Don't Bother Asking for Facebook Passwords

Workplace water coolers are abuzz with recent reports of employers requiring employees or applicants to provide logon information for their social media sites. The ACLU has taken a stand against the practice, and employees and applicants alike seem horrified at the possibility of being required to turn over Facebook passwords as a condition of employment. State and local legislators have also taken notice, proposing a flurry of legislation aimed at curtailing the practice. And employers are now questioning whether they should continue asking for access or give up the potential information goldmine that the sites have to offer.

The uproar began with an Associated Press report, reprinted in newspapers throughout the country, about employers asking applicants to “friend” a hiring manager or to log on to their Facebook account during an interview. See Manuel Valdes and Shannon McFarland, Employers Ask Job Seekers for Facebook Passwords, Assoc. Press, Mar. 20, 2012.

Days later, Facebook responded to the report with a strongly worded statement condemning employers for requesting Facebook passwords because:

[a]s a user, you shouldn”t be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn”t have to worry that your private information or communications will be revealed to someone you don”t know and didn”t intend to share with just because that user is looking for a job.

Protecting Your Passwords and Your Privacy, www.facebook.com/notes/facebook-and-privacy/protecting-your-passwords-and-your-privacy/326598317390057 (Mar. 23, 2012).

Lawmakers Respond

State and federal legislators quickly picked up the issue. In fact, Maryland became the first state to pass a bill that would prohibit an employer from requesting or requiring login information for “a personal account of service through certain electronic communications devices,” and would prohibit an employer from disciplining a current employee or failing to hire a prospective employee for refusing to provide the information. Maryland H. B. 964; Maryland S.B. 433. At press time, that bill was awaiting the governor”s signature.

Many other states are considering similar legislation. For example, a Democratic State Senator introduced California Senate Bill 1349, which would prohibit employers and colleges from requiring or requesting social media passwords, because “[a]bsent SB 1349, Californians could be subject to egregious intrusions into their personal lives or unfairly risk unemployment and denial into their desired university.” Statement of California Senator Leland Yee (Mar. 28, 2012).

The Illinois House recently passed a similar bill, Illinois H.B. 3782, and co-sponsor Republican State Senator Mike Fortner issued a press release stating:

We need to keep separate what employees and potential employees do on their own time, off company hours. Employers have the right to control how their equipment is used and can view public information like anyone else. But there is not a need for personal information on a social networking site that doesn”t interfere with their workplace.

Press Release, Fortner Supports Facebook Privacy Law (Mar. 29, 2012).

A Republican Michigan State Representative who introduced similar legislation did so because “[p]eople have the right to share certain parts of their lives with the public, while sharing other parts with only friends and family. Why should privacy barriers be eliminated due to technological advancements? They shouldn”t.” Statement of Aric Nesbitt (Mar. 28, 2012); Michigan H.B. 5523. And state legislators across the country have introduced similar bills for similar reasons. See Massachusetts H.D. 4323, Minnesota, H.F. 2963, Minnesota H.F. 2982, Missouri H.B. 2060, New York S.B. 6983, South Carolina H.B. 5105, Washington S.B. 6637.

In the National Arena

On the national stage, Rep. Ed Perlmutter (D-CO) proposed an amendment to the Federal Communications Commission Process Reform Act of 2012 to prohibit employers from forcing applicants or employees to disclose passwords. The amendment lost by a vote of 236 to 184, with only one Republican voting in favor of it. Democratic Senators Richard Blumenthal of Connecticut and Charles Schumer of New York have asked the EEOC and the Department of Justice (DOJ) to investigate whether federal law already prohibits the practice. In a press release, Senator Schumer made a bold statement that:

[e]mployers have no right to ask job applicants for their house keys or to read their diaries ” why should they be able to ask them for their Facebook passwords and gain unwarranted access to a trove of private information about what we like, what messages we send to people, or who we are friends with?

Press Release, Employer Demands for Facebook and Email Passwords As Precondition For Job Interviews May Be A Violation Of Federal Law (Mar. 26, 2012).

What Should Employers Do?

Meanwhile, employers engage in social media research because many employees and applicants post relevant information regarding their educational background and work history, and sometimes are more truthful on social media than on their employment applications. Social media sites may also contain relevant information not available through traditional screening tools, like criminal background checks or reference checks.

