by Thomas C. Lawson, CFE, CII
Many background-check platforms are web-based and the amount of interactivity required by the end user during the screening process can vary significantly between vendors.
Higher-standard employment screening firms opt to process the work in the middle. You enter the information at the beginning and then log on to retrieve the completed report typically prompted by an e-mail or text.
The recent movement in the screening industry to eliminate paper entirely in the screening industry is dangerous to the end-user and to the consumers upon whom the background checks are being run.
The paperless push requires the applicant to electronically sign (eSign) all background check consent forms online to integrate the consent and screening process into one of the many web-based applicant -tracking systems (ATS) available to the HR community.
The perceived benefit to human resource departments is the savings in labor costs for large, high-volume hiring environments as well as the ability to outsource more HR functions.
In reality, the labor savings and efficiencies are significantly precluded by the legal risk associated with automated processing if recent case law and the increase in Plaintiff attorney actions against the background screening end-users and providers, alike are any indication. Not to mention under the letter of the law, under the FCRA, etc. anything other than a written consent is illegal.
According to the Fair Credit Reporting Act (FCRA Sec. 604, a2) and in California, the Investigative Consumer Reporting Agencies Act (ICRAA), as well as the statutes that govern background checks (consumer reporting) in most states unanimously call for consent to be based upon the “consumer’s written authorization.”
Nowhere does it say, “upon the consumer’s electronic authorization” or, “consent may be conveyed via eSignature.”
They all say that a background check may only be obtained only by a consumer’s written authorization. Under the law that means that an applicant must sign an appropriate consent form with a “live,” “holographic,” or “wet” signature.
The reasoning behind this is simple: When a person electronically consents, there is no way to prove that the person upon whose signature appears electronically is actually the person who issued the electronic consent.
The extremely weak defense under the Electronic Signatures Act of 2001, or the eSign Act, and the Uniform Electronic Transactions Act (UETA) is that one can attempt to prove that the Consumer intended to sign it based loosely on the surrounding actions of applying for a job.
That means that Billy Bob could have consented to John Smith’s background check, while Billy Bob was applying for a job under John Smith’s name as part of Billy Bob’s identity theft strategy.
In essence, with no way to absolutely confirm that a given person consented to a given background check, every time you accept an electronically signed consent, you are risking that a consumer’s identity may be under threat from an identity thief. You can’t know otherwise without comparing signatures.
There are those who argue that the eSign Act and UETA alleviate the need for a wet signature. But in both of these laws, which were essentially developed in an effort to stimulate internet commerce, there is a little attended-to component that subjects the laws to other statutes which may have overriding determinants as to the importance of live signatures versus esignatures. (res adjuicata).
What that means is that the eSign Act subordinates itself to laws like the FCRA and the ICRAA, etc. where the superseding statute specifically identifies the need for a given requirement, such as the FCRA’s and the ICRAA’s call for a consumer’s “written” authorization.
In defense of these statutes, the eSign act and UETA are terrific for contracts and transactions but not for consent. Mainly because the requirements to use esignatures for consent purposes are designed to be cumbersome in order to protect the consumer; as they should be when dealing with such sensitive issues and where such a consent triggers so many activities that if used outside the scope and context of their intended purpose could have dire consequences to the consumer.
It is also important to understand that the requirements for even using esignatures for contracts are rigorous and most of the requirements are so onerous that getting a wet signature just ends up being a whole lot easier.
Evidence of this is most telling is the escrow setting where all of the electronically signed documents that occur at the outset of a real estate transaction are cleaned-up during the final escrow process by getting live signatures on the documents authorizing various consents in the process of buying the real estate and qualifying for a mortgage.
Signatures are gathered at the close of escrow mainly to eliminate the eSign Act and UETA requirement that a consumer using electronic consent at any time may withdraw that consent, which can prove troublesome.
Now even if your background check provider in its haste to get the latest technology to you complies with all of the eSign Act and UETA requirements, the law clearly states that anything other than a written authorization is illegal.
Simply put, if you rely on electronic consents to authorize your background checks you run the risk of successful Plaintiff actions against you and the company for violation of the written consent rule no matter how aggressively your provider wants to assert that an electronic consent is valid. It isn’t and the law is very clear on the subject.
Any number of Plaintiff’s attorneys out there will gladly prove that to you and sue the employer for violation of the FCRA and ICRAA law specifically with respect to a written signature on a background consent form.
They call that area of practice “unauthorized access” and those cases are very common evidenced by the now famous case of 1400 Plaintiffs versus First Student (et al.) http://www.ssrplaw.com/lawyer-attorney-1314705.html
The Consumer Attorney’s (Plaintiff’s) Bar aggressively pursues these cases mainly because they are winners since there is no actual way to prove that a person gave their consent to perform a background check via an electronic consent.
Additionally, and even if electronic consents for background checks for employment purposes were legal, the prove-up for Defendant compliance usually favors the Plaintiff because there are so many things that can go wrong in the esignature compliance process no matter how compliance-minded an employment screening provider is.
The burden of proof is on the employer in this case, not the applicant, and any good defense lawyer will tell you that when the burden of proof is on you, the potential for defeat is exponentially greater because proof is subjective especially when you are dealing with potentially 12 different personalities on a jury.
You may want to re-think your paperless consent strategy and opt for the legal method of gaining written consent to run your background checks because the paperless process is just too legally risky.
Until legislation is introduced that supersedes the written consent requirement under the applicable laws, it is crystal clear that the law requires you get a consumer’s live signature in order to run a background check no matter what the proponents of using the eSign Act and UETA assert.
Find out more about our employment screening services here