According to press reports, a growing number of employers require job applicants to disclose their login information for Facebook or other social media accounts as a condition of employment. While this practice may very well fall on the wrong side of the law, lawyers and lawmakers are still in the process of establishing the framework for legal analysis and of spreading the word about the legal risks involved with demanding this type of private information from current employees and employee-applicants alike.
State and federal legislatures have been quick to respond to recent publicity concerning this controversial employment practice. A number of state bills are in or emerging from the pipeline (including bills in California, Illinois, Maryland, Massachusetts, Michigan, Minnesota, and New Jersey), all seeking to ban employers from requesting confidential login information as a condition of employment. At the federal level, Democratic Congressman Ed Perlmutter proposed amending the Federal Communications Commission Reform Act to specifically empower the Federal Communications Commission (FCC) to stop employers nationwide from asking current and prospective employees for access to this type of private information. While this proposed federal amendment was rejected in the U.S. House of Representatives, the state bills appear to be gaining momentum, with Maryland being the first state to pass a bill into law preventing employers from requesting login information to social media accounts.
Even without specific laws in place prohibiting it, employers nationwide could find themselves liable under a variety of different legal theories for requiring access to private login information. Among these potential theories of liability are common law invasion of privacy, violation of state constitutional rights to privacy, interference with employee rights to engage in protected, concerted activity under the National Labor Relations Act, discrimination on the basis of protected characteristics which an employer may learn about through accessing employee social media, and, for public employees, violation of the Fourth Amendment right to be free from unreasonable searches and seizures. In addition to considering the risk of liability under these and other legal theories, employers should also consider the statement issued by Facebook’s Chief Privacy Officer, Erin Egan, who warned that sharing or soliciting Facebook passwords is a violation of the company’s Statement of Rights and Responsibilities and that Facebook will “take action to protect the privacy and security of [its] users, whether by engaging policymakers or, where appropriate, by initiating legal action, including by shutting down applications that abuse their privileges.”
Beyond the legal concerns in connection with requesting private login information from current and prospective employees, as this issue continues to get attention in the press, employers should consider the practical implications, such as effect on company reputation, before engaging in this type of employment practice.