Nevertheless, and putting aside the possibility of violating new legislation banning the practice, seeking information from social media is risky for employers in the same way that asking questions regarding protected characteristics, such as religion or national origin, is risky. Employers are generally discouraged from asking questions regarding protected characteristics because a rejected applicant or terminated employee may believe that he or she suffered adverse action because of the protected characteristic ” a belief, which may be unfounded, that could spawn a lawsuit.

Similarly, gathering applicant or employee information from a social media site could result in an employer inadvertently obtaining details relating to an applicant”s or employee”s protected characteristic. For example, if a female applicant in the early (and generally less visible) stage of pregnancy posted information regarding her pregnancy on Facebook and a prospective employer saw the information and decided not to hire her, she now has ammunition for a discrimination-in-hiring claim on the basis of pregnancy. Likewise, if an employee discloses his Twitter password and, as a result, the employer sees a “tweet” that the employee is participating in a fundraiser for the Muscular Dystrophy Association because his son has the genetic disorder, following a later termination, the employee may claim that the employer discriminated against him on the basis of genetic information in violation of the Genetic Information Nondiscrimination Act. By trolling social media sites, employers may also find information related to union membership or activity, disability, age, veteran status, or any number of other protected characteristics, which could later be the basis of a legal claim.

Conclusion

Given all of the above, the benefits of requiring social media passwords simply do not outweigh the risks. First, legislation banning requirements that employees or applicants provide logon information for their social media sites is on the horizon nationwide. Second, employers could open the door to legal claims by uncovering information related to protected characteristics. And, finally, there is another, often overlooked, risk: Employers that request social media logon information may offend, and thus lose, good employees or top-quality applicants who oppose the practice on principle (as opposed to having something to hide). For these reasons, employers would be wise to limit their social media research to professional and public websites like LinkedIn, and avoid the potential pitfalls of asking for access to password-protected social media sites like Facebook or Twitter.

Anna Hickman is an attorney in the Labor and Employment group of Nilan Johnson Lewis PA in Minneapolis. She can be reached at 612-305-7672 or [email protected].

”

Workplace water coolers are abuzz with recent reports of employers requiring employees or applicants to provide logon information for their social media sites. The ACLU has taken a stand against the practice, and employees and applicants alike seem horrified at the possibility of being required to turn over Facebook passwords as a condition of employment. State and local legislators have also taken notice, proposing a flurry of legislation aimed at curtailing the practice. And employers are now questioning whether they should continue asking for access or give up the potential information goldmine that the sites have to offer.

The uproar began with an Associated Press report, reprinted in newspapers throughout the country, about employers asking applicants to “friend” a hiring manager or to log on to their Facebook account during an interview. See Manuel Valdes and Shannon McFarland, Employers Ask Job Seekers for Facebook Passwords, Assoc. Press, Mar. 20, 2012.

Days later, Facebook responded to the report with a strongly worded statement condemning employers for requesting Facebook passwords because:

[a]s a user, you shouldn”t be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn”t have to worry that your private information or communications will be revealed to someone you don”t know and didn”t intend to share with just because that user is looking for a job.

Protecting Your Passwords and Your Privacy, www.facebook.com/notes/facebook-and-privacy/protecting-your-passwords-and-your-privacy/326598317390057 (Mar. 23, 2012).

Lawmakers Respond

State and federal legislators quickly picked up the issue. In fact, Maryland became the first state to pass a bill that would prohibit an employer from requesting or requiring login information for “a personal account of service through certain electronic communications devices,” and would prohibit an employer from disciplining a current employee or failing to hire a prospective employee for refusing to provide the information. Maryland H. B. 964; Maryland S.B. 433. At press time, that bill was awaiting the governor”s signature.

Many other states are considering similar legislation. For example, a Democratic State Senator introduced California Senate Bill 1349, which would prohibit employers and colleges from requiring or requesting social media passwords, because “[a]bsent SB 1349, Californians could be subject to egregious intrusions into their personal lives or unfairly risk unemployment and denial into their desired university.” Statement of California Senator Leland Yee (Mar. 28, 2012).

