A recent syndicated article has been circulating, which addresses the practice of employers requesting prospective hires provide their Facebook user name and password, during the initial interview process. The article is captioned "Can Employers Legally Ask You for Your Facebook Password When You Apply for a Job?" Why Congress and the States Should Prohibit This Practice. "As the title indicates, this article concerns what legal steps are being taken and can be taken to address this questionable employment hiring practice. However, missing from that article is the more practical and exigent side of the problem, which is the quandary facing the job seeker, when asked for this private information.
From the standpoint of both an employer and an employment law attorney, I will attempt to briefly tackle this question. The question is – until there are actual laws put in place to prevent the practice of an employer requesting an interviewee's Facebook log-in information, what can you do to protect the privacy of your Facebook during your hunt for a new job?
Is My Facebook Information Private?
Yes and No. Let me explain ….
First, keep it clean! Always be mindful that Facebook is constantly (it seems) changing its interface and privacy settings – keep on top of these changes and select your own personal security and privacy settings wisely. Only put things out there in the public, which you wish for the public to see. Notwithstanding the ability to select privacy settings, you should assume that some alterations to these settings or breaches in security down the road could cause your "privately" posted information to go public. Moreover, anything you post is really not truly private anyway, which is really the reason we "post" on Facebook in the first place – as it is shared amongst your Facebook "friends." Be aware that those friends' accounts could be shared or accessible by their spouses, family members, friends, and thus the information that you make visible to them could be shared with others – accidentally or deliberately.
Expectation of Privacy
Next, notwithstanding the above, I still believe that there is an "expectation of privacy" to many aspects of our Facebook accounts. We expect that the privacy settings will work as intended and our comments, posts, etc. will not be shared with the public at large, even if we have contemplated the possibility that friends or family members of friends might see our posts, comments and page (s). However, clearly we have an expectation that the settings themselves that we choose, our passwords, our private emails to friends through the Facebook email interface will remain private. When a prospective employer requests your username and password, they are requesting private and sensitive information – your password, which may be linked to other accounts or have some other personal significance that we do not wish to share. In addition, they are requesting access to all of your activity on Facebook – every post, every game, every comment, every email. Many of these things in and of themselves are reasonably expected by you to remain private. Further, the cumulation of this data, is reasonably expected to only be seen by you. Would any prospective employer request access to your private email account, the hard-drive from your computer, the entire meta-data & internet browser history from all of the sites you have ever visited on your computer. Of course they would not – but logging into your Facebook account grants this same type of information – access to any personal emails you have sent through the Facebook email interface, a complete view of any and all posts and comments you have ever made, a quick view of ALL of your Facebook activity, spanning the entire time that you have had your Facebook account, and access to your security settings, friends lists, blocked friends, etc. This is an invasion of your reasonable expectation of privacy.
How do I respond to a request by a prospective employer for My Facebook log-in information?
If you have read the above paragraph, I think a very pragmatic approach to addressing such a request would be to explain in response to such an inquiry, outlining the concerns detailed above. Couple those privacy concerns with an offer of a less intrusive method for the prospective employer to obtain what information they seek. What is it that the employer is seeking? In part, it might simply be to gauge how you respond to such a request. Thus, prepare to respond confidently, addressing your privacy concerns and offering a different approach, and turning the question back to the employer. Ask the interviewer or prospective employer what it is that they are looking for and if reasonable, in your mind's eye, offer to "friend" them to give them a glimpse of the information that is available. Alternatively, you could offer to simply answer their questions about any given topic – thus putting the onus back on them to explain what precise information they are seeking. These approaches show a problem solving ability and critical thinking on your part, which are likely good qualities for any job you are seeking. They show that you are cooperative and constructively work to resolve potential conflicts, while standing up for your beliefs.
Should I Create A Second Facebook Profile?
Creating a second, "clean" or dummy Facebook profile is one possible approach to the situation, as well as a way to "friend" your mother or other family members, while protecting the privacy of your less discrete or more salacious or frivolous postings and activities between you and your more intimate "friends." However, keep in mind that by doing this, the friends, family members, or prospective employers with whom you share the information on the dummy account, may discover or know of the existence of your other account (s) and may react unpleasantly to the deceit of being directed or relegated to a second, dummy account.
Can I Use my Work Computer or Cell Phone for Personal, Social Media, Email, Facebook?
The simple answer to this question is NO! I get asked this question a lot, and the basic answer is that there is no reasonable expectation of privacy in any information transmitted or entered digitally into / through a work computer, cell phone, or other device. The device belongs to your employer, and thus the employer has a right to seize or view the device itself at any time, and regardless of your deleting the ESI (electronically stored information), as most people understand in this digital age, deleting ESI rarely ever actually completely deletes and destroys that information. Without getting into the technical details of it (which I am not qualified to fully expound upon anyway), when you delete electronically stored information, you are merely deleting the ROM's access to and indexing to that information – the actual information itself remains on the drive , although partitioned away somewhere and un-indexed. It may over time become partially or entirely overwritten, but that may not happen for a significant length of time, if ever. Further, by transmitting information through your corporate device, that information will likely pass through and be processed by your company server, leaving traces of and the actual essential information there for your employer to see. Also, automatically stored passwords and such, if enabled, may provide your employer easy access to ALL of your account information. This topic deserves much more, but that is not the purpose of this article.
In conclusion, this is a very interesting topic, from both a legislative and an employment standpoint, and I am eager to read any relevant comments, anecdotes and ultimately to see how this landscape evolves over time.