The law on the regulation of employee privacy is said to establish "an equitable balance between the interests of employees in protecting personal data and the legitimate interests of employers," according to a translation of a statement on the Federal Cabinet's website.
The law clarifies the questions that can be asked during a job application process. It is acceptable for an employer to request an applicant's name, address, telephone number and email address, according to the law; but certain internet searches are forbidden.
According to a translation of the draft law, employers may collect data in the public domain as a means of researching a job candidate, except where the legitimate interests of the employee in that data outweigh the legitimate interests of the employer.
It specifies that social networks that are used for electronic communication may not be used for research, except for social networks that exist to represent the professional qualifications of their members.
Official guidance that accompanies the law cites Facebook as an example of a service used for communication, which must not form part of a "private fishing expedition" and LinkedIn as a service used to represent professional qualifications which can be explored.
The bill also regulates phone, email, internet and video surveillance in the private sector.
Googling job applicants: the UK position
Kirsty Ayre, a partner in the employment law team of Pinsent Masons, the law firm behind OUT-LAW.COM, said UK law is more tolerant of online research.
"I know a lot of employers will put an applicant's name into Google to see what comes up, and nothing in UK law prevents that," she said. "In terms of how employers use the information they find, they have to be conscious of a person's rights, particularly under the Data Protection Act."
"The safest approach is to make it clear at the outset of the recruitment process that you're going to conduct internet research," she said.
An Employment Practices Code (91-page / 1.2MB PDF) published by the Information Commissioner's Office says that during a recruitment process, employers should: "Explain the nature of and sources from which information might be obtained about the applicant in addition to the information supplied directly by the applicant."
The Code, which exists to aid compliance with the Data Protection Act, also says that employers should: "Ensure there is a clear statement on the application form or surrounding documents, explaining what information will be sought and from whom."
Louise Townsend, a data protection specialist with Pinsent Masons, said this means telling people about any non-obvious research that you intend to conduct. Looking at someone's Facebook profile might be considered non-obvious, she said.
"In time, it may be the position that it's obvious that people will be researched online when they apply for a job. Right now, though, it would help if you told people that you're going to do it, otherwise people might say it's an unwarranted intrusion into their personal privacy."
"I don't think there's a problem with professional searches like LinkedIn, because that's relevant to their employment," she said. "But using information from a personal page might be a step too far. That said, looking at information on a web page, without printing it off or forwarding it to anyone, is unlikely to amount to processing of personal data, and therefore it may not be caught by the Data Protection Act at all. That changes if you send the link to your colleagues."
Ayre said that employers must also take care to avoid using information in ways that might be discriminatory. An internet search could reveal a person's age or religion, for example, characteristics that are protected by anti-discrimination laws across the UK.