GDPR – The General Data Protection Regulation – comes into effect in May 18, and will be replacing the Data Protection Act. For the recruitment industry, with its sometimes shaky reputation, this is great news!
GDPR will undeniably result in a fair bit of homework, as all firms who process personal data will need to review their procedures, and in particular look at data security and how they justify processing data. However, with the emphasis on consent, transparency and clear policies, ethical, quality-focussed recruiters can only benefit from GDPR.
The end of unethical recruitment?
GDPR has the potential to change the way the recruitment industry operates, and for the better. The new legislation demands separate consent for each action taken, which means candidates need to be consulted before a recruiter can send their CV to a client, even for a role they have applied for, and will also need separate consent to send them newsletters or share their personal details with anyone.
Good recruiters should already be doing this, but it has by no means been an industry standard. Whether you are a candidate, a client or another recruiter, we have all come across recruiters who scrape CVs from their database and share them without candidate permission. Often, it is the same recruiters who post ads for roles that don’t exist, don’t pass on feedback or follow up on conversations, or claim to represent companies they’ve never spoken to.
For these recruiters, GDPR will spell big changes.
Relationships built on trust
Whilst it might be too much to hope that bad practice will be entirely eliminated, there’s no doubt that GDPR provides a great opportunity for the industry to improve its reputation and create a better experience for candidates.
Aside from consent, the new legislation places greater demands on transparency. There will be no more hiding behind small print or pre-ticked boxes, and policies must be simple and easy to access. Candidates have a right to know what happens with their details, and to control what is done with it.
Good recruiters, who are able to demonstrate good practice, will be able to build stronger relationships, built on trust, with both clients and candidates.
Better service for clients
High ethical standards benefit clients too. They will be able to rely on high levels of data security and confidentiality, and B2B marketing emails must have a clear opt-out/unsubscribe function. GDPR won’t eliminate the unsolicited email, but it will encourage firms to create content that is of genuine interest.
GDPR also raises interesting questions around candidate ownership. Most recruitment firms will have a clause around candidate ownership in their terms, and clients have typically solved disputes between agencies by recognising the ownership of the first firm to submit a CV. This has arguably encouraged recruiters to send candidate CVs without consent in order to ward off the competition, and the current way of thinking rewards this practice.
However, under GDPR, a recruiter could not realistically claim ownership of a CV they did not have consent to send. Recruiters who uphold high ethical standards have often been at the losing end of this, but so, ultimately, have the clients, who often end up with CVs of candidates who have not been screened and who are potentially not interested in the role.
Overall, we are looking forward to GDPR. Although there is a lot of work to be done before May, we feel GDPR will be a great force for good in our industry.