Key Employer Takeaways to Ensure FCRA Compliance in Background Screening Disclosure and Authorization

On January 29, 2019, the Ninth Circuit Court of Appeals issued an important opinion that is relevant for employers who are responsible for providing job seekers with a compliant disclosure and authorization under the Fair Credit Reporting Act (15 U.S.C. § 1681 et seq.).

In Gilberg v. California Check Cashing Stores (No. 17-16263) (“Opinion”) the Court addressed the issue of the required disclosure and authorization and whether it is “clear and conspicuous” and “in a document that consists solely of the disclosure.” (FCRA, § 1681b(b)(2)(A)).  At issue was whether the inclusion of various state-mandated disclosures violated the FCRA’s “standalone document” requirement and are therefore extraneous.  And, the Court also addressed the issue of what is “clear and conspicuous” under the FCRA.

Specifically, the Court considered these questions:

1. Whether a prospective employer may satisfy the FCRA’s standalone document requirement by providing job applicants with a disclosure containing extraneous information in the form of various state disclosure requirements; and
2. Whether the specific disclosure provided by the employer in this particular case satisfied the clear and conspicuous requirement. (See, Appendix A of the Opinion for CheckSmart Financial’ s disclosure and authorization)

Employer Obligations Under FCRA

Before diving into the Court’s Opinion, let’s briefly describe a key employer obligation under the FCRA when conducting a background check for employment purposes.  Obligation—employers need to provide the job applicant with a disclosure and authorization that is a standalone, clear and conspicuous disclosure of its intention to conduct a background check.

Employers must advise job applicants of the background check when using the services of a third-party background screening company and must capture the job applicant’s consent for said check. As recent settlements demonstrate, this requirement is not always resonating with employers.  Consider settlements and/or on-going litigation against retail stores (granted class certification) and healthcare providers ($1.3 million) to list a couple of examples.

Since neither the Federal Trade Commission nor the Consumer Financial Protection Bureau have provided users of consumer reports (aka “background check reports”) with a standard disclosure and authorization we look to the FCRA itself for guidance as well as case law.  And in this area, the case law is evolving.  We know, for instance, that inclusion of any type of a release of liability/liability waiver in a disclosure and authorization is considered extraneous information because it violates the standalone disclosure requirement. (See, Syed v. M-I, LLC, 853 F3d 492 (9^th Cir. 2017)

Now, layer in state-mandated disclosures.  Previously, disclosure and authorizations included state-mandated disclosures related primarily to receiving a copy of the report (e.g., California, Minnesota, Oklahoma). And over time, additional state disclosures were added. This opinion, although arguably limited to those states falling within the jurisdiction of the 9th Circuit Court of Appeals, should be considered for its potential national impact. The same court as in the Syed case is now saying that “a prospective employer violates FCRA’s standalone document requirement by including extraneous information relating to various state disclosure requirements in that disclosure.” (Opinion at p. 4)

Court Ruling

• The Court held that the disclosure and authorization used by CheckSmart Financial violated the FCRA’s “standalone document requirement” because of the inclusion of state-mandated disclosure information.  Stating, “[b]ecause CheckSmart’s disclosure form does not consist solely of the FCRA disclosure, it does not satisfy FCRA’s standalone document requirement.” (Opinion at p. 14)

 

• The Court held that the disclosure and authorization at issue was not “clear and conspicuous” (although technically the Court found that the disclosure and authorization was “conspicuous” but not “clear”):
  • • Taking issue with use of the term “all-encompassing” related to the scope of the disclosure and authorization. (Opinion at p.17)
    • Stating that combining federal and state disclosures is confusing. (Opinion at p. 17)
    • On the plus side for employers, the Court did rule that the disclosure and authorization was “conspicuous” because CheckSmart Financial “capitalized, bolded and underlined the headings for each section of the disclosure and labeled the form so an applicant could see what she was signing.” (Opinion at p. 18)  Although it did “ding” them for the small font—Arial Narrow size 8 font.

Key Takeaways for Employers

• Maintain the job application (if one is used) separate and apart from the disclosure and authorization.  Do not embed the disclosure and authorization into the job application, regardless of how “clear and conspicuous” you believe it to be.
• Understanding that employers need flexibility to conduct future checks, clearly use complete sentences when addressing the scope of the disclosure and authorization, paying special attention to the phrasing of the “evergreen consent” allowing future background checks.
• Do not include the state-mandated disclosures with the disclosure and authorization (specifically on the same page). Include them separately and when doing so, be clear about which disclosure applies to what state residents.
• Capitalize, bold and underline the disclosure and authorization and use a font larger than Arial Narrow size 8.

Interesting Sidebar

The lead plaintiff in this case had no criminal history, worked for CheckSmart Financial for a period of time, and then voluntarily terminated her employment.  After that, she pursued this putative class action alleging violations of the FCRA and state law.  (Opinion at p. 9) And, since this is at the appellate level, note that the district court entered summary judgement against the plaintiff and sided with CheckSmart Financial that the disclosure and authorization was compliant.

The information in this blog posting, including the analysis, is intended to be educational in nature.  Please refer all questions about the legality of your organization’s disclosure and authorization, as well as your organization’s compliance with the FCRA, to your legal counsel.

 

David Bennett
Chief Operating Officer
Cisive

Supported By WordPress Database Support Services