Ask the Headhunter: Should I let my employer put my photo in its database?

Businessman selfie

Identity theft is a serious concern, and there should be good reasons why you should be required to take the risk.

Nick Corcodilos started headhunting in Silicon Valley in 1979 and has answered over 30,000 questions from the Ask The Headhunter community over the past decade.

In this special Making Sense edition of Ask The Headhunter, Nick shares insider advice and contrarian methods about winning and keeping the right job, on one condition: that you, dear Making Sense reader, send Nick your questions about your personal challenges with job hunting, interviewing, networking, resumes, job boards or salary negotiations. No guarantees — just a promise to do his best to offer useful advice.

Question: Recently our HR department sent out a company-wide email, asking us all to go to our personal page on our company’s Paylocity website and upload a photo of ourselves. We can take a “selfie,” or they will have someone shoot a photo for you.

I don’t feel comfortable uploading my picture. It would be bad enough if Paylocity were hacked, and a thief could gain access to all of my personal information. But if the thief also finds my photo as well, could they not create a fraudulent photo ID, or even a fake passport, with which to commit crimes?

What are my options? Can I respectfully refuse to submit the photo?

Nick Corcodilos: Companies try to make themselves seem more friendly and open by personalizing their websites and employee databases. In today’s world, that seems natural. After all, you might already have your photo on LinkedIn or Facebook.

Unfortunately, just because everyone is doing it means you have to do it — and it certainly doesn’t mean that the risks you describe are eliminated (or worth accepting).

I think you must consider two things. First, does your company’s employee manual require that your photo be added to your file? That could make it a condition of employment for everyone, including you. Second, would the omission of your photo from the company’s records somehow adversely affect your ability to do your job properly? I think an employer has the right to make sure nothing interferes with you getting the job done.

If the answer to those two questions is no, then you must decide how much of a fuss to make. I think a lot of readers will suggest it’s silly to make a fuss, because “all the information about you is probably already online.” But I think you have a right to privacy if that’s your wish. I suggest you explain your position to your boss, and ask for advice about how to handle this matter with the HR department. You might provide your boss with a couple of credible articles about identity theft to support your position.

If HR argues with you, explain that you’d of course be willing to compromise if you can be assured your privacy will be protected. I’d ask if they’d be willing to provide a written certification that the company will accept liability if your photo is misused. Taking it a step farther, does Paylocity provide any such assurances? If not, why not?

I doubt HR will give you such a certification, which just reinforces your position — but I think it will help you make your point. It becomes a matter of who owns the risk. The troubling thing here is that your HR department is effectively outsourcing the risk. If your identity is hacked via the payroll database, who’s really responsible? My guess is your employer would deny liability. This trend in outsourcing key company functions should worry any employee. (See “Big Brother & The Employment Industry: ‘All your employment are belong to us!’”)

My guess is they’ll let you out of this, because I doubt the two questions I posed above would be answered yes. If they continue to press you, then you have a decision to make. Would you quit your job over this? Some people might, and I would not argue with them. Identity theft is a serious concern, and I’d need to see good reasons why you should be required to take the risk.

Is anyone else on your work team worried about this? It may be best if a handful of people get together and politely decline as a group.

Dear Readers: Has your identity ever been hacked in your employer’s database? How much personal information are you willing to provide to your company? How would you advise this reader?

Nick Corcodilos invites Making Sense readers to subscribe to his free weekly Ask The Headhunter© Newsletter. His in-depth “how to” PDF books are available on his website: “How to Work With Headhunters…and how to make headhunters work for you,” “How Can I Change Careers?”, “Keep Your Salary Under Wraps” and “Fearless Job Hunting.”

Send your questions to Nick, and join him for discussion every week here on Making Sense. Thanks for participating!

Copyright © 2016 Nick Corcodilos. All rights reserved in all media. Ask the Headhunter® is a registered trademark.