In privacy and employment disputes procedure may be profoundly important. One example is
Jeremy Lee
v
Superior Wood Pty Ltd
[2019]
FWCFB 2946, where the Fair Work Commission Full Bench has upheld the appeal by timberworker Jeremy Lee over his dismissal by Superior Wood regarding Lee's refusal of employee to use biometric fingerprint scanning to record site attendance.
As noted in a practitioner guide chapter that I contributed last year, Lee was dismissed by Superior Wood and took action in the Fair Work Commission on the basis that the dismissal harsh, unjust or unreasonable. Commissioner Hunt on on 1 November 2018 in matter U2018/2253 -
Jeremy Lee v Superior Wood Pty Ltd [2018] FWC 4762 - dismissed Lee's application for an unfair dismissal remedy on the basis that his dismissal by Superior Wood was not harsh, unjust or unreasonable, and therefore not unfair, for the purposes of section 387 of the
Fair Work Act 2009 (Cth). The FWC Full Bench has now upheld Lee's appeal from that decision, which is quashed, determining on a rehearing that the dismissal was unfair.
Superior Wood operates mills in Queensland. Lee was employed as a casual general hand (with a total period of service of approximately 3 ¼ years). He was dismissed for noncompliance with Superior Wood’s Site Attendance Policy by refusing to use newly introduced fingerprint scanners to sign on and off for work at the site. Lee claimed of ownership of the biometric data contained within his fingerprint, arguing that biometric data is sensitive personal information under the
Privacy Act 1988 (Cth), that Superior was not entitled to require that information from him, and that his refusal to give the information was not a valid reason for his dismissal.
When the biometric scheme was introduced in 2017 Lee refused to register his fingerprints, continuing to sign in and out using the site’s sign in/out book. He expressed concern about control of the biometric data and Superior's inability of to guarantee no third party access or use of that data once stored electronically, being told the scanner implementation was proceeding and that “he had a decision to make”.
The FWC Full Bench notes that in November Lee wrote to Superior
setting out his concerns about the use of the scanners and collection of his biometric data. On 22 November 2017, Superior Wood responded in writing and provided a document from the scanner’s supplier, Mitrefinch, explaining the nature of the data collected and stating that it could not be used “for any other purpose other than linking your payroll number to a clock in/out time”. Subsequent meetings were held throughout December 2017, related to Mr Lee’s ongoing refusal to use the scanners to sign in and out of work.
On 21 December 2017, the Policy was introduced and on 2 January 2018, the scanners were formally implemented after a seven week trial period.
On 9 January 2018, Mr Lee was given a verbal warning for refusing to use the scanner. On 11 and 17 January 2018, written warnings were issued to Mr Lee, advising that a continued failure to follow the Policy would result in termination of employment. On 18 January 2018, Mr Lee wrote to Superior Wood seeking to resolve the dispute in a way that would allow him to keep his job, but retain ownership over his biometric data. The issue was again discussed on 24 and 30 January 2018. On 6 February 2018, a show cause letter was issued. Mr Lee’s employment was terminated on 12 February 2018.
In discussing the first instance decision by Commissioner Hunt, the Full Bench states
In the Decision, the Commissioner dealt with the question of whether the Site Attendance Policy was reasonable. In summary, she concluded that the Policy was not unjust or unreasonable because:
1. It improved safety in the event of an emergency by avoiding the need to locate the paper sign in and out book to ascertain attendance on site;
2. the scanners improved the integrity and efficiency of payroll;
3. Superior Wood had the right to manage its affairs by requiring employees to comply with the Policy, such that refusal to comply after adequate caution would not render any dismissal invalid.
The Commissioner also considered whether Superior Wood had complied with the Privacy Act. Our summary of her findings are as follows:
1. Biometric data collected by the scanners was ‘sensitive information’ under the Privacy Act, which applied to Superior Wood and required it not to collect information about a person unless:
a. the person consented to the collection of that information; and
b. it was reasonably necessary to collect the information for one or more of its functions or activities (Australian Privacy Principle 3.3).
Reasonably necessary
2. It was reasonably necessary to introduce the scanners at Superior Wood’s premises after a suitable period of time of duplication between the old and new payroll systems. The Finlayson Group [Superior's parent] wished to consolidate its payroll and do away with manual payroll handling and Superior Wood was the last entity in its group to adopt the scanners. Once a decision was made that scanning had been properly implemented, it was a reasonable course to adopt.
3. Having Mr Lee as the only employee in a group of either 150 or 400 employees, use an alternative method to sign on would be inefficient, inequitable, and a burden.
Consent to collection
4. Employees other than Mr Lee had given their implied consent to the collection of their data by registering their fingerprint for use by the scanners.
5. Mr Lee did not give express or implied consent to the collection of his sensitive information by the scanners.
The Full Bench states
There may have been a breach of the Privacy Act in the manner in which Superior Wood sought to obtain employee consent. Those were matters for the Australian Information Commissioner and the Privacy Commissioner.
