Summary and Keywords
Broadly speaking, cybervetting can be described as the acquisition and use of online information to evaluate the suitability of an individual or organization for a particular role. When cybervetting, an information seeker gathers information about an information target from online sources in order to evaluate past behavior, to predict future behavior, or to address some combination thereof. Information targets may be individuals, groups, or organizations. Although often considered in terms of new hires or personnel selection, cybervetting may also include acquiring and using online information in order to evaluate a prospective or current client, employee, employer, romantic partner, roommate, tenant, client, or other relational partner, as well as criminal, civil, or intelligence suspects. Cybervetting takes advantage of information made increasingly available and easily accessible by regular and popular uses and affordances of Internet technologies, in particular social media. Communication scholars have long been interested in the information seeking, impression management, surveillance, and other processes implicated in cybervetting; however, the uses and affordances of new online information technologies offer new dimensions for theory and research as well as ethical and practical concerns for individuals, groups, organizations, and society.
Keywords: cybervetting, social media screening, online screening, surveillance, open-source intelligence, impression management, information seeking, personnel selection, uncertainty reduction, attributions, signaling, warranting theory
Broadly speaking, cybervetting can be described as the acquisition and use of online information to evaluate the suitability of an individual or organization for a particular role. Despite ongoing debates about which information practices, sources, and tools count as cybervetting; scholars generally agree that cybervetting processes and practices inform decisions. When cybervetting, an information seeker gathers information about an information target from online sources in order to evaluate past behavior, to predict future behavior, or to address some combination thereof. Information targets may be individuals, groups, or organizations. Although often considered in terms of new hires or personnel selection, cybervetting may also include acquiring and using online information in order to evaluate a prospective or current client, employee, employer, romantic partner, roommate, tenant, client, or other relational partner, as well as criminal, civil, or intelligence suspects.
Cybervetting is a relatively new practice enabled by online information that is increasingly made available and accessible by people’s regular use of networked Internet technologies, particularly social media: popular press reports regularly talk about people not being hired or losing their jobs because of what employers reportedly found online; people evaluate romantic partners before or after a first date to make sure they are desirable and trustworthy; roommates make sure each person has complementary academic, career, and hygiene goals; consultants evaluate prospective organizational clients; and sports teams often ensure members follow the rules and represent their organizations well. To date, scholars attend less to the use of cybervetting for law enforcement and counterintelligence, despite growing recognition of its value for investigation and prosecution as well as security clearance and background checks.
There is an emerging industry of third-party contractors who offer social media background checks for prospective employees and a growing set of consultants who provide some training on online information seeking targeted at individuals or organizations. Yet most cybervetting is “do-it-yourself,” and most people who cybervet are self-taught. The exception may be intelligence and law enforcement personnel, who increasingly have access to training in open-source intelligence via courses such as the NATO Open Source Intelligence Course (N2-O4) offered by the North Atlantic Treaty Organization’s NATO School Obberamergau (2014).
In scholarly research, the popular press, and everyday talk, people often use different terms to describe how people evaluate information targets using online information. Three interrelated factors likely contribute to the variability in terms: the relative newness of cybervetting and its tools; overlapping, yet unclear, practical and conceptual definitions as to what constitutes cybervetting; and emerging interest in the use, study, and critique of cybervetting across—yet rarely between—different fields and specialties. For example, in addition to using terms like online screening or online vetting to describe similar practices of online information seeking and evaluation, scholars and the general public often use the more narrowly defined social media screening, since much of the information available and accessible online comes from habitual and popular use of social media including social network sites. People often talk about “googling someone” to research them before or after meeting face-to-face. This colloquial expression references one of the most popular tools people habitually use when they want to know more about something: People open their mobile phone, tablet, or laptop and enter their query in the Google™ search engine. Similar expressions, such as “Facebook snooping” or “Instagram stalking,” mix and match networked tools with negatively tinged surveillance words to describe similar behaviors within particular digital contexts by individual, corporate, or government information seekers. Law enforcement and intelligence agencies also include the acquisition and use of online information into their definitions of open-source intelligence, which involves deliberate gathering of information from any type of overt, publicly available source often to provide context to classified, covert operations.
As researchers, we use the term cybervetting to account for the breadth and ongoing evolution of technologies, cultures, and practices implicated in these online evaluations. Research demonstrates that cybervetting involves more than Google, even though many people start with search engines when seeking information. Nor are online information sources used for cybervetting limited to social media, despite the popularity of social network sites, blogs, and other social media tools. Technologies also continue to evolve. The term cybervetting also reflects a more neutral tone than snooping or stalking. The prefix cyber-, rather than “online,” highlights computer culture alongside the connection to computer tools and networks. Plus, in contrast to “screening” which is typically an early stage in selection processes, vetting better accounts for the broad range of contexts and the potential early, mid-, or late stages of information evaluation processes within which online information seeking occurs. Terminology that allows for a broad range of human behavior and technologies provides opportunities to better understand and anticipate how human behavior and technologies evolve over time and with what effects. Thus, we use the term cybervetting because it allows scholars to consider a broad and evolving range of tools, sources, and practices associated with online information and suitability evaluations across contexts; even as it takes into account evolving computer culture and tools. Plus the term cybervetting highlights the unique characteristics and uses of online information, thereby distinguishing online information seeking from the broader notion of open-source intelligence, which includes the acquisition and use of any public, overt source, including offline sources.
A Brief History of Cybervetting Practice and Research
Cybervetting developed shortly after the emergence of Web 2.0. Web 2.0 refers to a change in the World Wide Web toward user-generated content and participation, usability, and networked interoperability. Popular Web 2.0 technologies include blogs such as WordPress™, micro-blogs such as Twitter™, and social network sites such as Facebook™, QZone™, LinkedIn™, SinaWeibo™, VK (originally VKontakte), and Instagram™. As people increasingly contributed and participated online via new media or social media, they—and the technologies enabling their participation—intentionally and unintentionally made information about themselves and other people easily available and accessible, or visible to interested parties (Treem & Leonardi, 2012). As information about people became increasingly visible, searching online to learn about another person was a natural extension of existing online information-seeking habits: When faced with a question about something—and now someone—the first place most people look is online. One of the earliest mentions of seeking information online about other people was in Schott’s (2007) almanac in TimesOnline when he defined cybervetting as “using the web to assess the (inter)Net Rep(utation) of potential employees/employers/ lovers” (para. 14). The term has since expanded to include other types of individual targets such as intelligence or criminal suspects, as well as collective information targets like organizations. Although people can cybervet organizations or other groups, the examples in the following sections primarily focus on evaluations of individuals—in particular employers’ evaluations of current and prospective employees—rather than collective or nonemployment information targets. This emphasis on employment-related cybervetting is consistent with the primary focus of research to date.
