Employee screening raises legitimate ethical questions. At Premtrace, we believe the answer lies in a clear, principled distinction: public data only.
The Public/Private Line
There is a fundamental difference between:
The first is observing the public sphere — no different from reading a newspaper or attending a public event. The second is surveillance.
Premtrace operates exclusively in the public sphere. We scan platforms and sources that anyone can access without authentication or special privileges. If information requires a login, a password, or any form of access control to reach, we don't touch it.
Why This Distinction Matters
Legally
Under nFADP and GDPR, processing publicly available data is treated differently from processing private communications. Public data processing has a clearer legal basis and lower compliance burden.
Ethically
Employees have a reasonable expectation that their private communications remain private. They do not have the same expectation for content they have deliberately published to the public.
Practically
Public data screening catches the risks that matter most: public statements that could embarrass the firm, undisclosed business interests visible in commercial registries, regulatory actions documented in public records.
What We Don't Do
To be absolutely clear, Premtrace never:
The Right Balance
Employee digital risk screening, done ethically, protects both the institution and the individual. It identifies risks that could harm the firm's reputation and compliance posture — and gives the employee an opportunity to address them.
The key is proportionality: screen what's public, report what's material, and always give context.