Are HR Departments Crossing The Line By Asking For Passwords?
This week, the Washington Post ran a story on an example of a potentially disturbing trend in Human Resources practices. They told the tale of Justin Bassett. Bassett was interviewing for a new job. In the course of the interview, he was asked for his Facebook password. Bassett refused to give it and even walked out on the interview, saying he did not want to work for a company that would ask for such personal information.
If Justin Bassett’s experience were an anomaly, a strange occurrence that most companies would not repeat, that would be one thing. But, it is becoming more and more common for employers to ask for such things. And, it doesn’t stop at Facebook passwords. Some employers are asking for Twitter and other social site passwords, as well as email passwords.
Do you think Justin Bassett was right to walk out? Tell us in the comments.
Employers Protect Themselves
It is not uncommon, and is almost expected nowadays, for employers to do comprehensive web searches on prospective employees. Companies want to know as much as they legally can find out about the people they are hiring. Is this person a habitual drunk? Does he have children? Does he have a tendency to bad-mouth his past employers publicly? Does he post potentially embarrassing material online?
Sometimes, a simple Facebook search will reveal a person’s profile, pictures, personal information, posts and comments. Especially with Facebook’s dizzying security and privacy policies and changes over the past few years, a person may not be aware of what they can hide and how. Combine that with Facebook’s incessant insistence that we “share” everything about ourselves so we can have a “better browsing experience”, and the possibility of embarrassing revelations gets almost unavoidable.
Employers who have not yet committed to hiring someone have free reign to reject their application for any legal reason, or no reason at all. They are under no obligation, generally, to explain themselves. So, any “hitches” their online search turns up could result in an application being summarily round-filed. It could be over political affiliation, lifestyle choices, friendships, opinions publicly stated, or any other reason. Employers don’t have to tell you why they “chose to go another direction”.
But, what if you’ve been careful? You’ve enabled privacy settings. You’ve insulated your Facebook and other accounts from public scrutiny. You Google yourself and run other checks regularly. Your public face is neat, even if your private life is wild. Is there some expectation that your life is your own? Can an employer rightly – or even legally – ask for your Facebook login and password so they can walk right through your meticulously set up barriers for privacy?
Justin Bassett thought not. And, he acted on his values in that case. He not only refused to grant access, but he withdrew his application and walked out. He was in that ideal position: to be able to evaluate his potential employer just as stringently as he was being evaluated. But, many people are not in a position to do that. They feel they must trade their opinions and values on such matters as privacy for a much-needed paycheck.
What do you think about an employee’s choice in such matters, when his paycheck depends on it? Tell us in the comments.
It’s A Hot Topic
The topic has come up a lot within the past few days. It has been a question that has been asked a lot on Twitter, resulting in such comments as these:
Forget the legalities, folks, if a potential employer asks for your Facebook password, you don’t want to work there. I promise.
If an employer asks for your Facebook password; it’s probably not a place you want to work at.
@TheTakeaway I would absolutely never give my Facebook password to an employer. We still have a right to privacy even in the information age
@mashable if my employer ever demanded my facebook password in order 2 keep my job, I wud give it to them, then promptly delete my account
Regarding that last comment, remember that Justin Bassett, the man who walked out of an interview when asked for his password, was talking with an interviewer who was looking his information up then and there. Having a chance to delete his Facebook account was not feasible.
What About The Law?
But, what about legality? For example, would there be any sort of possibility of discrimination accusation in challenging an employers ability to ask for such private information?
Federal Equal Employment Opportunity laws cover the following things, even in the job advertising, recruitment, testing and hiring stages:
An interesting question that could someday be addressed in court is whether an employer’s insistence on finding things that a prospective employee has deliberately hidden – by enabling full privacy on the Facebook account, for example – had revealed details about the employee that could be seen as basis for discrimination.
For example, what if an employer insisted on someone’s password, received it because the person felt they had no choice, but the search then showed that the person had an otherwise undisclosed disability, religious affiliation or racial heritage?
A Hypothetical Employer Nightmare
Mark has applied for a position with XYZ, Inc. He is well-qualified, educated, experienced and otherwise suited for the job. He tests well, has a fantastic résumé, loads of references and a great portfolio. His first interview with the company went well and he has received positive signs.
During the course of one of Mark’s interviews, the interviewer asks for his Facebook password. Mark has been careful. He has enabled privacy settings and is actually only Facebook friends with about a dozen people, all very close friends.
Mark does not like being asked for his password, but he really needs this job. So, he gives it. The interviewer opens Mark’s account. It becomes quickly apparent from Mark’s Facebook timeline that he is a Mormon and has epilepsy. This is not information that any employer would have ever asked for on an application or in an interview. But, Mark had revealed it to his closest friends in a closed forum where he had an expectation of privacy.
If Mark is denied the job, could he argue that he was discriminated against? Could he win? Would an employer want to put themselves in a situation where they were privy to that information? Or, would an employer figure that Mark’s agreeing to provide his password must mean that he was willing to reveal such information? After all, he could have said “No”.
What if the interviewer’s search had revealed the result of some medical test, perhaps in a private message or email? HIPAA laws do not apply to employers. But if that medical information revealed some disability, what sort of issues could that raise?
Is there a standard for expectation of privacy, especially regarding things that an employee does not do on company computers or on the clock?
Orin Kerr is a George Washington University law professor and former federal prosecutor. He calls asking for access to private information “an egregious privacy violation”. He adds, “It’s akin to requiring someone’s house keys.”
Some employers have adapted their policies. Now, rather than asking for an interviewee or employee to proved their password, they simply ask them to log in on a computer so they can then view the profile. But, that is still ruffling feathers.
Do you think it matters whether your password is requested or you are simply asked to log in? Let us know your thoughts.
The American Civil Liberties Union is now weighing in on this issue. ACLU attorney Catherine Crump said:
“It’s an invasion of privacy for private employers to insist on looking at people’s private Facebook pages as a condition of employment or consideration in an application process. People are entitled to their private lives. You’d be appalled if your employer insisted on opening up your postal mail to see if there was anything of interest inside. It’s equally out of bounds for an employer to go on a fishing expedition through a person’s private social media account.”
Robert Collins is another person who has faced this practice. Collins was a security guard with the Maryland Department of Public Safety and Correctional Services. He took a leave of absence following the death of a family member. Upon his return, he was asked to submit to a reinstatement interview. The agency asked for his Facebook username and password in order to “check for gang affiliations”. Collins complied because, as he said, “I needed my job to feed my family.”
After the ACLU filed a complaint, the Maryland agency amended its policy to simply ask employees to log in, rather than provide their password. But, the ACLU in Maryland is pushing for a Social Media Privacy Bill. The proposal is called House Bill 964 and “would prohibit employers from requiring or requesting employees or applicants to disclose their user names or passwords to Internet sites and Web-based accounts as a condition of employment.”
The question that is most being asked about all this is: Can they do that, legally? Perhaps another that should be asked is: Would an employer want to, given the potential discrimination accusations it could expose them to – even if that accusation is ultimately unsuccessful? Asking for Facebook passwords could lead to some disturbing consequences for both the employer and the employee.