I have never heard of Pave before, but this just sounds like yet another copy of Equifax's "The Work Number" [1]. Basically, HR at many companies gives your salary and employment history data to Equifax, who then sells access to the information to certain parties with supposed need to access it, including potential and current employers and creditors. This report is likely one of the most invasive consumer files out there for many people.
I cannot comment on the legality of this kind of data sharing, but as I and others have pointed out, it has existed for a while. I do agree that it is concerning. You can freeze your Equifax The Work Number report at least, just like other credit reports.
I downloaded a personal report from the work number website and found to my horror that my employer was reporting every. single. paystub. gross and net, to equifax.
That felt like a huge breach of privacy. Given that equifax had already proven incompetent at keeping my data secure, I immediately sent HR a request to stop sending my supposedly 'confidential' pay info. They politely told me to kick rocks, so I went on TWN's website and froze that report so no one would be able to request it, and it will be a cold day in hell before I thaw it.
I am an investor in equifax. Let me clear up a misconception on where the data comes from. Half the data comes from large enterprise customers, who “sell” the data in exchange for Equifax doing I-9 verification for free. The other half comes from 39 payroll companies. Every single payroll company except for Rippling and Gusto sell paystub data to Euifax. (Rippling will start next year). Those are exclusive revenue share deals. You cannot be a competitive payroll provider without the revenue share from Equifax. So before you blame your employer, they might not be selling it directly and even if they opted out, your payroll company will sell it anyway.
The actual buyers of payroll software don't care and if you think people are going to evaluate their potential employer based on what payroll solution they use, you are wrong.
This may not be correct. My current company uses Gusto for payroll. Pulling my data, I see everything. I am confirming with Gusto support its sourced from them.
Confirmed with Gusto. They send data to WorkNumber.
"...for the purpose of automating employment and income verifications. This feature helps streamline the process for employees who may need to provide proof of employment or income for loans, credit, or public aid."
That's good to know. The company I work for currently uses Rippling; I will mention this upcoming change and suggest that we should consider switching to Gusto.
Perhaps you would find it to be more palatable if it were phrased as: "You cannot be competitive as a company if you do not serve the wants and needs of the customer."?
But, of course, that says the same thing. These companies are scumbags because that's how the customer wants them to behave. In this case, because it makes executing payroll cheaper for the customer, which is a highly desirable trait to the customer.
The customer often does not have the luxury of making perfectly rational choices.
IBM for example waits to fly you out to orientation in Armonk before they show you the binding employment contract with dubious clauses.
These businesspeople know this. Introducing pressure and a sense of inevitability of poor conditions is part of the game. And they know that it's scummy. But Ayn Randians will defend them to the grave as they eschew the responsibility to build a stable enduring economy for one that disproportionately rewards them.
Framing it as the customer wants this level of strongarming is the same as saying they want bloody revolution when it inevitably follows. What customers actually want is for scumbags to be banned from leadership roles in the economy, and for toxic business strategies to be regulated out of relevance.
It is indirect instead. The employer tells the payroll company: pay employee $x (and handle deductions, retirement contributes etc ...) The payroll company then has this data and can resell it. I would expect the contract the employer has with the payroll company explicitly allows for the data sharing.
Most highly-paid people have no idea how much privilege this affords them.
You wonder why so many businesses are nice to you? It’s because they’ve already looked you up and know you’ve got a high income and are a millionaire.
Write a personal check for your next automobile? Sure thing, you can drive it off the lot a few minutes later. They won’t even bother cashing the check for a week or two.
Try doing something like that as an hourly worker, even if you’ve got the money in the bank.
You wonder why so many businesses are mean to you? It's because they've already looked you up and believe from the data that you won't be a good customer.
The dealership can also just call the bank to verify funds. Which would be reasonable and non-discriminatory all without needing a third party and wouldn't involve your salary at any level. Aside from this it's the financing company that cares, not the dealership, who only wants the car off their floor credit plan.
So what you're saying is it _shouldn't_ matter if you have money, because if you're a low income earner, you should be treated poorly, and you're happy to be personally invested in a system which creates this outcome.
It not only should be regulated but you should feel a little gross for saying any of this outloud.
