Tread Carefully in Asking Applicants For Usernames & Passwords

Home » Latest Industry News » Tread Carefully in Asking Applicants For Usernames & Passwords

Asking job applicants to share their social media usernames and passwords could pose major legal, ethical, and public relations challenges for employers, various sources told BNA (Bureau for National Affairs).

Facebook released a written statement on March 23, 2012 objecting to employers asking applicants or employees for such information. ‘‘In recent months, we’ve seen a distressing increase in reports of employers or others seeking to gain inappropriate access to people’s Facebook profiles or private information,’’ Erin Egan, Facebook’s chief privacy officer for policy, said in the statement. ‘‘This practice undermines the privacy expectations and the security of both the user and the user’s friends. It also potentially exposes the employer who seeks this access to unanticipated legal liability.’’

Egan suggested that the company would sue employers who asked employees for their Facebook passwords. According to the social networking giant, sharing or soliciting a Facebook password is a violation of its Statement of Rights and Responsibilities.

‘‘As a user, you shouldn’t be forced to share your private information and communications just to get a job,’’ Egan said. ‘‘And as the friend of a user, you shouldn’t have to worry that your private information or communications will be revealed to someone you don’t know and didn’t intend to share with just because that user is looking for a job.’’

Data Not Really Private

A management attorney, however, was skeptical of Facebook’s legal standing with regard to employers requesting passwords. ‘‘It is not clear what kind of claim Facebook could assert against an employer,’’ said Philip Gordon, a shareholder with Littler Mendelson in Denver. ‘‘Facebook does not appear to have any cognizable damage when an employer accesses an applicant’s Facebook page.’’

‘‘Data posted on social media sites like Facebook isn’t really private, even on restricted pages,’’ Gordon added, because ‘‘dozens, and even hundreds, of ‘friends’ have access to that information.’’ Moreover, Gordon said he has not heard about any employers requesting Facebook passwords. ‘‘Aside from what has been reported in the media, I am not aware of any employer who has asked an applicant for log-in credentials or who has a policy of doing so,’’ he told BNA.

Examination of Legality Requested

Regardless of how widespread the practice is, Reps. Ed Perlmutter (DColo.) and Patrick McHenry (R-N.C.) have said they plan to draft legislation to address the issue. In addition, two U.S. senators recently asked federal agencies to address the legality of employers seeking workers’ social media information. Sens. Charles Schumer (D-N.Y.) and Richard Blumenthal (D-Conn.) requested on March 25, 2012 that the Department of Justice determine whether such requests from employers violate the Stored Communications Act or the Computer Fraud and Abuse Act, both of which in part address the unauthorized access, disclosure, or use of computers and computer networks.

‘‘Requiring applicants to provide login credentials to secure social media websites and then using those credentials to access private information stored on those sites may be unduly coercive and therefore constitute unauthorized access under both SCA and the CFAA,’’ they said in a letter to Attorney General Eric Holder Jr. In a similar letter to Equal Employment Opportunity Commission Chair Jacqueline Berrien, Schumer and Blumenthal said: ‘‘Facebook and other social networks allow users to control what information they expose to the public, but potential employers using login credentials can bypass these privacy protections. This allows employers to access private information, including personal communications, religious views, national origin, family history, gender, marital status, and age. If employers asked for some of this information directly, it would violate federal anti discrimination law. We are concerned that collecting this sensitive information under the guise of a background check may simply be a pretext for discrimination.’’ Blumenthal and Schumer are working on legislation that would restrict employer requests for social media and email passwords from prospective employees, the senators said in their statement.

At the state level, legislation pending in California, Illinois, Maryland, Minnesota, and New York would restrict employers’ ability to require job applicants and employees to provide their online usernames and passwords as a condition of employment. ‘‘Legislators need to be careful before imposing new legal restrictions. It seems easy to pass a law in response to a public outcry, but technology changes so quickly and who knows where this is going to go,’’ Gordon cautioned. ‘‘The public might react differently if it turns out an employer might have prevented a workplace violence incident if it had been able to access an employee’s restricted Facebook page with the employee’s password.’’