Looking for a Job goes Orwellian

The Department for Work and Pensions are introducing changes to job seeking called ‘Universal Jobmatch’ and ‘Universal Credit’. Consent.me.uk explains the massive privacy impact of these new measures.

Image: Reflected CC-BYFlickr: boliston

By late Autumn the Government's Department of Work and Pensions plans to introduce a  new Universal Jobmatch website for anyone seeking a job. The US company commissioned to deliver this service is Monster Worldwide, an online recruitment and technology service company infamous for numerous major personal data losses through hacking, including the US equivalent of Universal Jobmatch, usajobs.gov.

Millions of part-time workers and unemployed receiving welfare benefits will be mandated to register, thereby bypassing all semblance of consent[i], letting Jobcentre staff and external contractors have full access to all of their user activities, including reading correspondence with employers, viewing full content of CV's, pending and submitted job applications, jobsearches done and saved, feedback from employers, interviews offered and personal profiles. Jobcentre staff will also be able to attach job vacancy details to a user’s account, which they must apply for.

All of this is being driven by the plan to make all welfare benefit and related services digital by default and mandated for under the Welfare Reform Act (2012), coupled with the introduction of Universal Credit. These welfare reforms come with unprecedented coercive powers, such as “claimant commitments”, including the core mandatory requirement to give evidence of spending a whopping 35 hours per week[ii] doing Jobsearch activities, with non-compliance leading to loss of welfare payments through sanctions of up to 3 years[iii] and or the imposition of mandatory unpaid work(fare)[iv], for showing a lack of effort. Based on the evidence we believe that the unemployed and part time workers[v] receiving welfare benefits will be mandated to register.

This snoopers’ charter of a service will be integrated with many central, local government and private sector databases, covering wages paid, hours worked, credit ratings, electoral role and tax liability to name a few.

What about privacy and consent?

Under current Jobcentre rules and practice for welfare benefit recipients, specifically for Jobseekers Allowance,  they are only required to show (not be collected) a record of jobseeking activities, which can just be a short diary account of jobs applied for and jobseeking activities undertaken to find employment.

Currently the collection and retention of actual correspondence with employers, job applications, emails, personal email addresses and telephone numbers requires informed consent and as such can be declined without consequence. However there is evidence that many of the Government's external contractors are subverting informed consent and forcing the sharing of such personal data by unlawful threats of benefit sanctions:

“Claimants [were] bullied into signing an agreement to supply prospective employers’ details, for the provider to claim a job outcome payment.”

Soure: National Audit Office May 2012 report ‘Preventing fraud in contracted employment programmes’

Privacy invasion

Whilst some may say this level of privacy invasion is proportionate with regards the conditionality of welfare benefits, but this does not address the level of free no cost access to initially anonymised personal data purely on the pre-text of being an employer. Even though candidates can choose if they do want to release their full CV or complete a standard job application form, people claiming Jobseekers Allowance or Universal Credit will have a mandatory tracked sanctionable obligation to apply for any employer inviting them to apply. The contract documents indicate the only basic verification needed to open an employer’s account will be a landline or mobile phone number and a verified post code.

Privacy impact?

As no dedicated privacy impact assessment has been undertaken for Universal Jobmatch it is difficult not to conclude it will contravene the Data Protection Act in terms of consent and engage the Human Rights Act (ECHR Article  8) principle that “Everyone has the right to respect for his private and family life, his home and his correspondence.” Nor has anything been published about how the technology will be used, by the Government and external contractors, to view the activities of people not claiming any welfare benefits. 

A quick insight into the likely privacy impact, for all users of Universa Jobmatch can be found on the Monster commissioned website usajobs.gov, under its Terms and Conditions and curiously not its Privacy Policy it says:

“All access or use of this system constitutes user understanding and acceptance of these terms and constitutes unconditional consent to review, monitoring and action by all authorized government and law enforcement personnel. While using this system your use may be monitored, recorded and subject to audit. ”

 

consent.me.uk was developed to address reported exploitative bullying practices of external DWP Welfare to Work(fare) Contractors/Providers and inform people of their Data Protection rights of consent and more general welfare rights. The author wished to remain anonymous.



