Checking Facts Building Trust


About Us...

Memberships and Registrations

Data sources

Who we are

Quality Policy

Link to us


International Newsletters

Follow us on Twitter

Find us on LinkedIn

Investors In People

ISO Accrediation

Verifile International Newsletter Issue #17

26 May 2016

Welcome to our May edition of the International Newsletter 2016 which we hope you find helpful in keeping up to date.

Cyber Essentials Plus

We are extremely pleased to announce that this week Verifile has passed the higher level of assessment required to obtain Cyber Essentials Plus certification. In real terms it means that our IT infrastructure and our online system have been independently confirmed as conforming to the highest standards. Cyber Essentials is a new government scheme to increase the level of information security within British businesses. Being a data processor, Verifile is extremely concerned about data security hence our decision to obtain ISO 27001 back in 2012 and today Cyber Essentials Plus.

Social Media Checks

These days nearly all of us use social media and its use and importance is constantly growing. As a screening company we know that many of our clients are concerned about their candidates’ public activities on social media. As such we are pleased to announce the launch of a couple of new unique services specifically designed to provide assurances around your candidates’ social media activities.

Our new Social Media Insights search will provide employers with the following:

- Screening for high risk content, including potentially violent behaviour and illegal activity

- Inclusion of both user-generated and non-user generated content

- Deep dive report of an applicant’s publicly available web content

- Legally compliant search

- Protection against negligent hiring

Our Executive level for this search will also include a comprehensive write-up of the subject’s online presence.

DBS Checks Delays Advice

We would like to update you on delays with DBS checks that need to go to the Metropolitan (Met) Police. For quite some time the Met Police have been working outside of the normal SLA. An article on the website ( last October explained the reasons for the delays. There have been subsequent articles written in the general media about the delays and the impact this is having on employers and applicants. The situation unfortunately does not yet appear to be improving. The oldest check that we are awaiting results for, has been with the DBS and the Met Police since September 2015. We are doing everything that we can to chase these results, but with such a backlog of work at the Met Police, progress is slow.

In this issue of the International Newsletter:


- The 37th International Conference of Data Protection & Privacy Commissioners – Some Observations

- How to Align APEC and EU Cross-Border Transfer Rules

- DPAS' Enforcement Network Grows in Numbers and Reach


- APEC Examines CBRPR Program, Japan Now Fully on Board


- Criminal History Checks Must Allow a Right of Reply

- Is it Time to Review Your Drug & Alcohol Policy?


- Employment Outlook Shows Boom in Hiring for 2016

- Government Hopes to Create 100 Million New Jobs by 2022


- Adoption of Data Protection Law 'Marks New Era'


- AEU Poised to Formally Adopt New Data Protection Laws

- Article 29 Working Party Releases Opinion on EU-U.S. Privacy Shield

- The New EU Data Protection Regime from an HR Perspective

- EU DPAS: In the Absence of the EU-US Privacy Shield, BCRS can be Used for Now

- Hogan Lovells Issues Legal Analysis of the EU-U.S. Privacy Shield


- French National Assembly Votes to Align the CNIL’s Sanctioning Powers with the GDPRL


- Guidance on Consent 'Stricter Than Prevailing Opinions'


- Italian Data Protection Authority Backs Decision to Suspend Employee for Unauthorised Access to Company Data


- Identity Fraud on the Rise in Sweden


- Criminal Records Checks "Arbitrary" and Unlawful

- More Than 50% of UK Employees Feel they Must Switch Jobs to Get a Pay Rise

- One in Five Employees 'Regularly' Uses Drugs

- Operation Magnify

- Two Directors Banned for Hiring Illegal Workers


- Restrict Online Access to Court Cases not Resulting in Conviction, B.C. Judge Says

- Box to Let Overseas Customers Store Files Locally in Privacy Bid

- Medical Marijuana in the Workplace: Employer Rights "Up in Smoke"?

- The Supreme Court of Canada Grants Leave to Appeal in Drug and Alcohol Policy Matter

- Employers Request for Post-Incident Alcohol and Drug Test was not Justified Where no Sign of Impairment


- Bethlehem, PA Waiting to Ask Job Seekers About Criminal Records

- HUD Rules Against Using Arrest Records In Rentals

- Wisconsin Employers Targeted For Technical Violations of The Fair Credit Reporting Act

- Uber Settles Lawsuit with San Francisco and Los Angeles Over Driver Background Checks

- Proposed Amendments to Fair Credit Reporting Act

- Gov. Nixon Signs Executive Order to "Ban the Box" in State Employment

- New York State Contractor is said to Threaten Orivacy of Millions with Outsourcing

- Austin Becomes First City in Texas to 'Ban the Box'

