“I’ll Show You Mine if You Show Me Yours” in the Age of Data Privacy


Share on LinkedIn

Ok, now that I have your attention, let’s talk about the information we request from our customers. Back … back … back in the early days of the internet, we used to use the term “Netiquette.” It stood for the etiquette of the internet. One tenet of the doctrine in a nutshell was “if you are going to take something from a user (information for example), you have to give something back.

We internet pioneers evolved further with our understanding of users and our desire to make their experience better than traditional channels (faster, more accessible, cheaper to execute). We learned that the more information we requested of users in order to allow them to register at a site, for example, the higher the drop-off rate. In addition, we became conscious of the need to differentiate between what information shall be required versus what information would be optional.

Why? In addition to reducing the drop-off rate, we limited the amount of bad data that would inevitably come when requiring customers to furnish information that they would rather not provide such as:”What is your annual income?” (Unless you are applying for a credit card or loan, does anyone really answer this question honestly?) We learned that if we built a solid trusting relationship, additional information could be gathered over time when it was needed to further enhance the user experience by offering valuable content, features and functions.

Well, I have found that some of us still have a few things to learn about the information they require. This past week, I went online to a Fortune 500 company’s career site to apply for a position. The job description looked great, the requisite experience fit well, and I started to fill out the registration form … then I stopped. About half way down the form, I saw that they “required” that I provide my social security number in order to register. “Required my social security number to register?” My husband didn’t even know my social security number until after we were married and even then I asked him why he needed it. My relationship with this company hadn’t even gotten to the “First date, maybe we’ll hold hands at the movies” point yet, and they want me to flash them my Social? What was the result? I couldn’t close that page tab fast enough.

For a less sophisticated company that is new to the internet, I could see how this requirement could make its way on to a web form, as it is part of traditional paper applications (which you can leave blank), but I would think that a larger multi-national publicly traded company would see the risk in collecting and storing this information and a candidate’s concern related to this requirement. Honestly, I was disappointed, as there was no way I was going to be able to apply for this job. I know too much about data integrity issues.

Am I the only one who finds this surprising? For the thousands of people who apply for individual jobs in this economy, and the three they seem to call back, why would a company require a social security number on their career site registration form? What do they do with it? Do they perform background checks on everyone? Is this meant to weed out candidates to those who want to work for them so badly that they will throw caution to the wind?

In a time when we are so concerned about protecting our identities that we pay companies like LifeLock and TrustedID to protect us and insurance companies change their standard business practice of using Social Security Numbers as ID numbers, I was truly surprised to find Social Security Number fields on the initial form to begin with, let alone to have them required. It made me wonder how many savvy professional candidates they have lost because of this and how desperate I would have to be to start a relationship this way.

So my fellow customer experience advocates, job hunters, IAPP (International Association of Privacy Professionals) members, I ask you “Would you have completed the form?”

Cindy Campbell
Independent Consultant
For over 15 years, Cindy Campbell has counseled companies and provided comprehensive business strategies to overcome business challenges. As an independent consultant, Cindy has provided leading-edge customer-centric solutions to organizations from start-ups to blue chip companies.


  1. I believe that there are so many people out of work that employers can be extremely selective about what they require from applicants. They can require background checks and immediately disqualify candidates who are flagged with any sort of negative information they acquire using your social. It’s unfortunate, but I’m afraid you will find it a lot.

  2. Excellent article and “No” I would not have provided my SSN.

    Within the last two months, one health care and one educational non-profit compromised 3.8 million users’ personal data. This is becoming more prevalent, whether due to carelessness or data theft, and you must protect yourself. Companies like Life Lock would not be as successful if a thriving market was not present. I refuse to make it easier for thieves, especially when I have no true relationship with any company that has yet to offer me a job.

    For my social to be requested before I even step in the door, is absurd. They can have my SS after the offer to add me to their payroll.

  3. I can share some personal info online buy I have some limits on what is shareable and if it is relevant to a specific website.

  4. I refuse to share my SSN with anyone. If you want proof that I’m a citizen, you can check out my passport. If you want to identify me for tax purposes, you can use my EIN. Sure, that means I’ll never be a W2 employee for one of these crazy companies ever again but I’m okay with that.