Australian Privacy Principle 3.5 required sensitive information to be collected by lawful and fair means. There had been no collection of Mr Lee’s biometric data as he did not consent. Superior Wood did not unlawfully press his hand into a scanner to provide a template.
Notice about collection of personal information
Superior Wood did not inform its employees that the scanners collected their sensitive information; did not provide a collection notice to employees; and did not discuss its obligations in handling their sensitive information with employees. It merely informed them that the scanners were being introduced and that they would be required to use them.
Failure to provide a privacy collection notice to employees, prior to obtaining their personal and sensitive information, did not render the Policy unlawful.
Superior Wood informed Mr Lee that if his consent was not forthcoming, and he failed to comply with the Policy, dismissal was a likely outcome. It failed to inform him of the responsibilities Superior Wood and its associated entities would be required to meet under the Privacy Act.
The Full Bench states
Even if Superior Wood and its associated entities had provided Mr Lee with a privacy collection notice, he would not have provided his consent under any circumstances.
It was concerning that Superior Wood did not provide a collection notice to employees about the collection and use of their data and it was disturbing that neither it, nor the [Superior parent], had an appropriate privacy policy, as the Privacy Act had been in force since 2001.
Mitrefinch, who supplied the scanners to Superior Wood, did not have a relevant privacy policy until May 2018, and its evidence about its own obligations to collect and use personal and sensitive information in accordance with Australian privacy laws was “poor and rather disturbing”.
AUS IT Services Pty Ltd, an IT company charged with ‘looking after data’ on FTH servers (including data collected by Superior Wood), knew its obligations under the Privacy Act and had given assurances to FTH that it would meet those obligations.
The Employee records exemption under s.7B(3) of the Privacy Act applied to employee records once they have been obtained or held. That exemption did not ameliorate Superior's obligation to issue a privacy collection notice to Lee and other employees. Superior was not exempt from complying with Australian Privacy Principle 3.3 by reason of the s 7B(3) exemption. It was not entitled to collect Mr Lee’s sensitive information without his consent.
In considering ownership and storage of personal information the FWCFB decision states
Principle 6 of the Australian Privacy Principles provides that if one entity collects personal information from a related body corporate, its primary purpose for collecting the information is deemed to be its’ related body corporate’s primary purpose for collecting that information. FTH and Superior Wood are related bodies corporate and it matters little who owned the fingerprint scanners or which entity as between FTH and Superior Wood gathered the data from those scanners or owned the servers that held the data, because Principle 6 applies.
The Commissioner separately made a number of observations and findings which appear to deal generally with whether there was a valid reason for dismissal. We summarise these below:
Mr Lee had made a concerted effort to identify alternatives to compliance with the Policy and there was no evidence that Superior Wood had taken any steps to evaluate the costs of those alternative data collection methods.
Other methods of employee identification and attendance verification were available, although some did not provide the same degree of certainty of identity verification or the additional safety benefits derived from access to attendance information on supervisors’ phones.
It was within Superior Wood’s rights as an employer to install the scanners and create a policy governing and mandating the use of scanners at the workplace.
Superior Wood made significant efforts to provide additional information about the scanners to Mr Lee and allay his concerns. It may not have grasped the precise nature of those concerns about his biometric information rather than his fingerprint. Even so, it gave him repeated opportunities to explain his objection and made several attempts to indicate to Mr Lee that his continued employment required adherence to the Policy.
Mr Lee’s concern about his fingerprint being reconstructed from scanned data is ‘incorrect’.
Mr Lee was entitled to withhold his consent, as he did. However, doing so meant he had failed to meet a reasonable request to implement a fair and reasonable workplace policy.
In all the circumstances, and having regard to potential breaches of the Privacy Act, there was a valid reason for dismissal.
Having found a valid reason for dismissal, the Commissioner considered the other criteria in section 387 of the Act, which for the most part sit outside the scope of the identified appeal grounds set out below.
In relation to section 387(h), the Commissioner made the following additional findings:
1. Mr Lee’s position in relation to the use of his biometric data by the scanners was at odds with his position in relation to the use of other biometric data and his DNA (in connection with drug and alcohol testing); and
2. Mr Lee’s objection to the use of his biometric data by Superior Wood, FTH and a third party supplier was unreasonable when taking into consideration the purposes of the Policy, improvements to payroll and health and safety and the alternatives that would have been required to be put in place for him.
The Commissioner concluded at [247] of the Decision that the dismissal was not, in all the circumstances, harsh, unjust or unreasonable and therefore not unfair. She dismissed Mr Lee’s application.
In considering Lee's appeal the FWC Full Bench states
From the Notice of Appeal, we discern nine appeal grounds raised by Mr Lee in relation to the Decision:
- Ground 1 - The finding that failure to comply with the Policy was a valid reason for dismissal, given potential breaches of the Privacy Act and despite the finding that Mr Lee was entitled to refuse to provide his biometric data.
- Ground 2 - The finding that Mr Lee’s dismissal for protecting ownership of his sensitive information was not harsh, unjust and unreasonable in circumstances where he was threatened with dismissal for refusing to allow the collection of his biometric data.
