Verifile International Newsletter Issue #20
22 Nov 2016
Welcome to our November edition of the International Newsletter 2016 which we hope you find helpful in keeping up to date.
In the lead up to the Christmas and New Year holiday period, our opening hours will change on the following days:
*Friday, 09 December 2016 8.30AM-3.00PM GMT
*Friday, 16 December 2016 8.30AM-4.30PM GMT
*Friday, 23 December 2016 8.30AM-3.00PM GMT
We will be closed on the following days:
*Monday 26 December 2016
*Tuesday 27 December 2016
*Wednesday 28 December 2016
*Thursday 29 December 2016
*Friday 30 January 2016
*Monday 2 January 2017
Normal opening hours will resume on Tuesday 3 January 2017.
We'd like to take this opportunity to thank you for all your valued support during 2016 and we hope you have a joyful festive season!
In this issue of the International Newsletter:
|AFRICA & MIDDLE EAST
- Information Privacy Protection Law on Cards
- False Job Credentials A Frequent Reality
- New Data Protection Legislation in Turkey
- Turkey's New Data Protection Law: Frequently Asked Questions
- Research Work Could Be Criminalised Under George Brandis Data Changes
- Workplace Alcohol and Drug Tests Not Working
- China’s Consumer Rights Protection Law
- India’s Health Department Plans Privacy Law To Guard Patients’ Data
- India Labour Ministry Set To Amend Draft To Make Hiring Domestic Workers Easier
- Personal-Data Handling Rules For Government Agencies Take Shape
- Singapore Is the Most Secure Asian Nation For Data Privacy
- Belgian Privacy Commission Issues Priorities and Thematic Dossier To Prepare for GDPR
- France Adopts Digital Republic Law
- Hungary’s New Privacy Guidance On Employers' Use Of Background Checks
- The Foreign Nationals Employment Act
- New Guidance for Job applicants implemented in Drug And Alcohol Workplace Policy
- Court Rules Structure of CFPB is Unconstitutional
- Use of Big Data has Implications for Equal Employment Opportunity
- Bank of America Dodges Suit Over Disclosing Background Checks
- CA Amends Labor code to Prohibit Employers from Using Juvenile Records in Employment Decision
- Connecticut Becomes the Third Jurisdiction in 2016 to "Ban the Box"
- A Middle Name - or Lack Thereof - Triggers FCRA Liability
- Los Angeles Moves Toward Prohibiting Criminal Conviction Inquiry to Job Offer
- Lyft Wins Background Check Class Action Claim
- Portland, oregon, Issues Rules Implementing "Ban the Box"
- JPMorgan Job Seeker Loses FCRA Background Check Suit
- "Overbroad" $1M Deal for Job Seekers, Screening Co. Nixed
- Spokeo Nixes State Farm Credit Report Suit
- Massachusetts State Court Rejects Medical Marijuana Suit
- Staffing Company to Pay $175,000 Over Discrimination Claims
- Illinois Appellate Court Reminds Employers of Restrictions on Credit Checks
- NJ Bank Sued by Job Applicants Over Credit Reports
Information Privacy Protection Law on Cards
The government is set to enact the Information Privacy Protection Law “very soon” that will enable residents to protect their personal data rights, a senior official said yesterday. The draft law protects personal information that has been collected or processed electronically, or by combining electronic and “traditional” processing. Once the law is enacted in Qatar, no person or organisation will be able to use personal data or information without prior consent of the concerned individual or organisation in any form. The draft law was approved by the State Cabinet in January this year and it is likely it will be enforced before the end of this year.
False Job Credentials A Frequent Reality
Where there is heavy competition for jobs job applicants may deceive prospective employers to improve their chances of being offered a job. Deception includes falsification of CVs and academic certificates, exaggeration of skills, lying about age, and more. An employer has a right to accurate information. While this is the general rule, many exceptions exist, particularly where the information in question relates to the employee’s personal circumstances, which some recent court cases have shown. The decisions in the cases mean that employers must check all information that job applicants give them, put in place systems for preventing employees from misusing their knowledge of the organization for personal gain, and more.
New Data Protection Legislation in Turkey
Turkey’s new “Law on the Protection of Personal Data” has entered into effect, effective October 7, 2016. The Data Protection Law adopts a broadly European model for data protection and helps clarify key aspects of the regulation of personal data under Turkish law. The following rules and standards were effective on October 7, 2016:
• Individuals’ rights of access to personal data, including the obligation to notify individuals of their rights.
• Processes for handling individuals’ complaints and requests.
• Transfer of personal data to third parties and foreign jurisdictions.
• Registration with the Data Protection Authority.
• Imposition of sanctions, including criminal and administrative fines.