- Home Depot Settles Consumer Lawsuit over big 2014 Data

- FCRA's Standalone Disclosure Requirement Leads to Another Class Action

- Fact Sheet: White House Launches the Fair Chance Business Pledge

- California District Court Joins Growing List of Courts Staying FCRA Class Action Lawsuits


World wide news


The 37th International Conference of Data Protection & Privacy Commissioners – Some Observations

The annual conference of the world’s data protection regulators is a three-day exercise, with half of the conference being “closed door” for the regulators only, and the other half being a series of side meetings and presentations, which report out to interested attendees the results of the closed door meetings. This is a good meeting to gain insight in the next year’s trends in data protection regulation and enforcement across the globe. The events in the European Court of Justice and the impending completion of the new General Data Protection Regulation (GDPR) made this year’s conference particularly interesting. The one consistent theme which can be taken away is that the environment is still highly volatile; the ball (of compliance) will continue to be moved; and businesses who rely on the cross-border transfers of data will need to be highly agile in order to respond to the implementation of new rules and enforcement priorities over the coming years.

Read more

How to Align APEC and EU Cross-Border Transfer Rules

For most organizations, the ability to transfer data across national borders is a self-evident business imperative. Companies engaged in international commerce must export data to affiliates, business partners, service providers, customers or employees for a variety of purposes. New technologies, in turn, have emerged to help address this business need. Just as business practices have evolved, legal frameworks regulating the processing of data have moved on as well. One multinational pharmaceutical company, Merck & Co. Inc., has implemented a data transfer compliance strategy that complies with the rules in both the Asia-Pacific Economic Cooperation region and the EU. Aligning requirements across, and not just within, the different regions would represent a watershed moment and be a welcome development for industry. Once achieved, businesses potentially would be in a position to apply a single set of internal policies and procedures to regulate their data transfers.

Read more

DPAs’ Enforcement Network Grows in Numbers and Reach

The Data Protection Authorities’ Global Privacy Enforcement Network (GPEN), now has 59 privacy enforcement authority members in 43 jurisdictions. In 2016, GPEN intends to increase membership from under-represented regions (Africa, Asia, South America), and conduct another privacy sweep. The 2015 sweep reviewed the processing of children’s data. In 2015, the group launched, with eight inaugural participants, GPEN Alert, a new information-sharing system that enables participating authorities to better coordinate international privacy investigations. The GPEN committee, which includes five members (Canada; Israel, the United Kingdom; the US Federal Trade Commission; and Hong Kong) issued its second GPEN annual report.

Read more

Asia Pacific

APEC Examines CBRPR Program, Japan Now Fully on Board

The Data Privacy Subgroup has been hard at work at the Asia Pacific Economic Cooperation meetings in Lima, Peru, examining the APEC Privacy Framework and its attendant Cross Border Privacy Rules. Endorsed by APEC in 2011, the CBPR program admittedly is still in its infancy. Just 14 companies have been through the process; only Japan, Canada, Mexico, and the United States currently participate; and there is relatively little name recognition for the program. One participant noted that a search of Singaporian media turned up just a single reference for CPBRs. Member economies heard an APEC-commissioned report from Information Integrity Solutions that explored the answer to this question. Part of it is purely efficiency. One company reported that the CBPR process helped considerably in its application for binding corporate rules in the EU, shortening the time for BCR completion to nine months and reducing costs by nearly 10%. Look for APEC to do much more to raise awareness of the program, with a CBPR conference this year in Vietnam, and potential conferences in Singapore and Australia before 2017.

Read more



Criminal History Checks Must allow a Right of Reply

Mistakes can occur during criminal history checks, so it's vital to ensure job applicants have a right of reply when a record turns up, said WorkPro founder Tania Evans. HR professionals must consider a range of factors when relying on criminal history checks for recruitment decision-making, and the first step is to design a risk matrix. If a role does require a criminal history check, HR must make this clear to the job applicant. Only a limited number of people in the organisation should be allowed to manage criminal history checks, to "ensure that the privacy of the individual is upheld", said Evans. These people should be in a position to make a decision about the candidate's employment, to discuss outcomes with the candidate and to mitigate possible discrimination claims. The UK's High Court has recently ruled that England and Wales' system of requiring individuals to disclose prior convictions is in conflict with the Human Rights Act. The decision has potential ramifications in Australia due to the similarities in our legal systems, and the way Australia often follows UK employment law trends.

Read more


Is it Time to Review Your Drug & Alcohol Policy?

With national data showing alcohol and other drugs drain up to $6 million dollars from Australian workplaces each year due to lost productivity, many employers are reviewing their workplace drug and alcohol policies. Simon Clayer, Senior Associate with HopgoodGanim says employers who don’t step up to prevent drug and alcohol impaired employees from endangering other staff may be liable for the actions of those employees. Clayer recommends any employer considering drafting a drug and alcohol in the workplace policy consider the following guidelines: Develop the policy in consultation with all stakeholders in the workplace such as unions, workers, and health and safety representatives; Apply the policy equally to all workers across all levels of the business; Clearly state what is acceptable behaviour and the consequences of any unacceptable behaviour; If the policy includes testing, describe the testing protocols and procedures; and Ensure the policy is clearly communicated to all members of the workforce.

