Using SNSs to assess the suitability of job applicants poses several questions in relation to the enforcement of the data protection principles. These principles were already presented in Part I., which contains their more detailed presentation: here, brief reference will be made to their core attributes, then focus will be put on the SNS-specific questions. Although Title 1 focuses on the phase of recruitment, even at this stage it must be highlighted that the same or very similar data protection questions might arise in other phases of the employment relationship as well. As a consequence, what is going to be discussed in this Chapter might be adequately applicable to other phases.
(§1) Lawfulness and purpose limitation
Before addressing issues relating to the data quality principles, two preliminary questions must be discussed: lawfulness and the purpose limitation principle. As it was already examined in Part I., lawfulness requires the processing to be based on one of the six legal grounds: having a legal ground is an obligatory pre-requirement to any processing. The principle of purpose limitation is one of the most significant data processing principles,1203 therefore reference to it must also be made.
intended to form part of a filing system. Even if that is the case, these questions are clearly related to privacy.
De Hert – Lammerant 2013. p. 40.
1198 Recital (15) of the GDPR; Paragraph 1 of Article 2 of the GDPR
1199 WP29: Opinion 2/2017. p. 11.
1200 The CoE also expressly refers to the importance of refraining from bypassing a candidate’s (and employee’s) chosen privacy settings and from collecting data without their knowledge through an intermediary, under another name or using a pseudonym. CoE: Recommendation CM/Rec(2015)5 of the Committee of Ministers to member States on the processing of personal data in the context of employment, 2015. 5. 3. and CoE 2015. p. 7.
1201 NAIH 2016. p. 19.
1202 NAIH/2016/4386/2/V
1203 European Union Agency for Fundamental Rights – Council of Europe 2018. p. 122.
(A) Principle of lawfulness
Under the GDPR, every data processing shall have a legal ground. According to Edit Kajtár, out of the six legal grounds regulated by the GDPR three might possibly be applied: consent, the necessity of processing in order to enter into the contract and the balancing between the rights of the individual and the data controller’s legitimate interest. [(a), (b) and (f) of Article 6 of the GDPR]1204 The possible application of these legal grounds must be assessed.
One might ask the question: can the applicant consent to conducting an SNS background check? The GDPR reinforced the requirements towards consent, questioning its applicability in the employment context.1205 One of the requirements of consent is to be freely given – which is not ensured in cases when there is a clear imbalance between the controller and the data subject.1206 As a hierarchal relationship is present between job applicants and employers, consent does not seem to be appropriate when it comes to the lawfulness of pre-employment SNS background checks.1207
Another possible legal ground is the performance of a contract, when processing is necessary in order to take steps at the request of the data subject prior to entering into a contract: when without the processing of personal data the contract between the parties could not be executed, the processing of these data will be considered lawful.1208 However, according to the WP29, prior to entering into contract, conducting a detailed background check following a candidate’s application should not be understood as a necessary measure for entering into contract.1209
The application of the ‘balancing test’ is also dubious, as it is the employer’s legitimate interest to identify the best candidate possible, but he/she can achieve this purpose with less intrusive methods.1210 Still, for the above-mentioned reasons, it seems to be the most appropriate legal ground applicable to the case of pre-employment SNS screenings.
(B) Purpose limitation
The purpose of pre-employment SNS background checks is the same as for the whole recruitment process: to identify the best applicant. Following from the freedom to contract, this purpose will be legitimate. As it was already addressed in Chapter 1, both the FLC and the HLC define the purpose of processing: the employer can only access personal data available on SNSs if it serves the purpose of assessing the professional capacities of the applicant. The applicant’s personal life must not be subject to pre-employment SNS background checks. Pre-employment SNS background checks can serve this purpose, as
1204 Kajtár 2015a. p. 100.
1205 Zsolt György Balogh [et al.] are of the same opinion, though according to them consent as a legal ground was generally accepted by Hungarian doctrine. Source: Balogh et al. 2012a. pp. 16–17.
1206 Recital (43) of the GDPR
1207 However, according to the (previous) Hungarian literature, the voluntary nature of consent was present prior to concluding the employment relationship – erroneously according to my opinion. Athough these opinions did not address SNS background checks but the recruitment in general, especially the case of presumed consent when the applicant initiated the processing by applying for a position. Source: Balogh et al. 2012a. p. 16.