- Ground 3- A mistake of fact by finding that the new scanners improved safety.
- Ground 4 - A mistake of fact by finding that Mr Lee did not consent to the collection of his biometric data, when he was never asked for his consent.
- Ground 5 - The finding that the introduction of biometric scanners was reasonably necessary.
- Ground 6 - The finding that employees gave implied consent by registering their fingerprints, instead of finding that biometric data was collected from employees other than Mr Lee by unlawful and unfair means.
- Ground 7 - The failure to find that implied consent is not sufficient for the purposes of collecting sensitive information.
- Ground 8 - The finding that there was no breach of the Privacy Act with respect to the collection of information from Mr Lee, because his data was never collected.
- Ground 9 - The finding that consent is implied by providing a scan, but that a breach of the Privacy Act only arises if a scan is taken, with the result that Superior Wood could never breach Mr Lee’s privacy if no scan was taken.
We now turn to consider these grounds.
Grounds 1 and 8 – whether having regard to the Privacy Act, failure to comply with the Policy was a valid reason for dismissal
It is well established that a valid reason is one that is sound, defensible or well founded, and not capricious, fanciful, spiteful or prejudiced. The reason must be valid in the context of the employee’s capacity or conduct. Consideration of valid reason must have regard for the practical sphere of the relationship between an employer and an employee, balancing the rights, privileges, duties and obligations conferred and imposed on each to ensure a fair outcome.
It is not in dispute that Mr Lee was aware of the Policy and its contents. Nor is it in dispute that he refused to comply with the Policy and that his refusal was the reason for his dismissal.
There is no contention to the effect that the Policy formed part of Mr Lee’s contract of employment, with the result that he was obliged to comply with its terms. The contract provided as follows:
“2.2 Various policies, procedures and work rules also exist for the safe operation of Superior Wood Businesses and the welfare and interest of those who work for the organization.
2.3 You are required to comply with the conditions of employment as identified in the Enterprise Agreement, Policies, Procedures and Work Rules at all times. Policies are displayed at various locations throughout the operations:
• Superior Wood Intranet
• Lunchroom noticeboards
2.4 A copy of the display policies is also attached.”
As can be seen, the contract required Mr Lee to comply with the “various policies, procedures and work rules that exist” and that “are displayed at various locations” and that were attached to his contract in November 2014. A strict reading suggests that only those policies, procedures and work rules in place at the time of entry into the contract of employment were within scope of the requirement to comply.
The Policy came into existence well after he was employed, and there is no evidence that Mr Lee agreed to vary his contract of employment to incorporate the Policy as one of its terms. His refusal to comply with its terms is evidence to the contrary. We are not satisfied that compliance with the Policy was a term of his employment.
His obligation to comply with the Policy therefore depends on whether the direction to do so, using the scanners to sign in and out of work each day, was a reasonable and lawful direction.
The Policy
The Policy provides as follows:
“Site Attendance Policy
Due to company Workplace Health and Safety and Payroll requirements it is imperative all employees are accounted for on site.
Therefore as at the 2nd January 2018 it is policy that all employees must use the biometric scanners to record attendance on site.
It is reinforced that the biometric scanners do not take a finger print. The algorithm data used to record attendance cannot be used to generate a fingerprint.
Please ensure you scan in when arriving on site and leaving site at the end of your shift. If you are having issues with scanning please see your supervisor. If you fail to use or attempt to use the biometric scanner then disciplinary action may be taken. Signing the attendance sheets alone is no longer acceptable.
The Directors and Superior Wood Leadership would like to thank employees for their assistance and patience during the ‘trial’ period.
Ian Swinbourne
Manager”
According to the Policy, all employees must use the scanners to record their attendance on site, both when arriving and leaving the site. Signing attendance sheets alone is no longer acceptable.
To comply with the Policy, employees must first register their fingerprint for use with the scanners and then use their fingerprint to scan in and out of work each day. The terms of the Privacy Act require consent to the collection of employee biometric information by Superior Wood to be used for the purpose of automated biometric verification or biometric identification. The Privacy Act
The Privacy Act commenced on 1 January 1989. Relevantly, it applies to an “APP entity”, including an organisation that is a body corporate. It is common ground that Superior Wood is an APP entity.
Section 2 sets out the objects of the Privacy Act, which include:
(a) To promote the protection of the privacy of individuals;
(b) To recognise that the protection of the privacy of individuals is balanced with the interests of entities in carrying out their functions or activities; and
(d) To promote responsible and transparent handling of personal information by entities.
The Full Federal Court has observed that the Privacy Act reflects the Parliament’s concern to recognise and protect individual privacy within the framework of a complex statutory regime. It is to be construed so as to give effect to Australia’s international obligations, so far as the statutory language permits. The Privacy Act contains a series of statutory provisions “which protect the privacy of individuals from unlawful or arbitrary interference” but also specify “circumstances (or “exceptions”) which reflect the Parliament’s concern to strike an appropriate balance between competing community interests.” Those exceptions are to be interpreted carefully, with an eye to preserving the balance struck. The Privacy Act does not make paramount the protection of individual privacy. What it does, or seeks to do, is to protect individual privacy from arbitrary or unlawful interference.