Academic research grew out of interdisciplinary interests in the practices, effectiveness, and impacts of cybervetting. Sponsored by career professionals and websites as well as corporations, initial research focused on the prevalence of cybervetting and anticipated implications. As popular press stories increased, scholars offered conceptual insights and ethical commentary on the emerging practice of using social media and other online sources for employment evaluations, with one of the earliest empirical academic studies, the first author’s doctoral dissertation (Berkelaar, 2010). This early work was followed quickly by a number of research studies from scholars in communication, management, psychology, and law, particularly as the implications of cybervetting for theory and practice became increasingly evident. Although research has focused primarily on the interrelated practical, legal, ethical, and privacy implications of employment-related cybervetting in the United States (e.g., Berkelaar, 2014; Clark & Roberts, 2010; Ghoshray, 2013), studies in other countries, including Belgium (Caers & Castelyns, 2011), France (Manant, Pajek, & Soulié, 2014), Greece (Nikolaou, 2014), and Pakistan (Sameen & Cornelius, 2015), identified similar increases in the use of cybervetting for personnel selection, articulating similar concerns about changing employment relationships, privacy norms, legislative delay, and broader ethical concerns about privacy, employee rights, and work–life boundaries.
Academic research in the past five years uses a range of theoretical perspectives to examine the practices, processes, and outcomes of cybervetting. Scholars who study cybervetting practices often examine how information and communication technology uses and affordances, information characteristics, and/or communication characteristics can be understood from different theoretical perspectives and/or offline practices. Scholars who study the legal, ethical, and social implications of cybervetting focus on the outcomes of cybervetting for individuals, groups, organizations, and society in light of evolving legal, ethical, and social norms within and across contexts.
Cybervetting continues to be a challenging, vibrant, interdisciplinary, and relatively new research area. Scholars in organizational and computer-mediated communication in particular have laid the groundwork for communication-based understandings of cybervetting, complementing work in law, psychology, and human resources. However, research continues to develop in disciplinary silos and technology as legislation, policies, and norms evolve, and society continues to debate issues of surveillance, privacy, and personal information management implicated in cybervetting. These dynamics necessitate ongoing theoretical and empirical research from communication and interdisciplinary perspectives conversations that bridges disciplinary specialties. Scholars and practitioners continue to debate what exactly counts as cybervetting, as well as where people are looking or should look online. They question whether cybervetting is effective, for whom, and with what outcomes. Although the next sections summarize preliminary answers from current research, many questions remain.
Characteristics of Cybervetting
As noted earlier, researchers and practitioners continue to differ in their explicit and implicit definitions of what does and does not count as cybervetting. Some scholars only include information gathered from social media, even though social media itself remains a muddy term. Other scholars emphasize the use of “informal” sources of online information, whereas others include any and all information gathered online in any format from any source using any tool. In part, such differences emerge from the relative newness of cybervetting as an information and communication practice. Such differences also emerge from researchers’ attempts to make sense of the rapidly evolving technological, social, and legal landscape within which cybervetting operates and to conceptually and empirically test which definitions offer the most value for understanding cybervetting in theoretically and practically useful ways. By taking the time to untangle the similarities and differences between online and offline vetting we—as researchers, practitioners, and the public—can better understand the likely impacts of cybervetting within and across contexts. Comparing online and offline practices helps avoid tendencies to exaggerate or to minimize differences between information seeking that uses “new” technologies versus information seeking using “conventional” communication media. For example, in employment-related cybervetting, such analyses could involve comparing more conventional information sources such as reference letters, résumés, and interviews with information gathered covertly online.
Thus, research on employment-related cybervetting can help illustrate the need to understand the differences between cybervetting and conventional information seeking. Although cybervetting is not completely different from conventional personnel selection methods, identifying and understanding the differences between cybervetting and conventional personnel selection help scholars understand which cybervetting methods are likely to be effective and what impacts cybervetting is likely to have. For example, cybervetting and conventional personnel selection practices are similar in that both sets of practices focus on gathering information about individuals in order to determine whether there is a match or a mismatch between the person and the role. At the same time, cybervetting and conventional personnel selection practices differ in terms of the intended purposes of the communication media used to source information sources and in terms of the level of interaction. The application, résumé, cover letter, and interview involve a two-way interaction focused on sharing, eliciting, and recording job-related information. Such interactions may be asynchronous, such as when an applicant submits a résumé and the recruiter responds, or synchronous as in the case of interviews. In contrast, cybervetting uses information extracted from online sources and sites that are not necessarily designed for eliciting, sharing, or recording job-related information—although many employers feel that such sites do provide employment-relevant information. From human resource and legal perspectives the visibility of different types of information gathered via different processes can be consequential. Such differences have been shown to affect the types and amount of information acquired, employers’ perceptions of applicant employability, and applicant perceptions of fairness. Cybervetting also remains relatively untested from a legal standpoint, with different interpretations likely given varied legal protections and norms regarding privacy as well as employee rights within and across countries.
Yet despite these differences, many people—scholars, professionals, and the public in general—continue to describe cybervetting as analogous to offline background checks or other selection processes. And certainly in some ways it is: Conventional background checks and selection processes all focus on acquiring and using information from available sources presumably to evaluate a person and by attempting to predict their future behavior. Yet other scholars emphasize that considering how cybervetting differs from conventional background checks (and other information seeking practices) in terms of its information and communication characteristics provides a way to consider whether and when cybervetting is effective, legal, and ethical.
