In the midst of the recent media circus regarding employers (in both the public and private sector) asking for Facebook passwords from job applicants, the Maryland legislature recently passed a bill that would prohibit employers from requiring or seeking user names, passwords or any other means of accessing personal internet sites such as Facebook as a condition of employment. As a bit of background, this bill arose because a Maryland corrections officer was asked by his employer for his personal Facebook password, as a condition of returning to work following a leave of absence. That correction officer’s situation became the subject of countless news articles all over the internet and in print. In fact, some may say that the situation was blown out of proportion – especially given the lack of evidence (empirical, anecdotal, or otherwise) that this was even a common practice amongst employers.
In any event, at this point, this bill must still be signed by the Maryland governor before it becomes law. If signed, it would take effect on October 1, 2012.
Several other states, including California, Washington, Illinois and New Jersey are also considering similar measures.
Over the past few weeks, several people have asked me whether an employer can, or should, require job applicants or employees to disclose their usernames and passwords for sites such as Facebook, Twitter, etc. Thus far, my response has been that aside from the fact that it is not entirely clear whether such a practice is even legal (because of the Stored Communications Act, the Computer Fraud and Abuse Act, and a case called Konop v. Hawaiian Airlines), I think it is a bad practice for a number of reasons. Specifically, employers need to be careful about how they research a job applicant, or even an employee, because they will often find things they didn’t want to (and shouldn’t) know about. In addition, such a practice is bad for employee morale, and may scare away job applicants who are otherwise qualified for a position. Finally, any savvy employee or job applicant will likely just purge their social media accounts of any incriminating evidence if they know they will be required to disclose their passwords to an employer, so requiring the passwords will become an exercise in futility. This, pitted against the fact that an employer may discover something about an employee or applicant they they otherwise don’t want to know (such as a disability, sexual preference, religious belief, etc.), weighs in favor of not asking applicants or employees for their social media passwords.
I will be speaking in more detail on this topic at a seminar entitled “Modern Technology and the Workplace” at the Hawaii Employers Council (“HEC”) on April 26, 2012. I will be presenting the seminar along with Ben Schorr, from Roland Schorr & Tower. You can view further information about the seminar and register for the event on HEC’s website here.