With the rise of social networking sites, Managers and Employers have shown a desire to review publicly available Facebook profiles, Twitter accounts and other internet social media websites to learn more about job candidates and existing Employees.
Employees and potential employees should have a right to keep their Facebook, Twitter or other social media profiles containing confidential information private from their bosses.
Employees and job applicants should have an expectation of privacy when using social media such as Facebook and Twitter, including a right to have their right to free speech protected.
Employers had reportedly been demanding increasing access to job applicants and/or employees’ private password protection information stored online. There have been reports of job applicants during interviews being asked to log into their Facebook and other websites and allow potential Employers to browse their profile, acquaintances and other personal information, whilst other reports refer to applicants being asked to list their passwords on job applications. Some job applicants have even been asked to friend human resource managers!
Traditionally Employers havn’t demanded that job applicants hand over the keys to their house or bank account information, therefore why should they be able to gain access to their private information stored online?
This is akin to allowing your Employer to access your mail to see if there is anything of interest inside. It would be giving Employers the ability to act as an imposter and assume the identity of an employee, continually access, monitor and possibly even manipulate an employee’s personal social activities, communications, associations and opinions.
Facebook’s Statement of Rights And Responsibilities provides that sharing or soliciting a Facebook password is a violation of their terms of service, however Employers can’t count on Facebook suing an Employer for such a violation.
Legislation is on the horizon to address the situation in the United States. The legislation being partly based on the approach taken in the Computer Fraud and Abuse Act, which deals with computer hacking, in order to safeguard Employees’ online identities.
The Passwords Protection Act of 2012, if passed, will prohibit employers accessing “protected computers” where social media files are kept.
Subject to some exceptions, it will prevent employers from forcing employees and prospective employees to provide access to their private online systems, including Facebook, e-mail and other online storage.
The Bill is broad in its drafting and isn’t limited to any specific website. It focuses on the servers where information is housed or stored, taking the emphasis off having to identify and define a particular type of internet service. This means an employer will not be able to force an employee to provide access to their Facebook or Twitter account as a condition of their employment.
It will forbid Employers forcing employees to provide access to information held on any computer not owned or controlled by the employer. The Act will protect information even if it is accessed on a computer owned by the employer. It will make it illegal for an Employer to discriminate or retaliate against a prospective or current employee if that employee refuses to provide access to a password-protected account.
Therefore if an employee is just looking at a social network on their work computer, an employer won’t be able to force the employee to disclose a password, as this would then enable the employer to access another computer, being the computer of the relevant social nework the employee is perusing. The protection conferred by the Act extends to gmail accounts, photo sharing websites and employee owned smart phones.
As the Act is drafted in a manner which is largely technology-neutral, it’s effect is not likely to be impacted by changes in technology. New online technologies continue to evolve and emerge, causing legislation to become outdated. However, because the Passwords Protection Act of 2002 isn’t limited to the protection of a particular service like a social network service; it is flexible enough to foreshadow evolving uses of technology, as it focuses on access to a computer.
The Act covers any new service as long as it’s not housed on any employer’s computer. There are however exceptions in the legislation and students are not protected from social media monitoring and can therefore be forced to hand over their social network passwords.
However there is another Act being considered by the House Of Representatives, the Social Networking Online Protection Act, which will plugs this gap by conferring protection upon both employers and students. If passed, it would prohibit employers nationwide from requiring job applicants to disclose their social media passwords as a condition of employment.
However if you are a Government employee or an employee who works with children under the age of 13, the Act enables States legislating in this area to provide an exemption, whilst another exception enables the executive branch to exempt entire classes of workers if they come into contact with classified information, including soldiers. These exceptions to the protection conferred therefore sanction broad and sweeping fishing expeditions into Employees’ private lives and communications.
There are already in existence a broad range of means for investigating employee misconduct. Further, internet activities constantly create many new types of records, and these can already be used against employees in investigations.
Whilst the new legislation is a major step forward in preventing Employers taking adverse action as a result of an employee’s refusal to provide access to their private accounts, Employers still reserve the right to permit social networking activities within their office only on a voluntary basis and implement policies in relation to employer operated computers. Once you are employed you may be required to sign an acceptable use policy relating to the use of social media within the workplace. You may have enjoy online free speech however you may be asked to sign a non-disparagement agreement which bans you from talking negatively about an employer on social media sites. Therefore employees who violate such acceptable use policies will still remain accountable for any activities which breach such policies.
California has become the third state to sign a bill into law that protects university officials and employers from requiring applicants to surrender their email and social media account passwords. Governor Jerry Brown signed a pair of privacy bills making it illegal for employers and colleges to demand access to social media accounts.
In enacting social media privacy laws California follows Maryland in enacting such legislation. Illinois was the second state to pass such legislation to protect against unwarranted invasions of privacy, HB3782. Similar online privacy laws already exist in Delaware. Whilst the state of Maryland enacted a law, which comes into operation on 1 October 2012, protecting employers, employees, and job applicants, Delaware has enacted a law to protects schools, students, and prospective students. Delaware was the first state to pass a law banning public and private schools from requiring students to give administration access to social media accounts,
Washington, Delaware and New Jersey were the next states to consider social media privacy laws. Now over a dozen other states are still working on similar legislation.
Employers will of course still be free to formulate workplace policies on the use of the Internet, social networking sites and email, and most Employers have an acceptable use policy which would cover the use of social media at work.