Should We Outlaw Employers From Asking For Social Networking Logins?

from the this-is-not-a-good-trend dept

In 2009, we wrote about the city of Bozeman, Montana asking job applicants for all of their passwords to social networking sites, so that the city could look more closely to see if they had “high moral character.” Public outrage over that plan resulted in the city dropping the requirement. Last year, we noted that some places in Maryland were doing the same, leading to a lawsuit. However, the Boston Globe is now reporting that more and more jobseekers are being asked for their social network logins, as a simplified “background check” by employers. It’s a newspaper trend piece, so in typically maddening fashion it makes no effort to indicate how widespread this really is — but the fact that it’s not a big story any time an employer does this certainly suggests that it’s becoming at least somewhat more standard.

Still, does that mean we should pass a law? Senator Richard Blumenthal — who has long been in favor of laws against all kinds of internet companies — is apparently working on exactly that kind of legislation. Somehow, I doubt it’s an accident that the Boston Globe trend piece came out at about the same time as Blumenthal’s plans were discussed. Frankly, I still think that it’s pretty sketchy and questionable for companies to ask for logins, but is it so bad that we need a law? Is there at least some sort of data on how widespread this practice is?

In the meantime, for those interviewing for jobs who do get asked for such things, it seems only proper to respond as the first individual profiled in the original article does—by walking away:

Bassett, a New York City statistician, had just finished answering a few character questions when the interviewer turned to her computer to search for his Facebook page. But she couldn’t see his private profile. She turned back and asked him to hand over his login information.

Bassett refused and withdrew his application, saying he didn’t want to work for a company that would seek such personal information.

I would still guess this isn’t quite as common as the article tries to suggest, but either way I’m curious if people feel this practice is so egregious that it needs a new federal law?

Filed Under: , , , , ,
Companies: facebook

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Should We Outlaw Employers From Asking For Social Networking Logins?”

Subscribe: RSS Leave a comment
Mike C. (profile) says:

Response to interviewer

While it’s easy to say “walk away”, those who feel it’s a condition of employment will feel pressured to comply if they are desperate enough. I have a relative who has been unable to secure steady work for over 3 years now and I’m pretty certain he’d give in just to get a chance at a steady job.

That being said, the part that gets me is how people don’t really think things through when they decide to hand over their login. Assuming there’s nothing in your private profile that disqualifies you, will handing over the login guarantee a job? If not, what assurances do you have that the info will be treated confidentially? And what about people that reuse an id and password across multiple systems?

While I’m not fully in agreement with a law is necessary, I’m also concerned about potential predatory actions on the part of employers. Like Mike, I think more information is needed here.

Anonymous Coward says:

What I’m wondering is why they don’t just have two accounts? I have at least 3 facebook accounts, for various reasons, one of which is to whitewash my web presence to a degree. All coworkers are friended through that account, all postings there are quite work friendly (and happen outside the hours of 9-5), all pictures are of company things, picnics, vacations I took around the country or overseas, good upstanding hirable material things. I don’t update it often, and a web search of my name will point to it. My real account is under my nickname. Yeah, so not everyone can have Joseph BLAH and Joe BLAH accounts, but it’s not hard to do.

Or why not just set yourself up so that you don’t show up in a facebook search, and when they ask say that you don’t have one? Is that so unbelievable in this day and age? I have friends that are extremely net savvy, they just don’t want a facebook, or deleted theirs ages ago.

John Doe says:

Absolutely not!

If they outlaw it, then employers won’t as you for it during the interview process and you may know that you should get up and walk, not run, away. If a company asked me to friend them or especially give them my credentials, I would run, not walk to the nearest exit. That would tell me all I need to know about working there.

Anonymous Coward says:

Here’s the real question:
If I have my marital status, my religion, my age, or DoB listed on my Facebook page, and I give my login to an HR person screening me, could it be argued that because they not have access to that information prior to employment, they in effect “asked” for it, which is a violation of discrimination laws as it relates to employment?

Yankee Infidel (profile) says:

insane and asinine interview requirement

Mike Masnick, let us assume we go back in time before Facebook and the Internet to look at an analogue for what Facebook could represent: hand-written letters.

Now do you think it would be reasonable for an employer to demand to review original copies of hand-written PRIVATE letters between you and your spouse, your family, your friends, etc. which may include very personal conversations that may include discussions of a medical nature, sexually intimate nature, heated debates on controversial topics, and a whole host of other PRIVATE discussions that are quite frankly NONE OF THE EMPLOYER’S BUSINESS.