Section 13 of the Privacy Act deals with interferences with privacy. Relevantly, an act or practice of an ‘APP entity’ is an interference with the privacy of an individual if it breaches an Australian Privacy Principle in relation to personal information about the individual. By reason of section 15, acts and practices that breach an Australian Privacy Principle are prohibited.
Separately, section 13G is a civil penalty provision dealing with serious and repeated interferences with privacy. It covers serious interferences with the privacy of an individual as well as repeated acts or practices that are an interference with the privacy of one or more individuals.
There are exceptions to the general obligation to comply with the Australian Privacy Principles. Section 16A sets out some of those exceptions, which relevantly include the collection, use or disclosure of personal information where:
1. it is unreasonable or impracticable to obtain the individual’s consent to that collection, use or disclosure; or
2. there is reason to suspect unlawful activity or serious misconduct and a reasonable belief that such collection, use or disclosure is necessary for the purposes of taking appropriate action.
It was not contended, and we are not satisfied, that any of the section 16A exemptions applied to the collection of Mr Lee’s fingerprint.
Section 7B(3) of the Privacy Act also contains an exemption in relation to employee records. An act done, or a practice engaged in, by an employer that is directly related to a current or former employment relationship between the employer and the individual and an employee record held by the organisation and relating to the individual, is exempt from the obligation to comply with the Australian Privacy Principles.
“Employee record” is a defined term and in relation to an employee, means a record of personal information relating to the employment of the employee.
The Australian Privacy Principles
The Australian Privacy Principles are found in Schedule 1 to the Privacy Act.
Principle 1 provides for open and transparent management of personal information. Among other things, it requires (at 1.3) that entities have a clearly expressed and up to date policy about their management of personal information.
Principle 3 deals with the collection of solicited personal information that is solicited by an APP entity. It prohibits the collection of sensitive information about an individual, unless that person consents to the collection of the information, and the information is reasonably necessary for one or more of the entity’s functions or activities (at 3.3). ‘Sensitive information’ includes biometric information that is to be used for the purpose of automated biometric verification or biometric identification. It is not in dispute that the collection of fingerprint data by the scanners meets the description of sensitive information. Collection of personal information may only occur by lawful and fair means (at 3.5).
Principle 5 deals with notification of the collection of personal information. It provides that, at, before or (if that is not practicable) as soon as practicable after the time that an APP entity collects personal information, it must take reasonable steps to notify the individual of certain specified matters, or to otherwise ensure the individual is aware of those matters. That which must be notified to an individual depends on what is reasonable in the circumstances. The specified list of matters includes:
1. The identity and contact details of the APP entity;
2. If personal information is collected from someone other than the individual, or the person may not be aware that the organisation has collected the personal information, the fact that the APP entity does, or has, collected the information and the circumstances of that collection;
3. The purposes for which the APP entity collects the personal information;
4. The main consequences for the individual if all or some of the personal information is not collected by the APP entity;
5. Any other entity or type of entity to which the APP entity usually discloses personal information of the kind collected;
6. That the APP entity’s privacy policy has information about how to access one’s personal information and seek its correction;
7. That the APP entity’s privacy policy has information about how to make complaints about breaches of the Australian Privacy Principles and how complaints will be dealt with by the APP entity;
8. Whether the APP entity is likely to disclose the personal information to overseas recipients; and
9. If overseas disclosure is likely, the countries where recipients of personal information are located (if practicable to identify).
We will refer to the requirement to notify individuals in accordance with Principle 5 as a requirement to issue a ‘privacy collection notice’.
Principle 8 deals with the cross-border disclosure of personal information. Before an organisation discloses personal information about an individual to an overseas recipient, it must take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to that information. There are some exceptions to Principle 8, but none appear presently relevant.
Principle 11 deals with the security of personal information. If an organisation holds personal information, it must take such steps as are reasonable in the circumstances to protect the information, and to destroy that information once it is no longer needed in the relevant sense.
Principles 12 and 13 deal with access to, and correction of personal information.
Was the direction lawful?
As noted above, Mr Lee was directed to consent to the collection of his biometric information by Superior Wood, for use for the purpose of automated biometric verification or biometric identification. He did not consent as required, and his fingerprint was not collected.
However, in our view, Principle 3 has a broader application than that contended for by Superior Wood. An entity “collects” personal information if they collect that information for inclusion in a record or generally available publication. Superior Wood did not breach Principle 3 by actually collecting Mr Lee’s sensitive information. Principle 3 also deals with the solicitation of information (see 3.7). An entity “solicits” personal information if it requests another entity to provide the personal information. The express requirement to obtain an individual’s consent would become meaningless if Principle 3 was only enlivened once information had been collected. Construed in context, Principle 3 applies both to the solicitation and collection of sensitive information. It necessarily operates at a time before collection, because an APP entity ‘must not’ collect sensitive information ‘unless’ the individual consents to that collection. Any collection that occurs without first having obtained consent to that collection would be contrary to Principle 3.
