UK Home >  OUT-LAW News >  OUT-LAW Radio >  OUT-LAW Radio archive 2008

Crooked worker database could land employers in trouble

OUT-LAW Radio, 19/06/2008

We investigate a new database of dishonest workers, and the pitfalls that could lie in wait for participating employers

A text transcription follows.

This transcript is for anyone with a hearing impairment or who for any other reason cannot listen to the MP3 audio file.

The following is the text spoken by OUT-LAW journalist Matthew Magee.

Hello and welcome to OUT LAW radio, the weekly podcast that keeps you up to date on all the twists and turns in the world of technology law.

Every week we bring you the latest news and in depth features that help you to make sense of the ever changing laws that govern technology today.

My name is Matthew Magee, and this week we investigate a proposed database for fingering dishonest employees that could land everyone involved in trouble.

But first, the news:

News agency claims bloggers violate copyright

and

Pentagon hacker asks Lords to hold his extradition.

A major news agency has claimed that a blog's quotation of its stories is copyright infringement and has demanded they be taken down in a case which could redraw the lines of acceptable blog behaviour.
The writer behind the blog has told OUT LAW that if Associated Press continues its case it will be taking on the entire blogosphere. "Linking to news articles with short excerpts is common practice throughout the web, both on individual blogs and on social news sites," said Rogers Cadenhead, who is behind the blog Drudge Retort. "If AP intends to fight this one out, it'll be the case of AP v. Everybody" he said.

AP has issued Drudge Retort with seven take down notices under the US's Digital Millennium Copyright Act.
Though a spokesman for AP has told The New York Times that the news wire is rethinking its position Cadenhead said that the notices have not actually been retracted.

Pentagon hacker Gary McKinnon has asked the Law Lords to halt his extradition to the US because US prosecutors abused the legal process by engaging in plea bargaining.

McKinnon's lawyer, David Pannick QC, told the Lords hearing that prosecutors had said he faced eight to ten years in jail if he contested the charges, but a sentence of only 37 to 46 months if he co operated.

He also said McKinnon was threatened with terrorism charges that carry potential 60 year jail terms.
Lawyers for the Home Office, arguing for extradition, said that no threats were issued by US authorities, and that the extradition should be allowed to go ahead.

The Law Lords can block the extradition if they find that there has been an abuse of process. A ruling is not expected for a further three weeks.

That was this week's OUT LAW news.

The retail industry puts its losses from staff theft and dishonesty at a staggering £350 million a year, yet the industry says it often has no way of tracking who is responsible.

People who leave a company under investigation for wrongdoing or even those dismissed for dishonesty just disappear, they say, popping up in another job where they might repeat their bad behaviour.

So industry body Action Against Business Crime decided to do something about it. It's created a National Staff Dismissal Register, a database on which companies can list staff they think are dishonest, and which future employers can check.

But has it thought the plan through? Is there enough protection for employees, who might face wrongful accusations that they never even know about? And could employers and the AABC itself eventually face damaging defamation lawsuits over false entries?

AABC Chief Executive Mike Schuck said that the organisation has been careful to work with the Information Commissioner's office to ensure that the rights of people on the database are respected.

Mike Schuck: We have designed the system with the help of the Information Commissioner to ensure that the eight Data Protection Principles are maintained and that subjects' rights are protected on the database and on the information that will go on to it. That the database complies with the Data Protection Act; it complies with the Data Protection principles; it will be operated in compliance with those principles.

Data protection law expert William Malcolm of Pinsent Masons, the law firm behind OUT LAW, said that companies thinking about contributing to the database must make sure that any information they post is properly treated.

William Malcolm: With any sharing of data of this type one has to be clear about the grounds on which it is being shared so anyone contributing data to such a database would be well advised to make sure that they have evidence of wrongdoing and that they have an appropriate internal sign on procedure before contributing data to the database. There are various exemptions under the Data Protection Act which do allow sharing of data for the prevention and protection of crime but one has to be satisfied that that is the reason for the sharing. You know the key concerns are ones of the evidence, ones of proportionality and ones of process and making sure that all these things are kept in place.

Schuck outlined the processes that are in place to try to reduce the risk of malicious use.

