Neurotechnology is becoming widespread in workplaces – and our brain data needs to be protected

As remote work became standard around the world during the COVID pandemic, employee surveillance rapidly intensified. Companies started deploying software to electronically monitor their employees’ web browsing history, emails and webcams – all in the name of ensuring continued productivity.

While the worst of the pandemic is behind us, the intense digital surveillance of workers continues. And it is set to increase even more with the growing popularity of brain-monitoring neurotechnology which is already used in mining, finance and other industries.

This technology is capable of measuring brain waves and making inferences about a person’s mental state, such as whether they are tired or unfocused. The United Kingdom’s Information Commissioner’s Office predicts it will be common in workplaces by the end of the decade. By then, the market for neurotechnology devices is expected to be worth more than US$24 billion.

This presents major privacy concerns for workers in Australia – especially as there are no current privacy law provisions protecting employee data generated from neurotechnology. This is something the Australian government should urgently fix as it prepares to introduce draft privacy reforms into federal parliament this month.

Neurotechnology: coming to a brain near you

Neurotechnology has long been used in the field of medicine. Perhaps the most successful and well known example are cochlear implants, which can restore hearing.

But neurotechnology is now becoming increasingly widespread. It is also becoming more sophisticated.

Earlier this year, tech billionaire Elon Musk’s firm Neuralink implanted the first human patient with one of its computer brain chips, known as “Telepathy”. These chips are designed to enable people to translate thoughts into action. More recently, Musk revealed a second human patient had one of his firm’s chips implanted in their brain.

But there are less invasive and more accessible types of neurotechnology now available. These use sensors attached to a person’s head to monitor their brain activity.

Examples include SmartCaps, which measure fatigue in real time to reduce the risk of workplace accidents, and Emotiv headsets which can be used for everything from interactive gaming to scientific research.

Apple is also developing the next generation of wireless headphones which are capable of monitoring brain waves.

Devices such as these are already used in workplaces across industries such as mining, finance and sport.

Combining neurotechnology with artificial intelligence (AI) for data analysis provides employers with even deeper insights into employee behaviour in and around the workplace.

Privacy problems

Neurotechnology can have a range of positive impacts, such as assisting people with a disability. But it also raises major privacy concerns, which are set to grow as more workplaces adopt the technology.

For example, there is a risk brainwave data could be shared with third parties to personalise advertisements depending on someone’s mood or energy levels. It can also fuel “neurodiscrimination”. This refers to employers making employment decisions such as whether to fire somebody based on their brainwave data, which could contain signs of cognitive decline.

These concerns are heightened by a glaring gap in Australia’s current privacy laws – especially as they relate to employees.

These laws govern how companies lawfully collect and use their employees’ personal information.

However, they do not currently contain provisions that protect some of the most personal information of all: data from our brains.

A path forward

Some international jurisdictions have already recognised the serious risks to privacy associated with neurotechnology.

For example, in June the US state of Colorado passed legislation which safeguarded the collection of brain data. Under this law, brain data is considered sensitive and cannot be used without the owner’s consent.

Chile has also been a pioneer when it comes to protecting peoples’ brain data.

In 2021, its parliament passed a new law aimed at protecting its citizens’ “brain rights”. In particular, this law safeguards personal identity, free will and mental privacy. At the same time, the country also passed a constitutional amendment which enshrined “brain rights” into its national document.

These laws were put into practice last year, when Chile’s supreme court ordered the neurotechnology company Emotiv to delete all brain data collected from a national senator.

As the Australian government prepares to introduce sweeping reforms to privacy legislation this month, it should take heed of these international examples and address the serious privacy risks presented by neurotechnology used in workplaces.

In particular, these provisions should cover the collection, processing and use of brain data in workplaces.

The government can implement other reforms too.

For example, it could give the Office of the Australian Information Commissioner greater power to monitor compliance with neurorights and enforce any breaches. It could also develop adequate training provisions for employees and employers looking to use neurotechnology combined with artificial intelligence in the workplace. This would help promote more ethical uses of these emerging technologies.

Without reforms such as these, the Australian government risks leaving Australians vulnerable to having data from their own brains used against them.