Do You Have To Hand Over Your Facebook Password To Your Employer?
August 15, 2017
With the rise of social networking sites Managers want to review publicly available Facebook profiles, Twitter accounts and other websites to learn more about job candidates and Employees.
Many Facebook users don’t have their profiles set to private, which would make them available only to selected people or certain networks. There is a big difference between an Employer viewing public postings and private information.
Employees and potential employees should have a right to keep their Facebook, Twitter or other social media profiles containing confidential information private from the prying eyes of their bosses.
Employees and job applicants have an expectation of privacy when it comes to using social media such as Facebook and Twitter, including a right to have their right to free speech protected.
There is no need for Employers to demand access to applicants or employees’ private password protection information stored online. Yet there have been a number of reports of job applicants during interviews being asked to log into their Facebook and other websites and allow potential Employers to browse their profile, acquaintances and other personal information, whilst others are simply being asked to list their passwords on job applications. Other job applicants have even been asked to friend human resource managers!
Traditionally Employers havn’t demanded that job applicants hand over the keys to their house or bank account information, therefore why should they be able to gain access to their private information stored online?
It is like allowing your Employer to access your mail to see if there is anything of interest inside. It would be giving Employers the ability to act as an imposter and assume the identity of an employee, continually access, monitor and possibly even manipulate an employee’s personal social activities, communications, associations and opinions.
Facebook’s Statement of Rights And Responsibilities provides that sharing or soliciting a Facebook password is a violation of their terms of service, however Employers can’t count on Facebook suing an Employer for such a violation.
Legislation is being passed to address the current situation, based on the Computer Fraud and Abuse Act, which deals with computer hacking, to safeguard Employees’ online identities. The Passwords Protection Act of 2012 will prohibit employers accessing “protected computers” where social media files are kept.
Subject to some exceptions, it will prevent employers from forcing employees and prospective employees to provide access to their private online systems, including Facebook, e-mail and other online storage.
The Bill is broad in its drafting and isn’t limited to any specific website. It focuses on the servers where information is housed or stored, taking the emphasis off having to identify and define a particular type of internet service. This means an employer will not be able to force an employee to provide access to their Facebook or Twitter account as a condition of their employment.
It will forbid Employers forcing employees to provide access to information held on any computer not owned or controlled by the employer. The Act will protect information even if it’s accessed on a computer owned by the employer. It will also prohibit an employer from discriminating or retaliating against a prospective or current employee if that employee refuses to provide access to a password-protected account.
Therefore if an employee is just looking at a social network on their work computer, an employer won’t be able to force the employee to disclose a password, as this would then enable the employer to access another computer, being the computer of the relevant social nework the employee is perusing. The protection conferred by the Act extends to gmail accounts, photo sharing websites and employee owned smart phones.
As the Act is drafted in a manner which is largely technology-neutral, it’s effect is not likely to be impacted by changes in technology. New online technologies continue to evolve and emerge, causing legislation to become outdated. However, because the Passwords Protection Act of 2002 isn’t limited to the protection of a particular service like a social network service, it is flexible enough to foreshadow evolving uses of technology, as it focuses on access to a computer.
The Act covers any new service as long as it’s not housed on any employer’s computer. There are however exceptions in the legislation and students are not protected from social media monitoring and can therefore be forced to hand over their social network passords.
However there is another Act to be introduced, the Social Networking Online Protection Act, which will plugs this gap by conferring protection upon both employers and students.
However if you are a Government employee or an employee who works with children under the age of 13, the Act enables States legislating in this area to provide an exemption, whilst another exception enables the executive branch to exempt entire classes of workers if they come into contact with classified information, including soldiers. These exceptions to the protection conferred therefore sanction broad and sweeping fishing expeditions into Employees’ private lives and communications.
There are already in existence a broad range of means for investigating employee misconduct. Further, internet activities constantly create many new types of records, and these can already be used against employees in investigations.
Whilst the new legislation is a major step forward in preventing Employers taking adverse action as a result of an employee’s refusal to provide access to their private accounts, Employers still reserve the right to permit social networking activities within their office only on a voluntary basis and implement policies in relation to employer operated computers. Once you are employed you may be required to sign an acceptable use policy relating to the use of social media within the workplace. You may have enjoy online free speech however you may be asked to sign a non-disparagement agreement which bans you from talking negatively about an employer on social media sites. Therefore employees who violate such acceptable use policies will still remain accountable for any activities which breach such policies.