Follow by email

Tuesday, July 18, 2017

Frequently Asked Questions

During my time providing investigative services to businesses the same questions regarding pre employment screenings and background checks were repeatedly asked. To address those questions, we developed a list of frequently asked questions, which are shared below. I hope this will help answer questions you may have and guide you through the hiring process.

·      What are an employer’s legal obligations?
  • Fair Credit Reporting Act (FCRA). As of October 1, 1997 the FCRA requires that all employers who request background checks for pre employment screening purposes have a written consent from the applicant. 
  • Civil Rights Act of 1964, Title VII. Employers cannot reject or fire qualified individuals who have criminal records when the criminal history has no bearing on the individual’s fitness or ability to perform the job.
  •  Equal Employment Opportunity Commission (EEOC. The EEOC is clear in its position on employers’ use of criminal background checks for employee hiring and retention: “Using such records as an absolute measure to prevent an individual from being hired could limit the employment opportunities of some protected groups and thus cannot be used in this way.”
  • National Labor Relations Act (NLRA) was enacted in 1935. The Act allows for the National labor Relations Board to enforce laws that give employees the right to act together for improved pay and working conditions, even if they are not part of a union. 
·      What is a “National” record check?
  • We were always asked to conduct national criminal record checks. This request is difficult to explain because most people’s perception of the criminal justice system is marred by television. Simply put, there is no “national” database that houses criminal records. Records of arrests and adjudications are kept at the local courthouses and county jurisdictions. Conducting a non-law enforcement national background check would be better said as a “nationwide” check. To obtain a thorough picture of a person’s criminal past, all levels of government entities maintaining criminal records should be searched. Read our post "National" record checks, which further explains the subject.
If there is no national database, how do you get the most detailed information?
  • Look for companies that search both public and commercial databases within the Federal, State, and County jurisdictions. Analyzing the information to ensure the utmost accuracy for your screenings.

·      What is “Ban the box”?
  • Ban the box is national grassroots movement to remove the question, “Have you ever been convicted of a crime” from employment applications. Many State and local jurisdictions have passed laws removing the question from government employment applications.

·      What is Bright line hiring?
  •  “Bright line” is a clearly defined rule or standard, generally used in law, composed of objective factors, which leaves little or no room for varying interpretation. The purpose of a bright-line rule is to produce predictable and consistent results in its application. 
  • A Bright line hiring example would be to not hire someone with a criminal record. Bright line hiring practices are dangerous for any business, as you may have violated the Civil Rights Act of 1964 or EEOC guidelines.
·      Can expunged records be located?
  • Sometimes. The legal term “expunged” has different definitions in different states. Some allow for the records to be sealed and treat the case as it never happened. Some change the conviction to “dismissed”, but the other details of the case are the same. In Maryland, it means to remove from public inspection. 
  • Although records are expunged, they are filed somewhere.  Third party vendors purchase data from government entities before records are expunged. They then resell that data. Although records get expunged, they remain active through third party vendors.
·      Why should I do pre employment checks?
  • Avoid the expense of making a bad hire. Bad hires can cost as much as three times the salary of the job in question
  •  Reduce liability: Putting current employees at risk by placing a violent person in the workplace.
  • Find those with a propensity for violence. Workplace violence has been found to make up 18% of all crime.
  •  Reduce of workplace accidents
  •  Reduce resume puffing. One-third of resumes have some degree of puffery
  •  Aid the applicant. During the process other names associated with the applicants’ social security number are regularly discovered. This information may help the applicant thwart identity theft.
·      Why can’t I just do checks myself?
  • You can and many do. The Internet is a very powerful tool. The questions are: Do you have time? Do you know where to look? Do you know how to decipher the information you do find? Are you sure you are looking at the correct person?
See our blog archive and topic categories for more on this topic.
FCRwhat? March 2015