[i]     Currently the Europe Commission is consulting on introducing a tougher unified EU wide Data Protection regime, including strengthening the definition of consent.

[ii]    The Jobseeker’s Allowance Regulations 2012:   "...we propose that claimants are expected to have spent 35 hours a week...looking or preparing for work."

[iii]   Higher-level sanctions. Draft The Jobseeker’s Allowance (Sanctions) (Amendment) Regulations 2012 : "156 weeks, where there have been two or more previous sanctionable failures by the claimant"

[iv]   Mandatory Work Activity aka Workfare, is a month’s full time unpaid work, whilst Jobseekers Allowance is paid.
"It helps them re-engage with the system, refocus their job search and gain work-related disciplines. Failure to complete a Mandatory Work Activity placement without good cause will result in the sanction of Jobseeker's Allowance for three months. This will rise to six months for a second breach. From later in 2012 a three year fixed sanction will apply for a third violation."

[v]   Powers to make Universal Jobmatch mandatory are: Section 17 of the Welfare Reform Act (2012) Work search requirements

 Jobseeker’s directions

 Jobseeker's Agreement

Via external DWP contractors working under it's 'Framework for the Provision of Employment Related Support Services'

The Jobseeker’s Allowance (Employment, Skills and Enterprise Scheme) Regulations 2011 give contractors delegated powers to make work search activities mandatory.

Share this article

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail

Comments

Comments (16)

  1. Michelle Louise Jones:
    Sep 19, 2012 at 05:39 PM

    This is an absolute disgrace! How on earth is this going to be legal/lawful? No one can be forced into giving up their Data Protection Act rights!!. So what are the government saying - that once somebody is claiming benefits the DPA no longer applies? How can forced consent under the threat of destitution be considered to be freely given consent? It's despicable, and i think any lawyer worth their salt would have a field day with this.

  2. www.consent.me.uk:
    Oct 01, 2012 at 02:39 PM

    @Michelle Louise Jones

    The DWP are refusing to answer Data Protection questions and information requested via Freedom of Information Act requests http://bit.ly/UGxlgR+ so difficult to get the full picture. However, today the direct.gov.uk is highlighting the launch of www.gov.uk set for Oct 17th. The beta website currently has a page https://www.gov.uk/jobs-jobsearch - so seems reasonable to assume this will be the location of Universal Jobmatch and other one-stop digital services http://digital.cabinetoffice.gov.uk

    Using www.gov.uk for jobsearch will make it quite clear that any registrant using it will be disclosing personal info direct to central government, info that is currently private and confidential.

    Recently the DWP expunged published info http://www.consent.me.uk/dwpexpungesinfo that use of Universal Jobmatch was not connected to any benefit claims. The contract documents http://cdn.consent.me.uk/monster.zip give a much better insight into the full extent the Jobcentre/Government/External contractors will have access to users personal data.

    Whilst the DWP may claim that there is no direct relationship to benefit claims, once the claim is active this jobsearch service looks set to be mandatory. Even if an individual adviser does not have user permission to access a users account activity unless they agree, voluntarily or via a mandatory obligation, the user data is being disclosed to the Government and it seems highly unlikely that the full content of a users account will not be monitored or used to audit the veracity of benefit claims, or for that matter all sorts of other Government services/intervention. Of course access to user data can be to a myriad of organisations that surveil the public under RIPA http://bit.ly/sCdBW+ or for other law enforcement related investigations.

  3. amanda:
    Oct 01, 2012 at 03:04 PM

    whats the point there are no jobs... just more bucks for big buisnesses

  4. Graham Gardner:
    Oct 01, 2012 at 03:41 PM

    I am already on the work programme, I care for two disabled children. If I am mandated/threatened with sanctions to sign up to this, which is clearly in breach of the Data Protection Act, I will seek legal advice. I suggest everyone does the same.