Read more



Employment Outlook Shows Boom in Hiring for 2016

According to the ninth annual Global Business and Spending Monitor survey conducted by American Express in partnership with CFO Research, 83% of Indian executives expect their companies to hire more and 52% of respondents expect employment to grow by over 10%. "Sustained high level of optimism towards growth will see India as a bright spot for hiring as companies get ready to add to the government's initiative towards improving job-oriented skills in the country," American Express Global Corporate Payments Country Business Head Saru Kaushal said. However, a talent crunch could put an end to this recruitment drive. "7 out of 10 Indian executives polled that their companies' performance goal has been impeded by inability to hire requisite positions in sales and marketing," the report said. Moreover, 60% of respondents say their companies have been affected by difficulty in hiring more skilled and specialised workers.” Half of respondents find it difficult to fill positions for IT staff, administration and support staff and offshore or outsourced positions.

Read more

Government Hopes to Create 100 Million New Jobs by 2022

The Government of India hopes to create 100 million new jobs by 2022 with the help of initiatives such as Make in India. Job placement firms expect that 720,000 new jobs will be created over the next year with a rise of 8% to 13% in the current jobs pool with growth in the sectors of investment, manufacturing and engineering. The Make in India initiative has already led to an increase in hiring within ecommerce and Internet-related sectors. "Skill development has gained enormous traction with Make in India. The plan to create 100 smart cities is also expected to fuel job growth," Rituparna Chakraborty, co-founder of staffing firm, TeamLease Services, said. Make in India, which is a government initiative for companies to manufacture their products in India, aims to transform India into a global hub of manufacturing, whose share in GDP would rise to 25% by 2022. It has identified 25 sectors that would get incentive support and has promised to align policies to boost investments in them.

Read more


Adoption of Data Protection Law 'Marks New Era'

The Turkish Parliament adopted, on 24 March 2016, the Law on Personal Data Protection after over nine years of efforts. The Law is Turkey's first specific privacy and data protection legislation and its adoption follows Turkey's recent ratification of Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, 35 years after Turkey first signed it. "The enactment of the Law marks the beginning of a new era, as personal data will now be processed in compliance with the Law," said Yasin Beceni and Ipek Asikoglu, Partner and Associate respectively at BTS Legal. In particular, the Law has been prepared to ensure protection during the processing of personal data in line with the Data Protection Directive and defines key terms. According to the Law, data controllers will be responsible for taking necessary security measures to prevent unlawful access to personal data, including carrying out or making third parties conduct audits to ensure that such security measures are taken. Data controllers will be obliged to notify the Board where they become aware of any unlawful access.

Read more



EU Poised to Formally Adopt New Data Protection Laws; Amended Texts Published

After three months of legal-linguistic checks and translations, the EU is poised to formally adopt the new EU General Data Protection Regulation (GDPR) and its sister law, the EU Policing and Criminal Justice Data Protection Directive (PCJ DPD). Documents recently released by the Council of the EU suggest that the Council will vote to endorse these final texts before passing them on for approval by the European Parliament. The GDPR will take effect twenty days from its post-vote publication in the Official Journal, triggering a two-year transition period before its full entry into force. At that point, it will sweep away the current EU Data Protection Directive (95/46/EU), which has served as the main instrument of EU privacy law for almost two decades. Unlike the Directive, the GDPR will for the most part have direct effect throughout the EU, without requiring implementation into national laws. Nevertheless, the next two years are likely to see substantial further legislative and rulemaking activity at EU and national level.

Read more

Article 29 Working Party Releases Opinion on EU-U.S. Privacy Shield

The Article 29 Working Party published its Opinion on the EU-U.S. Privacy Shield draft adequacy decision. The Privacy Shield was created to replace the previous Safe Harbor framework invalidated by the Court of Justice of the European Union in the Schrems decision. The Working Party also published a Working Document on the justification for interferences with the fundamental rights to privacy and data protection through surveillance measures when transferring personal data. The Working Party recognized that the Privacy Shield is a significant improvement to the Safe Harbor framework. However, the Working Party also stressed the overall complexity and lack of clarity regarding the new framework and expressed concerns with respect to both the commercial and national security aspects of the Privacy Shield. The Working Party urged the European Commission to resolve their concerns, identify appropriate solutions to improve its draft adequacy decision, and ensure the protection offered by the Privacy Shield is indeed essentially equivalent to that offered by European data protection laws.