Wednesday, July 5, 2017

Public Wi-Fi for dummies

Traveling and staying in a hotel I started to use the Internet via a Smartphone. I paused, thinking data usage might be tight so better use Wi-Fi. Logging into the hotel’s Wi-Fi I paused again, knowing better than to use unsecured public Wi-Fi. Thinking I was only checking the Internet for dining options, it was safe to use pubic Wi-Fi for that purpose. Then the browser failed to load, with a warning that the server was an unsecure network. Thank you Google or Apple or whomever installed a safety feature to moderate our temptations. The tricky thought occurred to turnoff the Wi-Fi, log into the account and then switch on the Wi-Fi. After some research it was revealed that this technique would still leave you vulnerable. After switching the connectivity your phone (the app or website) would renegotiate the connection, although seamless to the user, your login information would still be exchanged and visible.

Decided to look into the pitfalls and dangers of public Wi-Fi. A simple search returned many articles on public Wi-Fi risks. Lots of experts explaining how easy it is compromise networks and for unsuspecting users to fall victim. Smartphones, tablets, and laptops have become appendages to our busy Internet connected lifestyles. Data usage has become the new “minutes” and consumers are looking for ways to save on usage and ultimately money. Public Wi-Fi is a common way to cut back on data usage. However, there is risk to online security.


Norton reported in 2013 that 68% of people using public Wi-Fi were victims of cyber crime. The Norton Cyber Security Insights Report announced that in 2015 21% of Americans had their email hacked and 12% had their financial data stolen after shopping online. Millennials are a growing victim demographic with 40% falling prey to cyber crime in 2015. Although one of the more tech savvy age groups, Millennials are more open to sharing logons and passwords that compromise their online security.

When you leave the house you are still connected. Whether you login to your accounts via the cellular network or Wi-Fi, nothing is 100% secure. While 4G cellular networks are encrypted and are far, far better than an unsecured public Wi-Fi connection, there have been incidents of cellular networks being hacked. Although the effort is usually much greater than most cyber criminals are willing to make. Public Wi-Fi is a much easier target. Both due to security weaknesses and the plethora of devices being used on those networks.


Most public Wi-Fi breaches are through man-in-the-middle attacks. Hackers place themselves either between two victims or between the user and the app and eavesdrop on the transmissions being sent back and forth. It is important when using apps and websites in public to ensure you are logging into the correct site or app as hackers can spoof those and trick users to logging into the hacker’s site.

Just because you need a password to login to public Wi-Fi doesn’t mean it is secure. It just means that there is an authentication step before you can access the router.  Additionally, the person setting up the Wi-Fi may not have installed all the available security features.  The hacker may be logging into the same network as you, giving them access to your transmissions.

When you are browsing, HTTPS is usually a good thing to look for. It means the data transfer between your device and the website is secure-on their end. There is still a possibility that you were hacked on your end. It’s like having a phone conversation but you have your phone on speaker.
The most secure networks offer end-to-end encryption. Financial apps usually are encrypted. Most big name apps/browsers/email/social media are probably secure from man in the middle attacks as the data being exchanged is encrypted, the session can be viewed but not the data. However, we’ve all read about the big guys getting hacked. Better safe than sorry later.

Reduce your risk

Some simple rules to live by while using your mobile devices in public.
When using any network that is not your own, consider it unsecure.
Never use public Wi-Fi to login to anything that requires a password. After using any network that is not your own it is wise to change passwords.
When you do use hotel or public Wi-Fi, make sure you are, in fact, connecting to the hotel's Wi-Fi and not hacker’s site. Look-alike Wi-Fi signals use names similar the hotel or business.  If you’re not comfortable, ask before logging on.
Keep your device OS up to date.

Review our blog archive for other articles cyber security:

Monday, June 19, 2017

License to drone

It’s a bird! It’s a plane! It’s a…a… a drone. That distinctive buzz. That speck of an object in the sky, hovering, but moving slightly side to side. The popularity of flying quad copters or drones has been growing in recent years. Everyone’s heard their use for package delivery, surveillance, but they are fast becoming popular for small business promotion and an enjoyable hobby for those interested in remote control flight. As the enthusiasm grows so do sales. The FAA expects the 2.5 million drones sold in 2016 to grow to 13 million by 2020. Commercial operators could purchase another 10 million.

