Refusal to provide fingerprint held not valid reason for termination

For the first time the Full Bench of the Fair Work Commission had to deal with the question of whether a worker’s refusal to provide biometric data through fingerprint scanning, was a valid reason for dismissal. 

The worker was employed as a casual general hand at a sawmill (Superior Wood).  Superior Wood was part of a group of companies and said it introduced the measure because it wanted to consolidate its payroll system and improve its integrity and efficiency, while also improving safety by avoiding the need to locate the paper sign-in book in an emergency.

The worker refused because of his concerns “about the collection and storage of his personal information by the scanners and Superior Wood” and claimed that the Site Attendance Policy breached the federal Privacy Act 1988

The worker was dismissed in February 2018 because he did not comply with Superior Wood’s Site Attendance Policy when he refused to use newly introduced fingerprint scanners to sign on and off for work at the site.

The worker claimed ownership of the biometric data contained within his fingerprint and submitted that;

  • Biometric data is sensitive personal information under the Privacy Act
  • Superior Wood was not entitled to require that information from him; and 
  • That his refusal was not a valid reason for his dismissal.

At first instance, the Commission upheld the dismissal but on appeal the Full Bench held the employee’s refusal to provide biometric data through the scanning of fingerprints in this case did not constitute a valid reason for dismissal.

Superior Wood conceded that it did not have a privacy policy or provide employees with a privacy collection notice, but maintained that it did not breach the Privacy Act because the employee records exemption applied. The Full Bench said the exemption only applied once the information was collected.

The Full Bench found it significant that there was “no evidence that any of these entities had, at the relevant time, any actual mechanism in place to protect and manage information collected by Superior Wood, consistent with its obligations under the Privacy Act”.

The decision highlights two main things:

(a) contracts of employment should expressly require employees to comply with all policies and the like when and as they are introduced during the course of employment and as amended from time to time, not simply those that exist at the time that the contract is entered into; and

(b) an employer (such as a body corporate) that is an ‘APP entity’ for the purposes of the Privacy Act should have a written Privacy Policy that reflects the requirements of the Australian Privacy Principles, including in relation to the soliciting and collection of personal information of employees.

Jeremy Lee v Superior Wood Pty Ltd (2019) FWCFB 2946