Read more

The New EU Data Protection Regime from an HR Perspective

The EU institutions have agreed on the text of the EU's successor privacy legislation: the General Data Protection Regulation (GDPR). The GDPR will replace the 'patchwork quilt' of 28 different EU Member States' laws with a single, unifying data protection law, which should lead to significantly greater data protection harmonization throughout the EU. In addition to harmonizing the EU data protection legal framework, its main objectives are threefold: First, the GDPR increases the rights for individuals. Secondly, it strengthens the obligations for companies. Thirdly, the GDPR dramatically increases sanctions in case of non-compliance. Employers will need to very carefully assess their current HR-related processing activities and identify the gaps with the GDPR. On the basis of this gap analysis, they will need to update their existing procedures and implement the required mechanisms to comply with the new obligations. Failure to do so may result in significant fines or other enforcement measures that could materially impede their business.

Read more

EU DPAS: In the Absence of the EU-US Privacy Shield, BCRS can be Used for Now

The Chair of the EU Data Protection Working Party, Isabelle Falque-Pierrotin (also President of France’s DPA, the CNIL), said that the concerns that remain on the Privacy Shield include US bulk surveillance of EU citizens, lack of recognition of the data retention principle in the Privacy Shield, and the independence and powers of the US Ombudsman who would deal with complaints. In addition, there are still questions about onward data transfers, even though progress has been made on this topic. Falque-Pierrotin said that the EU DPAs have raised several points with the EU Commission and the US administration. Some of these concerns have been met with informal unwritten assurances, but they cannot form an integral part of an adequacy decision. It is too early to come to a conclusion about Binding Corporate Rules and model contracts for EU-US transfers, but companies can continue to use them for now, Falque-Pierrotin said. The European Parliament’s final approval will clear the way for adoption of the EU General Data Protection Regulation.

Read more

Hogan Lovells Issues Legal Analysis of the EU-U.S. Privacy Shield

In a thorough legal analysis of the EU-U.S. Privacy Shield framework, a report from Hogan Lovells says the framework would stand up in the Court of Justice of the European Union (CJEU), and that the true level of data protection afforded by the Privacy Shield framework will only be demonstrated by its functioning and the practices of its participants. The report provides an objective view of the new framework concerning transatlantic dataflows and includes a rigorous assessment of the Privacy Shield based on European jurisprudence. The Hogan Lovells analysis finds that the Privacy Shield Framework substantially meets the criteria for adequacy under Article 25(6) of the Data Protection Directive, as interpreted by the CJEU, and concludes that the framework provides an ‘essentially equivalent’ level of protection for personal data transferred from the EU to the U.S.

Read more


French National Assembly Votes to Align the CNIL’s Sanctioning Powers with the GDPR

While organizations in the EU will have to get used to the possibility of receiving fines of up to 4% of total worldwide annual turnover when the General Data Protection Regulation (GDPR) comes into force in roughly 2 years’ time, organizations in France should prepare for higher sanctions sooner. A bill, passed by the French National Assembly, and now before the French Senate, would amend Article 47 of the French Data Protection Act to give the French Data Protection Authority (the CNIL) the power to impose penalties for breaches of data protection law of up to 20 million euros or up to 4% of an organization’s total worldwide annual turnover (the Digital Republic Bill). Up until now, the CNIL could only issue penalties of up to 150 000 euros. Additionally, and most importantly in this bill, the National Assembly is taking measures to anticipate the future GDPR. The bill is now on its way to the Senate. If the bill passes with this provision left intact, France will have a two-year head start over the GDPR in terms of the power of the data protection authority to impose significant sanctions.

Read more

Germany 2


Guidance on Consent 'Stricter Than Prevailing Opinions'

The Mecklenburg-Vorpommern State Commissioner for Data Protection and Freedom of Information announced that the Düsseldorf Circle, a committee of German data protection authorities, adopted a guidance on privacy consent declarations. The Guidance addresses informed consent under Section 4a of the Federal Data Protection Act 2003 as well as under Section 13 (2) and (3) of the German Telemedia Act 2007. Holger Lutz, Partner at Baker & McKenzie, said "The Guidance is based on the German laws currently applicable, however, it contains some sections that are slightly stricter than the prevailing opinion in Germany." In particular, the Guidance requires opt-in for valid consent, while deeming insufficient pre-ticked checkboxes and/or consent wording that can be deselected or deleted by the data subject.

Read more



Italian Data Protection Authority Backs Decision to Suspend Employee for Unauthorised Access to Company Data

The Data Protection Authority (DPA) recently found that an employer's decision to suspend an employee was legitimate in light of its right to defence against the employee's breach of Article 24 of the Privacy Code and Articles 2104 and 2015 of the Civil Code. An employee appealed to the DPA against his employer processing his personal data, which was stored on his work computer. The computer had been seized when the employee was suspended. It was subsequently subjected to a content check and a copy of the hard disk was made. The employee challenged the employer's actions as unlawful and arbitrary due to the absence of assurances regarding "the immutability of the contents of the PC" and the fact that the data acquisition took place "in his absence and in the presence of a third party unconnected to the company… in violation of the principles of relevance". The DPA found that the employer was entitled to carry out proper checks on performance and protect its assets. It found that correct procedure had been followed in that regard, as the checks had aimed to protect the company's rights.

