EU Looks To Prevent Employers From Viewing An Applicant's Publicly Available Social Media Information

from the well-that's-dumb dept

Ever since social media sites like Facebook and Twitter became household names here in America, we've occasionally had really stupid debates about just what type of access to those accounts employers should get from their employees. Some states have even passed laws that would allow employers to demand social media passwords from employees and applicants, presumably so that company reps can comb through private messages and posts shared only with the employee's or applicant's friends. If all of that seems stupid to you, that's because it totally is!

But it's not remotely as dumb as what the EU has decided to do in regulating corporations such that they are disallowed from viewing public social media information about an applicant unless it directly relates to the job for which they have applied. To be clear, this new regulation is non-binding at the moment, but it will be the basis of data protection laws set to come out in the future. Still, preventing a company from viewing publicly available information doesn't make much sense.

Employers who use Facebook, Twitter and other social media to check on potential job candidates could be breaking European law in future. An EU data protection working party has ruled that employers should require "legal grounds" before snooping. The recommendations are non-binding, but will influence forthcoming changes to data protection laws.

The guidelines from the Article 29 working party will inform a radical shake-up of European data protection laws, known as the General Data Protection Regulation (GDPR), which are due to come into force in May 2018. Their recommendations also suggest that any data collected from an internet search of potential candidates must be necessary and relevant to the performance of the job.

When it comes to privacy restrictions on matters of social media, it seems to me that there is an easy demarcation line that ought to suffice here: that which is public and that which is not. Most social media sites come with handy tools to keep some or all portions of an account private, or shareable only amongst connections within the platform. If an applicant wants something kept from the eyes of an employer, they need only hide it behind those privacy options. This regulation, however, would restrict a company from accessing public information, which should plainly be viewed as nonsensical.

The post notes that recruitment sites like CareerBuilder have seen rates of 70% or so employers that check public social media accounts of applicants they consider hiring. That's as surprising as the sun rising each morning. It's barely even considered creepy any longer to google the names of friends, never mind people you're looking to hire. Somehow I don't see any regulation curbing that across a continent.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: data protection, eu, interviews, jobs, privacy, public info, social media


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    ThaumaTechnician (profile), 18 Jul 2017 @ 4:04am

    This law can make some sense...

    From what I've seen, employment law in the US means that, for most cases, employees are slaves belonging to their employers.

    They're expected to answer phone calls from their employer on weekends, evening, and during this thing most have heard of but never actually seen, paid days off. What they do on company computers completely belongs to their bosses.

    Even their pee is company property.

    In many other, civilized, countries, it's a little different. Even my employer's HR has told me that, "no, we can't poke around in your work email, unless we're investigating wrongdoing."

    While the EU law is, um, ineffective, at least it sends a message, that what people do on their own time is off-limits to the employer. How can that be a bad thing, eh?

    Treating your employees like human beings...you'all should give it a try some day.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 18 Jul 2017 @ 4:28am

    Re: This law can make some sense...

    I agree.

    And when I read the linked article, the quote that makes it all seem lees dark and troublesome, was this:

    "Demanding passwords or making a friend request is unacceptable, but it is more difficult when it comes to public facing information," [...] "The general rules are that employers should inform applicants if they are going to look at social media profiles and give them the opportunity to comment. The searches should also be proportionate to the job being applied for."

    And read up on the GDPR they're referring to. It's a legislative framework to protect private and personal data.

    link to this | view in thread ]

  3. icon
    Takumi (profile), 18 Jul 2017 @ 4:46am

    It doesn't make any sense to prevent employers from viewing social media feeds but it might make sense to prevent them from using the feeds to get around discrimination regulations.

    You could learn a lot of stuff from a social media feed. You might learn that the person uses dialect, doesn't have a reliable car, is lgbt+, has a disability or other medical condition you didn't know about, or who knows what else. Many of these things could be ultimately illegal to reject somebody for, but with a bunch of things on a feed and any number of other data in the application, it would be easy to do a little "parallel construction" and claim it was for some other reason.

    Not that even barring them from using/looking at social media feeds would really prevent that from happening anyway.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 18 Jul 2017 @ 6:14am

    What if an employee (i.e. a person) wants to keep their professional and private lives separate?

    This isn't remotely as dumb (or fascistic) as laws permitting corporations to demand social media passwords from their employees. That is truly offensive. This is at worst quixotic.

    link to this | view in thread ]

  5. icon
    Sok Puppette (profile), 18 Jul 2017 @ 6:16am

    How is that nonsensical?

    A corporation is nothing but a creation of government in the first place. How is it nonsensical if the government tells the corporation it can't do business in a certain way?

    No, they can't physically prevent anybody from viewing public social media data.