1208 Péterfalvi – Révész – Buzás 2018. p. 123.
1209 WP29: Opinion 06/2014. p. 18.
1210 Kajtár – Mestre 2016. pp. 32–33.; Kajtár 2015b. p. 271.
information available on these sites can contribute to assessing the professional capacities of the applicant.
What have already been stated regarding the employer’s legitimate interests during recruitment (identifying the best candidate) apply to SNSs as well, the purpose is unchanged.
However, even with the existence of a legitimate purpose, processing can become unlawful if other data quality principles are not met. The following pages will focus on presenting the data quality principles that the employer must respect in addition to purpose limitation.
(§2) Data quality1211 principle
The reliability of the information is closely connected to the data protection principles, but their enforcement during a pre-employment SNS background check is highly questionable1212 – as it will be demonstrated in the following paragraphs. As it was referred to in the introduction, the principle of data quality means that “[p]ersonal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.”1213
(A) Principle of data minimization
According to the principle of data minimization, personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed,1214 basically requiring that only the minimum necessary personal data shall be processed. The following paragraphs will deal with the two components of this principle: relevancy and necessity.
Relevancy is ensured by both labour codes through limiting recruitment methods to information which is connected to the professional life of the applicant. Although these provisions aim to protect applicants’ personal lives by stating that during recruitment only necessary information relating directly to the professional capacities of the candidate can be processed,1215 the implementation of this principle is quite challenging in the context of SNSs. Even though it is true that several types of personal data might contribute to assessing the applicant’s professional aptitudes (e.g. verifying professional experience, communication skills, etc.), SNS profiles might also contain personal data directly relating to the personal life of the applicant – not fulfilling the requirement of relevancy.
The legal issue is that this “legally consultable” data (information relating to the professional life) and data not meeting the requirement of data minimization (information relating to personal life) are inseparable on the profile of the user.1216 For example, the
1211 “Data quality” is a reference to the OECD’s data protection guidelines, and it means that “[p]ersonal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.” (Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, 1980. Article 8)
1212 Flaherty – Whitmore 2013. pp. 21–22.
1213 Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, 1980. Article 8
1214 Item c) of Paragraph 1 of Article 5 of the GDPR
1215 Article L1221-6 of the FLC and Subsection (1) of Section 10 of the HLC
1216 Kajtár 2015b. pp. 271–272.
employer might be entitled to access a candidate’s profile in order to identify the best candidate, to verify information from the CV1217 or to look for negative comments regarding the previous employer. However, at the same time he/she could automatically gain access to data which have no connection or relevancy to the legitimate purpose – e.g. relationship status, political opinion, hobbies, family members, etc.
This is a recent issue, as in the pre-SNS era this information usually would not have been available to the employer in the course of a traditional job interview. For example, while race, sex, age are (usually) evident when the employer conducts an interview, other factors (often available on SNSs), such as relationship status, political affiliation, etc. are typically not discovered through an interview (unless shared by the applicant or asked by the employer).1218
Any monitoring shall be proportionate and the least intrusive possible1219 compared to the purpose of the processing. In the context of SNSs, the employer must also consider if he/she can obtain the desired information with less intrusive methods, whether the monitoring is truly needed, or the same result could be achieved through traditional forms of monitoring.1220 It means that he/she must assess whether having a job interview, conducting a professional aptitude test, asking recommendation from the previous employer, or checking a professional SNS (e.g. LinkedIn) instead of a personal one would be a more privacy-friendly solution, which can still provide the necessary information.
Differentiation must be made between two types of personal data: personal data relating to the professional capacities of the applicant and personal data relating to his/
her personal life. Regarding the first category, it must be assessed whether the traditional methods of recruitment (interview, tests, etc.) are capable of providing the employer the information sought. Regarding the second category, it was already established that SNSs might provide a glimpse into the user’s personal life to an extent never experienced before.
