FTC Puts Background Screening Companies on Notice for Possible Privacy Violations

Nick Fishman

Background Screening Companies

The Federal Trade Commission recently sent letters to ten data broker companies warning that their practices could violate the Fair Credit Reporting Act (FCRA) after a test-shopping operation by the FTC indicated the background screening companies were willing to sell consumer information without abiding by FCRA requirements.  It’s unclear what requirements they are accused of violating, but the commission included the following commentary in the release:

“Data broker companies that collect, distribute or sell this information are considered consumer reporting agencies under the FCRA, meaning they must reasonably verify the identities of their customers and make sure that these customers have a legitimate purpose for receiving the information. This requirement ensures that the privacy of sensitive consumer report information is protected. Of the 45 companies contacted by FTC staff in the test-shopper operation, ten appear to violate the FCRA by offering to provide the information without complying with the law’s requirements.”

In other words, background screening companies need to engage in proper due diligence to ensure they know who they are doing business with and establish that the entity has a permissible purpose to obtain the information.  Much of this information can be established through a compliant User Agreement.  But beyond the agreement are taking the proper steps to verify the information provided — things like conducting a 3rd party site inspection of the client’s place of business, independently verifying the client’s physical address, their phone number and the type of business they are engaged in.

According to the FTC release, “staff members posed as individuals or representatives of companies seeking information about consumers to make decisions related to their creditworthiness, eligibility for insurance or suitability for employment.”

Other FCRA requirements include certifying that their clients obtain a signed release from the subject of an employment background check, provide the subject with a summary of their rights under the FCRA, allow the subject to dispute the results of their search and engage in the prescribed Adverse Action process if they choose not to hire the candidate based on the outcome of their background check.

It is clear from these actions that the FTC is aggressively enforcing their background screening guidelines and in my opinion, for good reason.  These laws are designed to project all of us: job candidates, employers and background background screening companies.  Abiding by these requirements is just good business.

I am not suggesting that the companies that received these letters have blatantly violated FCRA law (in bold for those who accuse us of capitalizing on negative industry information).  These could be technical violations or misconstrued information by the FTC.  However it is important for employers to properly vet their providers so that they don’t unknowingly violate these requirements.

For more information on how to select a qualified provider, check out the following video:

Nick Fishman
Follow Me

Nick Fishman

Nick Fishman is the co-founder of EmployeeScreenIQ, a leading, global employment background screening provider, and serves as the company’s executive vice president and chief marketing officer. He pioneered the creation of EmployeeScreen University, the #1 educational resource on employment background checks for human resources, security and risk management professionals. A recognized industry expert, Nick is a frequent author, presenter and contributor to the news media. Nick is also a licensed private investigator in the states of Ohio and Texas.
Nick Fishman
Follow Me
Tweet
Share
Email
Share