    They also can't prevent anybody from, say, racial discrimination, and if you're not a total idiot and avoid creating a paper trail, they can't even reliably catch you at it. Nonetheless, it's demonstrably effective when they create anti-discrimination rules, because your average manager isn't going to take any risks.

    What they really ought to be doing is setting a rule that nothing you do that's not clearly and directly related to the work can be considered in making corporate employment decisions.

    link to this | view in thread ]

  6. icon
    Ninja (profile), 18 Jul 2017 @ 6:32am

    Re: This law can make some sense...

    I don't think the issue discussed in the article fits in your comment. It's talking about public posts. I personally refrain from posting everything public. A better regulation would be to mandate social networks to make public posts disabled by default (opt-in) because many people aren't that tech savvy and will send everything publicly and this can be a problem. Even then I have doubts it should be regulated but it's something I can agree.

    As for your comment itself I wholeheartedly agree. It's about time we started protecting employees and demanding humane treatment. And we should start segregating countries that don't do it commercially.

    link to this | view in thread ]

  7. icon
    Ninja (profile), 18 Jul 2017 @ 6:34am

    It's an useless law. Nothing can prevent a corporation from getting access to public content. A better regulation would be to forbid companies from demanding access to private content.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 18 Jul 2017 @ 6:39am

    Re: How is that nonsensical?

    <blockquote>A corporation is nothing but a creation of government in the first place. How is it nonsensical if the government tells the corporation it can't do business in a certain way?</blockquote>

    That's not how it works. I can create a business without forming a corporation (if I don't mind putting my personal finances at risk.) That doesn't exempt me from employment law.

    <blockquote>What they really ought to be doing is setting a rule that nothing you do that's not clearly and directly related to the work can be considered in making corporate employment decisions.</blockquote>

    I wholeheartedly disagree. I'd rather that employers not all use the exact same criteria. The more things you restrict them from looking at, the more they are forced to depend on what's left - and if they are all forced to use the same few things, it means the same people get refused from every job. That's a bad thing.

    I have no problem with them looking at what's publicly available, so long as they don't demand access to what's private or use false pretenses to friend someone.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 18 Jul 2017 @ 7:04am

    A lot of corporations in the US view the act of hiring an employee as a sort of "favor".
    From that point, since your ability to pay your bills usually depends on your employer paying, most employers infer that everything you while on their payroll do should automatically belong to them.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 18 Jul 2017 @ 7:07am

    Re:

    Also, while I wouldn't exactly call US employees slaves there are some points of similitude with indentured servitude.
    For example contract clauses that ban one from working in the same industry for a number of years.

    link to this | view in thread ]

  11. identicon
    Jordan Chandler, 18 Jul 2017 @ 8:15am

    Public Info

    So like if someone publishes an article about you, is it wrong for the employer to read the article?

    If you're well known, should the employer pretend they've never heard of you?

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 18 Jul 2017 @ 9:37am

    Yea, doesn't look like you got the tone of this article right.
    No way is this worse than having to provide your social media accounts and passwords to prospective employers.
    A law like this would be beneficial. There shouldn't be a "hard luck" approach if you happen to post something publicly instead of privately. It might not even be your fault (the service provider or a 'friend' could be).

    link to this | view in thread ]

  13. icon
    Dr. David T. Macknet (profile), 18 Jul 2017 @ 10:02am

    Maybe it'll kill off this creepy business, though?

    Ran across this tweet ( https://twitter.com/brucedaisley/status/885851540124299267 ) the other day, which points to the Fama app (on twitter at https://twitter.com/famahire and at https://www.fama.io/ ). Their entire business model is based on snooping through employee social media.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 18 Jul 2017 @ 11:17am

    Public info is one thing ... but from what I've read, (some) social media platforms generously provide private info on their "users" for a small pittance. This should be illegal, but DAs seems to look the other way as it is not bonus/promotion vote/contribution getting material.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 18 Jul 2017 @ 11:31am

    Re: Re: This law can make some sense...

    There's the related issue that when a company searches for a name and looks at some social media posts, they don't have any way to know who it really belongs to. Even if there's a picture, someone else could have posted the profile. Does the EU have rules about evaluating candidates based on hearsay?

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 18 Jul 2017 @ 1:40pm

    Re: Re: How is that nonsensical?

    I wholeheartedly disagree. I'd rather that employers not all use the exact same criteria. The more things you restrict them from looking at, the more they are forced to depend on what's left - and if they are all forced to use the same few things, it means the same people get refused from every job. That's a bad thing.

    The headline is misleading. The recommendation was about "an internet search of potential candidates"; if the employer looked at a social media URL given by the candidate (like a photo site showing previous work), it wouldn't violate that rule.

