Welcome to 2019—a time when there seems to be a major corporate “hack” every month and consumer data is the new hot commodity. No one is safe! Whether it is the FaceApp or the Cambridge Analytica scandal, consumer data is becoming increasingly valuable and vulnerable. Aside from obvious privacy concerns, the value of personal information also presents a concern less often discussed: discrimination.

Employers who are paying attention know that it is illegal to discriminate based on an individual’s race, gender, religion, national origin, disability or age. For example, it is illegal to post a job opportunity for an individual that is “40 years or younger” or openly seek out or exclude someone of a particular race or gender. In 2014, Ventura Corp. paid $354,250 to settle a lawsuit filed by the Equal Employment Opportunity Commission (EEOC) claiming the company discriminated against men because it had a pattern or practice of refusing to hire qualified male applicants. The EEOC also more recently sued the University of Kansas Medical Center for violation of the Age Discrimination in Employment Act (ADEA) based on allegations from a former employee that the medical center’s department head instructed staff to give hiring preference to millennials over older applicants. Just this month, with the help of the American Civil Liberties Union (ACLU), a groundbreaking settlement was reached between the federal agency that operates AmeriCorps and plaintiffs in a class action suit filed against AmeriCorps alleging its screening process violated the Rehabilitation Act because it included a detailed medical questionnaire and restrictive prior health screening guidelines that ultimately result in discrimination against individuals with certain disabilities.