Turkey's New Data Protection Law: Frequently Asked Questions
After a decade of winding its way through the legislative process, Turkey’s new Data Protection Law entered into force on April 7. Although Turkey previously had a few sectoral data protection laws on the books, this is the first time the country has had an omnibus data protection law. There are many questions about the law, including which information is deemed within the scope of the personal data? What are the principles of data processing? What are the Conditions for Data Processing without Consent? What are the Obligations Related to Data Safety? And what are the Crimes and Misdemeanors for Violation of the Law?
Research Work Could Be Criminalised Under George Brandis Data Changes
Attorney General, George Brandis says he will move to make it a criminal offence to publish or disseminate “reidentified” government datasets, in a move that digital rights groups say could criminalise important research and security work. He added, “With advances of technology, methods that were sufficient to de-identify data in the past may become susceptible to reidentification in the future,” he said.
The chair of Digital Rights Watch, Tim Singleton urged Brandis to consult broadly with privacy groups to examine how the legislation would be introduced.
Brandis said the legislation would be introduced in parliament’s spring sitting to amend the privacy laws.
Workplace Alcohol and Drug Tests Not Working
According to psychologist Dr. Nicole Lee, a wellness approach is much more effective at reducing alcohol and drug use than testing in the workplace because it can pick up on other factors that may affect a person's ability to work, such as stress, anxiety, depression, health problems and fatigue. Being aware of workplace difficulties like insufficient training, poor job security and inadequate equipment is important, too, since these can lead to substance abuse problems. Better results have been noted after developing and implementing a comprehensive approach to health and wellbeing, rather than the traditional drug testing policy, Lee said.
China's Consumer Rights Protection Law
China’s State Administration of Industry and Commerce has released for public comment a draft regulation implementing recent amendments to a consumer protection law that would supplement existing privacy obligations for businesses operating in China. Some of the new modified requirements include the fact that collection of consumer personal information by a business operator would need to be related to its business operations, business operators would need to retain for at least five years proof that they fulfilled their obligations to inform and obtain consent from consumers, and business operators would be prohibited from “tampering with or destroying” consumer personal information.
India's Health Department Plans Privacy Law To Guard Patients' Data
In what may be the first sector specific law on privacy, the health ministry has roped in the National Law School of India University, Bengaluru, to draft a law guaranteeing right to privacy and confidentiality of medical information. The law — tentatively called the Healthcare Data Privacy and Security Act — will devise a comprehensive legal framework for protection of individual health data and its standardisation, and identify the “ownership” of that data through the establishment of a national e-health authority and health information exchanges.
India Labour Ministry Set To Amend Draft To Make Hiring Domestic Workers Easier
The labor ministry in India aims to rework the draft national policy for domestic workers to streamline the process of hiring and avoid harassment by placement employment agencies. Currently, placement agencies charge a certain proportion of the domestic worker's salary every month, more than the one-time fees they charge from the employer for providing such help. According to the Economic Times, India Times, the labor ministry will soon reveal a policy that would make it mandatory for placement agencies to charge a one-time 15-day salary from the domestic help and in turn provide them with social security cover that includes health coverage.
Personal-Data Handling Rules for Government Agencies Take Shape
Government agencies engaged in processing personal data are being told to implement stricter rules on data sharing, according to a draft copy of the circular set to be released by the National Privacy Commission (NPC). NPC Deputy Commissioner Ivy D. Patdu said Circular 16-001, dated Sept. 30 is currently being reviewed for release. Circular 16-001, is part of a series of guidelines that NPC is looking to release.
The guidelines are meant to police data privacy rights. The NPC is tasked with implementing the Data Privacy Act, providing necessary protections for sensitive information in both public and private IT systems. NPC said government agencies shall be given a one-year transitory period to comply with the circular. It will take effect 15 days after its publication in the Official Gazette.
Singapore Is the Most Secure Asian Nation For Data Privacy
Citizens of Singapore can rest easy that their data is safe and secure, as a survey found out that the city-state is the best Asian country for data privacy. According to a report by Artmotion, Singapore garnered a risk score of 1.9%, as a result of the island state’s independent privacy legislation and political stability. Singapore was behind Switzerland, the safest nation for data storage, which received a risk score of 1.6%. The only other Asian nations which are considered secure include Hong Kong (5th), Taiwan (6th), and South Korea. Singapore is also ahead of the United Kingdom and the United States of America which ranked 23rd and 38th respectively, the report noted.
Belgian Privacy Commission Issues Priorities And Thematic Dossier To Prepare For GDPR
The Belgian Data Protection Authority recently published a 13-step guidance document that will help organizations prepare for the EU General Data Protection Regulation. The steps include awareness; internal records; privacy notice; individuals’ rights; access requests; legal basis; consent; children’s personal data; data breach; data protection by design and data protection impact assessments; data protection officer; international; and existing contracts.