Mike Schuck: Any company that wants to join the database or become a member will be vetted and we'll vet them to find out what their employment policies are, how they operate and to ensure that they can comply with the Employment Practices Code issued by the Information Commission, that they comply with the Data Protection Act and it's only at that stage, once we're satisfied that they can operate within those guidelines and within those restrictions, that they will be permitted to join the National Staff Dismissal Register.

Nonetheless this is a self regulatory system, relying on its members and their employees to be honest. Pinsent Masons' employment law expert Charles Rae says this is inherently risky. One abusive entry and a person could find themselves unable to earn a living, a pretty serious consequence.

Charles Rae: There's a real risk that this register could be open to abuse. I think a serious fear is that employees could have their future employment prospects severely damaged by an employer who may put them on this register perhaps without that being justified or even where, for instance, they may bear a grudge against that employee or falsely accuse them of something; and you know the risk there is that individuals are potentially going to be treated as if they're criminals even though say the police have never been contacted, no conviction has ever been brought about. And you know an employee could see this as a serious infringement of their ability to get future work.

Union body the Trades Union Congress told us that it had serious concerns about the database. It said that the Criminal Records Bureau existed to provide protection for employers and that the danger of the new database is that employees might never know they are even on it.

Malcolm advises any company considering participation to be open and transparent, and to consult the UK's privacy regulator, the Information Commissioner.

William Malcolm: I think that the guiding principle of a database of this nature should be one of openness and transparency. At the end of the day if people have been engaged in some form of business crime and there is evidence to suggest that that's the case and you have strong evidence and that's been appropriately reviewed by someone internally, I can see no, you know, reason why a business wouldn't want to be open about what it's doing and its involvement in such a register. So I think businesses that participate in such a scheme should be able to justify their position to employees, to the employee base, to the wider world and certainly to the UK Information Commissioner.

The problems are not just for wronged ex employees, though. If a malicious entry is put in on behalf of a company, that company could be on the hook. A defamation claim could reach not just to the individual poster and their employer, but to the AABC itself. Rae explains.

Charles Rae: Aggrieved employees may seek to take legal redress against an employer such as for example a claim for defamation if ultimately the employee believes that the placing on the register of the specific details are defamatory. By the employer placing the data on to the database in the first place that they could find themselves liable for any offence that is committed by doing that. And it's certainly the case that the people running the register may also be finding themselves liable by allowing people to access that information which means that they are, in their own way, processing it and passing it on.

The AABC says it is relying on not being the publisher of the information. Whether this will work will depend on whether it checks or verifies data: the more pre publishing action it takes, the more liable it is. Schuck admits, though, that it has not fully investigated the issue.

Mike Schuck: We're not putting the false information on there. We are relying on the data control of the company that dismissed us to provide that information. We will take steps to ensure that data is correct if we are approached by that person to say this data is incorrect then we will speak to the company that put it on. If necessary we will remove the data ourselves.

Matthew Magee: I understand you're not the one who's putting it on but you know in legal terms that's not the only criterion that's used. I mean do you - is it your legal advice that you have any liability at all?

Mike Schuck: I think that that has probably not been fully explored at the moment. We're going to have to examine that particular aspect.

The AABC claims to have unnamed major retailers signed up for the system, but Rae believes the self regulation on which it relies could leave employees and employers vulnerable.

Charles Rae: One of the problems of the list is that employers are reliant on other employers putting people on the register in good faith and on the basis that there are good reasons for doing so. And what employers are going to have to run the risk of is that there is information on that register that they may rely on but they simply can't check. It's simply isn't clear that there's any way of a future employer being able to vet whether there's any merit behind an individual being put on the register. Which really highlights what I think is one of the potentially huge injustices to individuals here is that, you know, they have little power.

That's all we have time for this week, thanks for listening.

Why not get in touch with OUT-LAW Radio? Do you know of a technology law story? We'd love to hear from you on radio@out-law.com.
OUT-LAW Radio is taking another short break but make sure you tune in next time; for now, goodbye.
OUT-LAW Radio was produced and presented by Matthew Magee for international law firm Pinsent Masons.

OUT-LAW Recommends

This week's podcast
Bribery law extended

Advert: Pinsent Masons works with forensic accountants to help you to manage the costs of litigation. Our approach is called Reaching Solutions.
OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility Logon
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.