AI Company Eightfold Sued For Helping Companies Secretly Score Job Seekers (reuters.com) 16
Eightfold AI, a venture capital-backed AI hiring platform used by Microsoft, PayPal and many other Fortune 500 companies, is being sued in California for allegedly compiling reports used to screen job applicants without their knowledge. From a report: The lawsuit, filed on Tuesday accusing Eightfold of violating the Fair Credit Reporting Act shows how consumer advocates are seeking to apply existing law to AI systems capable of drawing inferences about individuals based on vast amounts of data.
Santa Clara, California-based Eightfold provides tools that promise to speed up the hiring process by assessing job applicants and predicting whether they would be a good fit for a job using massive amounts of data from online resumes and job listings. But candidates who apply for jobs at companies that use those tools are not given notice and a chance to dispute errors, job applicants Erin Kistler and Sruti Bhaumik allege in their proposed class action. Because of that, they claim Eightfold violated the FCRA and a California law that gives consumers the right to view and challenge credit reports used in lending and hiring.
Santa Clara, California-based Eightfold provides tools that promise to speed up the hiring process by assessing job applicants and predicting whether they would be a good fit for a job using massive amounts of data from online resumes and job listings. But candidates who apply for jobs at companies that use those tools are not given notice and a chance to dispute errors, job applicants Erin Kistler and Sruti Bhaumik allege in their proposed class action. Because of that, they claim Eightfold violated the FCRA and a California law that gives consumers the right to view and challenge credit reports used in lending and hiring.
Many companies collect data and train AI with it (Score:5, Interesting)
I'm not saying that the AI company shouldn't readily seek permission to harvest and use personal data, but it's far from a special case. Take Palantir for instance. Are they not doing the same thing?
It seems odd that the onus is on the third-party platform to be transparent to the candidates about data collection and AI use, and not the companies using the tool.
I am all for this lawsuit being successful if it sets a precedent for all AI companies using our data. But if the scope is specifically around the hiring process, I think the individual companies should be held accountable for using the tool without candidates' consent or knowledge.
Re: (Score:2)
After all- if they're not hit for doing this, they'll just find another way to do it if this one goes away.
Re: (Score:3)
The reason this is tied to only AI with hiring instead of all of AI and our personal data is because the law states for lending or hiring purposes.
We would need strong personal privacy laws and that is never going to happen in the USA.
Re: (Score:2)
"It seems odd that the onus is on the third-party platform"
The key problem seems to be the aggregation from multiple sources, not just processing the data given by one client and providing the results back to that client. Since it is the third party that does the aggregation, that's where the liability lies.
The client companies only dealt with one source, so all they can do is point to that one source.
Re: (Score:2)
So how is it different if you have an algorithm do that work for you? If this
Re: (Score:3)
So how is it different if you have an algorithm do that work for you?
It's not about using an algorithm, it's about using a third party whose involvement was not disclosed, and disclosing applicants' information to them. This information is in the summary.
Re: (Score:2)
It's not about using an algorithm, it's about using a third party whose involvement was not disclosed, and disclosing applicants' information to them. This information is in the summary.
Again, either the article (the actual article, not the summary) is leaving out important information, or this is going to be a hard case to win for the plaintiffs.
The lawsuit, filed on Tuesday accusing Eightfold of violating the Fair Credit Reporting Act shows how consumer advocates are seeking to apply existing law to AI systems capable of drawing inferences about individuals based on vast amounts of data.
So that requires the definition of the FCRA
The Fair Credit Reporting Act (FCRA) is a U.S. federal law ensuring the accuracy, fairness, and privacy of personal information in consumer credit reports, regulating how Credit Reporting Agencies (CRAs) collect, use, and share data. It empowers consumers with rights to access their credit reports, dispute errors, get free annual reports, and place fraud alerts, while also placing obligations on businesses that furnish information (like lenders) and those that use credit reports (like employers or insurers).
My point was that the article mentions nothing about running a credit report. Either the article left that part out for some weird reason, or these two plaintiffs are trying to say that any third party report gathering information without the consent of the applicant qualifies as a credit report. I'm not
Re: (Score:2)
All these reports are simply opinions. Having an opinion, even for sale, is not an actionable item.
You could say that about credit reports too. They're just someone's opinion of how credit worthy you are.
Practically speaking, that ship has sailed. We've already collectively decided if someone is collecting data and making a decisions which can have profound effects on someone, that someone has a legal right to see what data went into that decision. However, the law as written may or may not apply to AI because AI wasn't a thing at the time. If it doesn't, IMHO, that's a job for Congress or the California
Use the DROP act? (Score:3)
Re:Use the DROP act? (Score:4, Interesting)
I would be all for this, but the sad reality is that it equates to playing whack-a-mole. Having to opt out of lists justs guarantees that another list pops up. It's infuriating and exhausting.
Forcing companies to only use data where the target has opted in would barely help, too, because the opt-in would be buried deep in a TOS, and it would include allowing them to sell it, essentially opting that person in to third parties... and then the whack-a-mole continues.
Contracts can not be used to break laws. Agreeing to such a contract would be invalid. What we really need are laws that prohibit third party transfer of data all together OR, seeing as how that would be wildly impractical, require that any third party companies reach out to the target of the data and get an additional explicit opt-in. That would turn this miserable industry on its head. Though I don't imagine something like that would ever happen.
So many known issues (Score:2, Insightful)
I have heard so many horror stories of job candidates. Often with no chance of finding out why, but people can lose jobs because:
1) name is similar to a pedophile from another state.
2) debt from identity theft - when they did not know it was going on and were NOT told by the employer.
3) their index finger was too long.
4) wrong age/race/gender/religion - yes this is illegal in the US but it still happens.
Companies get inundated with way too many categories which leads them to be arbitrary. They treat job
It's Pauline's Evil AI, Mickey Luv (Score:2)
Never mind the job interview... (Score:2)
Just what in the name of the Great and Mighty Cthulhu is an AI doing with access to FCRA-scoped data in the first place? As incompetent and... well... leaky as GPT and other AI models are; they shouldn't even be *connected* to personal financial data at all, much less the credit bureaus and FICO.
I mean... "vibe coding" is bad enough to clean up. Is "vibe identity theft" about to become a thing?
We need the Three Laws, godsdammit!