Those opposed to screening firms’ regulation by state licensing authorities point to the Fair Credit Reporting Act’s federal governance of our activities, at least as they relate to employment and extension of credit. If the FCRA is designed to protect the public and ensure that consumers are treated fairly, the argument goes, why should state laws add another layer of bureaucracy and expense?
Many screening firms maintain that we are not private investigators because we don’t conduct surveillance, work for attorneys, or do other Sam Spade types of work.
In fact, because the kinds of work conducted by private investigators varies so widely, the definition of “private investigations” is very broad in most state’s statutes. Under Texas’ statutes (under which my firm is licensed), “a person acts as an investigations company… if the person engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information related to… the identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person.” This language is strikingly similar to the definition of a consumer reporting agency under the Fair Credit Reporting Act. The language in most other states’ licensing statutes is similar. I cannot say whether state legislators had the background screening industry in mind when they wrote these statutes but in most cases, it is clear that screening firms’ activities fall under the state’s definitions of private investigations.
Most state’s private investigator licensing began long before the background screening industry exploded. In many cases, licensing was first sought by private investigators seeking to improve the quality and public perception of their profession. In many cases, other security-related services, most notably guard and alarm companies, were included under the licensing authorities’ jurisdictions.
Unfortunately, the knowledge and experience requirements in most state’s licensing requirements are rarely relevant to the screening industry. In Texas, for instance, the test that must be taken by the manager of a licensed PI firm includes questions about how often guard dogs must be fed and watered, the licensing fees for alarm installers, and other information that does little to ensure that the manager is competent to operate a background screening firm. There is no mention of the Fair Credit Reporting Act, the structure of the various state’s court systems, or even the difference between a misdemeanor and a felony.
On the plus side, many state’s licensing laws require that licensed firms maintain liability insurance. This gives consumers and clients some hope of receiving compensation for willful or negligent behavior by the licensed firms.
Licensing laws also prevent firms from being owned by or employing convicted criminals. Currently, an individual with a criminal record that includes identity theft can open a background screening firm and begin collecting consumer information with little or no problem, apart from state licensing laws.
Most importantly, the existence of a licensing authority provides the public with a method for filing a complaint about inappropriate or illegal activities by licensed firms. Certainly, a consumer complaint to a state licensing authority is a better option from the consumer’s point fo view than the expensive alternative of filing suit in federal court.
Following the high profile security breaches both inside and outside of our industry, it is highly unlikely that the background screening industry will be able to successfully opt out of state licensing laws without first proposing some other solution.
Certainly, the National Association or Professional Background Screeners’ current effort to create an accreditation program for employment background screening firms will differentiate those firms that excel at consumer protection, data security, legal compliance, and quality. However, this voluntary program will do little to dissuade those with criminal intent or negligent practices from entering our marketplace.
Because we traffic in large volumes of personally identifiable information, the basic ingredients of identity theft, I believe it will hurt our credibility to seek less regulation of our profession at this time. However, a few credible options to the licensing issue have been suggested:
1. Advocate changes to state licensing laws that recognize what we do and don’t lump us in with security guard companies and alarm monitoring companies. Texas is playing with the idea of multiple classes of PI with testing requirements unique to each class. There should be a category for firms providing consumer reports for FCRA-permissible-purposes. The downside to this option by itself would be the expensive requirement that firms maintain licenses in multiple states.
2. Advocate reciprocity in state licensing laws. In other words, like a commercial drivers license, allow a PI license issued in one state to be recognized in the other states that require licensing. The National Council for Investigative and Security Services (NCISS) would be an excellent partner for NAPBS in this effort. Working against this effort, however, would likely be the state investigative associations seeking to protect their members’ home field advantage – not to mention the states who stand to lose the revenue generated by licensing fees.
3. Advocate state-level consumer reporting regulations that establish licensing standards exclusively for CRAs and exempt us from PI-licensing requirements. This might be incorporated into a future draft of the Uniform Commercial Code. However, the creation of new state bureaucracies will be a difficult argument to make at a time when state-governments are already looking for ways to trim their budgets.
4. Advocate federal consumer reporting regulations that include national licensing standards and preemption of state laws requiring PI licensing, perhaps as an amendment to the FCRA. This would likely require that the CRAs limit their activities to FCRA-permissible purpose reporting or also comply with their respective states’ laws for PIs. For instance, if your firm does any business due diligence work that falls outside of the FCRA, you’d probably have to maintain a PI license, if required in your state. Again, this would likely be opposed by many states because of the loss of revenue generated by licensing fees.
None of these solutions is a complete answer but surely there is some solution more reasonable than advocating for no regulation of individual firms. In our current environment, arguments for less regulation will fall on deaf ears. We would do much better to recognize this and work for solutions that recognize the public’s concerns about privacy and data security while still ensuring that we are able to deliver to our clients the information they need to make sound business decisions.
This article was originally published in The Background Investigator, a monthly journal for the pre-employment screening industry.