Mr Lee was directed to submit to the collection of his fingerprint data in circumstances where he did not consent to that collection. In our view, the direction was directly inconsistent with Principle 3. The Commissioner was correct to find that Mr Lee was entitled to refuse to provide his biometric data under the Policy.
The Policy, and the direction, were issued in circumstances where at all relevant times, Superior Wood did not have a privacy policy as required by Principle 1. There is no evidence that it was even aware that one might be required.
Superior Wood also had not issued a privacy collection notice to Mr Lee (or any other employee) in accordance with Principle 5. That is not to say that Superior Wood failed to give any information to Mr Lee as required by Principle 5. Plainly, he was aware of Superior Wood’s identity and contact details and there is no dispute that he was also informed of the purpose for collecting the information, which was to enhance its payroll system and improve workplace safety. He was informed of the main consequences for him if the information was not collected – that is, he would face disciplinary action and ultimately, termination of employment.
However, it seems to us that it would also have been reasonable to notify Mr Lee of some of the additional matters set out in Principle 5. That included information about the range of other entities that were likely to have access to his sensitive information, including FTH, Mitrefinch and AUS IT Services. It should also have included information about Superior Wood’s privacy policy (which it was required to have) and information in relation to privacy complaints and how to access his personal information. The fact that Superior Wood did not have a privacy policy does not mean it would not have been reasonable to provide that information, in circumstances where its inability to do so arose from its apparent breach of Principle 1.
As to the timing of the privacy collection notice, there is no basis for concluding that it was not practicable for Superior Wood to provide this information to Mr Lee, either before or at the time it sought to register his fingerprint for use with the scanners. While it first sought to do so approximately one week after the scanners were announced, formal implementation of the scanners was trialled throughout November and December 2017 and only commenced from early January 2018. Mr Lee was dismissed in February 2018 and the manual sign in and sign out system continued in use on site until it was discontinued in or about June 2018. There was no shortage of time available to Superior Wood to collate and provide the information described above to Mr Lee.
Superior Wood submits that despite the absence of a privacy policy and privacy collection notice, it did not breach the Privacy Act because the employee records exemption applied in relation to the fingerprint scanner. We understand the submission to be to the effect that all records generated by an employer, including those that have not yet been created, are within the scope of that exception. We do not agree. It is inconsistent with the plain words of the statute, which are in the present tense and refer to a record “held by” the organisation. An entity “holds” personal information if they have possession or control of a record that contains the personal information.
Neither the text of section 7B nor the surrounding provisions of the Privacy Act support a wider construction. Section 8 uses the language of an agency that “does not hold that record” or “holds that record”. Section 10 deems certain agencies to hold a record if it is “in the care” or “in the custody” of a different agency.
In context, it is clear that the wording of section 7B(3) speaks to an act or practice in relation to an actual record held by the organisation that relates to a particular individual. It does not encompass employee records that are yet to be held by an organisation. Nor is the act or practice of generating employee records an act or practice directly related to the relationship between an employer and a particular employee. It is an act or practice in relation to employees generally.
It follows that we agree with the Commissioner’s finding that the employee records exemption applies to records obtained and held by an organisation. A record is not held if it has not yet been created or is not yet in the possession or control of the organisation. The exemption does not apply to a thing that does not exist or to the creation of future records.
The significance of that finding is that the Australian Privacy Principles applied to Superior Wood in connection with the solicitation and collection of sensitive information from employees, up to the point of collection. Once collected, the employee records exemption was enlivened and the Privacy Act no longer regulated its use or disclosure.
For the reasons set out above, we consider the direction to Mr Lee to submit to the collection of his fingerprint data, in circumstances where he did not consent to that collection, was not a lawful direction. Moreover we consider that any “consent” that he might have given once told that he faced discipline or dismissal would likely have been vitiated by the threat. It would not have been genuine consent. Given this finding, it is not necessary to consider whether the direction was reasonable. Nonetheless had it been necessary to do so we conclude the direction was unreasonable. A necessary counterpart to a right to consent to a thing is a right to refuse it. A direction to a person to give consent does not vest in that person a meaningful right at all. Such a direction is in the circumstances of this case, unreasonable. It was not a valid reason for dismissal.
We uphold Grounds 1 and 8 of the appeal. Given our findings, it is not necessary to deal further with Ground 9 of the appeal.
Ground 2 - finding that Mr Lee’s dismissal for protecting ownership of his sensitive information was not harsh, unjust and unreasonable in circumstances where he was threatened with dismissal for refusing to allow the collection of his biometric data
For the reasons we set out above, Superior Wood did not have a valid reason for dismissal arising from Mr Lee’s refusal to comply with its Policy. That reason was the sole reason for dismissal, and no other separate matter that might give rise to a valid reason for dismissal is apparent on the materials or submissions in this case.