France Adopts Digital Republic Law
On 7th October, the French Digital Republic Act ("Loi n°2016-1321 pour une République numérique") came into. This law introduces new provisions that will regulate the digital economy as a whole. For privacy professionals, this law is important as it introduces several key amendments under the French Data Protection Act of 1978 and other laws, prior to the GDPR's entry into force in 2018.
With the Digital Republic Act, France has sent a clear message that it is taking personal data protection very seriously. This new law also shows that even though the GDPR establishes a harmonised data protection regime across Europe, EU member states can nonetheless adopt additional or more restrictive data protection rules.
Hungary’s New Privacy Guidance On Employers' Use Of Background Checks
NAIH, Hungary’s Authority for Data Protection and Freedom of Information issued new guidance about when a Hungarian employer can conduct background checks of its employees or job candidates. Hungarian Law permits a former employer to send information on a prospective employee to a new employer only with the employee’s prior and informed consent. In addition, an employee’s or job applicant’s criminal background can be checked by requesting a “certificate of clean criminal record.”
Last, collecting publicly available information from the internet or social networks is permitted. However, if the employer is using such information in the recruitment process, or during employment, it must inform the job applicants/employees.
The Foreign Nationals Employment
Hiring contractors or temporary employment agencies that employ foreign workers in the Netherlands can create financial risks, with fines up to EUR 8,000 per employee. The Foreign Nationals Employment Act requires that am employer obtains a valid work permit for all foreign workers. The permit is not required for employees with a nationality of one of the countries within the European Economic Area (EEA), with the exception of Croatia or Switzerland. In order to avoid the fine, an employer must prove that it did everything within its abilities to avoid any breach of the Act.
New Guidance For Job Applicants Implemented in Drug And Alcohol Workplace Policy
The British Medical Association (BMA) has updated its guidance on alcohol and drugs workplace policies. The new guidance now includes a section which reinforces the message that health professionals have a responsibility to challenge negative stereotypes and help employers understand that people who have a history of alcohol problems and have successfully taken part in a treatment programme can still be successfully employed. One of the issues covered in the new chapter includes the use of “abstinence periods” and recommends that instead of “abstinence periods’ the best guide is receiving and completing a course of treatment, followed by training and then voluntary work or support to find work. The updated guide also offers advice on the application of post-offer health assessments.
Court Rules Structure of CFPB is Unconstitutional
The U.S. Court of Appeals for the District of Columbia recently ruled that the structure of the Consumer Financial Protection Bureau is unconstitutional and should operate as other executive agencies, such as the Department of Justice and the Department of Treasury, and will be held accountable by the President. The ruling is the result of a case in which PHH Corporation sought to vacate a CFPB enforcement action that carried a large penalty, arguing that the CFPB's status as an independent agency headed by a single Director violated Article II of the Constitution.
Use of Big Data Has Implications for Equal Employment Opportunity
The use of Big Data to make hiring and other employment decisions will continue to grow in its use and scope. At a recent meeting, however, Commissioner Victoria A. Lipnic stressed the importance of how laws may affect the technology-driven workplace. A professor at Stanford Graduate School believes in the benefits of Big Data, but said it is imperative to consider safeguards, demographic and sensitive health or genetic information that could pose risks against antidiscrimination acts.
Bank of America Dodges Suit Over Disclosing Background Checks
A California judge recently dismissed a putative class action filed against Bank of America Inc. and others after J. Robert Berrellez alleged violations of the Fair Credit Reporting Act, Investigative Consumer Reporting Agencies and the Consumer Credit Reporting Agencies Act, claiming the background checks invaded his and others' rights to privacy after being performed without written disclosure. Not only was the case presented beyond the FCRA's two-year statute of limitations, but Berrellez was unable to proof the action caused him harm.
Read more (Registration may be required)
CA Amends Labor Code to Prohibit Employers from Using Juvenile Records in Employment Decision
Effective Jan. 1, 2017, the governor of California signed a bill in September that amends the state's Labor Code to prohibit employers from considering some juvenile records for employment purposes, including arrests that did not result in conviction, a referral to or participation in any pretrial or post-trial diversion program, and convictions that were dismissed or sealed. Employers still can inquire about arrest histories and health care facilities still can determine eligibility based upon the type of arrest history.
Connecticut Becomes the Third Jurisdiction in 2016 to "Ban the Box"
Connecticut has joined Austin, Texas; Portland, Oregon; and New York City in prohibiting the request of criminal history information on an initial employment application. It is recommended that employers conduct a broader assessment of their pre-employment screening practices to strengthen its compliance with federal, state and local laws, as well as the Fair Credit Reporting Act before its January 1, 2017 effective date. Companies also should consider where they stand with coverage and exceptions of the law; unlawful practices; notice requirements applicable to the exceptions; existing restrictions on the use of certain criminal history events; and proper enforcement.
