(MoneyWatch) COMMENTARY The Maryland Department of Public Safety and Correctional Services recently stirred controversy when it asked job applicants to hand over their social network logins. The agency wanted "social media account usernames and personal passwords for use in employee background checks," according to the ACLU. The situation is cause a lot of kick-back, including from U.S. Senator Richard Blumenthal, who is writing a bill that would .
The most alarming of these practices is the reported incidences of employers asking prospective or actual employees to reveal their passwords. If you are a Facebook user, you should never have to share your password, let anyone access your account, or do anything that might jeopardize the security of your account or violate the privacy of your friends. We have worked really hard at Facebook to give you the tools to control who sees your information.
As a user, you shouldn't be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn't have to worry that your private information or communications will be revealed to someone you don't know and didn't intend to share with just because that user is looking for a job. That's why we've made it a violation of Facebook's Statement of Rights and Responsibilities to share or solicit a Facebook password.
On one hand, it only matters if Facebook calls asking for a password a violation of its terms of service if the organization asking has a Facebook page. If it doesn't, what could Facebook do?
But Facebook might not have to do anything. As the company's post points out, there are other potential legal problems for employers. As any corporate HR person could tell you, there are protected classes under employment law. A company can't discriminate based on such things as age, race, and creed. In fact, hiring managers aren't even supposed to ask things like how old an applicant is.
Access someone's social networking accounts, however, and you're likely to come across such sensitive information. Now what happens if you don't hire that candidate? You're potentially the target of an employment discrimination suit.
There are other potential problems, as well. According to David Baffa, partner in the labor and employment department of law firm Seyfarth Shaw, "about half of the states have some manner of a statute of the books that would seek to protect against discrimination against lawful, off-duty conduct. The tobacco industry drove a lot of those laws. But it is something that can be applied."
Should it store the data, an employer could fall afoul of a variety of privacy regulations that govern retention of people's personal data. Or individuals might claim that they were forced to violate the terms of service of a social network by giving away a password and that the hiring company in question coerced them to do so, under threat of not hiring them.
"Asking for someone's password, while I do think that the area of the law is murky, is not something I would view as a best practice," Baffa says.
It's a messy situation, and one you can bet that will land in a court sometime in the near future.