Este artigo está disponível apenas em inglês no momento.
AI in HR: Hiring, Performance Management, and the Employment Law Compliance Framework
HR teams are using AI for candidate screening, performance scoring, engagement analytics, and workforce planning. Each creates specific compliance obligations under employment law, anti-discrimination law, and privacy law. The 2026 governance guide for HR leaders.
Key Takeaways
AI hiring tools are the highest-risk AI category for HR teams — algorithmic screening has documented histories of discriminatory outcomes, regulatory enforcement actions are increasing globally, and the consequences (claims, penalties, reputation damage) are severe.
The EEOC (US), AHRC (Australia), and Equality Act regulators (UK) have all signalled active enforcement of anti-discrimination law against AI hiring tools — the enforcement posture is clear and organisations using AI hiring tools without bias testing are exposed.
AI performance management creates Fair Work Act (Australia), Employment Rights Act (UK), and equivalent obligations — performance data generated by AI must be accurate, must be shared with employees, and must not be the sole basis for significant employment decisions without human review.
The Privacy Act applies to AI HR analytics — collecting and processing employee data for AI analytics requires compliance with the Australian Privacy Principles, including purpose limitation and employee access rights.
HR AI vendor due diligence is a specific obligation: HR leaders are responsible for the compliance of AI tools they procure, including their data handling, bias testing history, and compliance with applicable employment law in the jurisdictions where they are used.
"Apenas para fins informativos. Este artigo não constitui aconselhamento jurídico, regulatório, financeiro ou profissional. Consulte um especialista qualificado para orientação específica."
Where AI in HR creates the most governance risk
HR teams deploying AI face governance obligations that span three distinct phases of the employment relationship. Getting any one of them wrong creates material legal, reputational, and operational risk.
Recruitment and selection AI: the highest-scrutiny phase
AI in recruitment attracts the most regulatory attention globally because it is where algorithmic discrimination is most consequential — affecting who gets employment opportunities at all.
The core obligation in every major jurisdiction is disparate impact testing: does the AI produce significantly different outcomes for applicants from different protected groups? In the US, the EEOC's May 2023 technical guidance confirms that Title VII applies to AI hiring tools even from third-party vendors, and that the employer bears responsibility for discriminatory outcomes. In the UK, indirect discrimination under the Equality Act 2010 applies to AI screening tools. In the EU, AI employment systems are Annex III high-risk under the EU AI Act — full conformity assessment and human oversight obligations apply. In Australia, the Racial Discrimination Act, Sex Discrimination Act, Disability Discrimination Act, and Age Discrimination Act all apply to discriminatory AI hiring outcomes.
Before deploying any AI recruitment tool: require the vendor to provide bias testing data across all relevant protected characteristics in your jurisdiction; conduct your own disparate impact analysis using the four-fifths rule as a starting point; implement a genuine human review of AI recommendations before decisions are made; document your bias testing and human review processes; and review candidate-facing materials to ensure disclosure of AI use where required (NYC LL144, Illinois AI Video Interview Act, and GDPR/UK GDPR transparency obligations).
AI in performance management: the consent and process challenge
Performance management AI — productivity tracking, quality scoring, algorithmic KPI setting — creates three distinct governance challenges.
First, transparency: employees must be informed that AI is used to assess their performance. Under the Australian Privacy Act, GDPR, and UK GDPR, privacy notices must be updated to reflect AI use in performance management. From December 2026, the Australian Privacy Act requires specific disclosure of substantially automated decision-making in privacy policies. The ICO's Employment Practices code requires UK employers to disclose workplace monitoring in accessible form.
Second, accuracy and contestability: AI performance scores are only as good as the underlying metrics. An AI that measures keystrokes per hour captures output quantity but not quality, context, or collaboration. Disciplinary action based on AI-generated performance data that is systematically biased or captures the wrong signals is likely to fail procedural fairness requirements in unfair dismissal proceedings. Give employees the ability to contest AI-generated performance data and implement a human review of assessments before they trigger disciplinary consequences.
Third, psychosocial risk: AI performance monitoring creates documented psychosocial hazards in Australian workplaces under the WHS framework. Constant surveillance, unpredictable algorithmic targets, and opaque scoring create the conditions for work-related psychological harm. Employers must assess and control these risks under state and territory psychosocial hazard regulations (Victoria: 1 December 2025 commencement; all other jurisdictions: already in effect).
AI in workforce planning: restructuring and redundancy
AI is increasingly used to model workforce scenarios, identify efficiency opportunities, and rank employees for potential redundancy. This use case attracts the most serious legal risk because it directly affects job security.
In Australia, the Fair Work Act requires genuine consultation before significant workplace changes, including redundancies. Where AI modelling is used to identify redundant roles, the employer must be able to explain and justify the selection criteria to affected employees and their representatives, and the model's outputs must be subject to genuine human review. Redundancy selection criteria that disproportionately identify workers of a particular age, gender, or disability status for redundancy may constitute unlawful discrimination even if the model did not use those characteristics directly.
The Amazon hiring algorithm case study is instructive: a model trained on historical data reflects historical patterns, including historical discrimination. Redundancy AI trained on data from a workforce that was previously less diverse will tend to perpetuate that lack of diversity through its selections. Require an independent bias audit of any AI redundancy selection model before it is used, and scrutinise selection outputs for patterns by protected characteristic before any redundancy decisions are communicated.
Building governance infrastructure for HR AI
A sustainable HR AI governance framework requires: an AI register that lists all HR AI tools, their purpose, data inputs, and the decisions they influence; bias testing protocols for each tool, conducted at least annually and after any significant model update; a human-in-the-loop requirement for all consequential HR decisions — the AI informs, the human decides; an employee disclosure framework — what employees are told about AI use in each phase of their employment; a contestability process — how employees can challenge AI-generated assessments; and an incident response plan for when HR AI produces errors or discriminatory outputs.
None of this needs to be complex. A small company with one or two HR AI tools can meet these requirements with straightforward documentation and clear process. What matters is that the governance is real — not a policy document that is never followed. Regulators and Employment Tribunals are increasingly examining whether AI governance documented in policy was actually implemented in practice.