Read more



Identity Fraud on the Rise in Sweden

The number of ID thefts continues to grow in Sweden, fresh figures from the Swedish police and credit monitoring company UC show. In 2015, the recorded identity frauds in Sweden represented 5.5 billion Swedish krona (680 million U.S. dollars) while the average amount for ID thefts is now 65,000 Swedish krona, a record-high figure. "The average amount has grown by 15% compared to 2014 and the total amount has risen by 49% compared to the previous year," UC business area manager Siri Bengtsson told Swedish Television. Last year alone, around 85,000 Swedes became victims of fraud after their identities were hijacked and, according to Bengtsson, ID theft is a fast-growing crime in Sweden. It is now apparently more common than bicycle theft. The culprits usually use the victim's national insurance number to make a purchase online or to apply for loans or credit cards. In the past five years, the number of fraud blocks has grown by 300 percent. In Sweden, the majority of identity-theft victims, or 60% are men.

Read more

United Kingdom 2


Criminal Records Checks "Arbitrary" and Unlawful

The High Court has upheld a challenge by way of judicial review to the criminal records disclosure scheme used in England and Wales. It has found the scheme to be "arbitrary" and disproportionate, and it was ruled unlawful, as incompatible with Article 8 of the European Convention on Human Rights. Under the Rehabilitation of Offenders Act 1974, convictions, cautions, reprimands and warnings become "spent" after a certain period of time. However, in certain "excepted positions" (principally those working with children or vulnerable adults) the general rule does not apply and all prior convictions must be disclosed, however old or trivial, where there has been more than one previous conviction. The focus of the challenge was on this exception. Employers should take preparatory steps in anticipation of the changes to the law.

More Than 50% of UK Employees Feel they Must Switch Jobs to Get a Pay Rise

Some employees think it is better to choose a different path at a new job rather than ask for a salary change. Nearly 50% of employees globally say their employers still do not share pay data internally, according to the Glassdoor’s Salary Transparency Survey. Furthermore, the majority of employees in the UK (69%) wish they had a better understanding about what fair pay actually is for their position and skill set at their company and in their local market. More than half of employees in the UK (57%) believe they must switch companies in order to make a meaningful change in their compensation. Perception among employees may be that the grass is greener elsewhere, as many believe they could earn more at another company—an important message to employers. The majority of UK employed adults (74%) believe salary transparency is good for employee satisfaction and approximately the same% (76%) believe it is good for business.

Read more


One in Five Employees ‘Regularly’ Uses Drugs

One in five UK employees admits to regularly taking drugs, and a third suspect that a colleague may have a drug problem, according to new research that suggests the increase in the use of illegal substances may be starting to make itself felt in the workplace. The study of 500 employees and 500 employers, from Crossland Employment Solicitors, found that just two in five firms (40%) have a drugs policy and only 23% have tested their staff for drug use. But Aron Pope, partner at law firm Fox Williams, said employers must have “good reason” to justify testing their employees for drug use. “Because of the intrusive nature of drug testing, employers must have a good reason to justify a policy of testing staff, and should always consider whether there is a less intrusive means of monitoring employees,” he said. Pope reminded HR professionals that “in view of their health and safety obligations, employers are able to take action to deal with employees who use drugs outside of work in certain circumstances”.

Read more


Operation Magnify

For much of 2015, the UK Government has focused its attention on illegal workers, over-stayers and rogue employers. Over the last couple of months, the Home Office have been running ‘Operation Magnify’ to target those companies employing ‘lower-skilled’ labour, such as construction sites, care homes and cleaning companies and check for illegal workers. Since the announcement of Operation Magnify, the renewed focus has certainly been demonstrated by a number of high-profile and unannounced raids by Home Office immigration officers which have received wide-spread coverage in the press. Take the following steps to protect your business: 1. Make sure your employee on-boarding process includes robust checks. 2. Keep records up to date and store document securely. 3. Be transparent about your document checks. Increasingly stringent regulations, coupled with potential fines of £20,000 per illegal employee and the negative publicity surrounding a raid means that document checks are something that no company can ignore. All employers need to make sure that they have processes in place to adhere to the most current legislation and prove their compliance.

