With the increase in popularity of wearable devices available in the mass market with devices such as smartwatches and activity trackers, it is likely you are wearing one now, or know someone who does. Each wearable device collects real-time information from the person and transmits the information via the internet.
When these wearables are applied in a business context, specifically in the mining industry, they can pose some legal and business questions that can affect the manner in which the wearables can be used. We discuss some of these questions in this article.
Wearables on a mine site
Fatigue management on mine sites where workers are surrounded by the operation of heavy machinery and the presence of open voids presents a significant concern for site safety. Wearables can be used for field maintenance and maintaining operator safety. With Proximity Detection Systems and Collision Avoidance Systems already largely utilised in mining as control measures for mobile machinery safety, there has been increasing interest in the use of personal wearables for personnel tracking and mine management in underground and open pit mines.
Alongside the monitoring of mine conditions such as ventilation, radiation and worker and equipment location, personal wearables can be used to locate workers in emergencies, as well as tracking sensor data such as a worker’s heart rate, body temperature or gas or radiation levels in the surrounding environment.
Some wearables also have the ability to monitor workers’ brain waves for signs of fatigue and evaluate levels of alertness to provide warnings to the operator. The benefits of wearables in mine site safety are clear. In addition, improvements in productivity and lowering of operational costs would also be a likely result.
What does this mean for mining companies?
Implementing any new technology such as digital wearables on a mine site requires attention to the underlying data that may be created, controlled or accessed by the digital wearable. The flow-on effects of introducing wearables on site are potentially far-reaching and will require effective planning and legal management.
If you and your company are considering introducing wearables on your mining operations, these are some issues you should consider:
The Wearable
In choosing a wearable, the wearable product should be robust, reliable and conform to regulatory standards. Selection of an appropriate wearable supplier will require time and resources in determining the parameters of use, any required modifications to the wearable and negotiations with suppliers. A mining company should consider how the wearable integrates with multiple software and hardware providers, utilising clear and comprehensive technology licence agreements.
Privacy
Currently in Australia, the law surrounding control over downstream use of data may not be fully effective for wearables as the technology develops faster than the associated regulations. It is likely that the legal landscape surrounding digital wearables will develop further.
One important legal consideration is in respect of the privacy of personal information. Under the current Federal privacy law, an entity has legal obligations under the Privacy Act 1988 (Cth) (Privacy Act), and is required to comply with Australian Privacy Principles in relation to the collection, storage, use and disclosure of personal data.
Since wearables collect information about individuals, a mining company should consider how this collection of data may contravene privacy regulations. This may require consideration of the company’s operational practices and procedures, including developing a privacy policy outlining how the digital wearable will be utilised, and the scope of information that will be collected, comply with privacy regulations.
The data is likely to be handled by multiple entities on the supply chain. The legal obligation to take reasonable steps to secure personal data also extends to any third party handling personal data on the company’s behalf. The company must take reasonable steps to ensure that any overseas recipient does not breach the Australian Privacy Principles. As such, consideration should be given to third party privacy practices and service arrangements with third party providers around data management such as ownership, control and protection as these may impact on the company’s liability.
For this reason, it is important that contractual agreements clearly set out data ownership and controls, including ensuring that the jurisdiction in which data is stored and processed has strong privacy and security protections. It must also be noted that given the ease of moving data into other jurisdictions, there is a risk that negotiated contractual protections may not be enforceable against third parties.
Duty of care
Depending on how a mining company decides to utilise the data acquired from wearables, there could be implications in workplace law. Using wearables to collect data in conjunction with other data sources to make predictions about the future has the potential to create a greater duty on employers to act to prevent problems before they cause injury and may change the standard of reasonable foreseeability for negligence claims.
Further, in having access to a workers’ detailed activity log and health information, it is possible that employers could be considered to have a duty to inform their employees if they have adequate information to recognise a health problem. This could open a company up to more workplace injury claims as health problems are identified in a workplace context, even if the causes of such health problems may not be related to work.
As such, a mining company should consider its risk profile and determine how it may best protect against claims by its employees, whether it is by way of obtaining signed waivers of liability from its employees, ensuring adequate insurance for such claims or other means.
Cybersecurity
As with all Big Data, data collected from wearables is subject to a risk of loss of control. Where personal information is the subject of a cybersecurity breach, the ramifications are broader given the likely breach of the privacy laws and the Australian Privacy Principles.
Mining companies should consider cybersecurity strategies to prevent the loss of data, in the form of a data breach response plan and workplace training to prevent security breaches.
Mine site operation readiness
Mining companies should consider whether their mine sites are prepared for the introduction of wearables. As with any change management, the introduction of new technology may be met with resistance by the workforce, particularly with wearables where personal live data is being tracked and monitored by the employer and/or a third party.
Careful consideration of existing company policies and practices should be undertaken to determine how the introduction of wearables will affect day-to-day operations.
Another operational consideration is developing and expanding an appropriately skilled workforce that is both equipped to utilise and optimise the data from wearables, as well as provide diagnostics for the wearables.
Summary
The way in which new technology is implemented and acted upon can affect a mining company’s legal liability. Introducing a new technology such as digital wearables on site will require strategic consideration of multiple issues, including:
- Identification of applicable areas of law from the outset
- Ensuring data security policies and practices are comprehensive and fit for purpose
- Effective contract management frameworks that can accommodate a complex, ongoing supply chain
- Comprehensive data management processes, incorporating ‘security by design’ (for more detail see Bringing Mining into the Digital Age, Gilbert + Tobin 2017)
Contributed to by Pearl Chong, Paralegal, Gilbert + Tobin
Visit Smart Counsel