back to article Google G Suite spotted erecting stiff member vetting tool

Stung by phishing attacks aimed at G Suite users earlier this year, Google has armored its cloud with extra security layers. Following recent defenses against the dark arts – security key enforcement, app name vetting, and OAuth whitelisting – the Chocolate Factory has designed some interface signage to warn G Suite users not …

  1. Anonymous Coward
    Anonymous Coward

    From the Hire product page

    "Past candidates are the warmest leads for new positions, and every company has a treasure trove of talent in their candidate database..."

    Not if you're in Europe you bloody well shouldn't. Huge GDPR breach, right there. Candidate details should be expunged soon after the decision to not hire them has been taken, including all those little copies of their CV you've got lying around on your laptop from when you did the technical phone screen.

    1. Anonymous Coward
      Anonymous Coward

      @AC ...Re: From the Hire product page

      No, not all detail should be expunged.

      Suppose you apply for a position and are a finalist but there's a better candidate?

      By your reasoning, they should remove the data, right?

      However, you have two issues.

      1) The act of interviewing is information that is an interaction between the company and the candidate. therefore not just about the candidate. So you have the right to retain said interaction and in some cases must retain it for a period of time.

      2) Suppose there's another opening that the candidate would be a good fit. Do you want to force them to resubmit everything? Or not take advantage of information gathered from the process?

      3) Suppose the candidate raised some red flags. Therefore you would want to highlight those issues so that the candidate couldn't apply again and waste your time or actually get a job within your organization.

      Note: I said that it was required to retain... its possible that the company could get sued for discrimination or that a specific recruiter is discriminating against a certain pool of candidates. So you, the company, would be required to retain information about candidates for a certain period of time so that you can show no bias.

      Remember that the interview process is an interaction between two entities, so you, the company have certain rights to the data. I can see why GDPR is such a headache.

      1. Anonymous Coward
        Anonymous Coward

        Re: @AC ...From the Hire product page

        "so you, the company have certain rights to the data"

        No, you don't. You, the company, are a data controller. I, the applicant, am a person. I'm providing you my personal information solely for the purposes of applying for a job. You have no rights in this situation, only responsibilities as a data controller. Unless I give you explicit and active permission to retain the records for other legitimate business purposes you *must* expunge them as soon as is reasonable, unless there is some overriding regulatory requirement to retain them.

        Note that this isn't even a GDPR thing. If you're doing this now you are breaking the law. The current DPD/DPA-based guidance is clear.

        https://ico.org.uk/media/for-organisations/documents/1064/the_employment_practices_code.pdf

        You may only retain records to meet statutory requirements, and even then you must only use them to meet those statutory requirements. Using records you've retained for statutory purposes for what amounts to marketing is very much Not Ok.

  2. Tromos
    Joke

    Google has also launched a recruitment tool called Hire

    Google developers now starting work on Fire.

    1. RyokuMas
      Coat

      Re: Google has also launched a recruitment tool called Hire

      ... and promptly got into another legal spat with Amazon...

      Sorry, couldn't resist.

  3. Anonymous Coward
    Unhappy

    It won't work...

    "a flow that requires three affirmative clicks and typing "continue" – but at least they will have been warned."

    Never trust a user not to do the stupid.

    Are you sure you want to download this file from an unknown source. Running these files can be dangerous. Are you sure you wish to do this?

    This file was downloaded off the internet . Are you sure you want to open?

    This has been opened in read only mode to protect you. Press enable to allow editing.

    This file contains macro's that have been disabled, go through 1/2 a dozen hoops to enable

    "Hello IT, my computers gone all funny"

    1. Robert Helpmann??
      Childcatcher

      Re: It won't work...

      The latest protections apply to newly created web apps and Apps Scripts.

      The 90s called. They want to know if we are enjoying the macro viruses.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like