EEOC Issues Guidelines Addressing the Use of Background Checks in Employment

The EEOC (the “Commission”) recently issued guidelines addressing the use of background checks in employment.  Generally speaking, a “background check” or “consumer report” is something that is obtained from a reporting agency and reflects a consumer’s credit, character, reputation, standing, lifestyle, or the like, and is used (in this context) for the purpose of determining employment eligibility (whether for hire, promotion, eligibility to work at a particular job site, etc.).  While the Commission had been focused on this issue to some extent since 2007, the new guidelines suggest that the EEOC plans to launch an aggressive enforcement campaign aimed at preventing perceived inherent disparate impact discrimination via the most common background check scenarios.

At the heart of the Commission’s guidelines and, indeed, currently the subject of legislative debates in many states, are “Ban the Box” recommendations.  The “Box” being referenced typically appears on an employment application as a Yes/No choice, seeking disclosure of any prior convictions or pending criminal charges.  The disclosure, if any, acts as a de facto bar to employment. The EEOC has now publicly expressed the presumption that any policy that mandates an adverse employment decision for any criminal history is inherently discriminatory.

EEOC guidance mandates what should be logical — any disclosure or “hit” on a background check should be considered on an individualized basis.  Factors the EEOC recommends considering include the nature and gravity of the offense, the age of the offense, and the nature of the job at issue.  Where an employer can point to a rational relationship between the job and the offense so as to justify disqualification from employment, the Commission will not likely find discrimination occurred.  The clearest example is disqualifying an applicant with a fraud conviction from work as a bank teller — a position in which the person would handle funds with little supervision and be responsible for reporting balances and the like.  Where businesses run in to trouble is in disqualifying applicants or employees based on a “zero tolerance” policy, or because the individual is guilty of crimes the employer finds inherently offensive, though they lack a rational relationship to the job duties at issue.  One of the most common examples is an employer’s policy of refusal to hire anyone found guilty of a “sex offense,” without further clarifying the meaning of that term.  That phrase can mean many things, including potentially having consensual sexual relations with someone just a few years younger than majority age (e.g., an 18-year old boy and a 17-year old girl in California).  Absent individualized inquiry and analysis, a blanket policy could result in unjust actions, whether putatively race-based or otherwise.

The federal Fair Credit Reporting Act (“FCRA”) further requires that detailed disclosures be given to employees before background checks are done, when any adverse action is contemplated, and again when an adverse action decision is finalized.  Separate disclosures are required if the background check will also include “interviews” (e.g., discussions with prior employers) in additional to database research.  The FCRA is very specific about the format of each of these notices. And nearly half of the United States have requirements that are stricter and even more specific than those set forth in the federal FCRA. Some even mandate particular type fonts. As with any procedural violation, class certification is often virtually guaranteed (given the absence of individualized treatment). Violations of the FCRA requirements, for example, can multiply at the rate of $100-$1000 per violation (e.g., per applicant or employee, for the entire statutory period).  It is common that businesses seldom complete all steps of the process correctly.

So, how does all this play out in the workplace?  Fixing the paperwork might be the easy part.  Most employers don’t want to spend the time or money going through individualized analyses, which the Commission says should include discussions with the subject individual to explore circumstances surrounding the offense at issue before a final decision is made.  “Zero tolerance” policies are certainly much easier (and more expedient) from an employer perspective, and companies often bank on the fact that applicants or employees with “dirty laundry” may be less likely to raise complaints about potentially unfair policies.  However, the Commission is empowered to pursue violations on behalf of an absent class — there does not have to be a proactive complainant.  At present, the EEOC is actively engaged in hundreds of claims involving alleged violations of applicant/employee rights associated with background check procedures, and we anticipate the recent Commission guidelines to encourage the plaintiffs’ bar to focus on this area of the law in the context of class actions.  In sum, this is a good time for businesses to take a fresh look at not just their paperwork, but in how they utilize the results of any consumer investigative report.

Editor’s note – Please see our other coverage of the EEOC’s guidance on use of background check’s here.

Are Partners Protected by the Provisions of FEHA and/or Title VII?