I know text can be flat, nuance and tone lost that would not be lost in conversation, but I'm confused by your reply Akira. I can't read any endorsement of the system in the comment you're replying to, I read it as agreeing with you in disapproving of unequal treatment
Last time I bought a car I was surprised to learn I didn't need to go to the bank and get a cashier's check but could just write a personal one. I assume that verification processes have improved sufficiently that they had confidence the money was in my account.
This is also why certain homes get hit in high-end burglary crews. There are multiple crews hitting those who purchase precious metals with physical delivery (like gold American Eagle coins). It is not all positive. Considering how few victims even bother to report such crimes, it is terrifying.
From what I understand from my cousin, a career criminal, there are entire theft rings working off of databases such as these. He knew mostly of car-related theft rings, but I hear about safe-cracking burglaries quite often, usually stealing Rolex watches or precious metals.
Because they get details on items in your safe, that you thought were hidden. The second you buy precious metals with physical delivery, you get not only the criminals who break into houses in your wealthy area, but also the criminals who specialise in stealing and selling the things you just bought.
And if they dont have the data they can monitor behavior towards you from those who do have it. Those who get to drive of with their new car vs those who may not.
What? Criminal gangs have access to databases of purchasers of jewelry and precious metals? Then they B+E, safecrack, and rob them? That’s an insane claim to make without any source besides your cousin.
We shouldn't be oblivious to those advantages and disadvantages, since then we can't decide as a society whether those advantages and disadvantages should remain or be altered. That alone is a good reason to regulate this away.
Or at the very least, require Equifax to send free physical mail notifications to everyone when their data is accessed, stating when, by whom, why, and what answer was given. (Physical mail because there's no other predictable way for the general population.) Yes, I realize this would be financially unsustainable for Equifax as they currently operate, but that's their problem to solve. Even as someone who myself has excellent credit and many years of high income in my file, they're creepy and shouldn't be catered to at the expense of our privacy.
True, but when do you even have it explained. Last time I was purchasing a car for wife, the clerk simply made a crack about how my information is now all theirs ( I forgot the exact phrasing ). And those are people who are motivated to make sure you buy so thus incentivized to make sure you are not put off.
And don't even get me started on an average person. I get blank stares when I go on a privacy rant. At best, they simply do not have time to care.
That sounds like the most unappealing exchange imaginable. Yes, let me lose both bargaining power with new jobs while simultaneously painting a target on my back, all in exchange for companies being more willing to take my money.
Now this is some remarkable gymnastics. Are you also an investor in Equifax or have some other financial interest in similar services? If not, I'm very curious to hear how you tied yourself into this knot.
I find that I have struck a nerve with some folks.
I have no connection with the industry at all. But that doesn’t prevent me from understanding the implications.
Equifax does this stuff because it is profitable. It is profitable because companies buy it. Companies buy it because they can put the information to use for their benefit. In doing so, some consumers are harmed and others benefit.
Also, for the record: I don’t often buy cars, but when I do I choose the best financial option. Sometimes that would be financing, other time it would be writing a check. One factor that everyone should consider it that your free time has a higher dollar-per-hour value than your work time.
Sure, consumers benefit so much that the example you were able to produce is the ability to write a personal check to purchase a car. Totally notable benefit relative to the violation of a person's expectation of privacy.
Last time I bought a brand new car (~8 years ago?), the dealer told me I couldn't pay more than $X amount, using credit cards, on the car, so I still needed a bank check for the rest (they wouldn't accept a personal check either).
In my experience, it used to be a cashier's check for the balance (if there was a deposit). But a couple years ago at least the dealer I bought from was fine with a personal check. Don't know if it was just this dealer or if personal check verification processes have improved.
Haven't they heard of bank transfers? In Europe you can use SEPA and if you warn the bank in advance, they're basically instant even for large amounts.
I recently bought a car and they were happy to let me put up to 100% of the purchase on a card so long as I paid the card processing fee (something like 2 or 3%).
My regular dealership even has a card surcharge for service these days. Given the rebate I get it's pretty much a no-care for smallish bills. But when I bought the car from another dealer was a bit surprised I didn't need to run to the bank to get a certified check.
I'm not going to pay by card for a huge purchase, and have the card company take 3% off the top. That's just a dick move when you can just write a check that does the same thing.