FAA Regulation

Popularity translates to higher percentages of a drone encounter. They are being flown in congested areas that provides for the opportunity for interference with air traffic, power lines, buildings, and crowd gatherings. Most of the larger drones have the ability to attach cameras. Which brings up the issue of privacy. Congress, state legislatures, and the FAA are scrambling to get a handle on regulating drones without trampling on citizen rights and the hobby level user. To ensure the safe operation of drones in regards to nefarious use and poor decisions the FAA released Unmanned Aircraft Systems (UAS) regulations in 2015. These rules for drone operation were updated in 2016 and include licensing and registration requirements.

Since the requirement for drone registration 760,000 hobbyists registered approximately 1.5 million drones. However, the registration rule was recently challenged in court. The rule required hobbyists with drones weighing between 0.55 pounds and 55 pounds to register their drones with the FAA. On May 19, 2017, the U.S. Court of Appeals for Washington, D.C. ruled that the FAA could not make that requirement as it violated the FAA’s own Modernization and Reform Act passed in 2012. The plaintiff successfully argued that the FAA “may not promulgate any rule or regulation regarding a model aircraft”.  The FAA is considering its appeal options, one of which is Congress taking action on the issue.

FAA licensing requirements

So. Who needs a drone license? First, the difference between recreational purposes and commercial. The FAA defines recreational as flying for enjoyment- not for work, business purposes, or for compensation or hire. If you’re being compensated the use is probably under the commercial category in the eyes of the FAA.

From the FAA-
Recreational flyers are not required to obtain a pilot certificate but may if desired. If your drone is more 0.55 pounds it must be registered with the FAA.
Basic operating rules are:
  • Fly at or below 400 feet
  •  Keep your UAS within sight
  • Never fly near other aircraft, especially near airports
  •   Never fly over groups of people
  •  Never fly over stadiums or sports events
  •  Never fly near emergency response efforts such as fires
  •  Never fly under the influence
  • Be aware of airspace requirements
To fly commercially there are different levels and requirements. Basically, the pilot must be licensed and the drone must be registered.
Commercial pilots:
  • Must be at least 16 years old
  • Must pass an initial aeronautical knowledge test
  • Must be vetted by TSA
Commercial operating requirements:
  • Class G airspace
  • Must keep the aircraft in sight (visual line-of-sight)
  • Must fly under 400 feet
  • Must fly during the day
  • Must fly at or below 100 mph
  • Must yield right of way to manned aircraft
  • Must NOT fly over people
  •  Must NOT fly from a moving vehicle

This was a synopsis of FAA requirements. Visit the FAA Unmanned Aircraft Systems (UAS)-FAQ site for complete details.

Tuesday, June 6, 2017

Languages spoken?

As a customer of almost any business there is a high probability that you will interact with someone who speaks in accented English or speaks little English. As an employer, there is also a high probability that your job applicants will speak in accented English. Customers should to be patient and polite; Employers need to be cautious of not violating the law.

A colleague had a difficult time placing an in person order with a store employee who spoke accented English. They asked me if it was illegal for employers not to hire people who had difficulty clearly communicating with customers. The short answer is, yes. Any employer that discriminates against an applicant for their accent or attempts to establish an English only policy without establishing a business necessity would more than likely be in violation of Title VII of the Civil Rights Act of 1964. Employers cannot use English only policies to discriminate against employees or prospective employees due to their accent or lack of English skills.

A lot of small business owners that I’ve encountered do not have documented hiring policies. They have a basic understanding of hiring laws, but still hire who they “like” with little documentation. Establishing a hiring component such as business necessity can be laborious for small businesses.