Although the requirement of relevancy should limit employers to collecting personal data relating only to the professional life of the applicant, however, again, on SNSs it is technologically impossible to only collect this minimum necessary data, as the personal data which – in harmony with data minimization – could be collected and personal data not corresponding to this principle are inseparable on these sites.1221 As a result, even if the employer accesses the applicant’s SNS profile to obtain information fulfilling the data protection requirements, he/she might automatically gain access to personal data that he/she is not entitled to process.
An exception might be the use of professional SNSs (e.g. LinkedIn). Professional SNSs operate with the aim of providing the users the possibility to shape their online identities relating to their professional lives. Usually, users on these sites limit themselves to sharing personal data relating to their professional life (e.g. education, work experience, professional connections, etc.) – unlike on Facebook, Instagram and other personal SNSs. The CNIL is of the opinion that the use of professional SNS sites is allowed, as on these sites users provide only information regarding their
1217 Kajtár 2015a. p. 101.
1218 Byrnside 2008. p. 463
1219 WP29: Opinion 8/2001. p. 4., p. 21., p. 25.; WP29: Opinion 2/2017. p. 7.
1220 WP29: Working document on the surveillance of electronic communications in the workplace, 2002. p. 13.
1221 Kajtár 2015a. p. 101.
professional lives. However, the employer is not entitled to search for the profiles on personal SNSs.1222
(B) Principle of accuracy
The principle of accuracy requires that personal data shall be accurate and, where necessary, kept up-to-date.1223 Usually personal data are considered to be inaccurate if they do not correspond with reality and also if they are not complete or are embedded into the wrong context.1224 These requirements are highly endangered in several regards when it comes to data obtained from SNSs. First, it will be examined whether the applicant himself/herself can be correctly identified during pre-employment SNS background checks. Second, it will be addressed whether the author of the content can play a role in relation to accuracy.
Third, questions relating to the possible conclusions drawn from the content itself will be addressed. Then, the time factor, up-to-dateness will be examined.
First, the principle of accuracy can be very important regarding the identification of the job applicant. Identifying the right applicant is crucial in order to avoid situations where the employer finds the wrong candidate1225 and the prospective employee is mistakenly associated with the SNS activity of someone else. This scenario can happen for several reasons: especially if the applicant has a very common name (e.g. Kovács Péter or Pierre Martin) and/or there is no other publicly available personal data (e.g. profile picture) which can help to correctly identify him/her.1226 Associating the online activities with the wrong individual unquestionably infringes the principle of accuracy.
Second, the employee might not have been the author of the given content – a profile can be hacked by a third party: for example, Sherry D. Sanders describes a hypothetical situation where an applicant’s Twitter profile is hacked: the hacker posts racist comments in the name of the applicant – which the applicant does not see, as he has not accessed his Twitter account for months.1227 Besides hacking, even friends or colleagues can post, as a prank, in the name of the applicant (for example, if he/she leaves his/her device unattended):
see, for example, the case of an employee of a security company whose colleagues uploaded a video of him to his Facebook page, showing him demonstrating his physical competences on a floor of the European Commission only reserved for commissioners – and was dismissed as a consequence.1228 In extreme cases even fake profiles can be created: Ian Byrnside describes the phenomenon of college students intentionally creating fake profiles of others
1222 https://www.cnil.fr/fr/cnil-direct/question/354 (Accessed: 21 December 2019)
A proposed German bill (though rejected in 2013) reached the same conclusion, by making a distinction between personal and professional SNSs, prohibiting the access to the first category, but permitting access to the second one. Kajtár – Mestre 2016. p. 36.
1223 Item d) of Paragraph 1 of Article 5 of the GDPR
1224 Rücker – Kugler 2018. p. 68.
1225 Tenenbaum 2012. p. 13. Jason Tenenbaum googled himself and found out that typing “Jason Tenenbaum”
into Google returns results for another attorney from a neighbouring town – providing the possibility to easily mistaken the two persons.
