Social Media Background Checks - GDPR And FCRA Implications


How GDPR and FCRA Apply to Social Media Background Checks – The Do’s and Don’ts of Social Media Background Checks for Employers

Social Media Background Checks

The widespread use of social media has led to an increasing trend among employers to conduct social media checks as part of their recruitment process. However, employers must be aware of the GDPR and FCRA implications of such checks, which set out strict rules for the processing of personal data, including data collected from social media checks. Employers must ensure that social media checks are conducted in a lawful, fair, and transparent manner and that the data collected is relevant, accurate, and necessary.

GDPR and FCRA implications of Social Media Background Checks

In today’s world, social media has become an integral part of our lives, and many of us use social media platforms to share personal information, opinions, and views. However, the widespread use of social media has led to an increasing trend among employers to conduct Social Media checks as part of their recruitment process.
While Social Media checks can help employers gather information about a candidate’s character, qualifications, and work history, it is essential to be aware of the General Data Protection Regulations (GDPR) and the Fair Credit Reporting Act (FCRA) implications of such checks. The GDPR and FCRA sets out strict rules for the processing of personal data, including data collected from Social Media checks.

Personal Data

Social Media checks involve an employer or other organization gathering information about a person from their social media profiles, which can include sensitive personal data. Firstly, it is important to understand what is meant by personal data. Personal data includes any information that can be used to identify a living individual, such as their name, address, email address, or even their IP address. Additionally, the GDPR also includes special categories of personal data, such as race, ethnicity, political opinions, religious beliefs, health data, and sexual orientation.

When conducting Social Media checks, employers are likely to gather personal data from a candidate’s social media profiles. This data could include their name, age, gender, location, employment history, education, and other personal information such as political views, religious beliefs, or health-related information.

Personal data must be processed lawfully, fairly, and transparently. This means that the person whose data is being processed must be aware of the processing and have given their consent for it to take place, or the processing must be necessary for a legitimate reason, such as for the employer to carry out their duties.


When it comes to Social Media checks, an employer must have a legitimate reason for conducting them. For example, an employer may want to verify a candidate’s work history, or assess their character or cultural fit. However, employers must ensure that the information gathered is relevant, accurate and not excessive. They must also inform job candidates that they plan to conduct social media checks and explain why they are necessary.

Data Integrity

Employers must ensure that they process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. Ensuring your supplier is accredited to standards e.g. ISO27001 and ISO27701 provides a good level of confidence.

Employers must keep personal data secure, only keep it for as long as necessary and not to use it for any purposes other than those for which it was collected. This means that employers cannot use Social Media checks to discriminate against candidates based on their race, gender, age, sexual orientation, or any other protected characteristic.

About Neotas Social Media Background Checks

At Neotas, We understand the importance of conducting thorough and compliant Social Media Screening Checks, and our team of experts is dedicated to ensuring that the process is safe and reliable. Receive accurate and up-to-date information while complying with all relevant regulations, including GDPR and FCRA. Our advanced OSINT technology and human intelligence allow us to uncover valuable insights that traditional checks may miss.

Contact us today to learn more about how we can help you conduct background checks in a safe and compliant manner.


Neotas Enhanced Due Diligence

Neotas Enhanced Due Diligence

The Neotas Platform is a world first. It enables the user to interrogate all available sources from traditional databases to the entire internet (not just the 4-6% of it by Google). The Platform intelligently uses its own investigative techniques, responds to information found and contextualises it for the user.

Read All Posts

Leave a Comment

Get The Latest Updates

Subscribe To Our Weekly Newsletter

No spam, notifications only about new products, updates.

Case Studies