The Illusion of Instant Criminal Checks: Why a True National Criminal Database Still Doesn’t Exist
If you’ve ever been pitched a “national criminal database,” you’ve probably imagined a single, authoritative system that instantly returns every criminal record across the United States. That database doesn’t exist for non‑law‑enforcement users and relying on anything marketed that way can lead to missed records, inaccurate matches, and regulatory headaches.
What actually exists at the national level?
The FBI operates several national systems—NCIC, III, NGI, N‑DEx, and NICS—to support criminal justice operations. These are law‑enforcement systems, with access tightly constrained by federal law and regulation (including 28 C.F.R. § 20.33). Employers generally cannot query NCIC/III directly unless a statute authorizes fingerprint‑based checks for specific roles (e.g., child care, elder care, or other regulated positions) and the check is routed through the state repository per the Compact Council rules.
Even within law enforcement, these systems are indexes and exchanges that depend on state and local repositories to submit arrests and dispositions; coverage and timeliness vary. The DOJ/BJS surveys and FBI guidance repeatedly emphasize gaps and the critical need to report final court dispositions to keep records accurate.
So what are “national criminal databases” sold by private vendors?
Commercial “national” or multi‑jurisdictional files aggregate data from many sources (state repositories where available, departments of corrections, sex offender registries, selected county uploads, watchlists, etc.). They can be useful as a pointer or discovery tool, but they are not comprehensive and often not current enough to stand alone. Coverage varies by jurisdiction and update cadence; name‑match noise creates false positives/negatives, especially with common names.
Industry resources and compliance guidance are consistent on this point: use multi‑jurisdictional databases to broaden the net, then verify at the originating court or repository before reporting or taking action.
Why “database‑only” screening creates risk
- Incomplete coverage: Not all courts or states report; updates lag. Recent charges or local misdemeanors may be absent.
- Identity ambiguity: Limited identifiers can mis‑match results; aliases and data entry errors compound the problem.
- Stale or missing dispositions: Arrests without case outcomes mislead; expungements or dismissals may remain in bulk feeds.
- Fair Credit Reporting Act (FCRA) compliance exposure: The FCRA requires “reasonable procedures to assure maximum possible accuracy” and complete, up‑to‑date public record reporting. Database “hits” must be confirmed at the source, and consumers must be notified appropriately when adverse public records are reported for employment decisions.
Regulators have sharpened expectations. In 2024, the Consumer Financial Protection Bureau (CFPB) reiterated that consumer reporting agencies (CRAs) must prevent reporting of duplicate or expunged/sealed items and include disposition information where available. CRAs also must disclose the source(s), both original and any intermediaries, when consumers request their files.
Why this still matters
Despite modernization, data gaps persist—especially in disposition reporting and identity matching. The newest BJS/SEARCH survey shows continued dependence on state repositories and varying automation/completeness across states, reinforcing why source verification and robust procedures remain critical.
Meanwhile, regulators (CFPB/FTC) are raising the bar on “maximum possible accuracy.” Organizations that rely on “instant database” products without verification risk adverse action mistakes, consumer disputes, and enforcement exposure.
Disclaimer: This communication is for general informational purposes only and does not constitute legal advice. The summary provided in this alert does not, and cannot, cover in detail what employers need to know about the amendments to the Philadelphia Fair Chance Law or how to incorporate its requirements into their hiring process. No recipient should act or refrain from acting based on any information provided here without advice from a qualified attorney licensed in the applicable jurisdiction.
Independent Contractors, Misclassification, and the FCRA: Lessons from Joel Galarza’s Eleventh Circuit Case
The Eleventh Circuit’s recent decision in Galarza v. One Call Claims, LLC sent ripples through compliance and risk management circles. At its core, the case addressed whether three insurance adjusters labeled as independent contractors were actually employees under the Fair Labor Standards Act (FLSA). The court applied the economic realities test and concluded that a jury could reasonably find these workers were employees, reversing the district court’s summary judgment in favor of the companies. Five of six factors favored employee status, including:
- Control over work: The companies dictated schedules, monitored performance, and approved overtime.