The Commissioner properly considered each of the factors relevant to whether a dismissal is harsh, unjust or unreasonable within the meaning of section 387 of the Act. For the most part, those findings are not challenged in this appeal. However, her findings in relation to section 387(h) do have a bearing on the matters raised in this appeal.
Firstly, the finding that Mr Lee’s position in relation to the use of his biometric data by the scanners was at odds with his position in relation to DNA in connection with drug and alcohol testing had its origins in questions raised independently of the parties by the Commissioner.
The evidence of Mr Lee on the matter was to the following effect:
• he had never been the subject of drug and alcohol testing at work;
• there was a company policy requiring urine testing under certain circumstances;
• if required under that policy, he would undertake a urine test;
• his concerns about a third party provider holding his information from a urine test were different to his concerns about third party providers holding his biometric data, because he didn’t think they would be getting DNA or any kind of biometric data; and
• that he did not know how drug and alcohol testing worked;
• he would be okay with a hypothetical scenario involving a drug and alcohol test required by Superior Wood, but carried out by a third party, which then took a DNA sample to a laboratory for further testing.
In our view, this evidence was of limited probative value in relation to matters the Commissioner was required to determine. There was no evidence in the proceeding of any actual testing, or testing procedure. There was no evidence of what the company policy was in relation to drug and alcohol testing, other than Mr Lee’s evidence above and induction material which refers simply to a “process” that “Superior Wood conducts” (although it is not clear that this material was in existence at any time prior to Mr Lee’s dismissal). There was no detail as to the actual method of collection or holding of DNA, or whether those functions might be outsourced to a third party. To the extent that the Commissioner relied on Mr Lee’s evidence in this respect and weighed it against a finding of unfair dismissal, we consider she was in error.
Secondly, the Commissioner held that Mr Lee’s objection to the use of his biometric data by Superior Wood, FTH and a third party supplier was unreasonable when taking into consideration the purposes of the Policy, improvements to payroll and health and safety and the costly alternatives that would have been required to be put in place for him. Her conclusion in this regard is likely to have been informed by her earlier conclusion that there was a valid reason for dismissal. In our view, this conclusion constituted an error which tainted the approach to weighing up the various factors relevant to whether the dismissal was harsh, unjust or unreasonable.
We uphold this ground of appeal.
Ground 3 - mistaking the facts in finding that the new scanners improved safety
This appeal ground raises for consideration the Commissioner’s findings at paragraph [198] and [229] of the Decision, as follows:
“[198] It is entirely reasonable for the employer to improve upon an inherently unsafe obligation to run to the front administration office in the event of an emergency, locate a paper sign-on sheet and attempt to ascertain who is at work over a site of significant size. On the evidence before the Commission, supervisors can immediately see who from their area of work is present in the workplace using the information collected through their adherence to the Site Attendance Policy and displayed on a supervisor’s phone.
…
[229] Further, I note that the scanners allowed for additional safety benefits beyond simple attendance verification, such as reviewing site attendance on supervisors’ phones. The other methods identified by Mr Lee do not provide such additional benefits.”
Mr Lee contends that the evidence did not establish that the scanners improved safety. In support of this contention, he claimed that a fire alarm did sound after the introduction of the scanners and rather than rely on information gleaned from the scanners, Superior Wood relied on the manual sign in and out sheets to verify attendance on site.
We agree with Mr Lee as to the effect of the evidence in relation to the fire alarm in January 2018. The timing coincides with the scanners having been formally implemented after a trial period. However, despite its formal implementation, both the scanners and the manual sign in and out sheets remained in use.
In our view, the primary purpose for introducing the scanners was to address payroll issues across the Finlayson Group. However, we accept that the potential for improved safety was also a reason for its introduction. The Mitrefinch Proposal put forward the prospect of safety improvements. From its initial communication with employees in 2 November 2017, Superior Wood consistently referred to its perceived benefit of helping to keep track of people on site. It appears to us that prima facie, this makes logical common sense.
We do not necessarily agree that it was “inherently unsafe” to have to run from the front office in the event of an emergency to locate the sign in and out sheets. However, we are satisfied that there was a sufficient evidentiary basis for the Commissioner to find that the scanners, through their capacity to display attendance records on supervisor’s phones, offered safety benefits, even though the main function was clearly to improve its payroll operation.
We reject this ground of appeal.
Ground 4 - mistaking the facts in finding that Mr Lee did not consent to the collection of his biometric data, when he was never asked for his consent
In our view this ground of appeal is misconceived. We accept that Superior Wood’s request for Mr Lee’s biometric data was expressed in the form of a direction, rather than a choice. It was nevertheless a request for his consent. It thereafter erroneously sought to negate his choice by threatening him with disciplinary action.
Mr Lee’s correspondence to Superior Wood on 7 November 2017 expressly stated that he was “unwilling to consent to having his fingerprints scanned” because he regarded his biometric data as personal and private.
According to Mr Lee, on 24 January 2018 Skene Finlayson, Director of Superior Wood, asked him if he would use the scanner, and he said no. This plainly amounted to a request, albeit one which he refused.
Accordingly, this ground of appeal is rejected.
