Background check

Blitz_Noobz

I work with an American vendor organisation (new to Ireland) that does some work for another well-known IT company. For the purpose of this thread, I will refer to this IT company as “Company Xâ€. I have been working with the vendor for some time now and recently all employees were informed that we are subject to a background check as requested by the Company X. Little detail was provided surrounding the scale of the check, but we were informed that our addresses and locations for the last 10 years would be required. The reason for this was due to systems access that are required to carry out our work. At this point I will stress that, I have no criminal history nor am I concerned with the results that this check would give.

My issues however are related to the timing, the business need and the legal principle surrounding the request. My fellow work mates were forwarded a link for a 3rd party US organisation that would be doing the background check which is all to be done online. This is another concern that I have related to the background request. So naturally I challenged the request, quoting online Irish sources where I informed my employers that I did not consent to the request. I highlighted that background checks like this are uncommon in the industry and quoted sections of the Data Protection Act, while also informing that my employee that the method for which data was being requested was inappropriate. My understanding is that a request like this would need to go through a process like the Garda vetting process.

I received a response that completely ignored legal concerns that I had. They suggested that they had checked with their legal representation in Ireland and that I would need to comply with the request if I want to continue working for Company X. I believe that this kind of request requires consent and waives my rights under the Data Protection Act. As the company I work for is new to Ireland, I suspect that they are not all that familiar with Irish law and aside of principle, my fear with complying is that this would set a precedence where my rights and the rights of my colleagues.

Before going down the road of getting legal advice, I would like to know if the organization has any legal right to conduct this check? Appreciate any advice or extra information that can be provided.

Victor

Blitz_Noobz wrote: »

They suggested that they had checked with their legal representation in Ireland

But what did the lawyers say? Ask for a copy of what they said.

Mrs OBumble

Have you completed Garda vetting lately? Do you realise it's all online too?

Blitz_Noobz

Mrs OBumble wrote: »

Have you completed Garda vetting lately? Do you realise it's all online too?

Let's just say the 3rd party site wasn't associated to the Garda at all. A colleague completed some of the steps that were being requested and the site isn't authorized to collect data based on our location.

davo10

You said the company you work for is new to Ireland, are you concerned that you therefore don't have the employee protection of the UDA?

Is this likely to develope into a "comply with our request or take a hike" situation?

Blitz_Noobz

Thanks. They were incredibly vague on this, which was surprising. And there was nothing in response to some of the legal concerns raised. No assurances provided whatsoever.

Probably a good idea that I follow up and request a statement of what their legal rep said.

Blitz_Noobz

davo10 wrote: »

You said the company you work for is new to Ireland, are you concerned that you therefore don't have the employee protection of the UDA?

Is this likely to develope into a "comply with our request or take a hike" situation?

Honestly, my concern is that they are not even aware of UDA. I get the impression that they aren't fully aware of Irish Employment law whatsoever.

From the response that I received, there is a sense that this is a "comply with our request or take a hike" kind of situation. They are playing middle man imo and they are claiming that this is a new policy that "Company X" are implementing.

davo10

Blitz_Noobz wrote: »

Honestly, my concern is that they are not even aware of UDA. I get the impression that they aren't fully aware of Irish Employment law whatsoever.

From the response that I received, there is a sense that this is a "comply with our request or take a hike" kind of situation. They are playing middle man imo and they are claiming that this is a new policy that "Company X" are implementing.

I think you should consider the UDA and whether it covers you personally. If it doesn't, then you can make a stand on principle but ultimately it could lead to you being managed out. Background checks may be more common than you think.

Are you an employee or a contractor, do you have 12 months service here in Ireland? I know these are not specifically related to your question regarding background checks, but you need to know if you are on solid ground before you refuse to comply, and consider the implications within your industry. A refusal to comply may lead others to think you have something to hide.

Blitz_Noobz

davo10 wrote: »

I think you should consider the UDA and whether it covers you personally. If it doesn't, then you can make a stand on principle but ultimately it could lead to you being managed out. Background checks may be more common than you think.

Are you an employee or a contractor, do you have 12 months service here in Ireland? I know these are not specifically related to your question regarding background checks, but you need to know if you are on solid ground before you refuse to comply, and consider the implications within your industry. A refusal to comply may lead others to think you have something to hide.