The libertarian in me hesitates to call for any law (federal or state) to limit what employers can do with their business, but THIS horse squeeze that these businesses who interview like this creates true HARM to others (either give up your privacy or not get hired) that such behavior is TOTALLY UNACCEPTABLE, for which a civil law must be made to punish businesses who are insane and asinine enough to ask for my Facebook credentials.

Cowardly Anonymous says:

Re: insane and asinine interview requirement

Still doesn’t need a new law, just a slight revision of the current discriminatory laws to cover access to private communications that can be reasonably expected to contain the information they are already forbidden from asking for. Posting to a personal site, even a social networking site, is a communication.

That would, by the way, cover friend requests as well.

Rikuo (profile) says:

Re: insane and asinine interview requirement

At most, I’m fine with the HR manager searching for me on Facebook and, if I have an account there, being able to see only what I have marked as public (let’s not get into Facebook’s horrible history there).
What I have marked public is what I am comfortable with having the world see. If the HR rep goes through the list of public posts and is still not satisfied, I will walk out of that room. Anything in there I have marked private…is well, private and none of the company’s god-damn business. I like to argue and discuss religion. What if I hand over my login credentials, and the HR rep is a fundamentalist? They then get offended by seeing my chat history, the discussions and viewpoints I take. I would never discuss religion while on the clock, and certainly not with higher-ups. But now, what I have discussed in private, away from the company, has now cost me a job.

GMacGuffin says:

“I’m curious if people feel this practice is so egregious that it needs a new federal law?

Recall that they needed to pass laws to keep employers from discriminating on the basis of sex, age, race, creed, disability, etc. If not to stop it, to at least remind employers that sort of thing is not acceptable behavior.

We have an insanely lopsided situation, where people who need to eat would with great trepidation cough up the profile if the option is more job searching and hungry or homeless family. So yes.

Asking for a party’s profile access is like asking them for their email password – see what you’ve been saying or doing with their friends. I doubt many would argue that as being anything but impermissibly invasive.

Asking for social network login is akin to that, especially for those who keep their personal social networks small, tight, and limited.

Miff (profile) says:

The best argument I’ve seen for outlawing this is that a Facebook account often contains information that it’s illegal for an employer to ask of interviewees such as age, martial status, or religion.

“Oh yeah, according to your private Facebook posts about your divorce, we see you’re not a ‘family man’ so we can’t hire you.”

Rich says:

Re: Re:

I’ve been seeing people posting this same comment all over the web. It is NOT illegal for employers to ask these things. It is illegal to base hiring decisions on them, which is not the same thing. Employers usually avoid the former because of the implication of the latter, but that doesn’t make it illegal.

Andrew (profile) says:

My response would be sure, no problem, as long as you give me admin access to your email system and copies of your corporate accounts for the past 5 years so I can perform a “background check” on you too — solely for the purpose of making sure you’re a good employer of course. After all, I’m sure you’ve done nothing wrong and therefore have nothing to hide.

Steph (user link) says:

Negative, Ghostrider. The pattern is full.

I don’t even like when interviewers ask me what kind of tree I want to be. Hello? My relationship with Red Oaks is my business, and mine alone.

Asking me for social networking passwords? Haz dey gone mad?

No, thankyouverymuch. Me and my marbles would pack up and go work somewhere else. No law necessary, federal or otherwise.



Jeremy Lyman (profile) says:

I’m wary of more legislation from folks who have proven themselves so clueless in the tech arena recently. However I do find it completely unacceptable for employers to request personal information like this. Maybe a better solution is to make it socially unacceptable to predicate employment on revealing these details. Spread the word that you don’t have to deal with companies that treat people this way and the problem should work itself out.

MAJikMARCer (profile) says:

Employers abusing current events

Frankly I think that some employers are simply using the current job market as a reason for abusing applicants this way. I know and accept that potential employers (and likely your current employers) are going to check out your online presence, but to request direct access to the accounts is unacceptable.

I know it’s not easy to say no, but that’s exactly what people need to do. I don’t care what my employer things of my blog, Google+ or Twitter account but my Facebook is locked down to just my close friends and family, because it’s my private life.

That said, I don’t think it needs to be a law. As the Internet continues to grow people will become more and more savvy about their online identity. Your username and password is potentially more important than your social security number these days. Just because someone works in HR doesn’t mean they wouldn’t abuse the access granted to them.

FarSide (profile) says:

Re: Employers abusing current events


I don’t understand this idea that because something is ‘hard’ (like saying no) or because you really need a job, there needs to be a law protecting you.

Total nonsense. You need to protect yourself. Period.

If you really want the job, then you are making a judgement call that your private stuff is a decent trade for employment. And many people might make that decision happily. In that case, good for them.

I would tell them, ‘sorry, can’t do that.’ And if they didn’t hire me because of it, then that’s fine – I don’t want to work there anyway. No one owes me a job on my own terms.

I’m not saying companies that pull this crap are scummy – they obviously are.

Anonymous Coward says:

A Clear Message

I think legally banning this sort of practice is actually a good idea. The erosion of American Privacy Rights is a real thing and it does have real consequences as we can easily see with the NSA. By degrading a culture of privacy we are opening a Pandora’s box of troubles. As it is, our privacy rights are nebulous and almost non-extant to begin with. By creating this sort of precedent we take a strong stance and appeal for our rights and can allow ourselves a private life away from work. Gattacca made a wonderful point about giving employers too much access to our personal information, here it is the same. It also blatantly opens the door for near unprovable discrimination and harassment. Also given the proclivity for password re-use there is substantial grounds for criminal abuse. The agencies I work for do a thorough check into my background, and even they, nor the Alphabet Soup, require my passwords or even my social networking identities.

Secondly, I am horrified that they even consider this. I have lived in conditions where every portion of my life, housing, social interaction, and similar was directly tied to my job. It was hell. I want to be able to go have a quiet drink with friends without wondering that if someone takes a picture of me at the wrong time am I going to get fired tomorrow. Life and Work are separate things, and never the twain should meet. If they expect us to keep our private relationships outside of the company, ie no dating of co-workers, it is only reasonable for us to expect them to keep their public investigations out of our lives.

On a personal note, any employer that asks for that information should punched in the nose and told to go filecheck themselves.

Anonymous Coward says:

Wow, 25 comments and no one has said the obvious yet....

So….are we, as a society, so hopelessly lost in Facebook that no one can even fathom the obvious answer?

“Sorry, I don’t have a Facebook account.”

I mean…..seriously, people, is this the new, “kid with father in car accident, father’s killed, kid needs operation, and doc says, ‘I can’t operate on him, he’s my son'” test?

People amaze me sometimes…

DCX2 says:

Re: Re: Wow, 25 comments and no one has said the obvious yet....

Is it lying if you actually *don’t* have a facebook account? Or a google+ account?

Because I don’t. So what does that mean? Will they think I’m lying? Will they think I’m anti-social because I don’t have a social networking account, and therefore use *that* as a basis for a hiring decision?

Cowardly Anonymous says:

Re: Wow, 25 comments and no one has said the obvious yet....

Actually, the best answer would probably be the same answer you give to a request to violate an NDA from your previous company:

“I’m sorry but I can’t do that as it would constitute a breach of contract.”

Polite, direct, honest (even if you don’t have an FB account, the employer may be skeptical) and demonstrates that you are savvy about business law. If you actually still want the job, it should offset any damage to refusing the request, and if you don’t it sets up for:

“I really did enjoy our discussion, but I can see that you don’t offer the kind of atmosphere I’m looking for.”

Again, polite and direct. Provides no reason for them to complain about you to other companies and ends the interview with a very clear of view of where they went wrong.

Willton says:

Re: Wow, 25 comments and no one has said the obvious yet....

So….are we, as a society, so hopelessly lost in Facebook that no one can even fathom the obvious answer?

“Sorry, I don’t have a Facebook account.”

This implies that you still want to by hired by the company, even after they’ve asked such questions. If so, saying you don’t have a FB account when you actually do would be lying, and such lying could be easily detected by the employer. At that point, you’ve done damage to your reputation by showing you aren’t trustworthy.

Just be honest: tell the employer that you FB account and login information is none of their goddamn business.

Anonymous Coward says:

Re: Re: Wow, 25 comments and no one has said the obvious yet....

“That’s not my account, someone else must have put that up.”

You gotta really own a lie if you’re going to stick with it. And if you’re not easily searchable, then no, I don’t think a company is going to really find it anyway. That would require management/HR to be smart enough for such things.

Also, just because a company is a complete and total tool, doesn’t mean you can’t benefit from working there for some time and getting money/XP there. It doesn’t mean you’re going to retire there, but sometimes, you need a symbiotic relationship with an employer for a while to get what you need to get to the good employer.

FighterFei says:

It's absurd.

This is like asking a potential employee if they could have a key to your car to search it for the same constraint. The scale of permission(s) is different, but the point of the question remains the same. How about if they asked for the keys to your house? See the dotted lines? Now draw a line and connect them. Because the point is the same. Your log-in information is another key.

“Just walk away?” That’s not always an option for some people, given the current state of affairs and so some don’t have a choice but to hand over that information because “they need a job.” Passing a law banning this practice prevents the scenario from becoming an issue in the first place.

Now you could argue that a social network is akin to a public display of your activity. But that’s only in the case where you don’t take reasonable steps to make your life private. It’s much harder to argue the same if you go to a bar and get in a fight, though.

Tom (profile) says:

Re: It's absurd.

“Passing a law banning this practice prevents the scenario from becoming an issue in the first place.”
Agreed although it doesn’t need to be a new law; as suggested above, existing employment law could be extended to include this provision.
The main purpose of employment law (as I see it) is to try to create a level playing field between the (in this case, potential) employer and employee and reduce the risk of the employee giving up rights ‘because he/she needs the money’

FarSide (profile) says:

Re: It's absurd.

‘”Just walk away?” That’s not always an option for some people’

Why not? No seriously, why not?

There’s no way you can honestly show me how someone going in for an interview HAS to take the job if they are offered it.

It may suck if they don’t. It may make their life harder, having to look for a new one. But this idea that it’s “not an option” is bullshit.

Gwiz (profile) says:

This is an extension of a problem I have seen growing over the last 30 thirty years. For some reason employers have migrated to the thinking that because they hire you they can dictate what you can and cannot do while on your own time.

There’s a story here in Michigan where a health-nazi company owner actually fired people who failed random nicotine tests even though they never smoked on company property. Unfortunately, it was legal under existing Michigan laws.

More than once, when I felt an employer was overreaching into my non-work life, I had to remind them that they only rented my skills and services for 40 hours a week, they did not own me and what I do on my own time is none of their damn business.

Josef Anvil (profile) says:

Boy those interviews are getting tougher

Sure you can have my Facebook and Twitter passwords just to make sure I have the right moral character. And you can have my bank details to see that Im fiscally responsible. In fact, I brought in my laptop so you can look through my browsing history then copy the hard drive. And you can borrow my kids to clean your house and my wife can cook dinner for you twice a week.

Did I get the job?

Davey says:

How widespread it is has nothing to do with whether it’s acceptable or should be legal. Employers have no right to pry into personal information, much less demand access to private files. It’s also ironic that American corporations or government agencies still have the guts to prate about “moral character” given what they’ve wrought on this country as we speak.

The “walk away” argument is just standard authoritarian boilerplate. It assumes there is a free market in jobs, which is demonstrably false. We’re talking about people’s livelihoods, even financial survival here, not some geek boardgame. Employers pay for an employees time and skill. It’s really all they do. If they are incompetent in assessing either of those parameters without prying into personal files, they have no right to manage anything.

This issue is just the latest in creeping intrusion into personal privacy. Credit ratings, random drug tests, background checks for non-sensitive jobs — all helped pave the way for further assaults on the right to privacy. It doesn’t matter whether the intrusion comes from government or business entities. A law now, before this latest assault becomes standard practice, is essential.

Anonymous Coward says:

There is no need. If your employer demands access to your social life, then refuse and let them deal with it or fire you. If a new job demands access, then walk out of the interview as you probably don’t want to be working there in the first place.

The only way to fight this kind of nonsense is… to fight it! If a company can’t keep employees due to their asshattery, then they will either change police or disappear leaving room for rational companies to fill that market share.

btr1701 (profile) says:

If I were currently in the job market, I’d delete all my social media profiles. No Facebook, no Twitter, nothing.

It makes that part of the interview pretty easy.

“Now we need your FB and Twitter passwords so we can do a background check.”

“Sorry, no password to give. I don’t have any social media accounts.”

You can always re-sign up after you land a job somewhere.

Anonymous Coward says:

Public -private

Its well known that employers will check public information you’ve already chosen to share with the world, but asking for your password is completely unacceptable. I don’t know if a new law is necessary but someone needs to protect the rights of applicants. Just “walking away” is not a practical option for many of us,

Anonymous Coward says:

Yes! YES! Thrice YES!

An employer demanding access to the contents of your private social accounts is the same as demanding access to your personal mailbox or that you keep them up to date with what happened at a party the night before or that you reveal membership in private clubs or organizations prior to and during your employment. The whole practice is excessively invasive.

Andrew F (profile) says:

Plausible Deniability

Thought: Could you build a plausible deniability mode on top of Facebook? That is, give your employer (or interrogator) a “fake” FB password. When this password is used, it pulls up a limited version of your FB account.

I’m not sure how (or if) you would do this with an FB app (as opposed to changes to FB itself). But it seems plausible.

Devious (user link) says:

Blue Thunder to base, too garbled, too garbled (shshshshs)

That is why I don’t even friend people at my work, I don’t intermix work and home life. If the HR folks suddenly asked for my private information on Facebook, I would ask them to let me log in, and immediately click account setting, security, and deactivate account right in front of them. My life outside of work is none of their business.

metalgoddess (profile) says:

Unfortunately Maybe Yes

If your Facebook is set to private, then apparently you don’t think it’s anyone’s business what you discuss with friends on your page. And it isn’t. That includes your employer. It’s also none of your employer’s business what your friends post or even who they are. They are also violating Facebook’s rules. You’re not supposed to let other people have your log in to your account and you aren’t supposed to access the account of anyone else or ask for the log in of anyone else. If an employer wants to violate the rules of another company then that tells me something about the employer. It’s unfortunate that employers want to invade the privacy of their employees but if they insist on asking for log in information that they are clearly not supposed to ask for, then yes we might have to pass a law forbidding that. Of course, if these people wouldn’t invade people’s privacy or ask for information they have no right to, then we wouldn’t have to pass a law on that. It’s unfortunate that in this country you actually have to pass laws about things of this nature but unfortunately that’s how it has to be. My Facebook is locked down. Not even my friend is list is available for public view. My employer does not have the right to see any photos I post or that my friends post. My employer does not have the right to read my comments whether it’s ones I initiated or a response to something a friend said. My employer does not have the right to view my friends’ posts or pages which they certainly can do once they access your account as well as your private correspondence in your message portion of your page. They can also view your political leanings and religious views which they have no right to know. So yes, we may very well have to pass a law against this. People apparently have taken it to this point. And I’m one who thinks we have too many laws already.

FM Hilton (profile) says:

Employers do it anyway

It is a well-known practice that employers do reserve the right to scan the internet for naughty things you might have said about them.

But it does not give them the right, reason or ability to demand you had over all your privacy just because they said to.

I’d politely tell them: “My FB account is now past history. You are, too. Good bye.”

Anonymous Coward says:

Anything that’s public on my Facebook account is fair game for them to look at. But private stuff is private stuff. If they can’t figure out how to (legally) access it, then it’s not like it’s going to reflect poorly on them as a company.

The difference between looking at a public Facebook profile and asking for login information, is the same as the difference between looking at the kind of car I drove to the interview and asking for the keys so they can search the glove compartment. One is acceptable, if probably unnecessary; the other is an invasion of my private space.

That said, we don’t actually have a LAW against companies demanding to inspect your glove compartment…

Anonymous Coward says:

This is a really really bad idea

Giving out your social network login. is like giving out your bank account info. They can now do all sorts of damage. It’s called identity theft.

I won’t even bother with an example because there’s just so many hilarious ways this could go wrong; I’m sure that whatever I put here, something worse would come up.

Anonymous Coward says:

A slashdot article raises an interesting point.

“”Facebook today weighed in on the issue of employers asking current and prospective employees for their Facebook passwords. The company noted that doing so undermines the privacy expectations and the security of both the user and the user’s friends”

It’s one thing for users to agree to give up their password to potential employers, but that user’s friends might have valid privacy expectations from that user. A user giving up his password could undermine the privacy expectations of various friends who send private messages to the user in a way that this user’s friends never agreed to.

The Devil's Coachman (profile) says:

We need a public shaming web site for these scumbags

It would be a good thing if all the companies and organizations who made a practice of asking for this information from prospective or current employees were identified publicly and put on a list of Corporate Privacy Invaders. It would be an even better thing if the sponsors of these practices names and addresses were made available, as well as their personal e-mail and social media account names and passwords. Now that would be just and fitting.

brian says:

my opinion

Facebook is not a right. The federal government needs to stop telling private industry how they can screen a potential employee. As long as you dont discrimnate age, race, sex or creed and relegion.

Some other things or examples of potential legal arguements.

Say i work for eli lilly and someone posts information confidential to a new drug. Oops shareholder lawsuit.

Say a employee has a habit of getting fired and defaming the company online in publc on facebook. Oops should have known that.

Say a truck driver is ranting and raving about how drunk he was last night and gets into an accident the next morning. Oops could have avoided that lawsuit.

The lists of legal problems goes on and on some of whcih involve real. Regulaory law already, if you want privacy stay off social networks.

ChrisH says:

Already against Facebook's TOS to do this..

Charged, yes. Found guilty, no. It doesn’t matter what the DOJ’s opinion is regarding the law. Any government attorney’s office will naturally view the law in a way that favors prosecution. That’s kind of their job.

If you want more than an opinion, you’ll have to look at the relevant court cases. For example the Lori Drew case decided that making ToS violations equal to CFAA violations would effectively let a contract determine criminal behavior, which the Judge found unacceptable.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...