The Equal Employment opportunity Commission explains language discrimination as follows.
Discrimination Based on Accent
Treating employees differently because they have a foreign accent is lawful only if accent materially interferes with being able to do the job.
  • Generally, an employer may only base an employment decision on accent if effective oral communication in English is required to perform job duties and the individual's foreign accent materially interferes with his or her ability to communicate orally in English.
  • Jobs that may require effective oral communication in English include teaching, customer service, and telemarketing to English speaking clients.
  •   If a person has an accent but it is able to communicate effectively and be understood in English, he or she cannot be discriminated against.
Speak English Only Rules
The EEOC has stated that rules requiring employees to speak only English in the workplace violate the law unless the employer can show that they are justified by business necessity. 
  •  A rule requiring employees to speak only English in the workplace at all times, including breaks and lunch time, will rarely be justified.
  •  An English-only rule should be limited to the circumstances in which it is needed for the employer to operate safely or efficiently.
  •   Circumstances in which an English-only rule may be justified include: communications with customers or coworkers who only speak English; emergencies or other situations in which workers must speak a common language to promote safety; cooperative work assignments in which the English-only rule is needed to promote efficiency.
  •  Even if there is a need for an English-only rule, an employer may not take disciplinary action against an employee for violating the rule unless the employer has notified workers about the rule and the consequences of violating it.
The complete EEOC pamphlet on immigrant rights can be found at
EEOC: Immigrants' Employment Rights Under FederalAnti-Discrimination Laws
State laws may also apply to these hiring situations. Employers should always consult their employment law attorney before establishing any hiring requirements.

See the blog archive for other posts about hiring.

Wednesday, May 31, 2017

Students say, “Ban the box!”

NOTE: This post was originally published on April 6, 2016 and has been updated with new information.            

On May 26, 2017, Maryland Governor Hogan vetoed a bill that would have barred Maryland colleges from inquiring about criminal history on admission applications. Governor Hogan reasoning the bill, in its current state, was too restrictive on schools and jeopardized student safety.

If passed, Maryland would have been the first state to prohibit all colleges and universities from including questions about criminal history on their applications. Admissions offices could still inquire about criminal convictions of accepted applicants but could not withdraw an offer of admission based on the answer.


Many employment applications include the question, “Have you ever been convicted of a crime”.  For the past several years there has been a movement to have the question removed. Every year legislatures at the State, County, and City level take up the issue of whether or not to “Ban the Box”.  Advocates want job applicants to be considered for their qualifications and not rejected based on criminal past. Should the box be banned, February 2013
Currently there are 100 cities and counties that have passed legislation to have the question removed from their respective government employment applications. Twenty-one states have also passed laws-California (2013, 2010), Colorado (2012), Connecticut (2010), Delaware (2014), Georgia (2015), Hawaii (1998), Illinois (2014, 2013), Maryland (2013), Massachusetts (2010), Minnesota (2013, 2009), Nebraska (2014), New Jersey (2014), New Mexico (2010), New York (2015), Ohio (2015), Oklahoma (2016), Oregon (2015), Rhode Island (2013), Vermont (2015), Virginia (2015), and Wisconsin (2016). Seven of those states (Hawaii, Illinois, Massachusetts, Minnesota, New Jersey, Oregon, and Rhode Island) have removed the question from private employment applications as well.
            The Common App college admissions application has over 500 member education institutions and has been in use since the late 1990’s. Since the 2006-2007 admissions cycle the Common App has also included a question as to whether or not the applicant had been convicted of a misdemeanor or felony. The applicant answers yes or no and is required to submit a separate explanation if there is a conviction.
            On March 29, 2016, students from New York University (NYU) staged a sit-in to demand that the school stop receiving the criminal question data from the Common App. Although no immediate changes were made, the NYU administration and the CEO of the Common App met with the students. Much like the advocates for employment purposes, college applicants want to be considered first on their merits and not excluded because of criminal convictions.
            As the Ban the Box movement has steadily gained traction in employment circles, you can expect the issue to continue be brought up on college campuses as well.

