Relax! Businesses don't want employee Facebook passwords.

March 26, 2012
By Eric B. Meyer on March 26, 2012 7:00 AM | | Comments

Chicken LittleBut, if you think they do -- maybe you read this article last week -- then I have a bridge in Brooklyn to sell you, sucker.

Come on! The sky isn't falling. Demanding social media access from employees and potential hires and is most definitely the exception and not the rule. And I'll set the record straight on this bad business practice after the jump...

* * *


For starters, this is old news and only involves a scant few employers.

This whole mishegas was rekindled last week when the AP published this story, entitled "Job seekers getting asked for Facebook passwords". (I know this because about ten readers of this blog forwarded it to me). I say "rekindled" because the AP article discussed two notorious, but dated, instances in which employers -- the City of Bozeman and the MD Department of Corrections -- made the mistake of requesting social media logins and passwords as a condition of employment. Hey, whattaya know, I scooped the AP by writing about the same two employers over a year ago! More on that in a bit.

Unfortunately, not only does the AP article contain several dated horror stories that jumped the shark long before Kris Humphries popped the queston to Kim Kardashian (remember that?), it sensationalizes how businesses spy on employees and job candidates:

In their efforts to vet applicants, some companies and government agencies are going beyond merely glancing at a person's social networking profiles and instead asking to log in as the user to have a look around....Since the rise of social networking, it has become common for managers to review publically [sic] available Facebook profiles, Twitter accounts and other sites to learn more about job candidates. But many users, especially on Facebook, have their profiles set to private, making them available only to selected people or certain networks.
Companies that don't ask for passwords have taken other steps -- such as asking applicants to friend human resource managers or to log in to a company computer during an interview...

Not sure the source for these "statistics".  What I can tell you is that when I presented "Social Media for HR: Practical Guidance from a Generation Y Attorney" a few weeks ago to a packed house of HR professionals at the SHRM 2012 Employment Law and Legislative Conference in Washington, DC, no one in the room -- not a single person -- admitted to requiring job applicants to turn over private social media information, including logins and passwords. Most rolled their eyes or laughed at this "practice". (Maybe 10% acknowledged accessing publicly available social media content, which is legal, to conduct background checks on potential hires).

You know why employers don't demand passwords? It may not be legal.

As I wrote here last year, the Stored Communications Act makes it illegal for a person or entity to intentionally access electronically-stored communications without authorization. In the hiring context, conditioning a job offer on a candidate having to hand over the keys to a social media account may be viewed as coercive; akin to access without authorization. Indeed, Facebook's Chief Privacy Officer, Erin Egan, issued a statement last week in which Facebook threatened to take action against employers that demand that employees provide access to private portions of their Facebook accounts:

Facebook takes your privacy seriously. We'll take action to protect the privacy and security of our users, whether by engaging policymakers or, where appropriate, by initiating legal action, including by shutting down applications that abuse their privileges.

Although the statement doesn't specifically mention which law(s) Facebook would avail itself in coming after employers, in the past, Facebook has relied upon the Computer Fraud and Abuse Act (h/t Trading Secrets). And I imagine that the Stored Communications Act would another be weapon in the Facebook arsenal. Just ask the ACLU, who previously brandished the Stored Communications Act in a cease and desist letter to the Maryland Department of Corrections. It should come as no surprise then that the ACLU praised Facebook for speaking out against forcing job candidates to divulge private information.

As if the spectre of Facebook suing weren't bad enough, employers who demand that job candidates and employees reveal online passwords, may have new federal legislation with which to deal. Last Wednesday, Tony Romm at Politico reported that Senator Richard Blumenthal (D-CT) may draft legislation that would ban employers from asking job seekers for access to their private Facebook accounts. Here is the Senator speaking to Bloomberg about it. Yesterday, Michelle Myers at CNET reported here that Blumenthal and Sen Charles Schumer (D-NY) asked the Department of Justice and the Equal Employment Opportunity Commission to investigate what they call a "new disturbing trend" of prospective employers demanding job applicants to turn over their user names and passwords for their social networks.

New disturbing trend, huh...

Putting aside the legalities of demanding access, why would employers bother?

That's the question I raised last year when I opined that demanding access to a candidate's password-protected online information completely undermines an early opportunity to build a long-term trusting working relationship with a new hire:

If a job applicant posts questionable material online such that anyone can view it, then -- content aside -- he/she displays bad judgment. Conversely, restricting public access to online content --good or bad -- shows that the candidate can keep his/her personal life personal. And there is something to be said about an employee who know how to keep his/her personal life out of the workplace.
How many questions do you ask in a job interview about a candidate's personal life? Exactly. Generally, employers do not require applicants to pull skeletons out of the closet. Why should the standard be any different for online behavior? It shouldn't.

Jason Shinn at the Michigan Employment Law Advisor agrees:

First, it is hard to dispute that some minimal level of privacy should be afforded by an employer to an employee or job applicant. Certainly there may be circumstances where this respect needs to give way to a competing and compelling interest. But absent such circumstances, what is the need to peruse a person's private Facebook profile?

It should then come as no surprise that a big reason why employers don't conduct social-media background checks of potential hires -- let alone demand access to privacy-filtered information -- is that few care about employees' private lives insofar as employees check their outside issues and problems at the door when they come to work.

But, if you are one of the few employers, which does demand that employees and potential hires provide you with full access to their social media content, unless you have a damn good reason -- I dunno, maybe you operate the Secret Service -- you may want to consider discontinuing that practice pronto.

The rest of you -- the vast majority of you -- should take this whole forcing employees to turn over passwords to their social networks as what it really is: a non-story.