Feeds

Retailers risk libel nightmare over 'no-work' database

A nation of suspicious shopkeepers

Top three mobile application threats

Shop staff who have been sacked or resigned while under suspicion of dodgy behaviour could soon struggle to find work, as some of the UK's top retailers are set to share information online about their employment history.

But today a leading libel lawyer warned that the scheme to disseminate unproven allegations could prompt a flood of defamation claims against businesses.

The National Staff Dismissal Register (NSDR) is set to go live later this month. It's being launched by Action Against Business Crime (AABC), a joint "crime reduction partnership" set up by the British Retail Consortium and the Home Office. AABC claims dishonest staff cost shops an average of £497m annually.

Major retail employers including Selfridges, Harrods, Reed Managed Services and HMV have signed up to populate the register with data. Personal information, including photographs, will be held for three years, or five years in "special circumstances".

AABC believes the threat against future job prospects will discourage dishonesty, and save money on internal investigations.

The NSDR's definitions of dishonesty are broad. To be included in the database, a worker need only to have left a job while under mere suspicion of:

  • Theft or attempted theft of money, merchandise or property from the company, its suppliers, staff or customers
  • Falsification or forgery of documents
  • Fraudulent acts resulting in the obtaining or intention of obtaining money, assets, services or information which would otherwise be denied
  • Causing a loss to the company or another party (e.g. Supplier)
  • Causing damage to company property.

Operation of the NSDR has been outsourced to Hicom Business Solutions, a Surrey IT consultancy. It will offer a website where human resources departments can check on past allegations against job applicants. AABC emphasises that SSL encryption will be used as a security measure.

Despite the Home Office's partnership in AABC, a spokeswoman denied any involvement by the department and refused to comment on the database. "It's nothing to do with us," she said.

A spokeswoman for the Information Commissioner's Office said companies will not be allowed to use an entry on the register as the sole reason to deny a job applicant employment. The Data Protection Act insists that people are told when they are added to the database, told when their entry is accessed, and gives them rights to correct any inaccuracies. Hicom has worked closely with data protection officials to ensure compliance, she said.

The regulations mean that only allegations made after the NSDR goes live can be included.

Libel lawyer Razi Mireskandari, a partner at London firm Simons Muirhead and Burton*, warned that employers who record their suspicions on the database could easily face claims for defamation. Even if the allegation is not accessed by other firms, a case could be made, he said.

Mireskandari cautioned: "Frankly, if I have CCTV showing someone stealing from the cash register, then I'm confident I can sack that person, but I wouldn't want to share that information. It's a real risk."

He argued that the ICO assurances mean nothing in respect to the likelihood of libel actions: "Data protection is totally separate from defamation."

He said one likely strategy for aggreived workers' lawyers would be to attack Hicom's ISP with a defamation claim, to have the NSDR taken offline.

Unions and civil liberties groups have expressed outrage at the scheme. It's seen as a commercial version of a Criminal Records Bureau check, except the records will be made without the involvement of law enforcement or the courts.

TUC general secretary Brendan Barber said in a statement: "While criminal activity in the workplace can never be condoned, the TUC is concerned that this register could lead to people being excluded from the job market by an employer who falsely accuses them of misconduct or sacks them because they bear them a grudge. An individual may not be aware they have been listed and have no right of appeal.

"The Criminal Records Bureau was set up to assist employers to make safe appointments when recruiting staff to work with vulnerable groups and already provides appropriately targeted and effectively regulated protection for employers."

AABC chief executive Mike Schuck emphasised that the database would not be used on all applicants. "This is not just about running people through a database," he said. "It' will be at the final stage of the recruitment process and it cannot be the decisive data. As an employer you're going to use it selectively." ®

*Disclosure: Mireskandari is retained by The Register.

Combat fraud and increase customer satisfaction

More from The Register

next story
EU: Let's cost financial traders $400m a day, because EVIL BANKERS. Right?
Wait 'til this one hits your pension fund where it hurts
Systems meltdown plunges US immigration courts into pen-and-paper stone age
Massive outage could last four weeks, sources claim
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
US Supreme Court supremo rakes Aereo lawman in oral arguments
Antenna-array content streamers: 'Ruling against us could dissipate the cloud'
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.