See our blog archive for other posts relating to Ban the Box:

Tuesday, May 23, 2017

Hiring in the millennial age

People between ages 18 to 34 are in the millennial generation and were projected to number 75.3 million in 2015, surpassing the projected 74.9 million Boomers (ages 51 to 69). That generational group fills the job pool and is highly sought after. Generational differences mean you need to adjust your job screening process. Below is an excerpt from an article posted on Society for Human Resource Managers, written by Angela Preston, which explains some legal issues you should be aware of when screening Millennials.
Hiring this growing generation of workers introduces a whole new set of legal challenges to the HR department, and the background screening process is one of those challenges. These five legal lessons should provide a good starting place for making your screening program more compliant and Millennial-friendly.

Social Media Searches
Millennials love their social networks. In fact, social media in many ways defines this generation. Many have grown up with Facebook accounts and can’t remember a world without the Internet or even without Twitter. They chronicle their lives on Instagram. Some say Millennials share too freely and fail to appreciate the impact that social media posts can have on their careers. The oversharing can be tempting for hiring managers who are eager to tap into the wealth of online information…. employers are more likely to stumble upon protected class information that could get them into hot water. Employers need to make sure that any social media screening is done by those who are familiar with the legal risks—particularly anti-discrimination and privacy laws.

Digital Natives and Age Discrimination
Millennials are not direct targets for age discrimination. But here’s the rub—the hiring criteria you are using to attract Millennials might be at the expense of those older 40-somethings who are protected by the Age Discrimination in Employment Act (ADEA) and other similar state laws. Another example is the term “digital native.” It’s the new code for a recent graduate and it’s popping up in ads where companies are looking for a person who was born and raised in the digital age. In other words, Millennials. Legal experts agree that pre-screening for digital natives is a form of thinly veiled age discrimination.

Driving Records
Apparently Millennials don’t like to drive. According to AARP, Millennials drive around 25 percent less than their counterparts did just eight years ago. If a licensed driver with a clean driving record is your target, you might actually be eliminating a significant number of prospective Millennial applicants. That might not be a big deal, but like all parts of a pre-employment background check, you want to make sure that the information you are seeking is relevant to the job at hand. Before you run a motor vehicle report (MVR) on an applicant, you should be asking yourself why? Is a clean driving record a bona fide job requirement?

Millennials, more than any other generation, tend to rely less on traditional bank loans and credit cards. They are more likely to use cash, and as a group they actually spend less than Generation X or Baby Boomers. They tend to borrow less, which some experts think is related to their large amount of student loan debt. Credit is already a slippery slope, with many states prohibiting use of credit for pre-employment screening.

Job History and Verifications
Millennials job hop. According to Data Facts blog, “a whopping 91% of them don’t expect to stay at a job for longer than 3 years.” They are mobile, more likely to move to large urban areas and are less motivated by pay. Their priorities are different from those who came before them and will move on in order to find more meaningful work.

Also about millennials affect on the work force is our March 2017 post Customer service in the millennial age

Monday, May 8, 2017

What’s in your wallet?

The salary question

The movement to remove the criminal history question from employment applications has been steadily gaining popularity over the last several years. Ban the Box (referring to the checkbox asking if an applicant has ever been convicted of a crime) laws have been enacted by cities, counties, and states. Most affect only government applications but a few apply to the private sector. They are currently 26 states and 150 cities and counties. Maryland is one of those states and the laws applies to state government applications only. While it is not against federal employment laws (past bills in Congress have failed) the EEOC strongly encourages employers not to base hiring decisions based on the applicant’s criminal history.

Another interview question under scrutiny is the salary question-“What is your current and/or most recent salary?” Proponents feel that asking the question will help correct salary disparities by not basing offers on past pay. Arguing that pay should be offered for the position, based on market values, not the person. Employers feel that the new laws are more government intrusion that affects hiring and hurts their overall business.

The attention to this question comes from the equal pay for women campaign, which is gaining popularity on political platforms. Women earn roughly 80 cents per dollar compared to men based on information form the U.S. Census bureau. This pay disparity tends to follow a woman throughout her career when new salary offers are based on current or past history.

