The US has a lot to offer that Europe doesn't have, but when it comes to privacy, I think Europeans do have a strong lead:

* For a start Europeans have real privacy legislation (it's called Directive 95/46/EC). US Internet corporations will fight with big money against any similar initiative in the US.

* Each European Member State has a data protection authority that enforces privacy legislation, monitors the use of personal information and tries to educate the public. Some of these authorities even have inspection powers (see for example what they did over Streetview's interception of Wifi data). It has a little bureaucratic feel to it, but it works.

* Culturally in Europe, there's always a tendency to find a balance between each party’s legitimate interests and rights. Even in the workplace, people's right to privacy can't fully be obliterated by corporate needs.

The only caveat is that we are living more and more in a global world. My employer might be Chinese, my datacenters might be in the US, and my job might be in Europe. Which law applies then? That's the challenge!

I know this will surprise many slashdot readers but using your fingerprint as described by the poster for the purpose of clocking you in and out of work would be illegal in many countries accross Europe (with the possible exception of the UK). In France, for example, you can actually get fined by the data protection authority for doing so.

It's true that most of these devices don't store an image of your fingerprint but rather a "template" : a description of some special features of your fingerprint. But that doesn't change the problem.

Indeed, many data proctection authorities accross the EU consider that biometrics pose sevreall security and data protection issues and must therefore be used with caution. Fingerprint biometrics are of special concern, in particular when the biometric data (templates) are stored in a central database. The big problem with fingerprints is that we leave them everywhere, on all objects we touch. Someone can pick up your fingerprint and test it against the templates inside the database. (Sounds crazy or technically impossible ? It's much easier than you think : i've tested it myself, that's part of my job). There are other issues whith fingerprint biometrics that I won't detail here.

In the end data protection authorities in the EU consider that the use of a central fingerprint database is excessive if your only objective is only clocking people in and out. Instead, they encourage the use of a smartcard to store the biometric data : you show your finger to the biometric reader and it gets compared with the data stored in the smartcard. This solution offers the same benefits in terms of security but you keep control of your biometric data.

I wouldn't be so sure ! The application you describe is very particular.

In practice, smartcards are often used as tamperproof devices to represent a third party, such as a bank. In France, for example, the credit card smart cards carry the bank's private key (for a Gilou/Quisquater RSA variant) as well as some additionnal secret information.
This information is not available for any reader but is used internaly for cryptographic computations.