Ground 5 - finding that the introduction of biometric scanners was reasonably necessary
This ground of appeal raises for consideration the Commissioner’s findings at paragraphs [203], [204] and [215] of the Decision.
The relevant findings are as follows:
“[203] Having regard to the issue of whether the introduction of biometric scanners at the Superior Wood premises is ‘reasonably necessary’, I have no hesitation in so finding. For the same reasons stated earlier, the Finlayson Group wished to consolidate its payroll. Superior Wood was the last entity to have the scanners introduced, and after a suitable period of time where there was duplication, it was a reasonable course for the employer to then remove the paper payroll system to join in with its parent entity activities. Once Superior Wood and the Finlayson Group was satisfied the biometric scanning was properly implemented, the entities wished to do away with all manual payroll handling. Once that decision was made, I do then consider the collection of the biometric information to be reasonably necessary for its functions or activities.
[204] On a fairness and reasonableness consideration, I am minded to side with the views of management of Superior Wood that having Mr Lee use some alternative method such as a swipe pass or continue to use a paper sign-on would be inefficient, inequitable, and a burden. Requiring a manual pay run to be implemented for a single employee, as against either 150 employees or 400 employees in the group would be an onerous obligation.
…
[215] At this point in time I am satisfied that the collection of the private and sensitive information was for a function or activity that was reasonably necessary. I am disturbed that none of the organisations, except the IT provider has in place a privacy policy, and I am concerned that there was a failure by Superior Wood to issue a collection notice.”
The evidence in relation to alternatives to fingerprint scanners was limited. The Mitrefinch proposal to FTH confirms that it offered data capture alternatives to fingerprint scanners, including key fobs and swipe cards. Other options set out in that proposal included computer and mobile login systems, as well as SMS and email options. The Commissioner concluded at paragraph [227] of the Decision that there was no evidence of any evaluation of the costs of alternative options by Superior Wood. In our view, there was no evidence that it even considered those alternatives.
It was established that for many months after Mr Lee was dismissed, and notwithstanding the formal introduction of the scanners from 2 January 2018, manual sign in and out sheets continued to be used at the site. The timing of the decision to dismiss Mr Lee in February 2018 is therefore difficult to explain. Mr Finlayson gave evidence that Mr Lee would not have been able to be paid through the payroll system if he did not use the scanners, and yet there does not seem to be any controversy that he was in fact paid after the scanners were formally introduced.
Both Mr Finlayson and Mr Swinbourne gave evidence that Superior Wood could not allow Mr Lee to continue to sign in and out manually because it left Superior Wood open to time recording inaccuracy and fraud; they would not know where he was in case of emergency; the costs of an alternative mechanism were too high; and for reasons of consistency with other employees.
No evidence was introduced to establish that Mr Lee posed a risk to Superior Wood in relation to inaccurate time recording or fraud. Rather, the evidence tends to the contrary view.
In our view, the notion that Superior Wood would not know where Mr Lee was in case of an emergency was, in the present case, somewhat overstated. Whether Mr Lee used the manual sign in and out sheets or the scanners, the data then recorded would not have allowed it to locate him at a particular place during work on what was described by Mr Finlayson as a very large site. On the one occasion where there was evidence of having to verify attendance due to an emergency (that is, the fire alarm in January 2018), the manual records were relied upon rather than the scanners. Both systems remained in use well after his dismissal.
We have dealt above with the purported costs of an alternative to the scanners. That contention takes the matter no further.
Overall, the evidentiary basis for concluding that collection of Mr Lee’s fingerprint data was reasonably necessary for Superior Wood’s functions or activities was not compelling. It is clear that Superior Wood’s introduction of the scanners was administratively convenient for FTH, who operated the payroll system on its behalf. We also accept that had the direction to Mr Lee been lawful, it might also have been reasonable to decline to make an exception for him in circumstances where he was the only one of approximately 400 employees seeking a different method. However, neither of those matters establish that it was ‘reasonably necessary’ for Superior Wood to proceed with the collection of Mr Lee’s fingerprint, particularly in circumstances where other options had been identified and had not yet been considered.
For these reasons, we uphold this ground of appeal.
Grounds 6 and 7 - finding that employees gave implied consent by registering their fingerprints instead of finding that biometric data was collected from employees other than Mr Lee by unlawful and unfair means; and failing to find that implied consent is not sufficient for the purposes of collecting sensitive information
Mr Lee submits that the Decision is in error because it did not make findings at large about whether breaches of the Privacy Act effectively vitiated the consent of all other employees (which might otherwise be implied by their cooperation with the Policy). He also submits that a higher standard of consent is required in the collection of sensitive information, and the Commissioner was in error in not finding to that effect.
In our view, neither of those matters are findings the Commissioner was required to make. Her task was to consider the circumstances relevant to Mr Lee’s dismissal by Superior Wood. Her finding that other employees gave implied consent by registering their fingerprints were made in response to the case put by Mr Lee. We discern no error in her finding, at least on a prima facie basis, that employees gave implied consent by registering their fingerprints.