Pay equity laws

As with Ban the Box, once the wave starts rolling it does not take long for cities and states to follow suit. The National Conference of State Legislatures lists 43 states with equal pay laws that prohibit discriminating between the sexes. However, Massachusetts was the first to enact a law that specifically prohibits paying a woman less than a man.

In August 2016, the Governor of Massachusetts signed into law the Pay Equity Act, which will take effect July 1, 2018. Under this law it will be illegal for employers: to pay men and women differently for comparable work, screen applicants based on past salaries, contact the applicant’s former company reference salary, and restricting employees from discussing their salaries.

After Massachusetts big cities quickly passed laws. Philadelphia became the first to enact such a law, which was to take effect in January 2017, but is delaying implementation awaiting a federal ruling on a petition to block the law. In April 2017, New York City barred employers from inquiring about salary information.

This issue is gaining attention at the federal level as well. In September of 2016 the Pay Equity for All Act of 2016 was introduced to the United States House of Representatives and is still in committee. The original proposal would make it illegal to screen prospective employees based on their previous wages or salary histories; ask for previous wages or salary; or fire or retaliate against any current or prospective employee because the employee opposed disclosing salary information.

Maryland’s equal pay act took effect October 1, 2016 when The Equal Pay for Equal Work Act of 2016 was enacted. The law applies to employers of any size and extends protections to gender identity as well as sex and bars employers from prohibiting employees from discussing or disclosing wages or those of another employee. The full law can be found at Maryland Equal Pay for Equal Work 
See our blog archive for more Ban the box and hiring discrimination posts:

Monday, April 24, 2017

Teach your employees well

Small business hacking is becoming more prevalent. The payoff isn’t as big but the opportunity is greater and security is lacking. Security firm Symantec reported in 2016 that 43% of cyber attacks were against small business. Small businesses have little in the way of security and employee training. They often have more to lose in the sense that they have less cash flow or all of their money is tied up in their business. Making them more likely to pay ransoms. (Ransomware is explained in more detail in our post-If you ever want to see your files again…)

Attacks can be as simple as rerouting the web address to a porn site, locking all of the computers for a ransom, all the way to hacking financial data and cleaning out bank accounts. More than half of the companies attacked were forced to go out of business. Maintaining sound computer security cannot be emphasized enough.

The website Small Business Trends, in an article posted January 3, 2017, stated that 48% of attacks are caused by an employee error. In addition to updating security software one of the biggest defenses owners can deploy is educating their employees on cyber attack indicators. The malware has to enter the system somehow. Simply clicking on attachments will send the virus into the network to do its work. The more stealthy viruses will enter the system without a show of existence. These are meant to mine data from the system. By the time you find the virus the bank accounts are fleeced.

Regularly train employees on different types of attacks and how to defend against them. Establish a policy for computer usage. Explain what is acceptable Internet use. Malware can be injected via email attachments or links to websites. These links can be introduced through email or social media. Demonstrate what a suspicious email, link, social media contact looks like. Practice solid password policies and change regularly. Encourage employees to speak up when something is suspicious and do not click on the suspicious activity.

Even if you do not think you store valuable data, although customer records are a valuable commodity, the chance of losing your business data or risking a financial attack is too great a chance to take.

See our blog archive for other posts relating to cyber security:

Wednesday, April 12, 2017

437th sine die

The 437th session of the Maryland General assembly came to a close on Monday, April 10, 2017. Here are the business related laws that were passed.

Paid sick leave: Businesses with 15 or more employees would be required to provide five days of paid sick leave.

Manufacturing: Tax incentives will be offered to companies that add manufacturing jobs and provide related training for skilled workers.

Health care: A commission was formed to monitor federal actions that affect Maryland health care.

Governor Hogan has said that he will veto the paid sick leave bill. Governor Hogan proposed his own paid sick leave bill that set the employee mark for businesses at 50 and included tax incentives for smaller companies that offered paid sick leave. If the bill is vetoed, the legislature does have the necessary votes to override the veto. However, lawmakers will not have an opportunity to override the veto until next year’s legislative session, delaying the implementation of the bill until 2018.