Why would I care if I'm not paying for the surcharge and I get a rebate from it? I've had a few large purchases recently where a credit card was the norm. If the business prefers a check that's fine too. I'm not going to push it. It's just business. A lot of businesses want my money and are happy to take a credit card number which is often simpler for them. I don't know their costs associated with handling checks and it's not really my concern.
That's not a tip. It's a "processing fee" assessed by credit card companies (a revenue stream). The 3% charged on top of a large purchase like a vehicle goes to the payment processing provider (the credit card company). To cover the cost of professing fees, most dealerships often offer a cash discount (meaning they will quote a lower price if paid by check).
1. The guy who owns the dealership doesn't get the credit card fee
2. If they charge you extra for using a credit card, they're breaking even
3. If they _don't_ charge you extra for using a credit card, they're paying 3% of the purchase cost to the credit card company (so, $1,000+)
So yes, it's a dick move to pay via credit card for any purchase in the thousands of dollars, if you have the option to pay by check or debit card. I always offer to pay by check if I know the money for the CC will come out of their pocket.
Don't really care. It's not my responsibility as a customer to make assumptions about how businesses prefer to get paid. They can add surcharges or just not accept credit cards at all. As someone who has been making some large household purchases this summer, my experience is that it's perfectly ordinary and expected to pay by credit card.
I'd just add that I routinely book flights, hotels, and so forth in the thousands of dollars range on credit cards and I doubt they would want anything different as a payment type.
If you get your personal data report, you'll see that it tells you who looked you up. It is not every business you've worked with. It is not even every background check that has been done on you.
I'm not saying that rich people do not have privilege - they do. But it isn't because your local car dealer looked up your earnings data.
"Oh, aren't you happy we live in a world where the rich are explicitly treated better because they carry around a big sign saying 'I am rich' when interacting with corporations?" No. I am not.
I think that's widely understood and part of the job description of being a public servant. What's not widely understood is HR secretly selling your data while working at a private company.
Is it yours though? The employer could probably argue that it's theirs. Devil's advocate: I think it's widely understood that entities can be transparent with their data if they choose, other than NDA scenarios.
In a market-first values system, where we rely on the labor market to largely self-regulate given the promises that free market idealogues & corporate actors made us, colluding on wages like this should lead to scorched-earth retribution from the FTC.
Not "Oh hey there, you're not allowed to do that, stop that", but "We are diluting your stock by a quarter and distributing it to your workers" type shit.
> given the promises that free market idealogues & corporate actors made us
I find it amusing/annoying how many Free™-market boosterism messages are actually contradictory "heads I win, tails you lose" constructs. For example:
1. "Regulations are bad, because left to its own devices the market will be optimally-efficient, once everyone has perfect-information about all the prices and deals other people are making."
2. "Regulations are bad, because cartels and collusion will be destroyed by defectors who use their freedom to make secret prices and hidden deals."
Sometimes these arguments come from the same people, but even when they don't they represent two wildly incompatible ideas of what "the free market" really is.
I wonder what the name is for the fallacies committed by this comment and grandparent comment. It's this disingenuous "even though nobody in this thread has expressed these two contradictory things, I'm just going to make them up and pretend that an imaginary member of [group that I don't like] said them".
It's like a strawman fallacy did a fusion dance with an ad-hominem. I see it all the time on HN - surely it has a name.
> It's this disingenuous "even though nobody in this thread has expressed [...]"
No, what's disingenuous is your weird attempt to stifle an entirely on-topic discussion which has made you uncomfortable. You're suggesting that we may not criticize a stance or argument unless another Hacker News user has directly advocated for it. That's not how it works, or else we'd never be able to talk about things like the DMCA or Microsoft's forced-reboot update policy.
That said, how about we steer away from pure-meta personal attack posts to something that at least involves the original topic of markets and market-actors, starting with:
> I'm just going to make them up and pretend that an imaginary member of [group that I don't like] said them"
Your comment is saying--via sarcastic subtext--that I have "made up" items #1 and #2 and that (to substitute GP's term) "free-market ideologues" do not advance either argument about efficiency or cartel-risk.
Is that really what you believe and you'd be convinced otherwise by examples, or would you like to issue some non-sarcastic clarification?
Incorrect. I'm pointing out logical fallacies and emotional manipulation. Nothing disingenuous here, just rationality.
