If you are a woman working in tech, your LinkedIn inbox probably feels less like a professional networking space and more like a digital landfill.
“Hi [Firstname], love your background at [Company]! I have an ‘exciting, disruptive opportunity’ that perfectly matches your skill set…”
You open it, hoping for a genuine connection, only to find a completely irrelevant role, three seniority levels below yours, requiring a stack you haven’t touched in five years.
We laugh about it. We post screenshots of the worst offenders for a quick laugh on tech forums. But beneath the daily irritation lies a far more unsettling question that our industry rarely discusses out loud: Who actually controls your personal information once it enters the recruitment ecosystem?
When your CV is passed around the wild west of unvetted agencies, your phone number, home address, work history, and identity become public currency. It’s time to expose how the spam machine works and why controlling who handles your data is the ultimate career power move.
The traditional, volume-based recruitment model is a pure numbers game. Low-tier agencies often use automated bots to scrape platforms like LinkedIn, GitHub, or public portfolios. Once they harvest your contact details, your data enters a chaotic pipeline designed for commission, not career progression.
Many people don’t realise that a major source of tech spam comes from a practice called “speculative CV floating.”
What is CV Floating?
This happens when an unvetted recruiter takes your CV, frequently without your explicit consent, strips your direct contact details, and blasts it out to dozens of hiring managers across the industry to “see if anyone bites” and claims a fee.
This doesn’t just flood your inbox; it actively damages your professional reputation:
Internal corporate talent teams at major enterprise companies and top-tier startups don’t just work with anyone. They operate using a strictly vetted Preferred Supplier List (PSL).
When you bypass the spam inboxes and work exclusively with these approved talent partners, the dynamic changes from a transaction to a relationship.
1. Ironclad data governance
In the UK, approved partners are legally bound by strict data protection laws. They cannot share your CV, name, or background with anyone without your documented consent for a specific, active role. If they violate this, they risk losing a multi-million-pound corporate account and facing severe legal penalties.
2. Direct lines, not blind blasts
Spam recruiters are throwing spaghetti at the wall; they rarely have a relationship with the company they claim to be hiring for. Approved partners, however, have deep relationships with internal engineering leads and HR directors. Your application goes directly to the top of the pile, completely securely, rather than sitting in an unmonitored generic inbox.
When you look for your next role on the Women in Tech platform, you are stepping out of the wild-west job boards and into a protected ecosystem:
The tech industry prides itself on building elegant security architecture and data privacy frameworks for users, yet the recruitment sector that feeds it often operates on frameworks that feel completely outdated.
Should we tolerate having our personal histories treated as free-floating commodities just to find work? Or is it time to demand that companies only source talent through approved ecosystems that treat candidate data with the same respect they treat their own source code?
