October 26, 2024 at 01:59AM
The US Consumer Financial Protection Bureau has issued guidance emphasizing that third-party workforce reports must comply with the Fair Credit Reporting Act’s consent and transparency requirements. Concerns include unchecked surveillance and algorithmic decision-making in employment, necessitating employee consent and accuracy corrections for data used in adverse employment decisions.
**Meeting Takeaways:**
1. **CFPB Guidance Publication**: The US Consumer Financial Protection Bureau (CFPB) issued guidance emphasizing that third-party reports on workers must adhere to the Fair Credit Reporting Act (FCRA) consent and transparency requirements.
2. **FCRA Overview**: Enacted in 1970, the FCRA ensures the accuracy, fairness, and privacy of information in consumer reports, including those used in employment decisions.
3. **CFPB Concerns**: There is growing apprehension regarding companies potentially using undisclosed third-party surveillance or algorithmically generated scores to make adverse employment decisions, such as dismissals.
4. **Director’s Statement**: CFPB director Rohit Chopra highlighted the risk of unchecked surveillance and algorithmic impacts on worker careers, reinforcing that consumer protections extend to new domains like employment.
5. **Workplace Surveillance Issues**: Rising concerns about surveillance and algorithmic decision-making stem from advancements in technology, including machine learning, remote work management, and data analytics.
6. **Focus Areas**: The CFPB is directing attention towards issues such as:
– Consumer reports predicting worker behavior (e.g., union involvement).
– Automatic job assignments based on performance metrics.
– Disciplinary actions carried out without human oversight.
– Evaluation of social media usage during employment assessments.
7. **Public Remarks**: Chopra voiced concerns regarding background information usage in hiring and promotions, particularly about privacy risks linked to worker data being converted into scores by opaque algorithms.
8. **Types of Monitored Data**: Employers are increasingly using third-party services to track worker activities, including:
– Monitoring sales interactions.
– Tracking driving habits.
– Measuring task completion time.
– Capturing message counts and meeting durations.
– Analyzing web browsing and keystroke frequency.
9. **Legal Requirements for Employers**: Companies utilizing third-party collected data must:
– Obtain employee consent.
– Provide detailed disclosures on data used for employment decisions.
– Correct any inaccuracies in disputed data.
– Use data solely for permissible purposes defined under the law, prohibiting the selling of information or using it for financial marketing to employees.
10. **Action Items for Compliance**: Businesses should review their data collection and reporting practices to ensure compliance with the FCRA, prioritize transparency, and protect employee privacy.