  5. Very true. Common sense goes a long way, and few seem to have it these days.

    Outstanding title, by the way. It definitely made me take a second look.

  6. I definitely would not provide them with my social security # and I agree completely that an organization of that maturity level *should* know better. Even if the job posting/recruiting site is developed/managed by a third-party vendor which is often the case, it is the recruiting organization’s responsibility to review the data required to be collected. The organization must be knowledgeable about personal data, especially when recruiting IT professionals who are exceptionally sensitive to the issue.

    Perhaps it was a test? 🙂

  7. I never give my social security number and cannot believe any right minded company would ask this via online, esp a Fortune 500 Company. Their head of HR should be evaluated, perhaps fired and then they should hire Cindy.

  8. I would not give them my social. On the other hand, if I know which Fortune 500 company I might be tempted to call their HR Department. Good article, good title.

  9. I would not and will not provide this information to any company online.

    Question 1: Would the company’s CEO trust his own IT group’s data collection and storage processes enough to provide HIS/HER social security number online?

    Question 2: If a company requires you provide your social security number to apply for a job online, do you really want to work for them?

  10. Professionally: Cindy provides a valuable reminder to always evaluate business processes from the CUSTOMER’s perspective. Regardless of the (unnamed) company’s data privacy standards, they could give a second look at their data collection from the customer’s perspective — if they’re losing the opportunity to recruit highly-skilled critical thinkers like Cindy, then they’re only hurting themselves.

    Personally: I agree with Cindy’s decision to pass on providing her SS. When in doubt, I fall back on the “if it feels wrong, it probably IS wrong” decision standard.

  11. Agree you did the right thing not to give your social security number for an online job application.
    This is a very poor reflection on the company who is collecting that type of personal data without explanation on how it would be used, how long it would be retained, etc.
    And what a predicament for job seekers! Since a social security number is a key element in identity theft, what recourse would a job applicant have if the personal information on their application were compromised? They would not have employee or customer status in being notified of a breach.
    Even with the current high unemployment rate, I would not recommend that anyone submit their social security number under the circumstances you describe.

  12. Great read! Totally agree that any company that requires a potential applicant to provide a social is NOT delivering a best in class application experience. If these companies would dust off the use cases they would see the problem quite clearly!

  13. I love the article Cindy! I absolutely agree that this data shouldn’t be required during the initial application process but I have an insider’s perspective on why it is usually required when applying for jobs at the big three credit agencies at least.

    During my time working at one of the bureaus, the company was very selective and they had to be. There was too much risk of having someone in financial distress or with a questionable background surrounded by all the temptations that working at an actual credit bureau may provide (altering of credit files, people’s personal information).

    There are severe laws in place to punish people should this ever happen (that we had to review and sign during the hiring process) but the credit /background check was an integral part of their data security. I agree that this shouldn’t be “first date” material either but understand why it is required in one industry anyway.

  14. Kelly,

    Thanks so much for your comment. I understand the value of a credit and background check when hiring new employees. I’ve been through it myself. My issue is asking for the information when the data is not immediately required. I’m confident in saying that no company performs credit and/or background checks on all prospective employees immediately following career site registration. This practice would be inefficient and cost prohibitive. With that in mind, once a company has serious interest in a candidate and an offer is being made predicated on results of a credit or background check, I have no problem furnishing this information.

    Thanks again!

  15. This article is very relevant right now in today’s job market, especially with so many employers using the internet to process job applications these days.

    As Cindy pointed out, there are two negatives to this event, one for the applicant and one for the potential employer.

    Applicant: It’s not wise to give out that kind of information over the internet and do you really want to work for a company who so carelessly requests it? What else are they going to be careless with?

    Employer: What is the quality of applicants that you are getting if many of your potentials automatically pass you by because of this sensitive question? (Most likely you are missing out on candidates who would have positive results on the background check because they ARE so protective of their private information.)

    As others have commented… good article and eye-catching title.


Please use comments to add value to the discussion. Maximum one link to an educational blog post or article. We will NOT PUBLISH brief comments like "good post," comments that mainly promote links, or comments with links to companies, products, or services.

Please enter your comment!
Please enter your name here