Caught in the net
29 October 2007
24 December 2013
15 April 2014
16 March 2014
23 April 2014
Data Issues Roundup — new Irish data protection commissioner appointed; Racing Post falls short on IT security; and more
18 September 2014
Some 15 million people in the UK now regularly use social networking sites such as Facebook, MySpace and Bebo. Most are young; many are professional. A recent check of top UK law firms whose staff use Facebook showed that Linklaters has 895 members, Allen & Overy (A&O) 846, Baker & McKenzie 669 and DLA Piper 623.
The practice of cyber-vetting is not new. For instance, for years solicitors have used other sites to dig up dirt on City firms. But it is the sheer volume of people now using these social networking sites, as well as the ease of access to unchecked discussion boards, that heightens the issues and risks for law firms as employers.
For the users, of course, the sites can be places to trumpet achievements (real or imagined), hunt for pals and climb onto soapboxes. However, they can also be places where users let their guard down and let slip questionable details - which makes the sites potentially valuable as a research tool for employers, including law firms.
A survey in March by business social network Viadeo showed that one in five employers now cyber-vet job candidates by searching websites. A spokesman for Poolia, a recruitment consultancy whose clients research applicants on Google, says: "By flicking between message boards you can piece together titbits of gossip you might not hear even at the Christmas party."
Employers need to use this information with care to avoid any hint of unlawful discrimination in their decision-making. But it is clear that they can and do use it.
In Viadeo's research, 59 per cent of the 600 employers questioned say it influences their recruitment decisions, and a quarter admit to rejecting candidates because of dubious internet reputations (netrep). Employers gave a variety of reasons for trawling the sites:"His MySpace website showed a negative side to him including excessive alcohol abuse and disrespect for his job," said one.
"We found the candidate was on the local police wanted list," said another.
"We found that the candidate was personally into some activities which did not fit ethically into my company," said a third.
One City boss admitted: "In the past, I've simply Googled candidates, whereas now I type their name into MySpace as well. I've found some interesting things on that site. One candidate declared in his personal profile that he was against religion and anyone who believed in it. Working in such a diverse company as I do, I dropped his application like a hot potato. Funnily enough, he wasn't so quick to admit to the same thing on his CV."
In another instance, a computer company ran the name of an applicant for a high-profile job as a programmer through the Google search engine, only to find that she had taken part in topless modelling contests.
Although that piece of information may not affect the candidate's ability to do the job, other personal details might. If, for example, a law firm tracked a candidate's Facebook profile back to membership of a 'legalise cocaine' group, the firm might reasonably feel uncomfortable about hiring them as a solicitor.
The key, of course, is whether the information is relevant to the ability to do the job. A candidate who calls his online alter ego 'Lurve Leopard' and posts photos on his website to indicate his sexual orientation could have a discrimination claim if he could show that an employer turned him down on those grounds.
Beyond recruitment, social networking sites are also being to check up on existing employees. In the US, employees have been fired or disciplined for their online comments about the organisation they work for, inciting debates about privacy and free speech. In the UK recently, staff at Oxford University searched Facebook, collected photographs of students who appeared to have broken the rules on post-exam celebrations and handed out fines.
In some instances, companies may have a legitimate legal or business reason for checking on what employees post on the internet, including whether they are disclosing trade secrets or other proprietary information, or conveying impressions damaging to the firm's reputation.
So how can both sides of the equation best protect their interests in the new online personal marketing arena?For employees it makes sense to review all their online profiles in the light of the new interest from employers - either a current employer or a potential one. Indeed, several start-up businesses now offer direct and personal help in managing online identities. But the rise of search engines means that deleting information from web pages is not always effective. Potential employers are never more than a few clicks away.
For employers, the rules are not clear because the risks of cyber-profiling have yet to be tested in the courts. In practice, too, it might be difficult to prove that an individual was rejected or dismissed because of a netrep. If in doubt, meet the candidate anyway. What looks at first ##continued like a doubtful netrep might turn out merely to be evidence of a helpful sense of fun or a streak of useful creativity.
Similarly, it may be useful to give employees clear guidance about what they can and cannot say about their employer online.
Employees should be warned that their use of the internet is being monitored in accordance with the Data Protection Act 1998 (DPA) and the information commissioner's Employment Practices Code. Covert monitoring should be limited to extreme cases, such as in a criminal investigation or where there is a deliberate transferral of confidential information. Monitoring could be triggered by key words rather than routine trawls.
If monitoring goes beyond what is considered reasonable and consistent with what staff have been told, leading to a loss of trust and confidence in the relationship, an employee may have grounds to resign and claim constructive dismissal.
Policing the internet
While more than 70 per cent of businesses, including law firms, have decided to bar the sites, it is worth considering whether this more extreme action is good for employee relations. A&O was forced into an embarrassing climb-down after the firm's IT department was bombarded with staff complaints following a firm-wide ban on Facebook.
It may be good enough to limit the times or frequency of use, or to ask staff not to mention work names or events where individuals or the firm can be identified.
Employees should be aware that there are limits on what can be policed. For example, if someone wants to keep their Facebook information private they simply have to set their privacy settings so that only their friends can view online information.
More generally, it is worth reminding recruiters of a number of rules at each stage of the recruitment process and checking that a firm's approach to social networking sites fits in with it.
Job requirements should be justifiable by reference to the job in question and companies must not indirectly discriminate against any candidates, particularly in relation to working hours or times, travel, age ranges or dress. And they must be careful not to use inappropriate wording when advertising, which could give rise to a claim for discrimination or be used as evidence of a discriminatory culture.
Reaching the widest range of applicants
- Do not consider candidates' personal lives unless they are directly relevant to the job.
- Take care to document the entire recruitment process and, importantly, take and keep notes of answers and impressions at interview.
- Process all forms and records of the recruitment process in accordance with the DPA and the Employment Practices Code.
- Give the candidates feedback if they ask for it to reduce the risk of an implication that the reason for rejection is discriminatory.
Sean Nesbitt is head of employment and Camilla Marriott an associate at Taylor Wessing