Cybervetting also differs from conventional, offline, information seeking in terms of its information characteristics. Specifically, Berkelaar and Buzzanell (2014) describe how cybervetted information differs in terms of the types, sources, order, and amount of information potentially available to information seekers. Such differences in information characteristics are known to alter evaluations and subsequent decisions (Case, 2012). Most research on employment-related cybervetting considers the implications of changing types of information available online—particularly the increase of nonwork information such as hobbies, political affiliation, sexual orientation, and interests that are more easily available than previously. Despite concerns that such information can be used to facilitate illegal discrimination based on protected characteristics (Ghoshray, 2013) and may violate normative work–life boundaries and people’s privacy rights (Clark & Roberts, 2010), such unobtrusive “observations” increase the credibility of the information for those seeking the information. As warranting theory suggests, people likely perceive cybervetted information as more credible for two reasons: Not only is the information target not attempting to manipulate the information seeker’s impression in an effort to get hired, but the individual—or others discussing the individual—may have left behind behavioral residue (Carr & Walther, 2014). Behavioral residue refers to typically unintentional information artifacts given off by the individual; information made visible by the networked technologies used.
Additionally, because of the amount of time people spend online, cybervetting provides people with access to more information, often organized in a different order than originally shared. Such increases in the amount and type of information available are compelling to prospective or current employers or relational partners as well as intelligence and law enforcement officers. In part this is because researchers consistently find that people have higher confidence in their evaluations and decisions when they have more information, even if the information or the evaluation is not necessarily valid (Case, 2012). The validity of the assessment also is affected by the order the information is viewed: Whatever information people view first about another person will disproportionately influence their impressions of that person absent overwhelming evidence to the contrary—overwhelming evidence people usually do not spend time to find. Such biases in information seeking are one reason why researchers encourage avoiding or limiting the use of social media for personnel selection (Van Iddekinge, Lanovich, Roth, & Junco, 2013) or encourage establishing limited, standardized cybervetting practices for employment (Brown & Vaughn, 2011), law enforcement, and intelligence contexts (Appel, 2014) while researchers continue to evaluate cybervetting’s reliability and validity.
Not only do such characteristics call into question the validity and reliability of cybervetting, such differences also highlight the influence of technology on what information is made available when, to whom, and in which order. Information artifacts linked to one’s self thus are more difficult for individuals to control because of the characteristics of the technologies underlying cybervetting. These characteristics include such things as replicability, visibility, invisible audiences, broadcast nature, and permanence (boyd, 2007).
Individuals have less control over user-generated content than people often assert. Certainly individuals often select asynchronous online communication channels like blogs, social network sites, and texting in order to plan communications and manage impressions; however, once a communication becomes an information artifact, control over the curation and presentation of the information becomes much more difficult (Hogan, 2010), especially since online information is easily decontextualized from an individual’s original intent and audience (Berkelaar, 2014). Even in the so-called “public” spaces of digital life, people often communicate with specific audiences in mind, intentionally segmenting information in order to manage identities, impressions, and relationships according to their respective social rules, level of intimacy, or need to avoid criminal prosecution.
In addition, people generate information about other people as well as themselves. Given the diversity of roles and relationships in people’s life, it is very likely that other people may disclose information at times and in places not intended or not known by the target individual. User-generated content does not require intentionality by either the information target or other people, as people may give off behavioral residue about themselves or others—artifacts more easily recorded, aggregated, and shared via computational means (Zuboff, 1989). Indeed, experimental research shows that people make judgments based on the profile photos of one’s Facebook friends (Walther, Van Der Heide, Kim, Westerman, & Tong, 2008). Thus for any given information target, online information may be generated by the individual target him-, her-, or itself; by other people; and—as the next section shall show—also by technologies. Certainly such differences in the sources and intentionality are not exclusive to online information. Instead the difference is one of degree—in terms of the relative amounts and proportions of different types and sources of information, as well as an information target’s ability to control the information being used to evaluate her, him, or it. Scholars studying the use of cybervetting by corporations, law enforcement, and governments argue that individuals’ diminished control over information because of the interplay of technologies, human behavior, social norms, and legislation is a key factor contributing to shifts in privacy rights for citizens and employees.
In part, such differences result from the communication technologies underlying cybervetting. The algorithms of different sites and tools shape what information becomes visible and available to people at what times. Algorithms are step-by-step sets of rules that define what operations a computer will perform when. In terms of cybervetting, the algorithms underlying search engines, social network sites, or search aggregators decide what digital information will be displayed to which audiences, in what combinations, and at what time, and associated with what individuals. The keywords people enter into search engines, information seekers’ past online behavior, and the assumptions of involved software developers shape the results generated by these algorithms. Certainly, individuals have some control over when or which information is shared online. In contrast, in face-to-face interactions, conventional written conversations, or even digital communications like email, individuals have increased opportunity to decide in what order to disclose information about themselves. Thus results from search engines, social networking sites, or search aggregators used in cybervetting intermingle social media results with results from government agencies and consumer reporting records such that the order of information found and likely to be most salient in cybervetting may not be shaped by the information target, even though many people consider the information target to be the owner of the information. This algorithmic information mash-up highlights a second difference about characteristics of information often used in cybervetting.
Because of the collapsed contexts of the Internet, information acquired via cybervetting about individuals usually includes information that crosses multiple personal and professional roles that the information target may consider irrelevant. Collapsed contexts refer to the infinite number of possible contexts within which the information visible online can be interpreted—in effect, multiple audiences such as family, friends, work, and government become collapsed into one (boyd, 2007). For example, an employer or landlord cybervetting an employee or tenant can likely access information about the person’s age, interests, hobbies, political views and donations, sexual orientation, and even criminal, credit, or vital records that the individual did not intend to share with these audiences. Not only is the accuracy of such information often questioned, scholars and practitioners worry about the potential for intentional and unintentional bias, which is considered unethical and is often illegal in many of the situations where cybervetting is used. Certainly, legally protected information might be made available in a face-to-face, phone, or video meeting or accessed via a conventional background check. However, many scholars argue that even though the difference may be a difference of degree (how much information is available) rather than a difference in kind (what types of information are available), such differences affect evaluations and are also central to ethical and legal concerns over equality and access. Yet the visibility of different types and amounts of information enabled by collapsed contexts is a key reason cybervetting is so attractive to information seekers. Collapsed contexts allows employers, landlords, roommates, counterintelligence and law enforcement, as well as and other information seekers to observe information targets in informal social settings, thus offering alternative sources that likely increase the credibility of the information being gathered (see Berger & Douglas, 1981) by presumably providing insight into a person’s authentic identity or character or signaling other variables of interest such as “professionalism.”
