Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: Notesfiles $Revision: 1.6.2.17 $; site uokvax.UUCP Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxj!houxm!ihnp4!inuxc!pur-ee!uiucdcs!uokvax!emks From: emks@uokvax.UUCP Newsgroups: net.unix-wizards Subject: Re: Security, hackers, computer crime Message-ID: <6200038@uokvax.UUCP> Date: Mon, 7-Jan-85 04:57:00 EST Article-I.D.: uokvax.6200038 Posted: Mon Jan 7 04:57:00 1985 Date-Received: Sat, 12-Jan-85 00:06:07 EST References: <1@decwrl.UUCP> Lines: 60 Nf-ID: #R:decwrl:-100:uokvax:6200038:000:2550 Nf-From: uokvax!emks Jan 7 03:57:00 1985 /***** uokvax:net.unix-wizar / sask!derek / 11:14 pm Dec 27, 1984 */ Just wanted to point out that companies are forbidden by law to do complete background checks on people. Things like Human Rights Commission in Canada or the American Civil Liberties [Union] would have a field day in court with that! In Canada, you cannot ask for a person's birthday unless they are under 20 (I think) or close to retirement age. Sex is right out. Some questions as to previous employment are okay unless it was in a foreign country (race discrimination). I believe that the employer may ask for a social insurance number (note the word employer is not prefixed by prospective). I am not faulting human rights legislation, it is needed, but it sure gets in the way of security screening. By the way, people like DND (DoD) are exempt from human rights legislation. -- Derek Andrew, ACS, U of Saskatchewan, Saskatoon Saskatchewan, Canada, S7N 0W0 {ihnp4 | utah-cs | utcsrgv | alberta}!sask!derek 306-966-4820 0900-1630 CST /* ---------- */ Unfortunately, you're probably right. I might point out (wordsmithing) that companies are not legally forbidden from performing background checks, but civil rights legislation prohibits them from performing certain acts which would tend to violate an employee's civil rights. (BTW, I am not very familiar with Canada's legal system, so my comments may not be very useful) I'm not a legal eagle, but I suspect you could do a bit more checking if you first established some things like this: o That the position to be filled was "sensitive." The definition of the word "sensitive" should be defined more clearly by attorney- types. o The person should understand the exact extent of the investigation, its purpose, weight in the selection process, and the propriety/use of the information. o That the person would consent, in writing, to an investigation of the same magnitude which was described. o That the investigation is made on all applicants, and not just this one. o That clear limits for "acceptable," "to be individually adjudicated," and "failed" results are used without regard to the individual under investigation. o And that the applicant would be qualified for less sensitive positions in the company/organization if he/she declined to allow the investigation, or its results were unacceptable. Does anyone out there have any ideas/experience in a non-DoD environment? Gee, the National Security Act of 1947 makes it so EASY... Have fun. kurt