- Economic dependence: Adjusters worked exclusively for the companies for nearly two years.
- Integral role: Their work was central to the companies’ operations.
- Permanency: Long-term, exclusive engagements suggested employment rather than independent contracting.
Why This Matters for Employment Background Screening
While the Galarza case was decided under the FLSA, it raises a critical question for compliance professionals: Should independent contractors be treated as employees for purposes of the Fair Credit Reporting Act (FCRA)?
Under the FCRA, requirements such as stand-alone disclosures, written authorization, and pre-adverse action notices apply when a consumer report is obtained for “employment purposes.” The statute defines this as evaluating a consumer for employment, promotion, reassignment, or retention as an employee. Although Federal Trade Commission (FTC) staff reports have suggested that the FCRA’s “employment purpose” provision may extend to certain independent contractors, courts have generally taken a narrower view. For example, in Smith v. Mutual of Omaha (S.D. Iowa), the court held that background screening for contractor roles did not trigger the FCRA’s employment-related protections.
However, the Galarza decision underscores a practical risk: labels don’t control legal outcomes. If a contractor is later deemed an employee under an “economic realities” or similar test, a company could face exposure—not just under wage laws, but potentially under FCRA if the screening process didn’t meet employment-purpose requirements.
Compliance Takeaways
- Don’t Rely on Labels Alone
Contracts calling someone an “independent contractor” won’t shield you if the working relationship looks like employment. Courts focus on substance over form. - Assess Classification Before Screening
If the role involves long-term, exclusive work under significant control, treat the individual as an employee for FCRA compliance. This means providing proper disclosures, obtaining written consent, and following adverse action procedures. - Update Policies and Vendor Agreements
Ensure your background screening policies clearly address contractor roles and include contingency plans if classification changes. - Monitor Legal Trends
The Eleventh Circuit’s ruling aligns with broader enforcement trends emphasizing misclassification risks. Expect more scrutiny in wage-and-hour and consumer reporting contexts.
Bottom Line
The Galarza case is a wake-up call: misclassification isn’t just a wage-and-hour issue—it’s a compliance risk that touches background screening and FCRA obligations. When in doubt, err on the side of treating high-control, long-term contractors as employees for screening purposes. It’s a small step that can prevent big liability
Disclaimer: This communication is for general informational purposes only and does not constitute legal advice. The summary provided in this alert does not, and cannot, cover in detail what employers need to know about the amendments to the Philadelphia Fair Chance Law or how to incorporate its requirements into their hiring process. No recipient should act or refrain from acting based on any information provided here without advice from a qualified attorney licensed in the applicable jurisdiction.
A Unified Credit Reporting System: CFPB Clarifies Federal Preemption Under the FCRA
On October 28, 2025, in a significant move toward regulatory clarity, the Consumer Financial Protection Bureau (CFPB) issued a new interpretive rule reaffirming the broad preemptive scope of the Fair Credit Reporting Act (FCRA) over state laws. This rule replaces the narrower interpretation issued in July 2022, which the CFPB formally withdrew in May 2025.
Why This Matters
The FCRA, enacted in 1970 and amended multiple times since, governs the creation and use of consumer reports. It has always included a preemption clause, but the scope of that clause has evolved. In 1996, Congress expanded FCRA’s preemption to cover specific subject matters, aiming to prevent a fragmented regulatory landscape. This expansion was made permanent in 2003 to support a unified national credit reporting system.
The CFPB’s latest interpretive rule confirms that the FCRA broadly preempts state laws that touch on the subject matter regulated by the federal statute. This clarification is intended to promote consistency across the credit reporting industry and ensure that consumers and businesses operate under a single, coherent set of standards.
The Shift from 2022
The 2022 interpretive rule argued for a narrow reading of FCRA’s preemption clause, suggesting that states could regulate areas like medical debt, rental information, and arrest records unless those regulations directly conflicted with specific FCRA provisions. The CFPB now asserts that this interpretation was flawed, both legally and practically.
