This article has an interesting twist that could be of interest to the energy sector. White Castle (as in hamburgers) collected biometric data in the form of fingerprints without employee consent. In a 4-3 decision, the Illinois Supreme Court ruled that White Castle should be held accountable. White Castle estimates it could cost the company as much as $17 billion. In an unrelated 2020 case, Facebook (Meta) paid $650 million for applying facial recognition software without user consent.
With increased emphasis in data security, companies are applying methods to counter security threats, but perhaps without full awareness of the balance between protection from cybercriminals and the rights of employees. GDPR requirements are well known, but don’t always apply depending on location. Other regulatory forces such as the North American Transmission Forum (NATF) are pushing their supply chains for security techniques such as personal background checks.
Details on how to implement those techniques are lacking.
It would be worth a check to ensure your company policies are up to date.
- Darrell Massie, Sector Expert for EnerTech Capital