Istanbul, Brussels, Nice — terror is no longer limited to cities like Kabul or Khartoum. Environmental events such as floods, earthquakes or volcanic eruptions are also part of daily risks. These events can happen anywhere in the world at any time. Although individuals are primarily responsible for their own safety, companies have a fiduciary responsibility especially towards their corporate travellers who are exposed to constantly changing risks.
It is paramount that companies use new and significantly better ways to protect their travellers and, if something does happen, be able to react within minutes. Traveller tracking, or geo-tracking, offers a reliable and supplier-neutral alternative to often inadequate data sources. Such software not only provides the precise location but also allows corporates to warn staff of any dangers in their vicinity, organise emergency assistance or to ascertain local, on-the-ground information to get up-to-the-minute advice.
Obviously these systems are not free of charge and putting together a business case can be tricky; duty of care, safety and security are not topics that can be won with a cost-argument. However, the potential price tag of only one incident, one injured employee, one death or one abduction can exceed any system-cost by far.
Flight and hotel data is not enough
Most corporates depend on TMC and travel authorisation data to determine if travellers are in a specific risk area but this data is clearly limited to airport and hotel information, if booked through approved channels. The ever-increasing options of direct bookings and/or use of OTAs exacerbate this problem even more as the data becomes decentralised and fragmented.
Travel managers should be looking for more detailed information. If you consider the terror attacks in Brussels:
- Were my travellers even at the airport or the downtown subway station when the attacks happened? Did they use public transport or car/taxi or maybe go onto another city?
- Can I instantaneously send my travellers emergency information even if they are not aware of any danger yet?
- Can travellers advise me of any incident or emergency to seek help and/or allow me to advise other travellers that may be affected as well?
Tracking technology is the panacea and can revolutionise traveller safety and security. But at the same time it raises a lot of questions regarding the individual's right to privacy and data privacy. In the past geo-tracking had a bad reputation as companies frequently used it to monitor employees and (ab)use the data to make conclusions on employee behaviour, efficiency, etc. This has caused many governments to limit or even prohibit the use of geo-tracking by corporations. However, the beneficial, non-"big brother" use of this technology in the field of traveller safety and security is too new to be clearly defined by law.
What rules apply?
An exact set of rules that companies can use worldwide or at least EU-wide does not exist. To come up with the most universal approach we have to find the lowest common denominator among the various rules. Generally the location of the traveller's employment contract determines which national law applies. But not even that is straight forward, as some rules contradict each other.
EU: In 2015 the European Council, the European Parliament and the EU Commission agreed to a new, EU-wide directive on the "protection of natural persons with regard to the processing of personal data and on the free movement of such data", however, this directive will only go into effect in May 2018. Even then, each country will be able to enact laws that are stricter than the EU-directive. To make things even more difficult, the directive states that the physical EU headquarter location of a corporation processing EU-wide cross-border data governs what national law applies. But at the same time, it guarantees that the individual affected by the data transfer can complain to the authorities in their own home country. So a company headquartered in Germany must use German data privacy laws EU-wide but one of its employees in France can still sue under French law.
National laws: At least the rules are the same in one country? Well yes…but not always! In Germany for example there is a national data privacy law, however, each federal state has its own rules that can be more restrictive. In this case it is possible that an employee in Berlin may be subject to tougher rules than an employee in Munich.
EU-associated countries: Countries like Switzerland and Norway have their own laws. In Switzerland live tracking of employees is generally permitted and data collected can be used for time recording purposes. However, the employee must have the ability to turn-off the function after working hours or during breaks.
A detailed analysis allows us to draft an overarching set of rules
- A company must explain to each employee why they want travellers to use an emergency app with geo-tracking including the advantages for the traveller and the company, precisely who will have access to the data and under what circumstances the data is used, as well as when the data will be erased.
- The employee must be advised that the use of the software is voluntary and that the employee can decline to use the system and/or withdraw their consent at any time and without reason.
- Consent to track and record geo-data must be explicitly agreed to by the employee in writing. Such consent may not be part of another agreement such as an employment contract or a travel policy.
- There must be no legal or disciplinary consequences or travel restrictions/limits if the employee does not consent.
- Use of software should never be limited to management, as all employees must be treated equally and risks and liabilities are commonly not restricted to certain employees.
- Good geo-tracking software should provide travellers the option to disable the software after working hours. At the same time the system should advise travellers that risks are not limited to work hours and it is advised to leave the function active during the entire trip.
- All data collected should be irretrievably deleted once the trip has been completed e.g. within 72 hours.
A tracking-light version
If permanent geo-tracking is not a practical option then the traveller could activate the function only during an incident. Safety apps can be turned to privacy mode that turns off the geo-tracking feature without limiting the other functions that do not require tracking data. In an emergency, the traveller simply turns off the privacy mode and the exact geolocation is immediately determined and transmitted to the company. However, this assumes the traveller would remember and be physically able to enable the software in an emergency.
Geo-tracking can be the panacea for the safety and security concerns of our business travellers and solve many of the problems that have limited duty of care. Not every employee may consent to take part in the programme and implementation may be time consuming. But the ever-increasing security threats around the world require an all-encompassing duty of care programme that does not rely of fragmented booking information alone.
