussion is fine but if you want to be rude and disrespectful to others then find your own answer elsewhere. Comments closed.

Login or Join to leave a comment
Login Join