1226 Flynn 2012. pp. 20–21.
1227 Sanders 2012. p. 243.
1228 Lambert 2014. p. 230.
who are considered to be competition, containing unflattering information – ruining his/
her chances of finding employment.1229
Third, processing personal data obtained from SNSs can often lead to the misinterpretation of the personal data. It is highly questionable how/whether the employer can make reliable conclusions from accessing candidates’ SNS profiles. Teresa Coelho Moreira illustrates how certain information can have dubious interpretation, therefore contradicting the principle of data quality. For example, there are several ways for the employer to interpret the fact that certain candidates are available on these sites, while others are not (do those present on these sites have more developed skills relating to technology or are the others more conscious regarding privacy issues?), or that an applicant likes to travel (is he/she flexible or rather unreliable?).1230
Also, often the information originally posted was intended for a different audience,1231 and although in a legal way it does not exempt the user, it constitutes a problem that users may not be aware of the functioning of SNSs and may be mistaken regarding the public or private nature of the published content,1232 publishing something presuming that it would be accessible only to a narrow circle of users – e.g. only to friends –, but not to the employer.
Personal data available on these sites can be inaccurate, incomplete and easily interpreted out of context, thereby giving a false impression of the user.1233 As a result, the quality of personal data is not guaranteed.1234
Fourth, up-to-dateness: in the context of recruitment, up-to-dateness means that a decision should not be based on outdated information. However, it must be seen that the Internet does not forget – it is also true in the case of SNSs: on SNSs information is often available dating back years. This principle also has a close connection with the right to be forgotten.
If personal data are outdated, the requirements of relevancy and accuracy are more easily infringed. A prospective employee might have loved partying wildly at a younger age and might have provided a rich documentation of this activity on Facebook – bearing no relevancy with regard to his/her professional aptitudes years later. People are able to change and to develop, but the unforgettable (and unforgivable) nature of the Internet might stigmatize them and might not let them change and “escape” from their past mistakes or their past selves. For example, a funny photo taken in high school years ago or a compromising content can have an impact on the future carrier options even if it is not relevant anymore.1235 Five seconds eternalized on the web can define someone’s whole Internet presence.1236
1229 Byrnside 2008. p. 471.
1230 Moreira 2013. p. 77.
1231 In the age of SNSs, when everyone equipped with a smartphone may feel as a celebrity, online profiles do not reflect the professional capacities of a user. Source: Ghoshray 2013. p. 572.
1232 See more in: Sprague 2011. p. 15.; Kajtár – Mestre 2016. pp. 24–25.
1233 Ghoshray 2013. pp. 562–563.
1234 Szabó 2010. pp. 58–59.
1235 On the importance of forgetting see Mayer-Schönberger 2011. and Székely, Iván: Jog ahhoz, hogy elfelejtsenek és töröljenek. Információs társadalom, 13(3–4), 2013. pp. 7–27.
1236 In the US, Lindsey Stone was fired after her colleague posted a photo to Facebook, showing Ms. Stone engaging in disrespectful behaviour (giving a finger and imitating a scream) in the Arlington National (military) Cemetery – next to a sign asking for silence and respect. According to her, she did not think, it was just part of an inside joke between her and her colleague. However, the firing was not the only negative outcome for Ms Stone: the photo went viral and she became the target of extremely hostile comments from the Internet community. Since then, she started working for a new employer, but said that she was terrified that the new
Since the wide adoption of SNSs, years have passed, leading to the phenomenon that certain (early) users possess a digital footprint on these platforms dating back years. The right to be forgotten aims to ensure that individuals can “escape” from their online past.1237 It is alarming that especially young users have the tendency to share the most intimate details of their personal lives.1238 However, following from the very nature of the SNSs’ function, the documentation of these “reckless” young years permanently stays on the Internet.
Accessing that past information might lead to the consequence that the employer draws present conclusions from the past, which may lead to coming to incorrect conclusions.1239
In conclusion, data quality principles are highly at stake when it comes to processing information obtained from applicants’ SNS profiles – possibly raising the question of completely banning these searches, as it will be discussed later. It means on the one hand that the applicants’ rights can be easily infringed, and on the other hand that the employer can easily base his/her decision on unreliable data. These issues mainly arise on personal SNSs, which contain more information relating to personal life due to their nature.
In conclusion, data quality principles are highly at stake when it comes to processing information obtained from applicants’ SNS profiles – possibly raising the question of completely banning these searches, as it will be discussed later. It means on the one hand that the applicants’ rights can be easily infringed, and on the other hand that the employer can easily base his/her decision on unreliable data. These issues mainly arise on personal SNSs, which contain more information relating to personal life due to their nature.