Can your boss ask for access to your social media accounts? #SoMe
There have been a few instances in the news recently where employers are asking for access to an employee’s social media account, specifically the password for a Facebook account.
The conversation started recently when the Baltimore Sun, among others, reported that a “corrections officer [prison warden] from Baltimore says he was required to provide his Facebook password when he reapplied for his former job and had to watch as his personal page and its postings were perused by an investigator.”
Not exactly the usual request any one of us would think of having made of us when we’re reapplying for our post but, as Rhonda Callow questions in her blog post Should your employer be able to ask for your Facebook password?;
“The Department of Public Safety and Correctional Services claimed that the practice was simply intended to help identify applicants with criminal affiliations or connections.”
Indeed, many would agree this is an honest request made with honest intentions … especially in light of the story I found last year, when preparing for my safety in Social Media, of the prison warden who was fired because he was found to have ‘inappropriate” friendships on Facebook, “associating with serving and former prisoners, outside the course of his employment and without authority”.
Rhonda comments on the latest story by saying that the problem is that …
“… in most countries, Canada included, legislation has failed to keep pace with technology. We have rules that prevent potential employers from asking questions that would enable them to discriminate on grounds of race, religion, etc., etc., but there is absolutely nothing to prevent them from asking to peek at our social media accounts. And, in my opinion, it’s very clearly something that employers should not be able to do. Sure, you could refuse to comply with the request. The risk, however, is that it could result in you being perceived as uncooperative or – worse – as having something to hide.”
While we may not have anything to hide, why should we feel bad or even guilty about refusing this request? There are many commentaries being made on the subject, on blogs and in the national/international media, here are a few of the ‘choice’ quotes more directed at the morality/legality of the request, and whether we should hand over the ‘key’ to our accounts:
“Should employers Google the names of prospective employees and perhaps check out their public Facebook and Twitter profiles? For many white collar jobs, I think that’s reasonable. But accessing private information seems out of bounds.”
Want A Job: Give Us Your Facebook Password – Outside the Beltaway“No matter what job someone is applying for, you don’t need the potential or actual employee’s social network log in details in order to do background checks that would satisfy such investigation. I can see no right for any organization to require login access to someone’s Facebook account a prerequisite for employment.”
Should your employer have access to your Facebook account? – Neville Hobson
Back in 2009, this question was already raising its ugly head, as the CNN SciTechBlog post Want a job? Hand over your Facebook password reveals:
“That’s what’s happened to applicants for jobs with the city of Bozeman, Montana, who were surprised to discover they needed more than a work history and references. Please list any and all, current personal or business websites, web pages or memberships on any Internet-based chat rooms, social clubs or forums, to include, but not limited to: Facebook, Google, Yahoo, YouTube.com, MySpace, etc.,” reads a background-check waiver form that applicants had to sign. (There’s no mention of Twitter.) The form then contains three lines where applicants are to list their logins and passwords.”
In the above example, the public backlash “led city officials to reconsider. After a closed-door meeting Friday, Bozeman officials suspended the practice, according to several Montana media outlets – who first announced the news on Twitter.”
So, another question, and this one is for all you lawyers out there … what do you do if your employer asks for these details? Are you duty-bound to hand them over, or can you politely say “I would be happy to assist you but I need to clarify/quantify/check the legality of the request before I let you have them?” Anyone, please?
While we’re on the subject … what about parents who want to look after their children online? is it ‘right’ for them to snoop or even steal passwords in order to monitor their Facebook or other social network websites? According to the New Jersey Police Chief (as reported on Gizmodo website) we should be using ‘keystroke-recording software on their computers so you can figure out their Facebook password. Then you can presumably snoop and poke around as much as you want. He claims that the software is very easy to install and that “your children don’t know it’s there””.’
I think that this will come back and bite a few parents in the end, right about when the teenager starts to rebel against anything they can find .. and you’ve just given them a really really good excuse for them to not trust you.
Do you have any stories about being asked for your login details by an employer or potential employer? If so, please reply below (anonymously if you like?).
In the UK, the Computer Misuse Act 1990 makes it an offence to use a computer to gain access to material you are not authorised to use. Using someone else’s username and password comes under that, although the user could give permission for a specific purpose. However, as it is against Facebook T&Cs to provide someone else with your username and password, it would seem to me that even with the individual’s permission to use their credentials, any subsequent access would be in contravention of the Act (as it is not authorised by the service provider).
In addition to that, it is unlikely that the potential employer has registered under the DPA to use social media in this way – and let’s not forget that a Facebook account is quite likely to have not only personally identifying information, but also sensitive (under the DPA definition) information. The Information Commissioners website makes it clear that just viewing resources online constitutes use (a.k.a. processing), and therefore comes under the DPA. Employers should be careful – someone, sometime, is going to bother to take this sort of thing to court and if they argue their case with any level of care they will win.
Thank for this Pat, very useful and informative. Let’s hope this isn’t the start of something,
All the best, David
To me asking for access to the private information that can only be accessed by being given a password seems the equivalent of asking for your voicemail password, or screening your calls. How would we react if we were asked to provide a Royal Mail authorisation for email to be forwarded for screening? I’m relieved to hear that this behaviour would seem to be outside the law, but alarmed it has happened at all.
Another twist in the topic of handing over your password to your current or prospective employer is the legal implications – not necessarily the implications of the Facebook T&Cs, for example, but the legality of prejudice in the type of candidates that are considered for the position. The post on the CNN Money website “Checking out job applicants on Facebook? Better ask a lawyer” (http://management.fortune.cnn.com/2011/03/02/checking-out-job-applicants-on-facebook-better-ask-a-lawyer/) has some good advice for someone looking for candidates online, but is also good knowledge for those who are looking for positions that way;
Here are some good quotes for you, but it’s worth a read anyway:
“Another legal risk you take when you check someone out online: You may discover information that you wouldn’t be allowed to ask about in a job interview.”
“For instance, what if you look up an applicant on Facebook and find out that she belongs to half a dozen groups for expectant mothers? Not all the personal information available on social media sites is relevant to job performance, or is within the bounds of what employers can legally use as a basis for hiring decisions.”
The subject continues to grow …
I recently had my teenage daughters high school advising parents that they should have their childrens social networking passwords; you can imagine her reaction when I told her!
Nayomie – I’ve also heard of this kind of practice, and the link in my original post above (to the Gizmodo article) has a Police Chief saying parents should spy on their kids. Now, I know my two boys are both under the age of 2, so I’ve a way to go before I experience this first-hand, but I don’t think they’ll apreciate me spying on them right about the time I’m saying I want to trust them and give them their own space?
Thanks for the comment.
All the best, David
Here are just a few of my saved bookmarks on this issue:
http://www.multiurl.com/l/4Rx
Thanks for this excellent resource!
All the best, David
I would NEVER give my FB or Twitter passwork to my employer. I’d rather find a new job!
If you think bosses requesting access to your social networking sites wait until I tell you what happened to my friend this year. Recently, my friend was employeed by Meriwether Schools in Georgia. As part of their general higher practice they require your doctor to test you for veneral diseases and fill out a report and what diseases you have to be turned in to the school district personnel office……TRUE STORY!
Why in the heck do serving prisoners have access to the internet in the first place?