Information gathered from social media or other “informal” or noninstitutional sources—which is often constructed for other purposes than an employment, rental, roommate, or romantic evaluation—adds different types of information to be considered when evaluating a target’s suitability (or, from law enforcement perspective, culpability). This information may or may not be relevant, legal, or ethical when considering a current or prospective relational partner or investigating a suspect. Plus, this information might unintentionally bias the information seeker toward a particular and problematic decision even if the information seeker has noble intentions. Research into offline decision-making shows that even when people are directed to disregard irrelevant or biasing information, that information paradoxically becomes hyperaccessible (Wenzlaff & Wegner, 2000). This is a particularly problematic effect in employment situations where ethical information seekers often vigorously seek to avoid illegal discrimination or in law enforcement or intelligence contexts where profiling and illegal discrimination may compromise investigations, prosecutions, and justice. Since the different information characteristics of cybervetting alter evaluations of information targets, research on cybervetting thus encourages scholars and practitioners to consider what information is acquired when and from where in everyday information and communication practices.
Based on current descriptions of how most people cybervet, cybervetting tends to be an extractive rather than an interactive communication process. Extractive information seeking occurs when information is collected covertly without the information target knowing (Ramirez, Walther, Burgoon, & Sunnafrank, 2002). As an extractive process, cybervetting gathers information artifacts recorded from past social interactions and postings that are now available to various, often invisible, audiences (boyd, 2007). In turn, new information technologies allow people to gather information about information targets without them knowing, thus denying the target individual an opportunity to address perceptions created by online information.
Intuitively, the tendency for information seekers to want to gather publicly available online information covertly makes sense: Imagine that you are trying to decide whether someone would make a desirable roommate, employee, or tenant. In the application, you would likely assume that each applicant is trying to present an impression of him or herself as an ideal roommate, employee, or tenant. Because cybervetting allows information seekers to extract information from online sources, they tend to feel more confident in their subsequent evaluations because the information seems less manipulated. This is especially apparent in employment contexts where employers question the credibility of interviews and résumés as people engage in extreme impression management. Employers find cybervetting compelling because the Internet provides easy access to information considered useful in hiring and because conventional sources of information are increasingly difficult to acquire. For example, people who give recommendation letters often only provide positive information, and former employers often only provide dates of employment. Indeed, people have long been interested in unobtrusively observing other individuals in order to find out more about them. Additionally, people often trust information more if another person provided it and/or if the information was observed or recorded in an informal social situation (Berger & Douglas, 1981).
This lack of interactivity is not essential to the nature of cybervetting but partially results from a lack of due process. The goal of due process—or fair treatment—is to evaluate employees, roommates, romantic partners, suspects, or other information targets in ways that establish procedural justice—usually requiring notification and the opportunity for all parties to be heard. Such requirements may or may not be included in current legislation given the rapid evaluation of networked technologies and their uses. Although imperfect, due process requirements allow for some level of interactivity that most current cybervetting does not afford and establish a sense of procedural justice. Procedural justice focuses on people’s beliefs that a process is fair. Consider the common belief that cybervetting is simply an extension of conventional background checks. Simply examining the due process requirements of many Western industrialized countries clarifies a key communicative difference between cybervetting as currently practiced and conventional background checks. For example, in the United States, before requesting a credit check, the information seeker must first obtain the signed permission of the person being vetted. The information seeker also needs to notify the person if any of the information gathered led to an adverse action—for example, the person not getting hired or not getting the apartment. Adverse action reports tell the target individual the source of the adverse information and provide ways to rectify any faulty information. Similarly, in Canada, information seekers must obtain the informed consent of people subject to a vulnerable sector check for an employment or volunteer position. A vulnerable sector check is an enhanced criminal records check that identifies whether an individual has any records of sex offenses including record suspensions (formerly pardons). Moreover, such checks are only performed when there is documentation that the employment or volunteer position would involve vulnerable populations, such as children.
In contrast, cybervetting does not currently have clear due process guidelines in most countries, likely in part because of cybervetting’s relative newness and the ongoing debates about whether online information is public or private. Certainly existing laws such as equal employment legislation and privacy protections still hold; however, as a “do-it-yourself background check,” cybervetting often happens without the awareness of the information targets being evaluated. That is, although most people generally know others will likely cybervet them, they are not aware who specifically is cybervetting them, when they are being cybervetted, what information other people are seeking, and what consequences arise from potential findings.
Where and What People Seek Online
A substantial amount of research on cybervetting describes what employers are searching for when they are looking online and where they are looking. A focus on describing the basic information goals and tools of cybervetting makes sense given the relative nascence of this practice. Although research suggests that most people start their searches with Google or another search engine, most research studies on employment-related cybervetting focus on a particular site, usually Facebook or LinkedIn. With over 1.23 billion monthly active users as of the publication of this article, Facebook is the most popular “personal” social network site in the world. With 300 million members, LinkedIn is the world’s largest social network site dedicated to professional and work-related information.