> attempt to stifle an entirely on-topic discussion
Incorrect. This is "flamebait....generic tangents...internet tropes." (as the guidelines say to avoid) because, as already pointed out, nobody in this thread has made these arguments together.
> You're suggesting that we may not criticize a stance or argument unless another Hacker News user has directly advocated for it.
Also incorrect. I never suggested that. Additionally, even if I had, you're not criticizing a stance - that's a dishonest and incorrect portrayal of your comment, which was fabricating an imaginary contradiction between two distinct arguments, as a means of attacking a group you didn't like.
> That's not how it works, or else we'd never be able to talk about things like the DMCA or Microsoft's forced-reboot update policy.
Also dishonest and incorrect. Microsoft is a single organization that makes public statements that you can link to and point out inconsistencies in.
That is not what you're doing - the free-market HN users that you're emotionally attacking (because that's what it is - there's no logic here) are not a single person or entity, but a highly diverse group of individuals with wildly different opinions.
What's more, you didn't even respond to a comment that one of them made - you're fabricating the existence of one of them that has a set of contradictory opinions (that you've also invented) to try to generally attack the idea that they represent. That's very bad form and very clearly against the HN guidelines.
> That said, how about we steer away from pure-meta personal attack posts
You're violating the guidelines and engaging in dishonest and anti-intellectual emotional manipulation and ideological warfare...on a site that's designed for intellectual curiosity. It's very reasonable to call that out.
> Your comment is saying..."free-market ideologues" do not advance either argument about efficiency or cartel-risk.
That is not what my comment is saying or implying - that's you fabricating a strawman.
You are "fabricating" a person because there's no specific person that you're debating with. That clearly does not mean that there don't exist people who don't hold those beliefs individually (or even together) - but you're not referring to a person in your comment, you're referring to an imaginary archetype, and you're doing so as a way of attacking it.
I've absolutely met individuals who hold either of those positions individually. And I have definitely met people that are self-inconsistent with respect to the beliefs that they hold.
Neither of those things justify you inventing a nonexistent self-contradictory person as a way to wage ideological warfare against a group/ideology you don't like.
"Please don't use Hacker News for political or ideological battle. That tramples curiosity."
I encourage readers to click on that link to all the commenting guidelines, and then carefully consider who is really breaking their spirit in this thread. Goodbye.
What precisely do you disagree with about my comment?
I wouldn't say that HN commenters have been especially influential advocates in selling a potent brand of free-market capitalism to the United States of America. That happened long before HN began, and even the other advocacy efforts of people like Thiel are at this point a drop in a very large bucket.
Silicon Valley antitrust enforcement is especially topical because the government is apparently gunning for Google now, but if Realpage-like labor price collusion becomes common in the corporate world (inside or outside of SV) that's a substantially bigger deal.
Does my personal health information belong to my doctor? Not according to HIPAA, at least not in a way that gives the doctor control over selling it. While my pay is currently not protected by similar regulation, it seems like the kind of protection regulation similar to HIPAA could defensibly target.
Your personal health information is information that pertains to you and you only. Your compensation is part of a contract between yourself and your employer, hence why both parties have to sign it, and why both parties have ownership over it.
Not arguing that payroll information can't be protected, my only point was that your comparison was off.
I'm not saying it is currently the case that I own my compensation number, I'm saying it's not impossible to imagine creating regulation to make that happen.
It is still illegal in every US state. States can legalize it at the level of their own laws, and they can choose not to enforce federal laws, but that doesn't actually make it legal while federal laws are in place that conflict. A federal agent could choose to walk into any dispensary in a "legal" state and arrest everyone there, and they could be prosecuted in federal court. Yet at a practical level there has been a decision to defer to the states on what they will enforce, but that is a decision of executive authority rather than the law.
I expect you'd have a pretty complicated jurisdictional case if a team of FBI agents were to go into a dispensary in a state where it was legal and round everyone up. And pretty much no sane politician would go anywhere near it. I also wouldn't (hypothetically) travel with the stuff over state boundaries.
But in the US, federal labor law makes it illegal for employers to prevent employees from sharing pay information (at least for employees who are entitled to unionize).
It's generally quite unlikely that sharing your salary is going to result in getting bitten by that. You'd need to do labour organization (or be completely surrounded by rats and snitches and other vermin at your workplace, who already have an axe to grind) to actually get blowback for this stuff.
