In the United States, recruiting with social media is commonplace. In fact, social sourcing is a common strategy among companies looking to find talent on sites like LinkedIn, Twitter, Facebook, Instagram and Snapchat. However, European countries are focused on protecting the privacy of its citizen when it comes to the internet, online data which includes social media and impacts employers as well as recruiters and hiring managers who are viewing social media profiles of job candidates.

European Employers Have New Privacy Regulations With Social Media

The European Commission which oversees data protection is committed to protecting the data and information of its citizens and members on the internet. Because people regularly disclose private and personal information on the internet including phone numbers, addresses, birth dates and personal photographs, the EU is focused on making individuals aware of any of data collection practices that are potentially happening to them. The EU refers to the people or bodies that collect and manage personal data are called “data controllers”.

If companies are using social media as part of their recruitment strategy in any of the 28 countries, the new guidelines suggest that employers begin notifying job candidates. Companies are asked to employ a “data protection officer” to help ensure compliance and process. Companies who fail place someone in the position and doesn’t follow recommended guidelines could face fines up to €20 million or $2.3 million.

What This Means for Social Recruiting

Europe, who has always had stricter standards when it comes to online privacy. In 2012 European courts upheld the Right to Be Forgotten which allows individuals to erase their online history in certain circumstances. The EU has taken their efforts even further with this requiring employers to notify job seekers prior to viewing their social media profiles which could drastically impact the use of social media in the hiring process. Because so much of social media recruiting happens as part of the sourcing process, I’m certain companies are scrambling to consider how to notify candidates prior to viewing their profiles. One possibility is to autogenerate a tweet or other social media communication once a candidate is found using a social sourcing tool like Entelo, Dice, SwoopTalent or EngageTalent prior to viewing their profiles.

For obvious reasons, social sourcing will have to change. I’m equally concerned with social profile viewing throughout the hiring process particularly by hiring managers who are creeping on candidates and don’t know any better. While that’s not an excuse, this is where the privacy officer will come in to play providing training, monitoring activities and setting up infrastructure to notify job seekers. A best practice, in my opinion, is to notify all job seekers via email on the possibility of viewing social profiles as soon as they apply for the job opening. While this doesn’t solve the social sourcing problem I mentioned above, companies could also notify a candidate when they visit the company career site via a popup or via a posted notice contained within the bio on a company’s social profiles.

The law really complicates matters as companies who are viewed as not in compliance will need to conduct social research to understand if the candidate viewed the notice when they followed social profiles. Social media investigations are common in HR and workplace investigations as the conversations and relationships extend beyond office walls into cyberspace. I recently interviewed social investigator, Eli Rosenblatt on the Workology Podcast on the subject of using social media in investigations. The technologies and tools they use to search the deep internet for social media posts and updates are really quite fascinating and also scary.

What the EU Social Protection Law Doesn’t Address

One area of concern comes from the form of independent recruiters who could be recruiting for the company using their personal profiles on behalf of an organization. You can see from the graphic above which comes from the 2016 Jobvite Recruiter Nation Study, that LinkedIn remains the most popular social network for U.S. based recruiters followed by Facebook. LinkedIn because it is a professional social network and offers a recruiting product will need to make some updates to their Recruiter and possibly the InMail process in order to help companies to stay in compliance. Independent recruiters who are recruiting on behalf of an organization as a third party could be required to disclose and fall under the responsibility of the data protection officer.

This EU social media privacy change doesn’t mean the end of recruiting, however, it does make the process more complex.The General Data Protection Regulation, which will oversee efforts will be established starting in May of 2018. If you, as a recruiter or company are recruiting internally particularly in Europe, these changes will apply to you, your hiring manager’s and your recruiting team. To learn more about EU’s data protection requirements and a company’s obligations, you can visit their website by clicking here.