In general, early research on cybervetting is consistent with research on other forms of online information seeking. In particular, when looking online, people do not look for very long or very deeply. For example, in an experiment on cybervetting with employers in France, researchers changed where a person’s language was in their online profile (Manant et al., 2014). Once language was on the second page of social network site, rather than the first, it no longer affected employability assessments. This suggests that information seekers do not search deeply; instead they likely glance at the first page of information and make a judgment based on the available information. This is reinforced by self-reports of cybervetting that suggests that people do not look past the initial page or two of search results (Berkelaar & Buzzanell, 2014; Manant et al., 2014). In addition, consistent with offline information seeking, people do not confirm whether the information they found was accurate. This is an ongoing concern for individuals with misinformation or misattributed information, such as individuals whose names were popular or the same as semi-pro wrestlers, football players, show dogs, and other family members who might be listed earlier in the search listing (Berkelaar, 2010). Tendencies toward superficial information seeking become more consequential when people cybervet during intelligence and criminal investigations. For example, in offering cybervetting guidelines for law enforcement and counterintelligence personnel, Appel (2014) encourages people to be more methodical, structured, and in-depth to increase accuracy, to maintain ethical standards, and to minimize missed suspects or unnecessary detention.
People’s tendency toward quick information gathering also seems to shape when they choose to cybervet. At least in terms of employment, employers seem to use cybervetting only when the applicant pool is of a manageable size. The timing of cybervetting thus seems to be early for a position with fewer applicants, later in the process once the applicant pool has been screened to a smaller set of finalists, or simply at the point when the information seeking was motivated to find more information to answer a question or satisfy the seeker’s curiosity about an issue that has arisen in the personnel selection process (Berkelaar & Buzzanell, 2014). Less is known about the timing of cybervetting for other types of decisions.
The lack of standardization in cybervetting procedures remains a clear and ongoing concern to many human resource personnel, legal scholars, and law enforcement specialists. When cybervetting, people seem to customize their searches based on the target individual or personal preference and not necessarily the organization or the positions. For example, research on interviewing shows that standardizing information seeking processes increases the quality, validity, and perceived fairness of a personnel selection tool. With cybervetting, the amount and types of information available about someone can differ depending on what information has been recorded online in the past and what is made visible by the search processes and technologies used by the information seeker, information target, and other sources of information. For example, one might learn the sexual orientation, political affiliation, or interests of one individual, but not necessarily of all applicants. If identified as salient, the information cannot be easily unknown by information seekers. Indeed, research on cybervetting suggests that information indicating a legally protected class or other ethically problematic characteristics does influence judgments depending on the characteristic and the physical location of the individual doing the cybervetting (Acquisti & Fong, 2015; Manant et al., 2014).
This lack of standardization appears to be a particular source of tension for human resource personnel involved in personnel selection as they grapple with whether information is relevant or irrelevant to the position under consideration and available for all individuals (Pike, Bateman, & Butler, 2013). Legal scholars also express concern about the potential for illegal employment discrimination, even as they recognize the competing pressures employers face to hire qualified individuals and avoid legal liabilities such as negligent hiring (Ghoshray, 2013).
When cybervetting, people look for information to help them evaluate whether the information target is a good fit. In part, this is because people feel more certain about their attributions when they have more information, even if the accuracy of their predictions does not increase (Carr & Walther, 2014; Roth et al., 2016). When it comes to what employers seek online, surveys and interviews show that employers search for “red flags” or “faux pas” information regardless of the country in which they reside. Consistent with popular press reports, research suggests that in employment contexts indicators of unprofessional and sexual behavior, illicit drug use or inebriation, poor communication, and bad-mouthing former employers are often used to exclude people from contention. For example, in terms of communication skills, people’s use of textspeak—even if initially addressed to an informal audience—affects perceptions of the writer’s employability. Also, the quality of a person’s argument—at least on LinkedIn—also affects whether someone is considered employable, with languages spoken, education, and publications potentially offering positive indicators of employability (Scott et al., 2014). Although negative information is often found to be more salient to people, Carr and Walther (2014) found evidence to the contrary, suggesting that positive information may—at least in some situations—be as salient insofar as it is considered relevant to employability. Although job applicants often focus on status or wall postings and profile photos as the information likely to be used in employment evaluations, researchers find that textual, visual, relational, and technological artifacts (Berkelaar & Buzzanell, 2014), including profile photos of the individual their friends, the number of their friends, profile details, and status postings, are all considered valuable to assessing employability (Kotamraju, Ben Allouch, & van Wingerden, 2014; Roulin & Bangerter, 2013; see also Walther et al., 2008).
What surprises many people is that the lack of online information might prove as problematic as negative information (Berkelaar, 2010), likely because there is not enough information to establish one’s suitability or trustworthiness or, in the case of law enforcement, to remove one from suspicion. That is, information seekers appear to judge the lack of information about a person as negative. Although there is no experimental research confirming such claims in cybervetting contexts, interviews (Berkelaar & Buzzanell, 2014), as well as research on the inferred information model, reasoned action, uncertainty management (see Roth et al., 2016 for summary) and warranting theory (Walther & Parks, 2002), suggest that information seekers are more likely to consider missing information as negative, often inferring that the information target seems to have something to hide. These assumptions are reinforced by research that suggests that most people assume everyone will have or should have an online presence (Berkelaar, 2014). More empirical research is needed to determine to what extent missing information is problematic and if there are situations where missing information could be positive—such as for occupations involving discretion or secrecy.
The Effectiveness of Cybervetting
Whether cybervetting is effective remains unclear and relatively untested. Some studies have started to test whether the information and evaluations associated with cybervetting are reliable and valid. A few studies suggest that people can accurately judge a person’s Big-5 personality traits—namely, conscientiousness, agreeableness, narcissism, openness, and extraversion—based on online profiles in social network sites (Back et al., 2010; Stoughton, Foster Thompson, & Meade, 2013). Certain traits such as conscientiousness have been linked to positive employment indictors long term, yet personality indicators are not always relevant to the position or role under consideration. Although useful, these studies primarily involve college students making ratings or the assessments of multiple judges. In everyday cybervetting, it is likely that one individual or a smaller set of individuals will make assessments about the suitability or trustworthiness of another person. Differences in rater expertise and the number of raters may alter the reliability and validity of assessments. Only one study so far links ratings of online information—in this case Facebook profiles—to supervisor ratings of job performance, turnover intentions, and actual turnover. Van Iddekinge and colleagues (2013) found that Facebook ratings did not increase the level with which people could reliably predict turnover and job performance after taking into account conventional predictors like self-efficacy, cognitive ability, and personality. Thus, scholars remain concerned that online information may not necessarily provide an assessment of one’s suitability for an employment role. Concerns over validity are further compounded by a sense that cybervetting may not be a reliable indicator given the lack of standardization in cybervetting processes or the information sources being used. So far, whether cybervetting is effective, relevant, and reliable for other relational contexts remains relatively unknown. Thus, more research is needed to gauge the effectiveness of cybervetting as an employment indicator.