According to the California Court of Appeal, a partner in a partnership is protected under the provisions of the California Fair Employment Housing Act  (“FEHA”)  if the partner complains that the partnership is retaliating against the partner because the partner complained about unlawful discrimination or harassment by the partnership against employees of the partnership.  In Fitzsimons v. California Emergency Physicians Medical Group, the California Court of Appeal drew a distinction between a partner alleging discrimination, harassment or retaliation by the partnership against the partner versus the partner complaining that the partnership is retaliating against the partner because the partner complained about unlawful discrimination or harassment by the partnership against employees of the partnership. Say that again?

Here’s what happened in the Fitzsimons case.  The plaintiff (a woman partner in the medical practice) claimed that she was retaliated against for reporting that certain male officers and agents of the partnership had sexually harassed female employees.  So, the issue was not whether the plaintiff could sue the partnership for sexual harassment against herself as an employee, but whether plaintiff could sue the partnership as a non-employee based on retaliation for complaining that employees of the partnership were sexually harassed.  The Court held that under the FEHA, the partner can maintain such an action, even though the partner is not deemed an employee of the partnership.

The Court drew a distinction between the provisions of Title VII and the FEHA by highlighting that Title VII and the FEHA differ significantly.  The Court explained that Title VII prohibits employers from retaliating against employees or applicants for employment, whereas the FEHA prohibits employers from retaliating against any person who opposes or challenges unlawful employment practices, such as discrimination or harassment.  In Fitzsimons, the plaintiff was regarded  as “any person” who opposed harassment of female employees by the officers and agents of the partnership.

Moral of the story: just because a partner is not regarded as an employee of the partnership, the partner still can sue the partnership for retaliation under the FEHA.  The case is attached here: Fitzsimons v. California Emergency Physicians Medical Group.

Lawrence Del Rossi and Joshua Rinschler Publish Article on an ‘Awkward Theory’ of Personal Liability for Supervisory Employees Under the NJLAD

Associates Lawrence J. Del Rossi and Joshua D. Rinschler’s article, Aiding and Abetting Your Own Conduct – An ‘awkward theory’ of personal liability for supervisory employees under the N.J. Law Against Discrimination (NJLAD), was published in the July 16, 2012 edition of the New Jersey Law Journal.  Their article takes a look at what is becoming a common practice in wrongful discharge cases brought under the NJLAD where terminated employees are not only suing their employer, but also naming as an individual defendant the supervisor who made the decision to terminate.  Their complete article appears below.

Aiding and Abetting Your Own Conduct – New Jersey Law Journal – Larry Del Rossi and Joshua Rinschler – 7-16-12

 

 

Is Your Electronic Information Protected from Employees Under the CFAA? Maybe So, Maybe Not…

In WEC Carolina Energy Solutions LLC v. Miller, 2012 WL 3039213 (4th Cir) decided July 26, 2012, the Fourth Circuit sided with the Ninth Circuit in deciding that the Computer Fraud and Abuse Act (“CFAA”) does not apply to employees and former employees who were authorized to access the employer’s electronic information.  The decision stands in contrast to the position taken by the Seventh Circuit in Int’l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420–21 (7th Cir.2006).  The Fourth Circuit rejects the interpretation of the CFAA taken by the Seventh Circuit, which interprets the CFAA much more broadly.  The Seventh Circuit concludes that an employee’s misappropriation of electronic information from his employer is a breach of the employee’s duty of loyalty that immediately terminates his agency relationship and with it his authority to access the laptop, because the only basis of his authority had been that relationship.

WEC Carolina Energy Solutions Inc. argued that its former employee violated the CFAA’s ban on access “without authorization” by taking files from his work computer to a rival company.  The employer had argued in the District Court that by misappropriating the information, Miller voided his agreement with the company, and, therefore, he was no longer permitted to access his computer under the CFAA.  The District court rejected that interpretation of the CFAA and the Fourth Circuit affirmed.  In so ruling the Court “ adopt[s] a narrow reading of the terms “without authorization” and “exceeds authorized access” and hold[s] that they apply only when an individual accesses a computer without permission or obtains or alters information on a computer beyond that which he is authorized to access.”