According to the Bureau, the language of the FCRA—particularly section 1681t(b)(1)—uses broad terms like “no requirement or prohibition” and “with respect to any subject matter regulated under,” which indicate Congress’s intent to occupy the field of consumer reporting. The phrase “relating to” further expands the scope, encompassing any state law connected to the topics covered by the FCRA.
Legal and Legislative Support
The CFPB’s position is supported by legislative history and judicial precedent. Congress explicitly aimed to create national standards to avoid a “patchwork system of conflicting regulations.” Courts have consistently interpreted the FCRA’s preemption clause broadly, finding that state laws addressing the same subject matter as federal provisions are preempted even if they don’t mirror the exact language of the FCRA.
Implications on Compliance
While the CFPB’s interpretive rule provides helpful guidance, it is important to note that interpretive rules are not binding on any court. Courts may choose not to adopt the CFPB’s interpretation, and legal challenges could arise depending on jurisdiction and context.
Disclaimer: This communication is for general informational purposes only and does not constitute legal advice. The summary provided in this alert does not, and cannot, cover in detail what employers need to know about the amendments to the Philadelphia Fair Chance Law or how to incorporate its requirements into their hiring process. No recipient should act or refrain from acting based on any information provided here without advice from a qualified attorney licensed in the applicable jurisdiction.
California Consumer Privacy Act (CCPA) and Employment Background Screening
Key Points:
- Limited Applicability Due to AB 25
Initially, the CCPA broadly defined “consumer” to include job applicants and employees. However, Assembly Bill 25 (AB 25) amended the CCPA to temporarily exclude personal information collected from job applicants, employees, and independent contractors from most CCPA provisions.
This exclusion was in effect until January 1, 2023, after which some CCPA rights were extended to employees and job applicants. As of now, employers must comply with the following CCPA provisions when using background screening services:
- Notice at collection–employers must inform applicants about:
- What personal data is being collected (e.g., criminal history, credit data, identifiers)
- The purpose of data collection (e.g., hiring decisions)
- Data security obligations:
Employers must implement reasonable security measures to protect personal data. If a breach occurs due to negligence, affected individuals may sue for statutory damages.
- Overlap with Other Laws
Employers in California must also comply with:
- Fair Credit Reporting Act (FCRA)
- Investigative Consumer Reporting Agencies Act (ICRAA)
- Consumer Credit Reporting Agencies Act (CCRAA)
These laws govern how background checks are conducted, what disclosures are required, and how adverse actions must be handled.
Disclaimer: This communication is for general informational purposes only and does not constitute legal advice. The summary provided in this alert does not, and cannot, cover in detail what employers need to know about the amendments to the Philadelphia Fair Chance Law or how to incorporate its requirements into their hiring process. No recipient should act or refrain from acting based on any information provided here without advice from a qualified attorney licensed in the applicable jurisdiction.
Takeaways for Employers from the Grijalva v. ADP Screening Decision
The Ninth Circuit’s August 2025 ruling in Grijalva v. ADP Screening clarified how exclusions from federally funded healthcare programs and similar long-term listings, such as sex offender registries, can be reported under the Fair Credit Reporting Act (FCRA).
Key Implications for Employers:
- Ongoing exclusions are reportable. Even if the exclusion began over seven years ago, it’s considered a current status and can appear in a background report.
- The reason for the exclusion may not be reportable. If the underlying cause (e.g., an administrative action) occurred more than seven years ago and isn’t a criminal conviction, Consumer Reporting Agencies (CRAs) generally cannot report it unless the candidate is expected to earn $75,000 or more annually.
- Employers can ask candidates directly. If you need context behind an exclusion or listing, you’re free to ask the candidate. CRAs may be restricted from providing that information due to FCRA limitations.
- Convictions are treated differently. Criminal convictions are reportable regardless of age under the FCRA, but several states impose their own time-based restrictions.
Disclaimer: This communication is for general informational purposes only and does not constitute legal advice. The summary provided in this alert does not, and cannot, cover in detail what employers need to know about the amendments to the Philadelphia Fair Chance Law or how to incorporate its requirements into their hiring process. No recipient should act or refrain from acting based on any information provided here without advice from a qualified attorney licensed in the applicable jurisdiction.