HMO Quarterly Employment Bulletin – April 2015

HMO Quarterly Employment Bulletin – April 2015

 This Bulletin is devoted to the criminalisation of enforced subject access requests.  This is an important matter for you as an employer when it comes to interviewing job applicants and monitoring existing employees in sensitive positions.  Step out of line and you are liable to face criminal charges.

The underlying legislation is section 56 of the Data Protection Act 1998.  This makes it an offence for an employer to require an employee or prospective employee to provide the employer with information obtained by means of a subject access request as to his convictions or cautions.  This provision came into force on 10 March 2015.

As an employer you will need to know whether a prospective employee has a criminal record which impacts upon his character or suitability for the job.  Further, you may require this information by law because of the nature of the job.

The impact of the legislation around rehabilitation for offenders, however, provides limits upon the disclosure of the previous convictions and cautions which you as an employer can obtain.  Under the rehabilitation legislation convictions become spent and a convicted person becomes rehabilitated at the end of a period.  The period set out in the legislation will reflect the seriousness of offence.

To complicate matters some convictions and sentences do not become spent.  Also in some sensitive areas, you as an employer will be entitled to full disclosure.

The general position is that as an employer you are entitled to obtain information about a prospective employee’s criminal record by asking that employee directly or by obtaining a certificate from the Disclosure and Barring Service (DBS).  But, Section 56  makes it an offence for you to require the prospective employee, an existing employee or someone else to supply the employer with a record of convictions or cautions by means of a data subject access request from a prescribed data controller.

The prescribed data controller list includes the Police, the National Crime Agency and the Secretary of State.  Until now some employers have sought to circumvent the rehabilitation legislation by requiring an employee or prospective employee (or even the supplier of services) to obtain their full criminal record (as an individual is entitled to do) and then pass it on to the employer.  If you do this, then it is now clear that you will commit a criminal offence.

The DPA does provide two possible defences if you are charged with demanding an “enforced subject access request” and these are:

  • That in requiring an enforced subject access request you had authority under some other legislation or a Court order; or
  •  In the specific circumstances your actions were justified as being in the public interest.     

The public interest defence, however, is limited as the DPA says that simply arguing that it would assist with the prevention or detection of crime to receive full disclosure will not amount to a public interest defence.

In summary, the new law makes it an offence for you as an employer or prospective employer to try to get round the restrictions of a DBS check (because of the rules as to “spent” convictions) by requiring someone to obtain and provide a copy of his Police National Computer record instead.

If convicted of an offence under Section 56, you will be subject to a fine. If the case is dealt with in the Crown Court the fine is unlimited.

If you require assistance in connection with employment law matters please contact Patrick Nelson, Associate Solicitor on 01785 211411 or


The contents of this article are for the purposes of general awareness only. They do not purport to constitute legal or professional advice. The law may have changed since this article was published. Readers should not act on the basis of the information included and should take appropriate professional advice upon their own particular circumstances.






Posted in: