Feeds

Retailers risk libel nightmare over 'no-work' database

A nation of suspicious shopkeepers

High performance access to file storage

Shop staff who have been sacked or resigned while under suspicion of dodgy behaviour could soon struggle to find work, as some of the UK's top retailers are set to share information online about their employment history.

But today a leading libel lawyer warned that the scheme to disseminate unproven allegations could prompt a flood of defamation claims against businesses.

The National Staff Dismissal Register (NSDR) is set to go live later this month. It's being launched by Action Against Business Crime (AABC), a joint "crime reduction partnership" set up by the British Retail Consortium and the Home Office. AABC claims dishonest staff cost shops an average of £497m annually.

Major retail employers including Selfridges, Harrods, Reed Managed Services and HMV have signed up to populate the register with data. Personal information, including photographs, will be held for three years, or five years in "special circumstances".

AABC believes the threat against future job prospects will discourage dishonesty, and save money on internal investigations.

The NSDR's definitions of dishonesty are broad. To be included in the database, a worker need only to have left a job while under mere suspicion of:

  • Theft or attempted theft of money, merchandise or property from the company, its suppliers, staff or customers
  • Falsification or forgery of documents
  • Fraudulent acts resulting in the obtaining or intention of obtaining money, assets, services or information which would otherwise be denied
  • Causing a loss to the company or another party (e.g. Supplier)
  • Causing damage to company property.

Operation of the NSDR has been outsourced to Hicom Business Solutions, a Surrey IT consultancy. It will offer a website where human resources departments can check on past allegations against job applicants. AABC emphasises that SSL encryption will be used as a security measure.

Despite the Home Office's partnership in AABC, a spokeswoman denied any involvement by the department and refused to comment on the database. "It's nothing to do with us," she said.

A spokeswoman for the Information Commissioner's Office said companies will not be allowed to use an entry on the register as the sole reason to deny a job applicant employment. The Data Protection Act insists that people are told when they are added to the database, told when their entry is accessed, and gives them rights to correct any inaccuracies. Hicom has worked closely with data protection officials to ensure compliance, she said.

The regulations mean that only allegations made after the NSDR goes live can be included.

Libel lawyer Razi Mireskandari, a partner at London firm Simons Muirhead and Burton*, warned that employers who record their suspicions on the database could easily face claims for defamation. Even if the allegation is not accessed by other firms, a case could be made, he said.

Mireskandari cautioned: "Frankly, if I have CCTV showing someone stealing from the cash register, then I'm confident I can sack that person, but I wouldn't want to share that information. It's a real risk."

He argued that the ICO assurances mean nothing in respect to the likelihood of libel actions: "Data protection is totally separate from defamation."

He said one likely strategy for aggreived workers' lawyers would be to attack Hicom's ISP with a defamation claim, to have the NSDR taken offline.

Unions and civil liberties groups have expressed outrage at the scheme. It's seen as a commercial version of a Criminal Records Bureau check, except the records will be made without the involvement of law enforcement or the courts.

TUC general secretary Brendan Barber said in a statement: "While criminal activity in the workplace can never be condoned, the TUC is concerned that this register could lead to people being excluded from the job market by an employer who falsely accuses them of misconduct or sacks them because they bear them a grudge. An individual may not be aware they have been listed and have no right of appeal.

"The Criminal Records Bureau was set up to assist employers to make safe appointments when recruiting staff to work with vulnerable groups and already provides appropriately targeted and effectively regulated protection for employers."

AABC chief executive Mike Schuck emphasised that the database would not be used on all applicants. "This is not just about running people through a database," he said. "It' will be at the final stage of the recruitment process and it cannot be the decisive data. As an employer you're going to use it selectively." ®

*Disclosure: Mireskandari is retained by The Register.

3 Big data security analytics techniques

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.