I'm an employee. I've actually worked for "company x" with other vendors. A request of this nature is the first that I have experienced. I'm following up with several contacts for other vendors to determine if this is a policy that they have been informed off or if this is specific to my particular role. I have no problem with complying, given that everything is done and above board. They provided a US site to gather the requested data but the site that wasn't authorized to collect data from Ireland. Where data is recorded, stored and used was also a concern raised. Was assured that the information would be "destroyed" however the lack of specifics is still a concern.

Avatar MIA

Blitz_Noobz wrote: »

I'm an employee. I've actually worked for "company x" with other vendors. A request of this nature is the first that I have experienced. I'm following up with several contacts for other vendors to determine if this is a policy that they have been informed off or if this is specific to my particular role. I have no problem with complying, given that everything is done and above board. They provided a US site to gather the requested data but the site that wasn't authorized to collect data from Ireland. Where data is recorded, stored and used was also a concern raised. Was assured that the information would be "destroyed" however the lack of specifics is still a concern.

I wonder if this is a requirement by an organisation your company is now working for i.e. a government.

It looks like it's not going to be your issue for long. Under the Irish law you are relying on this company can effectively let you go.

lifeandtimes

To be honest just logging onto a site and providing details to an unsecured webaite isn't very secure even for a background check so I don't see why the company are doing it this way,as anyone could lie

Coming to Ireland if you want employees working for you you would do a garda check which is the norm. Asking an employee to comply seems dodgy.

Get legal advice

Blitz_Noobz

Avatar MIA wrote: »

I wonder if this is a requirement by an organisation your company is now working for i.e. a government.

It looks like it's not going to be your issue for long. Under the Irish law you are relying on this company can effectively let you go.

Yes, they have stated that it's a requirement from the organisation my company works for. This is where things get grey and probably why my company are playing the middle man. So far, the only information related on the background check was on addresses that every employee have had for the last 10 years. I've been working with the company for more than a year. Can understand the change in policy but the timing around the ask is surprising.

Blitz_Noobz

lifeandtimes wrote: »

To be honest just logging onto a site and providing details to an unsecured webaite isn't very secure even for a background check so I don't see why the company are doing it this way,as anyone could lie

Coming to Ireland if you want employees working for you you would do a garda check which is the norm. Asking an employee to comply seems dodgy.

Get legal advice

Good point and I agree. Probably best going down the road of getting some proper legal advice.

screamer

TBH background checks in IT companies are the norm and required if the company has or is seeking ISO accreditation. If its in your contract that they require it then you'll have to do it. TBH sounds like its a comply or out scenario. If you're there less than a year they can just let you go with no comeback. So the better question here is do you want to keep your job or not...... for you to decide.

lifeandtimes

Blitz_Noobz wrote: »

Yes, they have stated that it's a requirement from the organisation my company works for. This is where things get grey and probably why my company are playing the middle man. So far, the only information related on the background check was on addresses that every employee have had for the last 10 years. I've been working with the company for more than a year. Can understand the change in policy but the timing around the ask is surprising.

This 10 years is a bit funny. A lot of peoppe move and will say here and there and won't have proof and even the people who have been in the same home for 10 years probably won't have proof for over 10 years.

How will they verify.

Seems like they are looking to stick their foot into a door of something further down the line and are checking who comply and who don't.

Is this perceived as a long term work relationship with company x?

Senna

I really don't understand the concern, background checks are common. There are a few Irish companies that specialise in them, working for numerous multi nationals and probably smaller ones too. They have no guard vetting or anything official like that.

I also don't understand why you thinking entering your information in this website is more dangerous than the millions of other websites people enter all their details in.

Victor

Senna wrote: »

I really don't understand the concern

As said earlier:

A colleague completed some of the steps that were being requested and the site isn't authorized to collect data based on our location.

lifeandtimes

Senna wrote: »

I also don't understand why you thinking entering your information in this website is more dangerous than the millions of other websites people enter all their details in.

Most sites need an ssl certificate and that's just for a website with a domain, websites then also need to follow geographical laws and op states this particulate website do not havet jurisdiction to collect data from users in ireland in a securr as per our data laws.