Most of the taboo around it is cultural, because people here attach their self-worth to their paycheck.
You could also always do it anonymously or pseudonymously. You'd have almost no chances of retaliation in that case.
The singular of anecdote is not data. Getting hit by lightning is also unlikely, but it happens to thousands of people every year.
That doesn't mean I'll be flying a kite in a thunderstorm, but it also doesn't mean that you should lock yourself in a bunker the moment the sky turns grey.
Most of the taboo around this is cultural, not retributive.
Firing people at will includes firing them because you got the feeling they may be behaving in any way in any situation perhaps in conflict to any request you made. Odds are someone won't get fired for stealing office supplies and in at will place they may be more often fired for misunderstandings related to a misperception where they don't come clean on something they never did.
That there was no way to sue the company in that example is a demonstration that the employee lacked any right to break any taboo.
As such there are teeth anywhere that is at will for any request whether it is reasonable or not and whether it relates to a taboo the employee may be expected to have or not.
I never have but I have never been told I couldn't share pay information. Certainly I have with my accountant and financial advisor. I've also been asked when applying for a new job whether or not I've been 100% forthcoming.
Well, if we're discussing whose data it is the information about how much I pay you, even from a devi's advocate perspective, you can't do better than arguing that this data pertains to both of us. So we should share the property of that data somehow. I don't see how you could argue that that data would be solely the employer's data.
If it has my name on it, it likely belongs to me. The portion that clearly belongs to the company, are the role, the amount, and my initials (maybe an anonymying number would be better?)
They're welcome to do what they want with that, but once it includes the ability to make inferences about me as an individual, more than the company, it becomes my data. I likely have to choose to share it to meet the terms of the emploment contract, but that doesn't change the appropriate ownership.
Try and apply whatever rules you want to IP the company claims to own? Surely the exact details of some trade secret process also belongs to me and I can do whatever I want with it because I need to know it to fulfill the terms of that same contract right? I can sell it to a 3rd party just 'cause right?
If I administer a survey, collect responses, and put them into a spreadsheet, is the data in that spreadsheet not mine despite the fact that it consists of things that other people told me? I can't share it without the permission of those surveyed, assuming I didn't promise not to?
These are answered questions. If you are talking about the raw data, you have to get the respondents to agree that their answers become your property (either implicitly or explicitly, there are rules around both), or no, you do not own the data in the spreadsheet.
A key distinction is that people need employment. People don't need to fill out surveys. That's why there are many things companies aren't allowed to require of their employees, that they are allowed to require of other parties.
So while, in many jurisdictions, it's fine for companies to sell data collected on their employees, and it could be argued that those employees consented to this data sharing by working there, one could also easily argue for an employee protection law that prevents companies from requiring their employees to consent to this.
It really depends on which kind of data you're collecting. If you're collecting health related data that is linkable to the people it pertains to, the GDPR would prevent you from sharing that data with third parties without one of the admissible legal basis, the most common of which is the consent of the people whose data you collected. In the case of health data, maybe even USA laws would prevent you from sharing it.
Edit: it is now some time since I studied the GDPR, so I'm actually unsure if, for healt-related data, it can be used any legal basis other than consent. The reason being that health, together with a few other categories, has special protections.
... should companies be nervous about this also though? Is the decision for their payroll info to be visible to unknown buyers an intentional, well-considered one? Is this effectively leaking potentially strategically important info?
Like, I haven't seen this happen, but could a recruiting team buy the compensation data on staff at a competing firm, identify those that look like a good deal, and poach them starting with a "we'll offer you k% more than your current employer"?
Could market analysts use this data to notice when a company starts firing more people, or starts giving fewer/smaller raises? What if the next time your company showed up in a Gartner or Forrester report, it came along with a caveat "however given decreased investment in staff, their pace of product development or quality of client services may be at risk."
The employer requires this data to do payroll correctly. Apart from that, it sound only be used for expressly authorized purposes. But maybe that's a european GDPR-influenced way of seeing this issue.
Yeah I used to work for the navy. Pay was standardized under the GS pay schedule and anybody could have looked that up. I was fine with that.
In the private sector, your comp is determined by a negotiation undermined by an asymmetric information disparity. HR at a hiring company has way more information around market comp as it is without having your exact current comp when they make an offer.