As to whether a higher standard of consent is required in relation to sensitive information, that ground is not made out and nor is it apparent that it is a matter that falls for resolution by the Commission. Grounds 6 and 7 of the appeal are rejected.
For the foregoing reasons we have decided to uphold the appeal in C2018/6600 and quash the Decision.
In relation to the rehearing the Rull Bench states
We have decided to rehear the application.
Section 387(a) - was there a valid reason for the dismissal related to capacity or conduct?
For the reasons set out above, we find that there was no valid reason for the dismissal.
Section 387(b) and (c) - notice of reason for dismissal and opportunity to respond
There is no dispute that Mr Lee was given notice of the reason for dismissal on the numerous occasions outlined earlier in this decision and prior to his eventual dismissal. On each occasion, he was given the opportunity to respond to Superior Wood’s concerns and he took up that opportunity as he saw fit. These matters weigh against a finding of unfair dismissal.
Section 387(d) - any unreasonable refusal to allow a support person to assist in discussions relating to the dismissal
There is no evidence of any refusal to allow a support person to participate in discussions relating to the dismissal. It is a neutral consideration in this case.
Section 387(e) - warnings
Mr Lee was warned on multiple occasions that his failure to comply with the Policy may result in further disciplinary action including termination of employment. This weighs in favour of a finding of unfair dismissal given our findings as to the direction to comply with the Policy.
Section 387(f) and (g) - size of the employer’s business and access to dedicated human resources management specialists or expertise
Superior Wood is a business of reasonable size. There is no evidence that it employed dedicated human resources specialists or experts at, or prior to the time of dismissal, but nor is there any evidence that it did not have the means to access specialist advice had it wished to do so. It should have been, but was not, aware of and compliant with its obligations under the Privacy Act well before the introduction of the scanners. Its failure in this regard contributed substantially to a dismissal without valid reason.
To the extent that the size of Superior Wood’s enterprise would likely have impacted on the procedure adopted to effect Mr Lee’s dismissal, it was in Superior Wood’s failure to be aware of its obligations under the Privacy Act. In the circumstances this weighs in favour of a finding that Mr Lee’s dismissal was unfair.
As we have already noted, there is no evidence that Superior Wood had any dedicated human resources management specialists or expertise. As this consideration is concerned with the degree to which the absence of dedicated human resources management specialists or expertise would be likely to impact on the procedures Superior Wood followed in effecting the dismissal, the absence of any evidence one way or the other means that this matter is not able to be assessed and therefore weighs neutrally.
Section 387(h) - other relevant matters
We accept Mr Lee’s submission that once biometric information is digitised, it may be very difficult to contain its use by third parties, including for commercial purposes. In this case, various organisations required access to data obtained by the biometric scanners. Mitrefinch captured the data derived from the features of tissue lying beneath the skin and on the skin surface. Those features were converted into a template unique to the individual, using an embedded algorithm owned by another entity, ‘Lumidigm’. The template was stored on one or more of the site readers installed at FTH and Superior Wood sites. It was also stored on servers owned by FTH, which were accessible remotely by at least FTH, Mitrefinch and AUS IT Services, who operated the servers.
The data was used by ‘Ironbark’ to operate the FTH payroll system and by FTH to process the payroll for FTH and Superior Wood.
There is no evidence that any of these entities had, at the relevant time, any actual mechanism in place to protect and manage information collected by Superior Wood, consistent with its obligations under the Privacy Act (other than the warranty of AUS IT Services that it would comply with the Privacy Act; a warranty which FTH also gave to it). In the circumstances, the concerns expressed by Mr Lee were not, in our view, devoid of merit. It is a matter that weighs in favour of unfair dismissal.
There was a dispute between Mr Lee and Superior Wood about whether the data captured by the scanners could be reproduced in the form of a fingerprint, which appears to us to be a matter of form rather than substance. Superior Wood’s rejection of Mr Lee’s concerns on this basis was misplaced. Whether the data was captured in pictorial or numerical form, it was data unique to the individual and derived from that individual’s biometric characteristics, above and beneath the skin. It was data that Mr Lee was entitled to seek to protect. Plainly, the parties have not addressed the question of an appropriate remedy, given this conclusion of the Full Bench.
The Full Bench concludes
It is apparent from the above that Superior Wood did not have a valid reason for the dismissal which related to Mr Lee’s capacity or conduct. This is a significant factor in the circumstances of this case. As we have also concluded, some relevant matters weigh neutrally, some weigh against a finding that dismissal was unfair and others weigh in favour of such a conclusion. However the procedural fairness matters do not weigh so heavily in favour of a finding that the dismissal was not unfair as to outweigh the significance of an absence of valid reason. After all, Superior Wood was procedurally fair in effecting the dismissal for a reason that was not valid and in contravention of its obligations under the Privacy Act. Therefore for the reasons set out above, on balance we find that Mr Lee’s dismissal was unjust. It was unjust because Mr Lee was not guilty of the conduct alleged. As the direction was unlawful he was entitled to refuse to follow it. Mr Lee was unfairly dismissed.