The Fourth Circuit, like the Ninth and Seventh Circuits, found the crux of the issue presented to be “the scope of ‘without authorization’ and ‘exceeds authorized access,’” but the Fourth Circuit finds the Ninth Circuit argument in United States v. Nosal, 676 F.3d 854, 863 (9th Cir.2012) (en banc), the better interpretation of “authorization” as being “that an employee is authorized to access a computer when his employer approves or sanctions his admission to that computer.  Thus, he accesses a computer ‘without authorization’ when he gains admission to a computer without approval.  Similarly, we conclude that an employee ‘exceeds authorized access’ when he has approval to access a computer, but uses his access to obtain or alter information that falls outside the bounds of his approved access.  Notably, neither of these definitions extends to the improper use of information validly accessed.  (citations omitted.)”  Unlike the Ninth Circuit, however, which was willing to find that a CFAA violation could be established where an employee exceeded his authority under a company access policy, the Fourth Circuit ruling is even more restrictive than the Ninth Circuit’s view.  The Fourth Circuit “adopt[s] a narrow reading of the terms ‘without authorization’ and ‘exceeds authorized access’ and hold that they apply only when an individual accesses a computer without permission or obtains or alters information on a computer beyond that which he is authorized to access.”

Given that the CFAA has both criminal and civil liability the Fourth Circuit chose to strictly construe the language.  Even “under the Nosal panel’s approach, because [the employee] obtained information ‘in a manner’ that was not authorized (i.e., by downloading it to a personal computer), he nevertheless would be liable under the CFAA. See § 1030(a)(2)(C).  Believing that Congress did not clearly intend to criminalize such behavior, we decline to interpret ‘so’ as ‘in that manner.’”  The bottom line—the Fourth Circuit approach, “reject[s] an interpretation of the CFAA that imposes liability on employees who violate a use policy, choosing instead to limit such liability to individuals who access computers without authorization or who obtain or alter information beyond the bounds of their authorized access.”

While the lines of the split in Circuits has become more defined with WEC Carolina Energy Solutions LLC, predicting what the Supreme Court will do with that split is another story.  My money is on Judge Posner’s interpretation in International Airport Centers, partly because he is a brilliant jurist and I practice in the Seventh Circuit, but mostly because that is the interpretation that expands an employer’s arsenal of protections against cheating employees.  However, until the fat lady [U.S. Supreme Court] sings employers should continue to draft and implement a computer access and use policy for its employees that assumes that a well drafted policy violated by an employee can be enforced under the CFAA, so long as the employer can demonstrate $5,000 in damages to the employer resulted from the employee’s actions.

Cheryl Orr and Heather Sager Contribute Articles to The Recorder’s Special Issue on Privacy

Partners Cheryl Orr and Heather Sager contributed articles in today’s special section on Privacy in The Recorder.  Cheryl’s article, Employer’s BYOD dilemna, looks at the issues and approaches employers are taking as employees use dual devices, i.e. one device for both work and personal use.  Heather’s article, Why can’t we be ‘friends’?, looks at what companies need to know when drafting their social media policies.  Copies of both articles are available via this link.

New Jersey District Court Allows Plaintiff to Proceed to Trial on Claim of Unlawful Discharge, Dismisses Claims of Handicap and Discrimination

The New Jersey District Court in St. Cyr v. Brandywine Senior Living LLC, recently granted summary judgment to the employer dismissing the plaintiff’s causes of action for handicap and race discrimination, but allowed the plaintiff to go to trial on her claim that she was unlawfully discharged in violation of the FMLA in retaliation for asking for a medical leave of absence because she was fired only two days before the leave of absence was to begin.  In granting summary judgment on the claim of handicap discrimination, the court determined that the plaintiff, who suffered from arthritis, was not “handicapped” under the NJLAD because the condition, which  was alleviated with medication, did not interfere with her ability to perform her job, and because she never asked for an accommodation for the condition.  The court rejected her claim of race discrimination based on her admission that the only evidence implicating racial animus was the fact that she was fired for watching the BET Network on television during working hours.  The court noted that the plaintiff, who had previously been placed on probation for poor performance and was on final warning, was replaced by an African American employee and had failed to show the legitimate reason given for her discharge was pretextual.  Despite that finding, however, and despite the fact that the employer had granted the plaintiff’s request for a medical leave of absence, the court denied summary judgment on the claim of retaliatory discharge under the FMLA based only on the determination that the timing of the discharge – only two days before her FMLA leave was to begin – was “unusually suggestive” of retaliatory motivation.  The court did not explain how the timing could be suspect if that was when the plaintiff was found watching television instead of doing her job, and if there was no evidence that the proffered reason was pretextual.

©2025 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy