By Jeffrey M. Kowalski, Esq.

Robert Collins took leave from his job as a security guard at the Maryland Department of Public Safety and Correctional Services to mourn his mother’s death.  As a condition to reinstatement, the Agency required that he give up his Facebook username and password. A similar story that went viral involved Justin Bassett, an African-American statistician from New York City.  An interviewer searched his Facebook page during the interview, but when she found that he had his privacy setting enabled, she demanded that he log in for her. It is these sorts of anecdotes that sparked AB 1844, A California Bill proposed on February 22, 2012 that would prevent employers from requiring a job applicant to disclose account information to access social media accounts used by the prospective employee. Those stories and the backlash by the California Legislature raise various legal and moral issues. At the core of those issues, is a privacy paradox: should people who freely post personal information to a third party website be allowed to complain when that information is used advantageously by employers? The answer, like any legal answer:  it depends. There are various levels of privacy in this context. For example, it is common practice for human resource managers to “Google” applicants and to search for publically available social media accounts. The general perception is that we have little sympathy for applicants who lack the common sense to enable the privacy settings on their accounts, and then recklessly publish detrimental private information to the public. There are numerous private companies that make a business out of providing background reports to employers based on internet searches.  The FTC has even given their stamp of approval on this practice, so long as the job applicants are informed that adverse action was taken because of something found out about them on the internet. Some companies have taken a “middle of the road” approach and require applicants to accept friend requests from human resource managers. Then, the employer might require the new employee to sign non-disparagement agreements, which could be used as a trigger for recourse against an employee. This is perhaps the toughest legal issue because such requests are not overtly coercive. In addition, the applicant has options to avoid the privacy intrusion, such as cleaning up a Facebook profile our creating a separate sham or “professional” Facebook account. But, the most egregious action is the one addressed by AB 1844, where interviewers would either require the applicant to log in to the social media site during an interview, or give up their log-in information before employment. It is hard to imagine that such a practice is a rampant problem, but the California legislation is appropriate for a variety reasons.

The major issue is employer coercion and the resulting invasion of privacy. Because of the rather poor economy, for many, a job is tougher to find now more than ever. If an applicant needs to put food on the table, he probably can’t afford to stick up for his privacy rights. “Volunteering” a password is really coercion when an applicant is desperate for a job. Furthermore, the information gathered from social media accounts is different from other information often gathered in an application process because it is personal in nature rather than job related. There are already substantial regulations in place that prevent employers from rejecting applicants based on personal or other improper reasons, such as race, color, religion, sex, national origin, age, or disability. Some states even have statutes prohibiting hiring decisions based on a candidate’s lawful leisure time activities. The rationale for such laws is to protect people’s privacy and to make sure employers evaluate applicants based only on relevant job criteria. Allowing employers to access applicant’s social media accounts could either expose them to lawsuits for violations of employment laws, or allow them to circumvent those laws and the important policies they were built on. Another problem, from the social site’s perspective, is that employers are undermining their user’s privacy and causing them to violate the site’s terms of service. For example, Facebook’s terms of service states, “[users] will not share your password, let anyone else access your account, or do anything else that might jeopardize the security of your account.” Erin Egan, Facebook’s chief privacy officer, stated that the site is ready to take action to protect its user’s privacy, “whether by engaging policymakers, or where appropriate, by engaging in legal action.” In sum, the private versus public boundaries of social media are unclear. In addition, it is difficult for legislation to keep up with innovation. Nevertheless, AB 1844 is a move in the right direction because it is tailored to prevent invasions of privacy in particular situations where applicants reasonably expect privacy, and employers are taking affirmative steps to intrude upon it. At a minimum, it might be a catalyst to engage policymakers to further consider how to deal with the difficult legal issues surrounding social media.

Jeff Kowalski is an Associate in the Business Group at Boylan Code, LLP.  For more information, please contact Jeff at (585) 232-5300 or by email at

Download Article