ICO Recommendations for AI Tools in Recruitment

At Sapia.ai, we’re dedicated to creating a hiring experience that is transparent, inclusive, and respectful of every candidate’s privacy. This month, the UK Information Commissioner’s Office (ICO)—the UK’s independent authority on upholding information rights and promoting data privacy— released new recommendations for AI developers and providers of recruitment tools, focused on protecting jobseekers’ rights and privacy. We’re proud to have contributed to the ICO’s audit and review of industry practices and to have implemented all recommendations specific to our platform.

The ICO conducted consensual audits with several organisations across various AI use cases. Throughout the process, the ICO was keen to understand how Sapia.ai and other providers process personal data, aiming to provide practical guidance for improving data protection and addressing information rights challenges in recruitment AI.

In total, these audits led to nearly 300 recommendations aimed at improving compliance across the industry. The recommendations included a range of practices to ensure fairness and transparency in processing candidates’ data. Key areas of focus included processing personal information fairly, minimising data collection, clearly explaining data processing activities, avoiding unlawful data repurposing, and conducting thorough risk assessments to evaluate privacy impacts — principles that align closely with our core values.

Since these recommendations spanned various AI applications, Sapia.ai received a small subset relevant specifically to our platform, and we’re proud to have fully integrated the ICO’s feedback into our approach.

Our Commitment to Continuous Improvement

As part of our engagement with the ICO, we reviewed and refined our practices. For instance, in late 2023, we ended the practice of inferring special category data from candidate names when this information wasn’t directly provided. This adjustment underscores our dedication to handling personal data transparently and responsibly.

The ICO’s audit also highlighted several existing practices at Sapia.ai that support our commitment to transparency, fairness, and data security. Our FAIR™ Framework received special recognition for promoting fairness in AI recruitment by offering clear guidance on reducing bias and fostering trust in AI-driven hiring. This framework is central to our efforts to create an equitable and transparent hiring experience—one where every candidate feels valued and seen.

Upholding Robust Security Standards

Beyond privacy, security is fundamental to our operations. The ICO acknowledged our strong commitment to information security, highlighting our programme of annual external assessments for compliance with ISO27001, ISO27017/18, and SOC2 Type 2 certifications. These certifications reflect our rigorous standards for data security, ensuring that our systems and processes protect personal data effectively. By undergoing these assessments, we assure our clients that our security practices are not only robust but also regularly reviewed to meet evolving standards in data protection.

Supporting Clients with Training and Resources

We believe that compliance and fairness extend beyond our technology to include the way clients understand and use our platform. That’s why, as part of our onboarding process, we provide comprehensive system training for new clients. This includes guidance on interpreting assessments and navigating the management information dashboard, helping clients use our system as it was designed. We also support clients in completing their own Data Protection Impact Assessments (DPIAs), empowering them to evaluate and address privacy risks in line with best practices.

Further, we provide accessible reference guides, or product ‘explainers’. These resources clarify the mechanics of our system and the security measures we have in place to protect personal data, enhancing client confidence and trust in our technology.

Building a Fairer Hiring Experience

We’re grateful for the opportunity to collaborate with the ICO and are inspired by their recognition of AI’s potential to make a positive impact on society. At Sapia.ai, we’ll continue to prioritise fairness, security, and privacy, working to create a hiring experience where every candidate feels valued and understood.

Our commitment to continuous improvement means we actively monitor changes in the privacy landscape and adapt to new developments. As AI legislation evolves and privacy standards are refined, we strive to proactively implement any required changes—ensuring our technology not meets and anticipates future standards.

About Author

Laura Belfield
Head of Marketing

Get started with Sapia.ai today

Hire brilliant with the talent intelligence platform powered by ethical AI
Speak To Our Sales Team