  5. Eowyn Rohan:
    Oct 01, 2012 at 03:53 PM

    Worse Case Scenario : If those in receipt of Job Seekers Allowance are forced to use Universal Jobmatch, then after the Data Protection Issues have been ironed out (ie I will not currently use a system which implicitly assumes that Data Protection Rights are waived) I for one will simply use the system a minimum number of times to address the Job Seekers Agreement. Say to apply for 3 jobs per week.

    It will save the need to telephone Job Centre Plus Jo Seekers Direct once a week, and involve myself with Job Centre Call Centre Clerks who delude themselves with the belief that they are employed as Recruitment Consultants.

  6. www.consent.me.uk:
    Oct 01, 2012 at 04:26 PM

    @Eowyn Rohan
    If a telephone helpline exists, then they could be called for an employers contact details and the job application made direct, dispensing with Jobmatch. However, your limited use would still mean creating a personal profile and CV for distribution via those 3 applications. Currently there is no sanction based obligation to use Jobcentre+ Job broking CV sharing services. Once anyone uploads their CV, it could well become accessible to Welfare to Work providers, who may share it without further permission. Plus an adviser also has the facility to attach a vacancy to anyone's account, implying it must be applied for. Employers will also be able to invite applications. It is probable any future equivalent to a Jobseekers Agreement with be written in more open ended ways and be less prescriptive. Especially as Jobsearch looks like becoming a mandatory 35hr a week benefit condition.

  7. Eowyn Rohan:
    Oct 01, 2012 at 04:45 PM

    @www.consent.me.uk 1626 Hs

    Absolutely - Universal Jobmatch may be dispensed with. I doubt very much whether Universal Jobmatch will cover even a small portion of the available market place for jobs listing... it will come into conflict with other jobs boards, devised by agencies, and by employers who made have a heavy investment in kit. Interoperability is going to be a big issue, which will never be ironed out in the short term, and as for systems.... I doubt whether Universal Jobmatch is compliant with all existing browser, and as soon as a new system and/.or browser is introduced, technical difficulties will be manifest.

    I havent used Internet Explorer for years - not simply due to it being antiquated, but in terms of Apple - you cannot get above IE version 5.0.

    In terms of the practicalities.... I assume that a legal agency will be working on a case which cites the need to address Data Protection Legislation as a precursor towards implementing the system for practical use, and force a Judicial Review.

  8. www.consent.me.uk:
    Oct 01, 2012 at 05:07 PM

    @Eowyn Rohan:

    The contract docs talk about getting agreement from other recruitment website's to 'scrape' them and to auto import vacancies into Jobmatch. It would be helpful if once logged on all employers contact details could be viewed, allowing job applications to be direct. The Equality Act (2010) also imposes a duty to facilitate alternative non online based ways to make jobs applications.

    A key problem could quickly develop when specific vacancies can only be applied for via Jobmatch, which is how Monster developed http://www.usajobs.gov works. Plus the contract docs discuss a facility that would allow employers to search profiles* and only invite matches to apply.

    *The contract docs use the term CV and Profile interchangeably.

  9. Eowyn Rohan:
    Oct 01, 2012 at 05:42 PM

    @www.consent.me.uk:Oct 01, 2012 at 05:07 PM

    I think the term "Hasn't been thought through" (or Omnishambles) is an accurate assessment. However, aside from that, a fundamental problem in the matching process resides in the competence of whomsoever is assigned to match candidate profile to vacancy.

    For example - if We take a low level job, such as Web Development. A candidate may be subsequently matched to this vacancy, they may be interviewed, but at the interview, it transpires that the candidate may only possess experience in Apache, MySQL and PHP whereas the employer was looking for ASP.NET.

    Of course, if the system is as open as conjectured, and candidates have no authority to restrict applications (implicitly accepting that anyone may access the system and review candidate profiles), there is nothing to stop unauthorised parties conducting a fishing expedition with the aim of accruing as many CV's as possible (a common issue with Job Centre Plus where Agency Vacancies may be fictitious), and even leading to ID Fraud.

