Employers Cross Line by Asking for Facebook Usernames and Passwords
The latest attack at online privacy comes in its most direct form yet: employers are now apparently asking job seeking applicants for their Facebook login in information. Last week the Associated Press reported that some private and public employers were asking applicants for their social media credentials in order to learn information not revealed by job applications or resumes. The practice is not only ethically offensive, it may also be illegal.
Before they began asking for log in information flat out, employers have long researched the backgrounds of potential job candidates by conducting simple searches for public information on internet search engines. Social Intelligence Corporation, for example, specializes in “credit checks” of job applicants’ social media activity by combing the internet and gathering publicly shared information for an employer’s review. A 2010 survey done by Microsoft Research revealed that 70% of employers have ruled out applicants based on public information they found online. Becoming aware of these practices, social media users started heightening their privacy settings, excluding access to their private information, posts, photos, and other details to the public. Not to be outdone, some employers have now simply started asking for log in credentials.
Facebook, which often finds itself the subject of attack regarding privacy concerns, has sided with users on this issue, proclaiming that users “shouldn’t be forced to share  private information and communications just to get a job.” Erin Egan, Facebook’s Chief Privacy Officer, states that such requests are a violation of Facebook’s Statement of Rights and Responsibilities and that the requests could even lead to legal liability on the part of the employer.
Profiles provide a plethora of personal information such as age, race, gender, sexual orientation, and religion. All these details are protected by federal employment law, which prohibits employers from asking questions about them during an interview. Allowing employers access to one’s Facebook profile therefore allows them access to information otherwise prohibited from consideration. It is this exposure to protected information that Facebook warns may make employers vulnerable to litigation. For example, if an employer discovered that an applicant was a member of a protected group and refused to hire that employee for those reasons, the employer may be subject to discrimination claims.
Additionally, the practice may violate federal statutes relating to unauthorized access to computers and electronically stored information. The Stored Communications Act (SCA) and the Consumer Fraud and Abuse Act (CFAA) “prohibit intentional access to electronic information without authorization, and prohibit intentional access to a computer, without authorization, to obtain information,” respectively. Congress has now become involved to ensure that requesting Facebook credentials does not violate these Acts. Although applicants would appear to be providing their log in information “voluntarily,” Senators Chuck Schumer and Richard Blumenthal have questioned whether the practice is unduly coercive and therefore considered unauthorized access. The two senators are calling for investigations by the Justice Department and the Equal Employment Opportunity Commission and plan to file a bill that would fill in any gaps not covered by current law.
State governments are also taking action. California Democratic Sen. Leland Yee introduced a bill that would prohibit employers from asking job applicants and current employees for their social media log in information. The state bill would also prohibit employers’ from requiring access to social media content, thereby barring requests for printouts of that content.
Social media has entwined itself with how we identify ourselves to our friends, family, and colleagues. It has helped us reach out to larger audiences and express our thoughts on politics, pop culture, or simply mundane life happenings. But it has also created an unchartered reality in which laws about online privacy are developing at a much slower pace than social media itself. Our online lives are so filled with personal information that internet commentators have analogized giving your Facebook username and password to an employer is effectively the same as handing over your keys to your home, and allowing the employer to rifle through your diary, letters, and photographs. Clearly, one would never allow an employer to have open access to one’s home and private life; it should be no different for digital information.
If you believe that your privacy has been violated, whether by a potential employer or others, please contact Khorrami, LLP for more information.