What is clear is that online information can result in illegal discrimination. A few scholars have found that information such as language or religion can affect employability. For example, in their longitudinal experiment, computer scientists Acquisti and Fong (2015) created a series of résumés with identical and online profiles to assess the use of protected information. They mailed the résumés to numerous U.S. employers and found that people were more likely to receive a call for an interview if their online profile listed them as Christian rather than Muslim, particularly in states affiliated with the more conservative political party. Similarly, Van Iddekinge, Lanivich, Roth, & Junco (2013) found that recruiter ratings of Facebook profiles and posts tended to increase ratings of female and white applicants in U.S. contexts. In France, Manant and colleagues (2014) found that the primary language on an applicant’s online profile—as long as it was on the first page of the profile—predicted employability evaluations: positive for those reporting the dominant language and more negative for those reporting another language. To address documented and argued concerns about illegal discrimination, while also attending to employers concerns about negligent hiring, some U.S. employers are using a growing number of third-party contractors who evaluate people’s social media sites or other online information and provide reports to employers after redacting protected information. In the United States, such third-party contractors fall under the purview of the Fair Credit Reporting Act and therefore must provide the due process requirements discussed earlier. Given the availability of information about (potentially) protected classes and the proportion of nonwork information, scholars have questioned whether social networking sites and cybervetting generally could ever be ethically used for personnel selection (Clark & Roberts, 2010) and have advocated for broad legal reforms to protect legitimate needs and rights of involved parties (Ghoshray, 2013).
In light of these concerns, scholars and practitioners continue to recommend guidelines, often extrapolated from offline practices and values, to help employers as well as law enforcement and intelligence personnel navigate the evolving cybervetting landscape—with its legal, ethical, and practical implications. Yet many of these recommendations remain untested. It is still unclear whether and which online information artifacts predict behavior across different contexts and roles. Consequently, in employment contexts recommendations encourage employers to consider whether the information improves the accuracy and outcomes of personnel selection, with what impacts. If cybervetting is considered relevant, employers are encouraged to establish specific policies and guidelines as to when online information will be searched and about whom. Such policies should be communicated to all employees of the organization in order to standardize the process and to demonstrate fairness to applicants, organizational members, and the general public. Similarly, law enforcement and intelligence personnel who use cybervetting are also encouraged to practice disciplined online searches that fall within appropriate legal parameters, while considering the efficacy and ethicality of their searches.
The Consequences of Cybervetting
Although broader considerations of the implications of cybervetting on privacy rights and norms continue to emerge, so far research on the consequences of cybervetting focuses primarily on employment-related cybervetting, in particular the potential for employment-related discrimination, perceptions of injustice, and the changing employer-employee relationship. Since the advent of cybervetting, people have consistently expressed concerns over the potential for illegal, and hidden, employment discrimination. Information that indicates a protected class may be more easily available online, allowing individuals to avoid asking an illegal question in an interview. As noted above, experimental research suggests that such fears are not unfounded. Scholars and the general public have also noted more subtle implications in terms of the potential for disparate or adverse impact given that the percentage of users from particular demographic groups differs depending on the social networking site. Disparate or adverse impact refers to policies or practices that appear to be neutral and fair but disproportionately affect legally protected groups.
Scholars have also considered other, possibly unintended, consequences of using online information for employment selection. Many of the online sources of information leveraged in cybervetting are intended and used for entertainment, recreation, social support, friendship and romantic relationships, or political engagement—spheres of life many people consider separate from their work life and irrelevant to employment decisions. Such concerns about information relevance tie into ongoing public and legal debate about what constitutes public and private conversation in a Web 2.0 world—the terms of which differ across nations and cultures (Clark & Roberts, 2010). Scholars like Stoughton, Thompson, and Meade (2013) also have started to consider the extent to which people’s beliefs that cybervetting is unfair may affect organizational culture and employee engagement.
Related work focuses on the shifting social contract between employers and employees potentially resulting from the perceptions of cybervetting (Berkelaar, 2014). Social contracts describe people’s implicit expectations for how a particular relationship should work. Because of the perceived prevalence of cybervetting, employees now expect to perform work-related behaviors, identities, and values at times and places previously excluded from work. Berkelaar argues that such changes result from a panopticon effect: People are generally aware that an employer may be looking at their online information, but people don’t know where or when, or with what adverse outcome. Thus, people are resorting to various strategies designed to manage their online impression to the most salient audience—often the employer—or what Hogan (2010) would call the lowest common denominator, communicating in the way that attends to the person most likely to take offense (also see Roulin, 2014). Scholars express concerns about these changes not only because of the power imbalances suggested by the shifting social contract, but also because such changes affect the nature of online relationships. People go online for a number of reasons—including social support, identity experimentation, and political engagement. What might be appropriate communicatively in one context might not be in another. Consequently, curating one’s online information to create an impression that addresses the concerns of the most conservative party may deny people the very opportunities they initially sought online. Paradoxically, such behavior will also result in information seekers not finding the information that they want since people who are aware of cybervetting increasingly tend to avoid committing “faux pas’” (Roulin, 2014) or avoid digital trails. Unfortunately, research on effective responses to cybervetting remains relatively sparse, often restricted to a paragraph or two of suggestions at the end of the report; however, research is starting to identify empirically validated strategies for signaling professionalism in digital spaces are beginning to emerge. In particular, Roulin and Bangerter’s (2013) survey and experimental research of French and French-speaking Swiss Human Relations professionals suggests that rather than focusing on reducing small faux pas, applicants can signal their professionalism to prospective employers more effectively by developing and curating the education, experience, and other professional sections of their profile and by expanding the size of their network.