What I find particularly egregious about this is that management at this company had admonished me that my comp was 'confidential' and that I shouldn't discuss it, while simultaneously selling it to equifax.
Some jobs fall under this "public sector" transparency but work much more like a private employer when it comes to salary negotiation. For example a state university recruits staff and negotiates compensation much like a private employer (no equity options of course) but your salary will be public if you are hired.
Why would that be a widely understood part of the job description? Almost every American teacher, firefighter, planner, street engineer, health inspector, police officer, train conductor, bus driver, along with the managers, office administrative staff, janitors, and groundskeepers that support those activities are public sector employees. What do they have in common that would suggest they deserve less privacy than you do?
Most of these jobs are not special or meaningfully "public". They're just normal jobs for firms that happen to be public bodies. I don't think it's at all obvious that people are knowingly and deliberately making these tradeoffs by working there.
>What do they have in common that would suggest they deserve less privacy than you do?
That they receive their salary from the tax payer, the public is their employer, and it'd be pretty odd if your employer didn't know what they paid you. They're executive organs of the state, police and firefighters, unlike private workers, also don't get to choose what laws they enforce or what fires they put out. If you're a civil servant you obviously forego most of the rights of private sector workers in exchange for usually lifetime employment and set pay rates.
I don't think it's odd that we get to know what bus drivers get paid, but I don't think there's any special grand bargain to these jobs that make the privacy implications less significant. If we get to know what the janitor at my village hall makes, I have a lot less of a problem with Equifax knowing how much more Python developers make.
Usually they all get paid more or less the same since compensation is directly tied to the job title/rank and other public criteria. This information (in aggregate) shouldn't ever be non-public (under any circumstances) due to obvious reason. So even if your specific salary/wage is not published anyone who knows what's your specific title/job would be able to estimate it somewhat accurately.
Public servants do not make enough money to be useful targets. The meaningful threat comes from large compensation tied to other asset information (tying an online person to that income, not difficult). You can buy lists of these already tied up and ready to download for your scheming pleasure. From English Rolex robbers to Florida kidnappers, they all enjoy the data.
I do not think it can be stopped, but the days when a wealthy person could safely live in a suburb and have the kids imagine that they are middle class is long gone. It is terrifying. The best thing for a wealthy discrete person to do is move to Singapore or Australia, or somewhere with a sufficiently low crime rate to feel comfortable, or get quality security, which sucks.
The security minded can move to a gated community, which are all over the place and have existed for a very long time, and don't require moving to Singapore or Australia to live in one.
I can't see a gated community being much of a deterrent to a gang of kidnappers sophisticated enough to use these services to find potential victims. Maybe if the gate has armed guards and a strict "no tailgating" policy with ID checks etc.
There's a whole industry for protection of high net worth individuals. The financially minded ex military special forces folks can often find lucrative jobs on places like silent professionals earning on the order of 500-1500$ a DAY for close protection of the kinds of folks who would be targeted for this stuff.
The information available via the public record is not as detailed (typically annual salary)and not definitively tied to any person. The Work Number is tied to your SSN and is much more detailed than the public record (each paycheck and a breakdown of different compensation).
I think this is a little off, in that the data isn't coming from the various government entities or at least isn't required to be provided. I know at least in California most of the info is gathered by third parties using FOIA requests. It's also not associated with a SSN and just typically gives the annual compensation with limited categories. The Work Number on the other hand gets paycheck level details. Considering the data would be useless without a unique identifier, SSN is sent with it. Using The Work Number data, you could see pay period granularity changes to their compensation.
Which is fine. The problem is the imbalance of information and therefore bargaining power between workers and employers. With this information salary negotiation is like playing poker with your cards open so only thing it does is depress wages.
That's not a problem for the public sector because both sides can see it and there is no real negotiation (you still save time/money by not having to go thought the interview process to figure out your potential compensation).
Multiple websites resell the financial data for like $4 per check, for example https://www.ratsit.se/ (you can try with 'sven svennson') One can also just call the tax agency and ask. The person looking up the information does not need to provide their data.
Living addresses, birth date, vehicles, pets are available in plain text without login and can be Googled.
The problem is not public salary. In EU multiple countries have it public with noe issues to anyone. I'm outside of EU and also have my data public due to owning an LLC.
