Behavioural advertising entails the tracking of users when they surf the Internet and the building of profiles over time, which are later used to provide them with advertising matching their interests. While the Article 29 Working Party does not question the economic benefits that behavioural advertising may bring for stakeholders, it firmly believes that such practice must not be carried out at the expense of individuals' rights to privacy and data protection. The EU data protection regulatory framework setting forth specific safeguards must be respected. To facilitate and encourage compliance, the present Opinion clarifies the legal framework applicable to those engaged in behavioural advertising. In particular, the Opinion notes that advertising network providers are bound by Article 5(3) of the ePrivacy Directive pursuant to which placing cookies or similar devices on users' terminal equipment or obtaining information through such devices is only allowed with the informed consent of the users. The Opinion notes that settings of currently available browsers and opt-out mechanisms only deliver consent in very limited circumstances. The Opinion
asks advertising network providers to create prior opt-in mechanisms requiring an affirmative action by the data subjects indicating their willingness to receive cookies or similar devices and the subsequent monitoring of their surfing behaviour for the purposes of serving tailored advertising. The Opinion considers that users' single acceptance to receive a cookie may also entail their acceptance for the subsequent readings of the cookie, and hence for the monitoring of their internet browsing. Thus, to meet the requirements of Article 5(3) it would not be necessary to request consent for each reading of the cookie. However, to keep data subjects aware of the monitoring, ad network providers should: i) limit in time the scope of the consent; ii) offer the possibility to revoke it easily and iii), create visible tools to be displayed where the monitoring takes place. This approach would address the problem of burdening users with numerous notices while ensuring that the sending of cookies and the subsequent monitoring of Internet surfing behaviour for the purposes of serving tailored advertising only takes place with data subjects' informed consent. Because behavioural advertising is based on the use of identifiers that enable the creation of very detailed user profiles which, in most cases, will be deemed personal data, Directive 95/46/EC is also applicable. The Opinion comments on how advertising network providers should comply with the obligations that arise from this Directive, notably, with respect to rights of access, rectification, erasure, retention, etc. Taking into account that publishers may share certain responsibility for the data processing that takes place in the context of
behavioural advertising, the Opinion calls upon publishers to share with ad network providers the responsibility for providing information to individuals and encourages creativity and innovation in this area. Given the nature of the practice of behavioural advertising, transparency requirements are a key condition for individuals to be able to consent to the collection and processing of their personal data and exercise effective choice. The Opinion sets out the information obligations of advertising network providers/publishers vis-à-vis data subjects, referring in particular to the ePrivacy Directive, which requires that users be provided with "clear and comprehensive information". The Opinion analyses and clarifies the obligations set forth by the applicable legal framework. However, it does not prescribe how, from a technology point of view, such
obligations must be complied with. Instead, in different areas, the Opinion invites industry to undertake a dialogue with the Article 29 Working Party with the view to put forward technical and other means to comply with the framework as described in the Opinion as soon as possible. Towards this end, the Article 29 Working Party will contact stakeholders to request their input. Entities that are not explicitly consulted are welcomed to send their contributions to the Secretariat of the Article 29 Working Party.
If you want to know more please click here
So far, it is an ethical issue as it cannot be a legal one.
So I assume that it's more an ethical issue, at least for the time being.
Facebook is designed to limit the availability of your profile to your friends and only those in your other networks via the privacy settings. If you use the privacy features and believe that some employers got into your information unauthorized, then you might have a case.
"However, use of Facebook by potential employers is not addressed the Terms of Use for Facebook. The Terms of Use does say that its use is restricted to personal and non-commercial uses. ”Non-commercial” use means posting information for personal gain, like ads, which is prohibited. However, it does not mean an employer cannot access your information for commercial purposes, like research to make a hiring decision." (Potter 2008). It is difficult for the candidate to prove that kind of case, namely that he/she was rejected because of her FB account (maybe it could be proven through the a Freedom subject access request in an public organisation where the candidate could ask for the email correspondence, in case she/he feels that he/she was rejected by virtue of his online activity).
However, in the UK, could happen the same like Germany:http://dealbook.nytimes.com/2010/08/26/germany-plans-limits-on-facebook-use-in-hiring/
What happens in terms of authenticity?? Is it the right candidate the person that the HR has spotted or is it a different one? Is there synonymity? What the candidate expresses on his Twitter/FB/LinkedIn account is an exaggeration, figure of speech?
However the previous point of view (authenticity), can be contradicted by the fact that then if the HR is able to find the right candidate by Googling his/her name, then the HR will identify his/her ethnic background. In this case, is the HR going to select this person based on the candidate's ethic background or is the HR going to be effected by his/her photos and comments?
At the same time the HR office by Googling candidates may find information that are related to the sensitive personal data of a candidate (e.g related to his health or sexual orientation or religious beliefs). For example the candidate on the application form, is not willing to state his religious beliefs, that the HR already know his/her religious beliefs.
There are so many variables, which some of them contradict the others.
I
Based on the above, I gave some examples on some grey areas, that I consider them as grey.
For the selection process (and if Googling help the HR to select the right staff), at least for the time being, I don't think it could assist on the selection process.
However, if the HR departments set some (ethical) rules within the company and they explicitly state on the company's website that e.g. the HR reserves the right to conduct Google search (maybe for its strongest candidates, the ones that were shortlisted), then in that case I don't think it should be a problem.". In that case I believe that it would help with the selection process.
Conducting a thorough search for all candidates I assume it would be time consuming. BuT for the ones that were short-listed, I believe that it is quite reasonable.
Also, it's our responsibility to be able to control our own accounts, in terms of privacy.
For any questions/comments please, by all means you can comment.