A credit check on an applicant for work through a temporary employment agency was a breach of principle 1 of the Privacy Act 1993 as the role did not involve significant financial risk, the Office of the Privacy Commissioner says.
In a case note, the Office says the role sought by the complainant involved no financial risk. He was signed by the temporary employment agency for a short contract at a client's call centre.
"The man said he found it disturbing that the company had accessed his private financial records and it had caused him stress and humiliation."
The Office says the complaint raised issues under principle 1 of the Privacy Act 1993.
"Principle 1 provides that personal information may only be collected by an agency when the collection is for a lawful purpose relating to a function or activity of that agency. The collection of personal information must be necessary for that purpose.
"In this instance, the man did not believe the collection of his credit information was necessary for the role he was applying for, as it did not deal with money. The information the man would be dealing with at the call centre was not sensitive.
"As part of the application process, the man had signed a form agreeing to the credit check. The fact that he agreed to the credit check did not alter the responsibility on the agency to comply with principle 1 as there is not a consent-related exception to that principle."
The Office says the employment agency’s client had asked the agency to ensure that the contractors hired did not have any ‘criminal convictions or credit worthiness issues.’ The employment agency argued that a credit check was a necessary part of the screening process because the nature of the call centre work involved handling highly sensitive information from the public.
"We did not accept this interpretation and concluded that the employer had breached principle 1 of the Privacy Act, since the role did not involve significant financial risk. Even if there was a contractual term that requested a credit check, the employer was still obliged to comply with the requirements of principle 1."
The Office says it did not accept the man's claim that the collection of his credit information had caused him significant harm, as required by section 66(1)(b) of the Act.
On that basis, it did not find that there had been an interference with the man's privacy.