Read more

Two Directors Banned for Hiring Illegal Workers

A director at a Leicester-based clothing company and a director at a Scottish restaurant are the latest to be disqualified for recruiting illegal workers. Asimali Alihusen, a director of Leicester-based AJ Design, has been disqualified from acting as a director for seven years, while Harcharan Singh Sekhon, owner of restaurant Bombay Blues in Glasgow, has been disqualified for six years from being a director of a limited company. Following a joint investigation by the Insolvency Service and the Home Office, Alihusen was found to have allowed AJ Design to employ 17 illegal workers. AJ Design went into liquidation on 12 June 2015 owing £270.6k to creditors, including a £255k fine for employing illegal workers. Meanwhile, an Insolvency Service investigation found Singh Sekhon failed to ensure relevant immigration checks were completed and copy documents retained, which resulted in the employment of four illegal workers. All of the illegal workers at the restaurant were also found to have been paid less than the National Minimum Wage – £6.70 for those aged 21 and over, £5.30 for 18-20-year-olds, £3.87 for workers aged under 18 and £3.30 for apprentices.

Read more

North America


Canada 2


Restrict Online Access to Court Cases not Resulting in Conviction, B.C. Judge Says

The chief judge of the Provincial Court says online access to cases in which a person was not convicted of a crime should be limited, a blow to media outlets that argued the court and its records should be as open as possible. Chief Judge Thomas Crabtree announced a consultation regarding an online database, known as Court Services Online. In a post-consultation memorandum posted to the Provincial Court website, Judge Crabtree says a person who has not been convicted should not be exposed to stigma. He said information regarding acquittals, dismissals and withdrawals will only be available through Court Services Online (CSO) in the 30 days after the information is entered. He said online access to cases involving stays of proceedings will cease one year after entry, and information regarding peace bonds will be unavailable once the peace bond has expired. Dale Bass, the B.C. and Yukon representative for the Canadian Association of Journalists, said the organization believes journalists “should have open access to this at any time.”

Read more


Box to Let Overseas Customers Store Files Locally in Privacy Bid

Box Inc., trying to lure more international customers, will offer overseas clients concerned about privacy the option to store information locally in cloud datacenters belonging to Inc. or International Business Machines Corp. Starting in May, Box Zones will give customers the choice of locating their files in Germany, Ireland, Japan, and Singapore. The company plans to add more regions in the future, said Chief Executive Officer Aaron Levie in an interview, and is looking at further choices in Europe and Asia as well as adding Australia and Latin America. Customers, particularly in some parts of Europe and South America, face laws that require certain types of data to be stored in their country or have strong preferences for that. Storage closer to the customer can also speed up computing. Box runs data centers in the U.S. but didn’t want to incur the costs of building out internationally to attract these customers, and it’s cheaper to pay Amazon and IBM to use their facilities, Levie said.

Read more


Medical Marijuana in the Workplace: Employer Rights "Up in Smoke"?

Employers in Canada understand that they must maintain a safe work environment for their employees. They also understand that when it comes to accommodating employees with disabilities, they must do so to the point of undue hardship. This obligation does not change if the disability involves the use of medical marijuana. Given this fact, the approach to the use of medical marijuana in the workplace really shouldn't be any different. The accommodation process must be undertaken as if it were any other accommodation issue. But the stigma and the "politics" of marijuana can make this process confusing from an employer's perspective. Consider updating your policies on drug/alcohol use in the workplace – marijuana is still currently illegal. Even if it becomes legalized in the near future, its use while at work will be treated just like any other drug or alcohol substance. Employees have a responsibility to discuss their needs with the employer. Employees are part of the accommodation process! They also have a duty to participate.

Read more

The Supreme Court of Canada Grants Leave to Appeal in Drug and Alcohol Policy Matter

Once again, the issue of drug and alcohol testing and policies will be subject to appeal; but this time before the Supreme Court of Canada, as it recently granted leave to appeal in Stewart v. Elk Valley Coal Corporation et al. This case (2015 ABCA 225), released in the summer of 2015, gave employers some much needed comfort regarding their ability to discipline or terminate employees in safety sensitive positions involved in a work place incident while under the influence of drugs or alcohol. The case also caused employers to review their drug and alcohol polices to ensure they contained provisions allowing employees to self-report and seek rehabilitative help for their addictions prior to a work place accident, without fear of discipline. That aspect of the policy was a key consideration in that decision. This decision was welcomed, particularly by those in the construction industry where drug and alcohol issues are of key importance.

Read more

Employers Request for Post-Incident Alcohol and Drug Test was not Justified Where no Sign of Impairment

An employee responsible for a minor, although unusual, accident in a company parking lot was justified in refusing to submit to an alcohol and drug test, a labour arbitrator has found. The employee was an electrician. His position was safety-sensitive. When backing up to park a vehicle, he backed into the only other vehicle in the parking lot. The employer demanded that he submit to a post-incident drug and alcohol test. The employee refused, citing advice that he had received from his union. The arbitrator found that nobody had thought that the employee was impaired. There were no signs of impairment. After the accident, the employee sat through a half-hour investigative meeting and “could not give anyone in the meeting the slightest suggestion of impairment”. The managers concluded that he could drive home safely. The cause of the accident was obvious: the employee’s carelessness, which the employee admitted. The managers were “reasonably able to exclude the possibility that drug or alcohol impairment” may have caused the accident. As such, the demand that the employee submit to an alcohol and drug test was not justified.

