Bosses face fines if they snoop on Facebook pages of job applicants
PRYING bosses who snoop on jobseekers’ and employees’ social media profiles for evidence of a party lifestyle have been warned that they are breaking data protection laws.
The Information Commissioner’s Office, with other national data watchdogs, has declared that excessive monitoring of job applicants and employees on Facebook and Twitter could fall foul of privacy rules that limit how companies may process personal information.
Looking up candidates on social networks has become a regular part of the job screening process in recent years, with employers often rejecting candidates whose profiles are filled with offensive comments or photographs suggesting a somewhat active social life.
According to the recruitment website Careerbuilder, 70 per cent of employers use social media to check candidates, up from just 11 per cent in 2006. More than half have decided not to hire candidates based on their online profiles.
But the Article 29 working party of European data watchdogs said that “employers should not assume that merely because an individual’s social media profile is publicly available they are then allowed to process the data”.
The guidelines add that summarily checking existing employees’ profiles could amount to unlawful data processing. “In-employment screening of employees’ Facebook and Twitter profiles should not take place on a generalised basis,” the regulators warned. The group said bosses should only collect data from social media profiles if “the collection of those data is necessary and relevant to the performance of the job which is being applied for”.
While in practice there may be little to prevent bosses covertly reading profiles, the new guidance is likely to prevent them bringing up awkward social media posts in interviews.
The guidelines also state that employers should not be able to demand access to private profiles by adding them as friends or telling them to give up passwords.
“There is no legal ground for an employer to require potential employees to ‘friend’ the potential employer, or in other ways provide access to the contents of their profiles,” they say.
The Article 29 guidance is not legally binding but is widely used by authorities to apply the law. As well as limits on screening jobseekers, it warned that summarily checking existing employees’ profiles could amount to unlawful data processing.
The guidelines apply to the new EU General Data Protection Regulations, which come into force next May and introduce fines of up to €20 million (£17million) if broken.
The Government has said it will adopt the General Data Protection Regulations even after Brexit to keep data laws in line with Europe.
The new rules add that employers should not be able to track their workers using gadgets, either by making them wear fitness trackers or monitoring the internet traffic on smartphones.