Is it interesting to claim that legislation has been in a constant struggle on keeping up with the speed that big data and technology has advanced. In Europe, the General Data Protection Regulation (GDPR), which came into force in May 2018, was designed to address this and acknowledged the changing landscape in the introductory text to the Regulation.
“...rapid technological developments and globalisation have brought new challenges for the protection of personal data. The scale of collection and sharing of personal data has increased significantly. Technology allows both private companies and public authorities to make use of personal data on an unprecedented scale in order to pursue their activities…. Those developments require a strong and more coherent data protection framework in the EU.”
- Source: EU, GDPR 2018
Let us examine the key areas that people analytics step in to solve but are set against GDPR principles, we simply suggest some actions ideally to be considered by employers.
For this instance, the so-called facial recognition algorithms are being used to scan the expressions of candidates during the vid interviews for determining candidate personality traits, emotions and even assessing whether the candidate is honest in their answers.
Such softwares that feed performance data and timelines directly to the softwares, which can then make decisions about the workforce objective rather than those decisions made subjectively by a manager who may be prone to biases or prejudices. It is clear that Big Data and A.I can provide valuable insights into their workforce but there are specific boundaries that employers ought to always take into consideration.
In a wide series of cases, Big Data & A.I come into direct conflict with the sole principles of GDPR:
| GDPR-Proof Pillar | Key Activities |
|---|---|
| Maintain the Human touch | Avoid leaving a complete decision making to the A.I. Especially for those decisions which may have adverse effects on employees or candidates. |
| Automate & Ensure Fairness | Understand the A.I’s decision making process & use off the self shelf technologies which are sufficiently transparent about how they operate. |
| Communicate the A.I existence | Update your Organization’s privacy notices to clearly explain the use of data driven technologies. Moreover, your HR workforce or your Data Privacy lead should be trained to answer any questions from concerned candidates/employees about the use of their data. |
| Consent on Employee Data | HR must get employee’s expressed permission in order to collect & process their personal data. The case that consent was accompanied by part of employment is no longer applied. |
| Anonymise the Data | Remove any indicators that link an individual to that piece of information. |
Source: Forbes 2020
In an effort to leverage the maximum out of People Analytics and the insight they can truly offer , HR teams must strike this required balance between employee privacy and business needs, while always being transparent about data activities.
Interested in more insights and best practices in GDPR & People Analytics? Have a quick look on Bernard Marr’s, People Analyst & Employee Rights Advocate, book “Data Driven HR"
Additional Resources: AIHR Academy, CIPD Factsheet, SHRM: Key GDPR Insights