Read more

United States

Bethlehem, PA Waiting To Ask Job Seekers About Criminal Records

Come March 14, Bethlehem no longer will ask each job applicant up front about a criminal record. That information, however, will be divulged prior to hiring. By opting to wait, the city joins a national movement pushed by civil rights advocates to "ban the box." Advocates argue that many applicants with criminal records are passed over without considering his or her qualifications for a job, making employment difficult for thousands of otherwise competent people." By eliminating the requirement that one disclose a criminal conviction on the initial application, we can now attract the broadest group of applicants for each vacant position." Bethlehem Mayor Robert Donchez said. "Once it has been determined that a candidate is qualified for the position and is a finalist, then a criminal background check will be conducted."

Read more

HUD Rules Against Using Arrest Records in Rentals

The Department of Housing and Urban Development (HUD) issued new guidance that is going to require all single-family and multifamily rental professionals to revisit their policies. In a decision that is aimed at protecting the rights of "returning citizens," HUD is limiting the use of arrest records in tenant screening nationwide for both public and private housing. While they are not discouraging the use of criminal records in the background screening process, they are requiring a conviction be reported for the record to be considered in the decision. Using an arrest record without a conviction is being viewed as discriminating against a consumer who has not been found guilty of having done anything illegal. A housing provider with a policy or practice of excluding individuals because of one or more prior arrests (without any conviction) cannot satisfy its burden of showing that such policy or practice is necessary to achieve a substantial, legitimate, nondiscriminatory interest.

Read more

Wisconsin Employers Targeted For Technical Violations of The Fair Credit Reporting Act

Within the past year, one Wisconsin resident has filed several class-action lawsuits against Wisconsin employers. In each case, the plaintiff filed a class-action lawsuit against the employer in Wisconsin federal court on the grounds that the employers had violated the FCRA by not providing a proper disclosure. In both cases, the defendants moved to dismiss the complaint; yet, the district court judges in each case concluded that including a liability release on the same document as the disclosure was a violation of the express language of the FCRA. Both courts noted that the FCRA, by its terms, requires that the clear and conspicuous disclosure appear by itself on the document, with the only exception being the consumer's authorization for the report. All Wisconsin employers are encouraged to review their employment applications with regard to such disclosures.

Read more

Uber Settles Lawsuit With San Francisco and Los Angeles Over Driver Background Checks

Uber agreed to pay up to $25 million to settle a 2014 lawsuit filed by city officials in San Francisco and Los Angeles who argued that the ride service gave customers a “false sense of security” by touting its background checks as the toughest in the industry. The suit, brought by San Francisco District Attorney George Gascón and Los Angeles District Attorney Jackie Lacey, alleged that Uber misled consumers by suggesting its driver-screening process was superior to the ones used by taxi companies. Taxi drivers are vetted with fingerprint checks, whereas Uber drivers are not. The suit also questioned Uber’s compliance with California laws regarding airport rides and fare calculation. Uber will pay $10 million within 60 days. The remaining $15 million penalty will be waived in two years if Uber complies with all of the settlement’s terms. “It sends a clear message to all businesses, and to startups in particular, that in the quest to quickly obtain market share, laws designed to protect consumers cannot be ignored,” said Gascón.

Read more

Proposed Amendments to Fair Credit Reporting Act

Two new bills affecting credit reporting and the use of credit reports for employment purposes are working their way through Congress. If passed, the bills would amend the Fair Credit Reporting Act (FCRA). The first, The Credit Access and Inclusion Act of 2015, H.R. 4172, would allow for increased reporting of customer payment information by companies in the telecommunications and utility industries, with an eye toward helping low-income consumers establish positive credit. The second, the Equal Employment for All Act of 2015, H.R. 3524, would prohibit most employers from using credit reports as a factor in evaluating consumers for employment. It is important for employers to be aware of the many requirements imposed on them by the FCRA and state laws with respect to using background checks for employment purposes.

Read more

Gov. Nixon Signs Executive Order to "Ban the Box" in State Employment

Gov. Jay Nixon visited the St. Louis Agency on Training and Employment to sign Executive Order 16-04, to lessen barriers to individuals with criminal histories attempting to enter the workforce, lower recidivism rates and improve public safety. The executive order will “ban the box” in state employment by placing questions relating to criminal history later in the hiring process in order to provide these applicants a fair opportunity to compete for jobs. The Governor’s executive order directs all departments, agencies and boards and commissions in the Executive Branch subject to the authority of the Governor to take all necessary action to amend initial employment applications by removing questions relating to an individual’s criminal history unless a criminal history would render an applicant specifically ineligible for the position.