The problem is identity fraud, and evil corpos like equifax plus some weird laws facilitate it way too much on a giant scale. This is what's infuriating.
Many if not most companies outsource employment verification to The Work Number. When you get a new job, a frozen report will complicate your background check.
They don't give out salary info in employment checks though. AFAIK they require your explicit permission except for government agencies who use it to verify your eligibility for benefits. I would be surprised if they are not selling aggregate salary data though
That's normally how it goes. At least, I've always had the background check happen after an offer is signed. It's usually a separate company and they just report back whether your job titles/employment dates match your resume
I don't know how common it actually is. I've always provided references and probably OKd a background check but post-school my few jobs have always been through people I knew and there was really no reason to run a check except fr pro-forma reasons.
Yep. Equifax got hacked a few years ago and the Government let them use ITS credit monitoring tool for those affected instead of reaching into its own pockets to pay for a third-party solution.
unfreeze it just for that report. You can ask the bank, credit card, mortgage loaner which credit bureau they use and then unfreeze your account for 2 weeks.
The freeze is mostly ineffective for when you actually want it to work. From what I remember (even for the credit freezes) is that if you provide written consent to, say, a background check, then that overrides your freeze. So if you're applying for a job (basically the major instance where you'd want your salary information private) they're going to ask for your consent to do a background check and bingo they'll know how much money you make.
IMO this type of information should be illegal to sell or request.
I’m not sure this is true. The last time I changed jobs I had my TWN report frozen, and the background check company was really confused and said “we can’t seem to verify your job history through our normal means” without specifically saying why. I had to send some redacted paystubs.
With the passage of the Economic Growth, Regulatory Relief, and Consumer Protection Act which was signed into law on May 24, 2018, security freezes do not apply to the making of a credit report for use in connection with "employment, tenant, or background screening purposes" (see Sec. 301(a)(4)(I) of the Act [page 34 of the PDF below]).
To be fair, I'm not sure if the same rules apply to whatever type of "freeze" the work number offers. I'm not even entirely sure it's regulated at all.
I agree that it is actually pretty confusing what kind of "freeze" The Work Number offers when you do it, especially since The Work Number does not distinguish between hard inquiries and soft inquiries and groups both together as "Verifiers who have procured or attempted to procure your data in the past 24 months". Most freezes only block hard inquiries, which involve the extension of new credit. Background checks typically come in as soft inquiries and therefore bypass security freezes. Oddly enough, there are some companies that extend credit even with soft inquiries, so a security freeze will not stop fraud there.
That said, I have seen anecdotes online that say that when somebody pulls a frozen The Work Number report, it comes back as blank even if there is information in the file. This is different than how freezes are handled elsewhere. Most places just report back that the report is frozen when a frozen report is requested. They do not imply anything about the state of the information in it.
As a datapoint for how I've seen this used in the real world, I've spoken to startups who will defer to Pave regarding how much they'll offer to pay. The startup I spoke to said 'We pay you the 85th percentile for your YOE and role based on Pave data'.
Considering the median tech startup employee is already above average, I think the 99th percentile, and above, really only belongs to literal, bonafide, geniuses…
Is this true? I look at jobs on well found and most startups pay worse salaries than what I was making at insurance companies. Not too mention the worse benefits that they appear to offer as well.
I love that they have ALL my personal info, but I can't create an account with a password longer than 16 characters.. Why the heck are they not storing the hash?
Pave is a company that has been snapping up other existing companies that performed this kind of aggregation of compensation data. Basically companies look at this benchmarking data to figure out what they should pay for different jobs and levels. Just some extent companies genuinely need this kind of data to figure out what to do. But I also think it breaks supply and demand. Companies are not discovering price of labor but just using each other’s signals to decide what to pay collectively
This thread got pretty off track. But, if I were to opt out of this database and went looking for a job, would potential employers not be able to see specific history about me (or at least not from Equifax)?
In my experience the background check company (Hireright IIRC) was not able to complete the check “normally” with my TWN report frozen. Had to send redacted paystubs.
I cannot comment on the legality of this kind of data sharing, but as I and others have pointed out, it has existed for a while. I do agree that it is concerning. You can freeze your Equifax The Work Number report at least, just like other credit reports.
[1] https://theworknumber.com/