The Illinois House recently passed a similar bill, Illinois H.B. 3782, and co-sponsor Republican State Senator Mike Fortner issued a press release stating:

We need to keep separate what employees and potential employees do on their own time, off company hours. Employers have the right to control how their equipment is used and can view public information like anyone else. But there is not a need for personal information on a social networking site that doesn”t interfere with their workplace.

Press Release, Fortner Supports Facebook Privacy Law (Mar. 29, 2012).

A Republican Michigan State Representative who introduced similar legislation did so because “[p]eople have the right to share certain parts of their lives with the public, while sharing other parts with only friends and family. Why should privacy barriers be eliminated due to technological advancements? They shouldn”t.” Statement of Aric Nesbitt (Mar. 28, 2012); Michigan H.B. 5523. And state legislators across the country have introduced similar bills for similar reasons. See Massachusetts H.D. 4323, Minnesota, H.F. 2963, Minnesota H.F. 2982, Missouri H.B. 2060, New York S.B. 6983, South Carolina H.B. 5105, Washington S.B. 6637.

In the National Arena

On the national stage, Rep. Ed Perlmutter (D-CO) proposed an amendment to the Federal Communications Commission Process Reform Act of 2012 to prohibit employers from forcing applicants or employees to disclose passwords. The amendment lost by a vote of 236 to 184, with only one Republican voting in favor of it. Democratic Senators Richard Blumenthal of Connecticut and Charles Schumer of New York have asked the EEOC and the Department of Justice (DOJ) to investigate whether federal law already prohibits the practice. In a press release, Senator Schumer made a bold statement that:

[e]mployers have no right to ask job applicants for their house keys or to read their diaries ” why should they be able to ask them for their Facebook passwords and gain unwarranted access to a trove of private information about what we like, what messages we send to people, or who we are friends with?

Press Release, Employer Demands for Facebook and Email Passwords As Precondition For Job Interviews May Be A Violation Of Federal Law (Mar. 26, 2012).

What Should Employers Do?

Meanwhile, employers engage in social media research because many employees and applicants post relevant information regarding their educational background and work history, and sometimes are more truthful on social media than on their employment applications. Social media sites may also contain relevant information not available through traditional screening tools, like criminal background checks or reference checks.

Nevertheless, and putting aside the possibility of violating new legislation banning the practice, seeking information from social media is risky for employers in the same way that asking questions regarding protected characteristics, such as religion or national origin, is risky. Employers are generally discouraged from asking questions regarding protected characteristics because a rejected applicant or terminated employee may believe that he or she suffered adverse action because of the protected characteristic ” a belief, which may be unfounded, that could spawn a lawsuit.

Similarly, gathering applicant or employee information from a social media site could result in an employer inadvertently obtaining details relating to an applicant”s or employee”s protected characteristic. For example, if a female applicant in the early (and generally less visible) stage of pregnancy posted information regarding her pregnancy on Facebook and a prospective employer saw the information and decided not to hire her, she now has ammunition for a discrimination-in-hiring claim on the basis of pregnancy. Likewise, if an employee discloses his Twitter password and, as a result, the employer sees a “tweet” that the employee is participating in a fundraiser for the Muscular Dystrophy Association because his son has the genetic disorder, following a later termination, the employee may claim that the employer discriminated against him on the basis of genetic information in violation of the Genetic Information Nondiscrimination Act. By trolling social media sites, employers may also find information related to union membership or activity, disability, age, veteran status, or any number of other protected characteristics, which could later be the basis of a legal claim.

Conclusion

Given all of the above, the benefits of requiring social media passwords simply do not outweigh the risks. First, legislation banning requirements that employees or applicants provide logon information for their social media sites is on the horizon nationwide. Second, employers could open the door to legal claims by uncovering information related to protected characteristics. And, finally, there is another, often overlooked, risk: Employers that request social media logon information may offend, and thus lose, good employees or top-quality applicants who oppose the practice on principle (as opposed to having something to hide). For these reasons, employers would be wise to limit their social media research to professional and public websites like LinkedIn, and avoid the potential pitfalls of asking for access to password-protected social media sites like Facebook or Twitter.

Anna Hickman is an attorney in the Labor and Employment group of Nilan Johnson Lewis PA in Minneapolis. She can be reached at 612-305-7672 or [email protected].

”