  10. Mahat Macoat:
    Oct 01, 2012 at 08:57 PM

    It might be worth looking into, for everyone adding a disclaimer onto all information submitted to the Jobmatch website.

    Something like:

    Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual to whom they are addressed. I do not consent or authorise for any of the information supplied within this email to be disclosed, shared or any feedback to be given to any Third Party without my prior agreement. For example: To the Department of Work & Pensions, Jobcentre Plus or any other organisations.

  11. David Ramsay:
    Oct 01, 2012 at 09:02 PM

    I tried the beta of the new .gov site to search, trade = Software Test Engineer, all jobs found = Software Developer, absolute and complete rubbish and if I was ever placed in the position of using this service I would tell them that quite bluntly!

  12. www.consent.me.uk:
    Oct 01, 2012 at 10:30 PM


    @Mahat Macoat

    On your suggested disclaimer, a good idea, but unsure of effectiveness.

    Department for Work & Pensions/Jobcentre Plus would not be a Third Party, as the service is to be delivered by them and looks like they would then become the Data Controller of all registrants personal data. Once they are in possession of personal data they have a number of powers in how it can be processed, a summary is here http://www.whatdotheyknow.com/request/125511/response/311623/attach/html/2/FOI3137%20Response%2011.09.12.pdf.html

    Difficult to know exactly what the service's privacy and terms of use policies will be, until they are published.

  13. www.consent.me.uk:
    Oct 01, 2012 at 10:35 PM

    @Eowyn Rohan
    Understand employers will only be informed of anonymous potential candidate matches, it will be for the candidate to consider if they want to share their CV or submit a standard application, if the employer invites them to apply or they see an open advert.

  14. OurWelfare:
    Oct 02, 2012 at 01:33 AM

    It's worrying that, despite data protection rules, these rules seem to be openly flaunted and manipulated by the govt. for this new scheme. The scheme iself once again shows a complete lack of understanding of how the job market actually operates - especially in times of double dip recession. Proof, if anymore were needed, that DWP policies are designed to humiliate and punish those deemed low enough to claim benefit. If I ever end up on such a scheme I hope I can find a way to challenge it through the courts as I doubt the usual complaint process will make much difference.

  15. Mahat Macoat:
    Oct 02, 2012 at 08:34 PM

    I'm not really surprised that the Government wants to control an unemployed person's personal data. As added to the recent news that they also want to control what an unemployed person spends their benefit money on. It's an absolute disgrace.

  16. www.consent.me.uk:
    Oct 04, 2012 at 05:08 PM

    The media is reporting today how Universal Jobmatch will be part of the Government's 'National 'virtual ID card' scheme' & 'Twitter and Facebook to be used for benefit applications' and also highlights how the private sector in the form of Banks, PayPal, Facebook, Twitter, Google, AOL could be linked to delivery of DWP Universal Jobmatch/Credit services.

    "The Post Office’s involvement in the Identity Assurance Programmes was revealed by a notice placed in the Official Journal of the European Union. The Royal Mail subsidiary sought a third party provider to help in assembling consumer data including name, date of birth, address, gender, passport and driving licence numbers, financial history, electoral roll status and telephone numbers."
    http://www.independent.co.uk/news/uk/politics/national-virtual-id-card-scheme-set-for-launch-is-there-anything-that-could-possibly-go-wrong-8196543.html

    Twitter and Facebook to be used for benefit applications
    Government denies scheme to use social networking to access services will be equivalent to identity cards
    http://www.guardian.co.uk/media/2012/oct/04/twitter-facebook-benefits

This thread has been closed from taking new comments.

By www.consent.me.uk on Sep 19, 2012

Featured Article

Schmidt Happens

Wendy M. Grossman responds to "loopy" statements made by Google Executive Chairman Eric Schmidt in regards to censorship and encryption.

ORGZine: the Digital Rights magazine written for and by Open Rights Group supporters and engaged experts expressing their personal views

People who have written us are: campaigners, inventors, legal professionals , artists, writers, curators and publishers, technology experts, volunteers, think tanks, MPs, journalists and ORG supporters.

ORG Events