Should your employer have access to your Facebook account?

privacyrisksfacebookYesterday, I read a report in the American magazine The Atlantic which asked the question Should Employers Be Allowed to Ask for Your Facebook Login?

It’s the story of a man in the US state of Maryland who applied for a job at the state’s Department of Corrections (prison service) and who was obliged to disclose his Facebook log-in credentials during the job interview. As The Atlantic tells it:

[…] According to an ACLU letter sent to the Maryland Department of Corrections [PDF file], the organization requires that new applicants and those applying for recertifications give the government “their social media account usernames and personal passwords for use in employee background checks.”

Let’s get this straight: this particular organization is saying that if you want a job with them, you have to give them access to your Facebook account (and of your other social presences online) which means they can log into that account with your credentials, ie, as you. All for the stated purpose of conducting “employee background checks.”

In an initial exchange of tweets about this story with Sue Llewellyn, one of my Twitter community, I said:

[…] I think there’s an ‘it depends’ answer in there somewhere re employer right to ask for login info.

What did I mean by that? Would an employer have any right to do what the Maryland Department of Corrections (DOC) is doing?

I clarify my comment by citing this statement from the ACLU’s letter:

[…] we believe the DOC policy constitutes a frightening and illegal invasion of privacy for DOC applicants and employees – as well those who communicate with them electronically via social media.

Neither Officer Collins nor his Facebook “friends” deserve to have the government snooping about their private electronic communications. Login information gives the DOC access to communications that are intended to be private, such as personal email messages and wall postings viewable only by those selected individuals who have been granted access. For social media users who maintain private accounts, the  DOC demand for login information is equivalent to demands that they produce all of their private correspondence and photographs for review, or permit the government to listen in on their personal telephone calls, as a condition of employment. Such demands would be unconscionable, and  there is no basis for treating electronic communications differently. While employers may permissibly incorporate some limited review of public internet postings into their background investigation procedures, review of password-protected materials overrides the privacy protections users have erected and thus violates their reasonable expectations of privacy in these communications.

That’s a well-stated position and argument supporting the reasonable rights of the individual to privacy, sentiments that I believe are equally viable here in the UK and in other countries in addition to the USA. Even (or perhaps especially) when employees ignore common sense and disclose far too much personal information in their online social networking profiles. And let’s not forget that access to someone’s account also means access to information about the friends that person is connected to.

The employer has reasonable rights, too, let’s not forget that either, as well as responsibilities to ensure the integrity, security and safety of the workplace, among many other things, for other employees as well as other people (children, for instance, in a school setting). Yet the only circumstances I can imagine where an employer is given access to an employee’s Facebook or any other online social presence account are either with the employee’s freely- and willingly-given permission, or under an order from a court of law. No matter what job someone is applying for, you don’t need the potential or actual employee’s social network log in details in order to do background checks that would satisfy such investigation. I can see no right for any organization to require login access to someone’s Facebook account a prerequisite for employment.

Incidentally, take a look at the comments to the story in The Atlantic – over 80 as I write this post, many with compelling arguments to support views highly critical of the DOC.

Do you agree that carte-blanche employer access to Facebook and other places online as described in this example must be off limits? Watch the video of Officer Robert Collins explaining the circumstances as he sees them.

What does it all say about the DOC’s understanding of what Facebook is and what people do with it?

What’s your take on this story?