Three things appear consistently in research on cybervetting: First, people do evaluate other people based on the information available about them online, although the prevalence, timing, and nature of these behaviors remains unclear; Second, online information can alter evaluations and subsequent decisions in ways that may or may not be valid, reliable, or have desirable effects for individuals, groups, organizations, or society; Third, the online information-seeking practices and their outcomes that fall under the umbrella of cybervetting differ depending on human, communication, and technology factors.
Going forward, the future of cybervetting research is promising. As a relatively new research area with ties to core communication concerns as well as central and ongoing cultural problems surrounding issues of identity, impressions, credibility, reputation, privacy, surveillance, and information, there are numerous avenues to engage theoretically rich and practically relevant challenges highlighted in or created by evolving cybervetting practices. In particular, cybervetting research remains relatively underdeveloped in some key areas with important practical and theoretical implications. Scholarship provides limited conceptual development of cybervetting, and there are no models. Scholars have only just started to understand how, when, and if cybervetting is effective and, in turn, with what long- and short-term impacts for individuals, organizations, and society. In addition, more research is needed on cybervetting for other types of relationships and information targets. For example, cybervetting potential roommates or romantic partners might provide a sense of security; however, it simultaneously might disrupt the shared disclosure necessary for positive relationship formation, depending on whether changing norms alter expectations for contemporary information seeking. The effectiveness and impacts of cybervetting on collective information targets could also provide insight into information-seeking behaviors as well as possible practices for addressing potential information asymmetries between individuals and organizations. Even researchers have started to incorporate various theories into their understandings of cybervetting. There are not, as of yet, well-established theoretical avenues to help provide a broader understanding of cybervetting that can account for the rapidly evolving human and technology factors. However, existing theoretical frameworks such as uncertainty management, signaling, and warranting offer promising avenues for future research. For example, uncertainty management theory offers predictions as to if and when people will seek information (Brashers, 2006). Signaling theory focuses attention on the adaptations and counteradaptations between information seekers seeking honest signals of an information targets’ suitability and information targets’ attempting to signal desirable qualities to intended audiences. Signaling theory highlights the reciprocal relationship between information seekers and information targets implicated in cybervetting (Roulin & Bangerter, 2013). Warranting theory focuses more explicitly on online information as scholars consider the verifiability of cues people use to produce and evaluate online self-presentations (Walther & Parks, 2002)—a central goal of much cybervetting. Together, these and other theoretical frameworks provide a means for better understanding how cybervetting works within and across contexts. They also suggest practical strategies for information seekers and information targets regardless of the context. Such research should also take into account broader legal, ethical, and social considerations related to surveillance and privacy as well as normative roles and relationships within and across countries and contexts.
Going forward, future scholarship on cybervetting will also be challenging. Despite the ongoing rhetoric valuing interdisciplinary work, the current organizational and reward structures of most institutions of higher education continue to privilege projects that can be comfortably situated within particular disciplinary homes and are often produced by single authors. It behooves researchers interested in such interdisciplinary work to find ways to creatively address the reward and organizational structures while simultaneously benefiting from the rich interdisciplinary intersections central to this research area. In addition, scholars researching cybervetting face ongoing technological, social, and organizational evolution of the practices, laws, contexts, and ethics of cybervetting. Future work needs to appreciate the nuances of particular cybervetting practices, while also engaging and developing rigorous theoretical understandings that allow scholars and practitioners to transcend situational practices. Such an approach would appreciate the nuances of cybervetting while allowing for a cumulative understanding and adaptive practice in the face of evolving technologies and communication practices.
Abril, P. S., Levin, A., & Del Riego, A. (2012). Blurred boundaries: Social media privacy and the twenty-first century employee. American Business Law Journal, 49, 63–124.Find this resource:
Andrejevic, M. (2007). iSpy: Surveillance and power in the interactive era. Lawrence: University of Kansas Press.Find this resource:
Berkelaar, B. L., & Buzzanell, P. M. (2014). Online employment screening and digital career capital: Exploring employers’ use of online information for personnel selection. Management Communication Quarterly, 29, 84–113.Find this resource:
Berkelaar, B. L., Scacco, J. M., & Birdsell, J. (2014). The worker as politician: How online information and electoral heuristics shape personnel selection and careers. New Media and Society, 17, 1377–1396.Find this resource:
Clark, L. A., & Roberts, S. J. (2010). Employer’s use of social networking sites: A socially irresponsible practice. Journal of Business Ethics, 95, 507–525.Find this resource:
Ghoshray, S. (2013). The emerging reality of social media: Erosion of individual privacy through cyber-vetting and the law’s inability to catch up. The John Marshall Review of Intellectual Property Law, 12.Find this resource:
Katz, J. E. (Ed.). (2014). Living inside mobile social information. Dayton, OH: Greyden Press.Find this resource:
Roulin, N., & Bangerter, A. (2013). Social networking websites in personnel selection: A signaling perspective on recruiters’ and applicants’ perceptions. Journal of Personnel Psychology, 12, 143–141.Find this resource:
Steele, R. D. (2007). Open source intelligence. In L. K. Johnson (Ed.), Handbook of intelligence studies (pp. 129–147). New York: Routledge.Find this resource:
Solove, D. J. (2007). The future of reputation: Gossip, rumor, and privacy on the Internet. New Haven, CT: Yale University Press.Find this resource:
Acquisti, A., & Fong, C. (2015/2012). An experiment in hiring discrimination via online social networks at the NBER Summer Symposium on the Economics of Digitization. Presented at the 2012 IAPP Privacy Law Scholars Conference, Washington, DC.Find this resource:
Appel, E., Sr. (2014). Cybervetting. Internet searches for vetting, investigations, and open-source intelligence. Boca Raton, FL: Taylor & Francis.Find this resource:
Back, M. D., Stopfer, J. M., Vazire, S., Gaddis, S., Schmukle, S. C., Egloff, B., & Gosling, S. D. (2010). Facebook profiles reflect actual personality, not self-idealization. Psychological Science, 21, 372–374.Find this resource:
Berger, C. R., & Douglas, W. (1981). Studies in interpersonal epistemology: III. Anticipated interaction, self monitoring, and observational context selection. Communication Monographs, 48, 183–196.Find this resource:
Berkelaar, B. L. (2010). Cyber-vetting: Exploring the implications of online information for career capital and human capital decisions (Unpublished Diss.). Purdue University, West Lafayette, IN.Find this resource:
Berkelaar, B. L. (2014). Cybervetting, online information, and personnel selection: New transparency expectations and the emergence of a digital social contract. Management Communication Quarterly, 28, 479–506.Find this resource:
Berkelaar, B. L., & Buzzanell, P. M. (2014). Reconceptualizing fit (assessments) in personnel selection: Employers’ sensemaking about cybervetting. Journal of Applied Communication Research, 42, 456–476.Find this resource:
boyd, d. (2007). Why youth (heart) social network sites: The role of networked publics in teenage social life. In D. Buckingham (Ed.), MacArthur Foundation series on digital learning: Youth, identity and digital media (pp. 119–142). Cambridge, MA: MIT Press.Find this resource:
Brashers, D. (2006). Communication and uncertainty management. Journal of Communication, 51, 477–497.Find this resource:
Brown, V. R., & Vaughn, E. D. (2011). The writing on the (Facebook) wall: The use of social media sites in hiring decisions. Journal of Business Psychology, 26, 219–225.Find this resource:
Caers, R., and Castelyns V. (2011). LinkedIn and Facebook in Belgium: The influences and biases of social network sites in recruitment and selection procedures. Social Science Computer Review, 29, 437–448.Find this resource:
Carr, C. T., & Walther, J. B. (2014). Increasing attributional certainty via social media: Learning about others one bit at a time. Journal of Computer-Mediated Communication, 19, 922–937.Find this resource:
Case, D. O. (2012). Looking for information: A survey of research on information seeking, needs, and behavior. Bingley, U.K.: Emerald Group Publishing.Find this resource:
Hogan, B. (2010). The presentation of self in the age of social media: Distinguishing performances and exhibitions online. Bulletin of Science, Technology, & Society, 30, 377–386.Find this resource:
Kotamraju, N. P., Ben Allouch, S., & van Wingerden, K. (2014). Employers’ use of online reputation and social network sites in job applicant screening and hiring. In J. E. Katz (Ed.), Living inside mobile social information (pp. 247–269). Dayton, OH: Greyden Press.Find this resource:
Manant, M., Pajek, S., & Soulié, N. (2014). Do recruiters “like” it? Online social networks and privacy in hiring: A pseudo-randomized experiment. Paper presented at the Annual Meeting of the French Economic Association, Lyon, FR.Find this resource:
NATO School Obberamergau. (2014). N2-04 NATO Open-Source Intelligence Course.Find this resource:
Nikolaou, I. (2014). Social networking web sites in job search and employee recruitment. International Journal of Selection and Assessment, 22, 179–189.Find this resource:
Pike, J. C., Bateman, P. J., & Butler, B. (2013). Dialectic tensions of information quality: Social networking sites and hiring. Journal of Computer-Mediated Communication, 19, 56–77.Find this resource:
Ramirez, A., Jr., Walther, J. B., Burgoon, J., & Sunnafrank, M. (2002). Information seeking strategies, uncertainty and computer-mediated communication. Towards a conceptual model. Human Communication Research, 28, 213–228.Find this resource:
Roth, P. L., Bobko, P., Van Iddekinge, C. H., & Thatcher, J. B. (2016). Social media in employee-selection related decisions. A research agenda for uncharted territory. Journal of Management, 42, 269–298.Find this resource:
Roulin, N. (2014). The influence of employers’ use of social network sites in selection, online self-promotion, and personality on the likelihood of faux pas postings. International Journal of Selection and Assessment, 22, 80–87.Find this resource:
Roulin, N., & Bangerter, A. (2013). Social networking websites in personnel selection: A signaling perspective on recruiters’ and applicants’ perceptions. Journal of Personnel Psychology12, 143–151.Find this resource:
Sameen, S., & Cornelius, S. (2015). Social network sites and hiring: How social media profiles influence hiring decisions. Journal of Business Studies Quarterly, 7, 27–35.Find this resource:
Schott, B. (2007, December 6). Schott’s almanac 2008: Technology lexicon. TimesOnline.Find this resource:
Scott, G. G., Sinclair, J., Short, E., & Bruce, G. (2014). It’s not what you say, it’s how you say it: Language use on Facebook impacts employability but not attractiveness. Cyberpsychology, Behavior, and Social Networking, 17, 562–566.Find this resource:
Stoughton, J. W., Foster Thompson, L., & Meade, A. W. (2013). Big five personality traits reflected in job applicants’ social media postings. Cyberpsychology, Behavior, and Social Networking, 16, 800–805.Find this resource:
Stoughton, J. W., Foster Thompson, L., & Meade, A. W. (2015). Examining applicant reactions to the use of social networking websites in pre-employment screening. Journal of Business Psychology, 30, 73–88.Find this resource:
Treem, J., & Leonardi, P. (2012). Social media uses in organizations: Exploring the affordances of visibility, editability, persistence, and association. In E. L. Cohen (Ed.), Communication yearbook (Vol. 37, pp. 143–186). New York: Routledge.Find this resource:
Van Iddekinge, C. H., Lanivich, S. E., Roth, P. L., & Junco, E. (2013). Social media for selection? Validity and adverse impact potential of a Facebook-based assessment. Journal of Management, online first.Find this resource:
Walther, J. B., Van Der Heide, B., Kim, S., Westerman, D., & Tong, S. T. (2008). The role of friends’ appearance and behavior on evaluations of individuals on Facebook: Are we known by the company we keep?. Human Communication Research, 34, 28–49.Find this resource:
Wenzlaff, R. M., & Wegner, D. M. (2000). Thought suppression. Annual Review of Psychology, 51, 59–91.Find this resource:
Walther, J. B., & Parks, M. R. (2002). Cues filtered out, cues filtered in. In M. L. Knapp & J. Daly (Eds.), Handbook of interpersonal communication (pp. 529–563). Thousand Oaks, CA: Sage.Find this resource:
Zuboff, S. (1989). In the age of the smart machine: The future of work and power. New York: Basic Books.Find this resource: