On Monday, April 9, 2012, Maryland became the first state in the US to officially ban employers from requesting access to the social media accounts of current employees and job applicants. This is the culmination of a controversial employee screening practice which involves employers getting potential candidates’ Facebook usernames and passwords to assess their suitability for hire. While many companies would like to take a close look at potential employees to ensure that they are not involved in any activity that would be harmful to the company and learn more about the person`s attitudes and preferences, accessing their personal social media accounts represents a boundary that many feel should be respected.
It’s become a common practice for certain employers to request their current and potential employees to hand over their Facebook login information. Sometimes, Facebook credentials are even a requirement to secure a job. Employers who do this believe that it’s a great way to research job candidates. However, the screening practice is generally limited to browsing their wall, photos and posts from an outsider perspective. Forcing employees to hand over passwords allows employers to view some of their most private online data, in which they can access information that the user had intended to control through privacy settings.
Observers have warned that this practice could raise problems for employers as well as their employees. Conducting an unrestrained search of someone’s Facebook account could reveal information previously unknown to the employer. If any of this information ends up causing the employer to choose not to hire a candidate, and the information happened to involve race, religion or sexual orientation, the employer might become involved in a serious discrimination lawsuit.
Maryland’s New Law
On April 9, 2012, Maryland’s General Assembly passed the bill prohibiting employers from asking current and prospective employees for their usernames and passwords to social media sites, including Facebook and Twitter. The bill was passed unanimously in the Senate and by a wide margin in the house. Lawmakers successfully reconciled the bills ahead of the end of the legislative session on April 9. It is currently awaiting signature from Governor Martin O’Malley, whose stance on the bill was still unclear.
This is the first bill of its kind in the country, bringing even more attention to the controversial practice. According to Melissa Goemann, legislative director of the American Civil Liberties Union of Maryland, “We just think this is a really positive development, because the technology for social media is expanding every year, and we think this sets a really good precedent for limiting how much your privacy can be exposed when you use these mediums.”
Maryland is not alone with their concerns about this privacy-invasive practice. Similar piece of legislation to Maryland’s new bill have been introduced in Illinois and California. In late March 2012, Richard Blumenthal (D-CT) announced he was drafting legislation to prohibit employers from demanding Facebook login information of prospective employees. He joined Chuck Schumer (D-NY) to request that the Department of Justice look into the potential illegality of the practice.
Blumenthal commented that he was “deeply troubled by the practices that seem to be spreading voraciously around the country,” and that the password requests are an “unreasonable invasion of privacy.”
Blumenthal’s proposed bill would not make it illegal to use information gained from public Facebook activity. This means that employers could still take a look at anything a regular Facebook browser could see. The bill just prohibits requesting for their employees’ passwords.
On its Passwords and Privacy blog, Facebook spoke out against the practice, deeming it both “distressing,” “alarming” and “potentially exposes the employer… to unanticipated legal liability.” The blog went on to establish that no one should be forced to share private information in order to get a job, and that the trend of soliciting employees’ passwords “undermines the privacy expectations and the security of both the user and the user’s friends.”
In recent months, incidents of employers requesting potential new hires’ social media usernames and passwords have made headlines and sparked outrage in the privacy rights community. The practice of accessing personal social media accounts gives employers insight into what their employees may be like and if they would be a good fit with the company, however, this also means that they can take a look at information that the individual may not want to be made private. The article discusses the practice, as well as Maryland’s bill prohibiting employers from doing so. The bill, passed April 9, 2012, was the first of its kind in the United States.
CIPP Exam Preparation
In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT) exam, as well as the Certification Foundation Course (Foundations), a privacy professional should be comfortable with topics related to this post, including:
- Social networking services (CIPP/IT; III.B.k.i.)
- Human resources – pre-employment (Foundations; II.B.d.iv.1.)