437th session has more business laws January 2017

Tuesday, March 28, 2017

Customer service in the millennial age

Several recent experiences with different companies chat service have proven to be helpful and satisfying interactions. It seems that the customer service experience through chats and emails has been getting better. Either training has improved or companies are finally responding to customer needs. Another possible solution for this phenomenon is that the work force is getting younger.

According to a U.S Census Bureau report from June 2015, millennials represent more than one quarter of the nation’s population at 83.1 million. In comparison, the next largest population are Baby Boomers at 75.4 million. With their defined birth years between 1982 and 2000, they are well into the workforce and setting policy and trends. The economic landscape is adjusting. Millennials have grown up always digitally connected through cell phones, computers, games, and tablets. They tend to have less money to spend and will use their digital resources to scour for deals. The biggest generation in U.S. history is changing our economic landscape and how companies do business.

Companies have had email and chat alternatives for customer service contact for some time. It is reasonable to say that as millennials enter the work force they will bring their values and habits with them. One of those is reluctance to speaking on the telephone. They’d much rather stay within the digital world. They, themselves, use resources such as chat and email to communicate with business. In turn they provide the same service they would like to receive, putting more effort into something in which they believe a valuable resource.

Just a theory.

See our blog archive for other posts relating to millennials:
#IQUIT February 2014

Wednesday, March 15, 2017

Should social media rants get you fired?

Should an employee be fired because of social media rants? Some business experts feel that employees that sound off should be fired because they don’t uphold the character and face of company. The National Labor Relations Board (NLRB) has heard these types of cases since 2010 and began issuing decisions in 2012. The NLRB usually sides with the employee, reasoning that the employee’s social media postings are protected activities under the National Labor Relations Act, specifically-Employee rights to organize and speak out against unfair labor conditions.

If the rants take place on company time, using company resources, the employee could be disciplined for infractions other than the actual posting. But when the postings occur outside of work, the line has been drawn between employee rights and violating policy.

Beyond firing someone for something you don’t like on social media is the policy prohibiting the rant. If the company doesn’t have a policy then little action can be taken. Many businesses, especially small business, have no policy regarding social media. Employee handbooks and company policy need to be  living documents. It seems like there is always a new topic to be covered. Social media policy is an extension of that organism. Although social media and employees going off on their employers are not new, the policies governing how businesses handle it are still evolving. And the NLRB helps draft those policies each time it offers a decision. Businesses have to stay abreast of the issues and the decisions being made.

Defending the honor of the company or getting rid of a bad employee, firing someone for his or her rants on social media can be a dicey situation. Opening up the company as well as the person responsible for the firing to court action.

See our blog archive for other posts relating to social media policy issues:

Wednesday, March 1, 2017

How well do you know someone?

Watching the vetting process for the new presidential cabinet you heard politicians and others vouching for the nominees.  They would qualify their knowledge of the person’s background by stating how long they’ve known the person, “I’ve known this person for five years.” Really? Five whole years?

There is the possibility that you can really get to know someone in a short span of time. But it is highly unlikely, especially if you’re not with the person 24/7. There have been incidents of husbands and wives, who have been married for more than a decade, not knowing of the others “secret” life. So how can you vouch for a person, you have known for five years, and periodically interact with? If your “friend” is forty and you’ve known them for five, or even ten years, that seems like an eternity. However, they’ve had twenty-two years of adulthood before you ever met them.

Then you have the now cliché neighbor of a crime suspect, “[He’s] always been a good neighbor. Quiet. Never bothered anyone.” Chances are the neighbor is basing their assessment on fact. They never really knew the suspect so, of course, they were quiet and never bothered anyone.
If a background investigator has ever contacted you regarding an investigation for a security clearance how well you know someone can become shockingly evident. People obtaining security clearances fill out a questionnaire, part of which includes references. These references have to be non-work, friends and neighbors. Sometimes you have no idea why your name was used. You hardly know the person. But sometimes the investigation is for someone you’ve “known” for ten or more years (Most backgrounds require the reference to be a person you’ve known for five or more). But you don’t hang out with them, you don’t interact socially, you lose touch. But here is your name as a reference. The investigator starts asking the standard questions and you realize that although you’ve known this person since college, you cannot provide one piece of information that can verify anything about the person’s proclivity for cheese or espionage.