Read more

New York State Contractor is said to Threaten Privacy of Millions with Outsourcing

The lease on an Albany warehouse holding fingerprint records and other personal information collected from 22 million people was about to expire, and the state needed to digitize the files.

The contract for the job required that employees responsible for scanning the records pass background checks and protect the security of the documents. Focused Technologies Imaging Services was awarded the $3.45 million contract in 2008. But according to the authorities, rather than fulfill its contract, it did what so many businesses have done in recent years: outsource the work to India. For the price of $82,000, an Indian company processed millions of records and performed more than a third of the entire contract’s work — risking the privacy of some 16 million people. Focused Technologies has agreed to pay $3.1 million in penalties and fees for defrauding the state and will submit to additional oversight for the next five years.

Read more

Austin Becomes First City in Texas to 'Ban The Box'

On March 24, 2016, the Austin City Council passed the Fair Chance Hiring Ordinance, which will prohibit most employers from asking questions about or considering an individual’s criminal history until after making a conditional offer of employment. Passage of the ordinance follows closely on the heels of similar legislation enacted in other cities and states, including Portland and New York City. It is expected that the ordinance will become effective seven to 10 days after its passage. Thus, Austin employers should immediately assess whether they are covered by the ordinance and, if so, whether they need to revise their job applications and guidelines and documentation for the hiring process. Employers throughout the U.S. should continue to monitor developments in this and related areas of the law, including laws restricting the use of credit history information and the fair credit reporting laws.

Read more

Home Depot Settles Consumer Lawsuit Over Big 2014 Data

Home Depot Inc (HD.N) agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach affecting more than 50 million cardholders. The home improvement retailer will set up a $13 million fund to reimburse shoppers for out-of-pocket losses, and spend at least $6.5 million to fund 1½ years of cardholder identity protection services. Home Depot also agreed to improve data security over a two-year period, and hire a chief information security officer to oversee its progress. It will separately pay legal fees and related costs for affected consumers. Home Depot did not admit wrongdoing or liability in agreeing to settle. "We wanted to put the litigation behind us, and this was the most expeditious path," spokesman Stephen Holmes said. "Customers were never responsible for any fraudulent charges."

Read more

FCRA’s Standalone Disclosure Requirement Leads To Another Class Action

Penn National Gaming has been hit with a class action alleging violations of the FCRA’s requirement that an employer’s disclosure to a job applicant that a background check is being obtained be made in a document consisting “solely” of the disclosure. According to the complaint, plaintiff Patricia Halbert applied for a job at the company’s Hollywood Casino in Mississippi in August 2014. The online job application allegedly did not contain any standalone disclosures about consumer report investigations, but did contain a clause embedded with other material that said applicants were subject to a background check. Halbert was subsequently informed that her job application was rejected because of information found on her consumer report. Halbert filed suit, seeking to represent a class of applicants and employees of Penn National who had background checks pulled by the company without first receiving the disclosures in “solely” form.

Read more

Fact Sheet: White House Launches the Fair Chance Business Pledge

Attorney General Loretta Lynch, Senior Advisor to the President Valerie Jarrett, and other White House officials hosted 19 companies from across the American economy who are standing with the Obama Administration as founding pledge takers to launch the Fair Chance Business Pledge. The pledge represents a call-to-action for all members of the private sector to improve their communities by eliminating barriers for those with a criminal record and creating a pathway for a second chance. The U.S. accounts for 5% of the world’s population, and 25% of its inmates. Around 70 million Americans have some sort of criminal record. Too often, that record disqualifies individuals from being a full participant in their communities — even if they’ve already paid their debt to society. As a result, millions of Americans have difficulty finding employment.

Read more

California District Court Joins Growing List of Courts Staying FCRA Class Action Lawsuits

In Lee v. Dollar Thrifty Auto. Group, Inc., the plaintiffs brought a class action lawsuit alleging multiple violations of the employment background check provisions of the FCRA. Specifically, the plaintiffs claimed that the defendants failed to provide them with disclosures properly informing them that a background check would be obtained. They also claimed that the defendants took adverse action against them based on their background check without following the FCRA’s adverse action protocol. Recently, the defendants moved to stay the matter pending the Supreme Court’s decision Spokeo, Inc. v. Robins. The Court in Lee found that a stay was appropriate because Spokeo could have a determinative effect on the case. Although it is difficult to predict the outcome of Spokeo, there is little doubt that a decision for the defense in that case could significantly impact “no harm” consumer class actions.

Read more


Share on Facebook
Share on LinkedIn

Previous Page

Follow us on Twitter
Follow us on Twitter
Find us on LinkedIn