U.S. District Judge Rita Lin signaled on June 16, 2026, that Workday can be held liable under California’s Fair Employment and Housing Act (FEHA) for discriminatory outcomes produced by its AI hiring tools, even when the employers using those tools operate outside California. The decision reshapes ATS vendor accountability for every company running AI-assisted recruitment.
The FEHA Agent Theory
Judge Lin’s ruling hinges on a single legal classification: Workday isn’t a neutral software provider. It’s an agent performing FEHA-regulated activities on the employer’s behalf. That distinction matters because employment discrimination statutes have historically targeted employers, not the vendors selling them screening technology.
Workday argued aggressively for dismissal. The company’s legal team contended that California civil rights law shouldn’t apply to a software platform simply because its code runs on servers based in the state. Judge Lin disagreed. As reported by Reuters, she signaled she would likely order Workday to face claims that it violated California law “thousands of times” by weeding out job applicants at major companies for discriminatory reasons.
The hearing on June 15, 2026, in San Francisco federal court examined whether FEHA’s reach extends nationwide when the AI tool itself is designed, trained, and operated from California. Judge Lin’s preliminary answer: yes. She ruled that FEHA applies to Workday’s “own engagement in FEHA-regulated activities on the employer’s behalf,” according to Archyde’s coverage of the decision.
This interpretation exposes platforms like Eightfold, HireVue, and Pymetrics to similar legal theories. Any vendor whose tools actively score, rank, or recommend candidates could be classified as an employer’s agent under FEHA. If your ATS vendor is making disposition decisions before a human reviewer sees a candidate, that vendor may now carry direct liability for those decisions.
How Resume Fields Become Discrimination Proxies
The Mobley v. Workday lawsuit, filed by plaintiff Derek Mobley, alleges that Workday’s AI screening tools disproportionately reject applicants who are Black, over 40, or disabled. The mechanism isn’t explicit bias written into code. It’s proxy discrimination baked into the correlations the algorithm learns from training data.
As CIO reported, the system reproduces discriminatory outcomes by drawing inferences from seemingly neutral resume fields. Years of experience can indicate age. Long employment gaps can suggest a disability or caregiving responsibilities. Educational and institutional affiliations can reflect race. The algorithm doesn’t need to know a candidate’s protected class to discriminate against them. It finds statistical shortcuts that correlate with those classes and uses them to filter.
This is the core problem with any ATS that runs neural matching or AI-powered candidate ranking. The American Bar Association’s guidance on this point is blunt: “an employer will be held liable for the actions or inactions of an outside vendor who designs or administers an algorithmic decision-making tool on its behalf.”
And the legal exposure is bilateral. Employers can’t deflect blame to vendors. Vendors can’t hide behind the argument that employers made the final call. If you’ve been relying on your ATS vendor’s assurances that their tool is “fair” without running your own recruitment compliance audit, the Mobley case should change your calculus immediately.
The Collective Action Timeline
The Mobley case didn’t arrive fully formed this week. It’s been building for over a year, and each expansion has widened the legal risk for vendors and employers alike.
In May 2025, Judge Lin granted preliminary certification of a nationwide collective action for applicants aged 40 and older who were denied employment recommendations through Workday’s platform since September 24, 2020. That’s nearly six years of hiring decisions under scrutiny. By July 2025, the scope expanded again to include applicants processed using Workday’s HiredScore AI features, which Workday acquired to add deeper AI-powered talent matching to its platform.
March 2026 brought two developments. First, the court rejected Workday’s argument that the Age Discrimination in Employment Act (ADEA) doesn’t cover job applicants, confirming that applicants receive the same ADEA protections as current employees. Second, the opt-in deadline for the age-discrimination collective closed on March 7, 2026, finalizing the plaintiff pool.
If your ATS vendor is making disposition decisions before a human reviewer sees a candidate, that vendor may now carry direct liability for those decisions.
By April and May 2026, the case moved into heavy discovery. The court ordered Workday to produce its own EEO-1 and OFCCP records, though it denied requests for the vendor’s internal bias-testing data and third-party customer applicant data. That denial matters: it means courts are still drawing lines around how deeply plaintiffs can probe a vendor’s proprietary algorithms.
But the trajectory is clear. Each ruling has expanded liability, extended temporal scope, and added new AI features to the legal theory. If you’re running Workday or any comparable AI-powered ATS, the relevant question is whether your hiring data from the past six years can withstand this kind of legal scrutiny. Companies already moving toward AI skill verification over traditional resume screening have a smaller surface area of exposure here, since skills-based assessments generate more defensible, criteria-transparent decisions.
The Patchwork That Makes Compliance Harder
The Workday ruling doesn’t exist in a regulatory vacuum. It lands on top of a growing state-by-state patchwork of AI hiring laws that create overlapping and sometimes contradictory obligations for employers and vendors.
Colorado’s AI Act requires that “developers and deployers must use reasonable care to protect consumers from known or reasonably foreseeable risks of algorithmic discrimination,” with enforcement handled by the Colorado Attorney General. Illinois recently enacted disclosure requirements for AI used in employment decisions. New York City’s Local Law 144 has required bias audits for automated employment decision tools since 2023.
None of these laws are identical in scope, definitions, or enforcement mechanisms. State and local Fair Employment Practices Agencies enforce their own anti-discrimination statutes independently. California has its Civil Rights Department, Washington has the Human Rights Commission, Colorado has the Civil Rights Division.
Warning: Vendor contracts that include standard “compliance with applicable law” language offer weak protection. Ensure contracts include explicit transparency obligations, bias-reporting warranties, and indemnification clauses tied to AI discrimination liability, as [recommended by Lexology’s analysis](https://www.lexology.com/library/detail.aspx?g=7b178edf-d3a7-412e-9625-d2d75f05aca5).
For HR teams running a legal risk assessment on their hiring stack, the practical challenge is that a single ATS deployment may need to satisfy California FEHA, Colorado’s AI Act, Illinois’s disclosure rules, and NYC’s audit requirements simultaneously. If your ATS implementation was configured without mapping these regulatory requirements to specific workflow stages, you’re running compliance debt that compounds with every hire.
Mobley’s Shadow Over Your Next Vendor Contract
The Workday case hasn’t reached a final judgment. Discovery is ongoing, and the ultimate outcome will depend on what Workday’s internal records reveal about how its algorithms were tested, validated, and monitored for discriminatory impact. But the legal theory has already survived multiple dismissal attempts, and Judge Lin’s agent classification creates a framework that will persist regardless of how Mobley itself resolves.
For HR teams evaluating or renewing ATS contracts in the second half of 2026, three contract provisions now carry real weight. First, require vendors to provide model cards or equivalent documentation explaining what variables their AI uses and how those variables were tested for correlation with protected classes. Second, include contractual rights to conduct independent bias audits on the vendor’s scoring and ranking outputs. Third, build indemnification language that explicitly addresses AI hiring discrimination liability, because generic indemnification clauses written before the Mobley ruling won’t cover this exposure.
The employers who will weather this period best are those already treating AI ethical oversight as a priority and running their own validation of vendor tools rather than accepting fair hiring practices as a vendor-side responsibility. The Mobley case makes one thing concrete: courts will hold both sides of the contract accountable, and the question of who built the algorithm won’t shield either party from the consequences of what it does.