So to stand before a congressional committee and state that, “I’ve known this person for five years and they have absolutely the best character”, is little bit of a stretch.

See our blog archive for other posts relating to character association: 

Tuesday, February 14, 2017

Tax [Fraud] Season

Once the calendar year turns over thoughts of filing taxes begin. So do the warnings of tax fraud and prevention tips. Having been the victim of tax fraud I know the inconvenience of proving your true identity to the IRS; now having to file under a number rather than your true name. As the digital world expands, so does tax refund fraud. It’s a good bet that you know someone who has been a victim or that you, yourself, are a victim.


Most people will file their tax returns electronically, either themselves or through a tax preparer. It’s quick, it’s easy, you get your refund faster. Unless you get an error saying that you have already filed. You’re first reaction is that there is a mistake, but you soon realize that you have been the victim of identity theft. Someone has obtained your name and social security number and filed your taxes on your behalf.

It may not have been a direct theft in the classic sense. It could have happened during an electronic data breach of a larger scale or someone hacked your computer, any number of ways. Your information is uploaded to the dark web (it’s a real thing that criminals use to conduct their business or exchange information) and resold many times. The criminal then fills out an electronic tax return with your information and bogus financial information and has the refund sent to a direct deposit or PO Box. The IRS does compare information against past filings but that doesn’t occur until well after the refund has been issued. Software is in place to try and stop fraud, but, again, the refunds are issued so quickly it happens before any alarms go off.
You then have to go through an arduous process to prove yourself to the IRS, file the fraud report, and wait for the IRS to investigate your claim. If they find that you are a victim they will then issue your return and assign you an identification number to use for future filings. The whole process takes several months. Other than the waiting, it really wasn’t an unpleasant experience and the refund was issued in a timeframe shorter than expected. It’s also interesting to request a copy of the fraudulently filed return from the IRS. You get to see what deductions your other self made and the amount some PO box received.


One school of thought of being susceptible to fraud is filing returns late in the season, near the April 15 deadline. This gives the criminals time to file their fake returns and receive the refunds before you file. Tax regulators say to file early to get a refund as quickly as possible, thus beating the criminals to your money. States have even made the effort to streamline the process so that refunds are received as quickly as possible after the return is filed.

Law enforcement doesn’t comment on the timing of the filing, but rather to delay the issuance of the refund so that fraudulent returns can be identified.  At a recent tax security summit, the U.S. Attorney for Maryland, Rod Rosenstein, commented from the panel, “The quicker you are on paying refunds, the greater the risk of not finding fraud.”

Hawaii, Illinois, Louisiana, Minnesota, Montana, North Dakota, South Carolina, and Utah are some of the states that are slowing returns to further prevent fraud. Maryland issues refunds within two days of receipt of the return. The comptroller’s office relying on analytical software to detect digitally filed fraudulent returns. Additionally, Maryland will not issue refunds until the comptroller’s office has a W-2 on file. With these methods in place the comptroller’s office hopes to combat fraud while at the same time efficiently serving the taxpayers.

The Maryland legislature this year is considering a bill named the Taxpayer Protection Act of 2017. This bill would give the comptroller’s office broader authority to build criminal cases against fraud and extend the statute of limitations for prosecution to six years.

There is no way to know if your personal data has been stolen. Regarding taxes it is best to file early. If you do become a victim, report it to the comptroller’s office and IRS as soon as you are aware. Document everything you do and who you speak to. Secondarily, begin looking into your banking and credit cards as they may have been breached as well. Review statements and set up alerts.

Be sure to read our others posts related to identity theft.