The Truth About Social Media Screening and GDPR:
One of the most common questions we get asked is how our searches comply with GDPR. In particular, there are always questions around privacy, data protection and social media screening. Our searches are fully compliant and are always updated to reflect any changes in regulations – but questions are always asked once social media is added to the checking process.
Here’s some common questions we get asked:
- Do you need consent under GDPR to run these checks?
- Are social media checks common practice?
- Can the candidate see their report?
- While I need to manage risk / comply with regulations, I don’t want to be intrusive…
Here’s a breakdown of current regulations, the risks of running checks internally and tips on how to stay compliant.
International Social Media Screening
Social media screening as part of background checking has existed in some form since the platforms began and recent studies suggest their deployment is only going to increase.
The US government introduced a new visa procedure in 2019 which demands foreign visitors applying for working visas to disclose their social media accounts on their applications. They see social media as a reliable and valuable way to review a person’s behaviours and attitudes, beyond just database or box-checking exercises.
The US has so far been at the forefront of driving social media background screening to becoming commonplace for high risk roles. Recently, the armed forces screened their troops ahead of the presidential inauguration and the Washington police chief is suggesting they do the same for their officers.
With the use of social media screening growing, the need for a consistent, regulated approach is obvious.
What are the data protection laws when it comes to social media?
Data protection laws are different all around the world, so the complexities change depending on the jurisdiction. The EU, for example, takes data protection very seriously and in 2018 brought in the GDPR.
We’re all familiar with the basic ins and outs of the GDPR by now and the hefty fines that can be given out for breaking these guides.
Specifically relating to social media, the GDPR states that employers should notify candidates before viewing their social media accounts unless they have a lawful basis for processing data – such as consent or legitimate interests. It goes on to state that employers should only take into account data that is relevant to the role.
As a third party background screening provider, at Neotas we have “legitimate interest” to perform these checks for business purposes, as requested by our clients. Our reports only include role-related risks and our policies are consistently updated to reflect changes in legislation.
Many data protection authorities have supplemented the GDPR guidance with additional advice in relation to social media screening. This can include:
- Screening to be conducted as late as possible in the recruitment process (to avoid the opportunities for human bias)
- Candidates should be made aware of any screening that will take place and how it will be conducted
- Only accessing publicly available information
- Screening levels being proportionate to the seniority of the role
The overall guidance here is clear:
- Only review relevant, role-related data
- Ensure that protected characteristics remain protected
- Only process data if you have a lawful basis for doing so
The Risks of Internal Social Media Screening
The risks that come with carrying out social media background checks in-house are significant. By combing through a candidate’s social media accounts, protected characteristics (such as race, sexuality, political stance) are unintentionally revealed to internal staff.
Whether intentional or not, it’s both illegal and unethical to make hiring decisions based on these characteristics. Internal staff are left exposed to potential accusations of unconscious or discriminatory bias, accusations that could prove costly in any legal proceedings. It would be difficult to legally argue that discriminatory bias hadn’t taken place if staff were exposed to personal data for potential new hires.
Using Third Party Background Screening Providers
Using a third party background screening provider is the best way to avoid these risks and the financial or reputational damage that can come with them.
While they may mean well, internal staff are less likely to be trained in data handling and may be less aware of the stringent GDPR practices that must be followed.
Third party providers like Neotas are externally audited, regulated by industry standards and often hold external certification to process sensitive data. At Neotas, we are:
Alongside the technical certifications, third party background screening providers are completely objective. Providers like Neotas have zero hidden agendas and we only ever present relevant, role-related risks in our reports. Our role is to demonstrate that the candidate meets the level of honesty and integrity expected of their new position.
Lastly, the technology used is cutting edge, capable of processing data at hugely efficient speeds. Our AI and machine learning technology processes vast quantities of data, highlighting potential risks before context is applied by objective human analysis. This way, protected characteristics remain protected and candidates need not worry about their new employer seeing old holiday photos.
You can find out more about pre employment social media screening, or online reputation screening here. Alternatively you can build a no-obligation quote using our brand new pricing tool.
Download our recent social media screening case study here:
Neotas Social Media Background Checks and Social Media Screening
At Neotas, We understand the importance of conducting thorough and compliant Social Media Screening Checks, and our team of experts is dedicated to ensuring that the process is safe and reliable. Receive accurate and up-to-date information while complying with all relevant regulations, including GDPR and FCRA. Our advanced OSINT technology and human intelligence allow us to uncover valuable insights that traditional checks may miss.
Schedule a call today! We highlight behavioural risks identified across social media profiles and the wider internet. Supplements the background screening process. Learn more about how we can help you conduct social media screening and background checks in a safe and compliant manner.
Related Content on Social Media Screening, Background Checks, and Social Media Background Check
- OSINT Background Check | What Makes Neotas Different?
- Social Media Background Checks For Education Industry
- Social Media Check For Teachers
- Social Media check for Lawyers and other legal professionals
- Social Media Check for doctors and healthcare specialists
- Social Media Check for Police Officers
- How Social Media Screening Benefits Our Clients
- AI-Based Social Media Checks Without Human Intervention
- Avoid the cost of a bad hire with online reputation screening
- The Truth About Social Media Screening And GDPR
- How GDPR and FCRA Apply to Social Media Background Checks — The Do’s and Don’ts of Social Media Background Checks for Employers
- Regulatory Compliance in Digital Screening: International view of the emerging Challenges and Opportunities
- Social Media Screening Webinar — Vero Screening X Neotas
- Neotas Online & Social Media Screening Video
- Pre-Employment Background Checks and Social Media Screening – What NOT To Do
- Online Reputation Screening Uncovers Piracy & Data Leak History For Candidate
- Pre Employment Social Media Screening Helps Firm Avoid Abusive Hiring Candidate
