Should job applicants be required to divulge Facebook passwords?

March 14, 2011
By Eric B. Meyer on March 14, 2011 6:00 AM | | Comments

It seems like every week day that we read stories about employees who get disciplined for posting stupid sh*t online. Although no business is immune to stupid employee behavior, employers that implement social media policies can reduce the risk of online idiocy.

Still, I am often asked if employers should require job applicants to divulge internet passwords to facilitate background checks and to reduce the risk of hiring employees who misbehave online.

Good question. A discussion follows...after the jump.


* * *

At least two employers have tried it...with not-so-good results.

Back in 2009, the City of Bozeman, MT implemented a policy requiring all job applicants to divulge their user names and passwords for all social media sites and online chat rooms. Bozeman broke the mold. But, after an internet sh*tstorm erupted in which critics slammed the policy as an unnecessary invasion of privacy, Bozeman suspended this practice.

A password key?Fast-forward two years. The Maryland Department of Corrections implements a new policy requiring all job applicants to turn over social media usernames and passwords. This time, it wasn't the public, but rather the ACLU that criticized the policy. In fact, the ACLU sent a nasty letter to the DOC threatening to take the DOC to court unless it ceased its practice. The DOC has since stopped requiring candidates to fork over online usernames and passwords.


I'll give you two more reasons not to ask...

The two examples above showcase public employers. Employees of private companies generally have few rights -- including the right to privacy. Still, it strikes make that there are some reasons not to implement this policy.

First, it still may not be legal. The Stored Communications Act makes it illegal for a person or entity to intentionally access electronically-stored communications without authorization. This is precisely what happened in Pietryllo v. Hillstone Restaurant Group, where a restaurant manager forced an employee to provide him with access to an online forum created on MySpace in which restaurant employees would vent about their employer. A jury found that the restaurant manager violated the Act because he was not authorized to enter the site and had only gained access through coercion. The jury awarded back pay and punitive damages.

Second, and more fundamentally, why bother? If a job applicant posts questionable material online such that anyone can view it, then -- content aside -- he/she displays bad judgment.  Conversely, restricting public access to online content --good or bad -- shows that the candidate can keep his/her personal life personal. And there is something to be said about an employee who know how to keep his/her personal life out of the workplace.

How many questions do you ask in a job interview about a candidate's personal life? Exactly. Generally, employers do not require applicants to pull skeletons out of the closet. Why should the standard be any different for online behavior? It shouldn't.

I am not suggesting that employers should forget about background checks or other related due diligence as part of the hiring process. Generally, however, employers should not force candidates to share online usernames and passwords.