A Middle Name – or Lack Thereof – Triggers FCRA Liability
Background screening company LexisNexis recently was required to pay $375,000 in damages when a client was bought out by another company who used its services to screen current employees to determine hiring eligibility. LexisNexis failed to use the middle name of an employee, resulting in an incorrect criminal history and a refusal to hire. The employee went six weeks unpaid while trying to correct the error.
Los Angeles Moves Toward Prohibiting Criminal Conviction Inquiry to Job Offer
The Los Angeles City Council's Economic Development Committee recently joined the masses across the country by voting to eliminate the criminal history of a potential hire until after an initial job interview has been made. Those business located in the city with at least 10 employees could face penalties for not complying with the Ban the Box laws or adhering to proper job posting requirements.
Lyft Wins Background Check Class Action Claim
A judge in California dismissed a class action lawsuit by a driver against Lyft, Inc., after determining the employee could not demonstrate "concrete harm" as a result of the company's background screening procedures. The ruling was similar to a recent case against the ride-sharing company, as well as one against Spokeo.
Portland, Oregon, Issues Rules Implementing 'Ban the Box'
In accordance with "Ban the Box" laws, Portland, Oregon, has issued an Ordinance that prohibits the use of background checks, criminal histories and self-disclosed information, when considering a new hire. Although certain employers are excluded, like those with six or fewer employees or law enforcement agencies, the rules apply to the majority of companies. Following a conditional offer for employment, the history of the applicant may be used when considering its relevance to the job. To assist employers in making decisions, the Attorney's Office has created a Criminal History Matrix, as well as protocol for companies who violate the Ordinance.
JPMorgan Job Seeker Loses FCRA Background Check Suit
A woman who recently lost a JPMorgan Chase Bank NA job offer due to the FBI's fingerprint background check service also lost the Fair Credit Reporting Act class action because she failed to genuinely demonstrate the claim. The bank's request was granted that required both parties to produce evidence regarding the background check and the use of Fieldprint to produce its consumer reports. The woman has also sued two other companies over similar allegations.
Read more (Registration may be required)
'Overbroad' $1M Deal For Job Seekers, Screening Co. Nixed
A class of job seekers and background check company S2Verify must go back to the drawing board over their proposed $1 million settlement to close a Fair Credit Reporting Act case because it is “overbroad,” a California federal judge said Monday.
S2Verify, which handles employment screening, and the job seekers, who had reports run by the company, had submitted a proposed settlement for almost $1.1 million that would provide a flat $250 award for each class member.
Read more (registration required)
Spokeo Nixes State Farm Credit Report Suit
A California federal judge recently dismissed a class action in which Bobby Dutta alleged State Farm did not provide him an opportunity to dispute findings on his credit report before denying him employment as an agent. The plaintiff could not prove that any harm had been done or that he would have been offered the position had he seen the report, therefore, the judged ruled in favor of the business
Read more (Registration may be required
Massachusetts State Court Rejects Medical Marijuana Suit
A former employee of Advantage Sales and Marketing LLC, Massachusetts, lost a law suit that she filed against the company for her termination after testing positive for marijuana. Even though the employee had a medical prescription for the drug, it was determined that there was no obligation on the company's part to accommodate its use. It was found, however, that the employee's privacy was violated and that the drug test was unreasonable and inappropriate, given her job duties. Companies are encouraged to ensure that their drug and alcohol testing policies comply with all applicable laws.
Staffing Company to Pay $175,000 Over Discrimination Claims
San Diego staffing company Eastridge Workforce Solutions recently resolved allegations with the Department of Justice after new hires faced discriminatory practices while completing work authorization verification requirements, such as E-verify cases and filling out the Form I-9, creating a breach of Immigration and Nationality Act provisions that protect new hires who are not U.S. citizens. The Mira Mesa, Calif., location was required to pay $175,000 in civil penalties. It is important for companies to have compliant hiring procedures in place that are consistent with each new hire.
Illinois Appellate Court Reminds Employers of Restrictions on Credit Checks
Neiman Marcus was found guilty of violating the Illinois Employee Credit Privacy Act when a conditional offer of employment for an entry level sales associate was rescinded after the store ran a credit check that revealed judgments against her. The store argued for three of the seven exceptions identified in the Act, focusing on the employee's accessibility to personal and confidential information. Information, however, was too limited to justify the argument.
NJ Bank Sued by Job Applicants Over Credit Reports
New Jersey's Valley National Bank is facing a putative class action in federal court after violating the federal fair credit reporting law when the company obtained consumer reports on job applicants without first informing the candidates. The suits seek damages of $100 to $1,000 for about 1,000 people over the past two years.