Last week Facebook issued a statement stating that they have seen an increasing number of employers attempting to force their way onto employees' Facebook accounts by demanding employees turn over their passwords as a condition of employment. The company's Chief Privacy Officer, Erin Egan, issued the statement:
In recent months, we've seen a distressing increase in reports of employers or others seeking to gain inappropriate access to people's Facebook profiles or private information. This practice undermines the privacy expectations and the security of both the user and the user's friends. It also potentially exposes the employer who seeks this access to unanticipated legal liability.
The most alarming of these practices is the reported incidences of employers asking prospective or actual employees to reveal their passwords. If you are a Facebook user, you should never have to share your password, let anyone access your account, or do anything that might jeopardize the security of your account or violate the privacy of your friends. We have worked really hard at Facebook to give you the tools to control who sees your information.
Heavy handed tactics like this by employers put employees in a difficult position. Complying with an employer's request to turn over his or her password violates Facebook's terms of service and opens up their private communications to any number of company personnel unknown to them. Failure to do so likely means they will not get the job they are applying for or may lose their current job. Currently such activity by employers is likely legal in most states...at least for now.
Connecticut Sen. Richard Blumenthal announced last week that he's going to propose legislation to ban employers from requesting access to Facebook accounts as a term of employment.
I think this is really just the tip of the iceberg. Get ready to hear some version of this story every week or so for the next 10 years. We are all feeling our way through this brave new world of social media and personal privacy. Frankly, it is a little fuzzy to know exactly where the lines are or will be or should be.
That being said, I think it is a pretty creepy and inappropriate overreach for employers to force employees to give up any normal amount of online privacy in order to get a job. This is a bad idea for many reasons. First, it makes the employer look like a heavy-handed thug. Secondly, it could be argued that the employer is now on notice or constructive notice of everything on every employees' Facebook page. Couple of possible examples:
- What if a female employee posts something on her Facebook page indicating that she is having trouble with her boss and his wandering hands only to be fired the following week? She files a lawsuit for harassment and retaliation, arguing that while she never complained to HR the company surely knew of the conduct of her boss because they have full access to her Facebook account; or
- What if an employee who goes off the deep end commits violence in the workplace posted something the month before on his or her Facebook account that arguably should have been a warning that such conduct was likely? Might the company now be held liable for having had access to such information but never acting on it to protect its employees?
Being in possession of all employees' Facebook data puts a company in the position of having to argue and prove that it really didn't know what was posted and that it didn't have a duty to know. This is not someplace an employer should want to put themselves voluntarily. There is a saying that with great power comes great responsibility. Employers might do well to consider their responsibility if they choose to exercise this much power over the private information of employees.