Though Not Yet Banned, Requiring Social Media Information Is a Bad Idea
Posted: March 30, 2012
A recent spike in interest by the media, advocacy groups, legislators and the general public has refocused attention on the issue. Although it may not be unlawful to seek the information to conduct background checks, deter and investigate harassment of coworkers, and discourage employees from posting online content that disparages the employer's products or services, in most situations, it is inadvisable.
The efforts of law enforcement agencies to obtain social media login information to supplement background checks on prospective recruits have received the most notoriety. Since 2006, the sheriff's office of McLean County, Illinois (like several others in the state) has requested login information from applicants to weed out those who have posted inappropriate pictures, had inappropriate relationships with people who are underage or engaged in other illegal behavior.
Social media vendors have expressed outrage over employers requiring users to produce their login information. On March 23, Facebook issued a statement on its blog condemning the practice. The company now prohibits users from soliciting login information, accessing accounts belonging to someone else, sharing passwords, and otherwise jeopardizing the security of their accounts. Although initially stating that it would "take action to protect the privacy and security of our users . . . by initiating legal action," Facebook later clarified that it had no "immediate plans to take legal action against any specific employers."
At this point, few courts have issued decisions that provide any guidance about the legality of seeking social media login information from employees or prospective employees. In a 2009 case (here), a federal trial court in New Jersey awarded in favor of the plaintiffs against Hillstone Restauraunt Group. The plaintiffs brought a civil suit against the restaurant, claiming (among other things) that the managers had violated the Stored Communications Act (SCA). To prevail on the SCA claim, the plaintiffs were required to prove that the managers "knowingly, intentionally or purposefully" accessed a MySpace chat group without authorization.
The New Jersey decision, however, may have limited impact. First, it is not binding on any other state or federal courts. Second, the court did not address whether the law required it to apply an objective standard — whether or not a reasonable person would believe she had provided authorization to the employer to access the chat group frequented by the plaintiffs. Instead, the court's decision on the SCA hinges on a single, subjective statement by one employee-witness. A different court might well apply an objective test and reach a different result. Third, if, as in this case, a subjective belief that an adverse action by the employer might occur is enough to demonstrate coercion or duress by an employer, authorization requirements in other areas of law might come under fire as well.
Moreover, U.S. Senator Richard Blumenthal (D-CT) has stated that he is planning to offer federal legislation to prohibit the practice. He and Charles Schumer (D-NY) have asked the U.S. Department of Justice and the Equal Employment Opportunity Commission to launch investigations as to whether employers asking for Facebook passwords during job interviews are violating federal law.
The states are further along in their legislative efforts to regulate employers' collection and use of login information regarding social media sites. In Illinois, a pending bill would prohibit employers from asking current or prospective employees to provide login information to gain access to their accounts or profiles on a social media site. The bill would allow job-seekers to file lawsuits if asked for access to sites like Facebook, but bosses could still ask for usernames that would allow them to view public information on the sites. Critics are concerned that a provision allowing employers to maintain lawful workplace policies regarding electronic equipment and investigating suspected unlawful or improper activity may undercut the desired protections of worker privacy. The bill is now on hold pending revision.
Want to know more? Read the full article by Chris Leh at Littler Mendelson