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 18 Jul 2017 @ 2:48pm

    Re: Public Info

    There is a balance to be had. It is somewhat accepted that 'public figures', such as politicians, have forgone these sorts of rights.

    link to this | view in thread ]

  18. icon
    btr1701 (profile), 18 Jul 2017 @ 3:14pm

    Re: Re: This law can make some sense...

    > And read up on the GDPR they're referring to. It's a
    > legislative framework to protect private and personal
    > data.

    But the point is that if a person has made the data *publicly* available on Facebook or Twitter it's no longer private and personal and is no need of protection.

    link to this | view in thread ]

  19. icon
    btr1701 (profile), 18 Jul 2017 @ 3:18pm

    Re:

    > You could learn a lot of stuff from a social media feed.
    > You might learn that the person uses dialect, doesn't
    > have a reliable car, is lgbt+, has a disability or other
    > medical condition you didn't know about, or who knows
    > what else

    If a person doesn't want the world to know that stuff about them, then putting it up on the equivalent of a freeway billboard on the internet seems a stupid way of accomplishing that goal.

    We're talking about info the applicant has purposely put out into the public domain. To then claim to have a privacy interest in keeping it secret is absurd.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 18 Jul 2017 @ 4:26pm

    Re: Re: Re: This law can make some sense...

    I'm sorry, but I don't think a lot of people here understand the thinking behind the GDPR and most European data privacy laws.

    The aim is not to prevent anyone (including employers) from reading anything about anyone. Certainly not anything that is publicly available. That would be both insane and impossible.

    However, for anyone (including corporations) to act on that information, they will have to comply with the rules.

    Someone else made the comparison to anti-discrimination laws. I too see a similarity: while you cannot make someone ignore or 'not see' your skin color or gender, you can have laws to prevent skin color or gender to be a determining factor when applying for a job. Basically, what the proposal is doing, is extending that reasoning to all the other publicly available (and very often irrelevant) information about a person.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 19 Jul 2017 @ 1:22am

    Re: Re: Re: This law can make some sense...

    The other problem is, how does the company know that that is you, rather than someone of the same name that lives near you? Names of people are not usually unique, so unless you give the company an url, they may be looking at the wrong person.

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 19 Jul 2017 @ 1:51am

    Re:

    That's already a rule.

    link to this | view in thread ]

  23. identicon
    Leo Sigh, 19 Jul 2017 @ 5:59am

    Re: This law can make some sense...

    Completely agree.

    And I notice it is only ever Americans saying these EU laws are 'stupid', yet the EU is one of the few organizations on the planet still doing its best to protect the average individual.

    And no, this new idea isn't perfect, but it's heading in the right direction.

    I'm a US citizen and lived there for over 20 years. I'm now happy to be back living in the EU where my rights are far more protected than they ever will be in the US. A huge percentage of Americans have always seemed to be happy handing over their rights to corporations. Never understood it. Never will.

    link to this | view in thread ]

  24. icon
    btr1701 (profile), 19 Jul 2017 @ 10:31am

    Re: Re: This law can make some sense...

    > yet the EU is one of the few organizations on the planet
    > still doing its best to protect the average individual.

    Even if it means censoring the internet worldwide, eh?

    link to this | view in thread ]

  25. identicon
    Ryan, 19 Jul 2017 @ 8:50pm

    Re: Re: Public Info

    Really?

    Google has received fresh takedown requests after a European court ruled that an individual could force it to remove "irrelevant and outdated" search results, the BBC has learned.

    An ex-politician seeking re-election has asked to have links to an article about his behaviour in office removed.

    http://www.bbc.com/news/technology-27423527

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 20 Jul 2017 @ 3:51am

    Re: Re:

    So, are you saying that this person with a disability should camouflage her missing leg during a job interview? Should one borrow a more fancy car to go to that interview on the off chance that the interviewer should see it? Should he never talk (or even lie) about his husband?

    Maybe "has made comments on an online forum" will be a discriminating factor during your next interview...

    I'd rather not have to actively hide these facts about my person, my feelings, my opinions or my beliefs. I would rather live in a society that allows me to be open and candid, but with laws and rules that protect this private and personal (and completely irrelevant) information from being (ab)used in the course of a job interview.

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 20 Jul 2017 @ 4:12am

    Not dumb at all

    To my knowledge, employers in EU are already forbidden from making hiring decisions based on the candidates' personal lives or other non-job-related information. They can't demand you tell them about your family, religion, politics, etc in a job interview and even if you tell them they can't base decisions on it.

    It makes perfect sense to remind them they shouldn't be trolling the internet for such information, either.

    Whether any of this is effective at all is of course dependent on enforcement.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.