Retailers risk libel nightmare over 'no-work' database
A nation of suspicious shopkeepers
Shop staff who have been sacked or resigned while under suspicion of dodgy behaviour could soon struggle to find work, as some of the UK's top retailers are set to share information online about their employment history.
But today a leading libel lawyer warned that the scheme to disseminate unproven allegations could prompt a flood of defamation claims against businesses.
The National Staff Dismissal Register (NSDR) is set to go live later this month. It's being launched by Action Against Business Crime (AABC), a joint "crime reduction partnership" set up by the British Retail Consortium and the Home Office. AABC claims dishonest staff cost shops an average of £497m annually.
Major retail employers including Selfridges, Harrods, Reed Managed Services and HMV have signed up to populate the register with data. Personal information, including photographs, will be held for three years, or five years in "special circumstances".
AABC believes the threat against future job prospects will discourage dishonesty, and save money on internal investigations.
The NSDR's definitions of dishonesty are broad. To be included in the database, a worker need only to have left a job while under mere suspicion of:
- Theft or attempted theft of money, merchandise or property from the company, its suppliers, staff or customers
- Falsification or forgery of documents
- Fraudulent acts resulting in the obtaining or intention of obtaining money, assets, services or information which would otherwise be denied
- Causing a loss to the company or another party (e.g. Supplier)
- Causing damage to company property.
Operation of the NSDR has been outsourced to Hicom Business Solutions, a Surrey IT consultancy. It will offer a website where human resources departments can check on past allegations against job applicants. AABC emphasises that SSL encryption will be used as a security measure.
Despite the Home Office's partnership in AABC, a spokeswoman denied any involvement by the department and refused to comment on the database. "It's nothing to do with us," she said.
A spokeswoman for the Information Commissioner's Office said companies will not be allowed to use an entry on the register as the sole reason to deny a job applicant employment. The Data Protection Act insists that people are told when they are added to the database, told when their entry is accessed, and gives them rights to correct any inaccuracies. Hicom has worked closely with data protection officials to ensure compliance, she said.
The regulations mean that only allegations made after the NSDR goes live can be included.
Libel lawyer Razi Mireskandari, a partner at London firm Simons Muirhead and Burton*, warned that employers who record their suspicions on the database could easily face claims for defamation. Even if the allegation is not accessed by other firms, a case could be made, he said.
Mireskandari cautioned: "Frankly, if I have CCTV showing someone stealing from the cash register, then I'm confident I can sack that person, but I wouldn't want to share that information. It's a real risk."
He argued that the ICO assurances mean nothing in respect to the likelihood of libel actions: "Data protection is totally separate from defamation."
He said one likely strategy for aggreived workers' lawyers would be to attack Hicom's ISP with a defamation claim, to have the NSDR taken offline.
Unions and civil liberties groups have expressed outrage at the scheme. It's seen as a commercial version of a Criminal Records Bureau check, except the records will be made without the involvement of law enforcement or the courts.
TUC general secretary Brendan Barber said in a statement: "While criminal activity in the workplace can never be condoned, the TUC is concerned that this register could lead to people being excluded from the job market by an employer who falsely accuses them of misconduct or sacks them because they bear them a grudge. An individual may not be aware they have been listed and have no right of appeal.
"The Criminal Records Bureau was set up to assist employers to make safe appointments when recruiting staff to work with vulnerable groups and already provides appropriately targeted and effectively regulated protection for employers."
AABC chief executive Mike Schuck emphasised that the database would not be used on all applicants. "This is not just about running people through a database," he said. "It' will be at the final stage of the recruitment process and it cannot be the decisive data. As an employer you're going to use it selectively." ®
*Disclosure: Mireskandari is retained by The Register.
Sponsored: 2016 Cyberthreat defense report