Facebook has spoken out against businesses that demand Facebook usernames and passwords from their employees and prospective hires.
“In recent months, we’ve seen a distressing increase in reports of employers or others seeking to gain inappropriate access to people’s Facebook profiles or private information. This practice undermines the privacy expectations and the security of both the user and the user’s friends. It also potentially exposes the employer who seeks this access to unanticipated legal liability,” Facebook chief privacy officer Erin Egan writes in a Friday blog post.
“If you are a Facebook user, you should never have to share your password, let anyone access your account, or do anything that might jeopardize the security of your account or violate the privacy of your friends.”
Reports of such practices are widespread. In June 2009, the city of Bozeman, Montana made headlines when it was revealed that its job applications forms asked for usernames and passwords for the job seekers accounts on “social networking,” including everything from Facebook and Twitter to YouTube and Google. Earlier this year, the American Civil Liberties Union took aim at the Maryland Department of Corrections after it asked a Maryland man for his Facebook credentials during a recertification interview. And just this week, the Calgary Herald reported on a similar incident in Canada.
A day before this report, US Senator Richard Blumenthal told Politico that such requests are an “unreasonable invasion of privacy” and that they should be prohibited in the business world, much like lie detector tests.
In her blog post, Facebook’s Egan went on to say that Facebook would take action to protect the privacy and security of its users by engaging policymakers or “initiating legal action, including by shutting down applications that abuse their privileges.”
Some took this to mean Facebook would consider legal action against employers who asked employees and prospective hires for login info. Asked to clarify this comment, the company spokesman told Wired: “While we do not have any immediate plans to take legal action against any specific employers, we look forward to engaging with policy makers and other stakeholders, to help better safeguard the privacy of our users.”
As more of a general warning, Egan also argued that employers may take on an unexpected legal burden if an employee should actually turn over Facebook information. If the user’s information suggests they committed a crime, Egan said, the employer may have a legal responsibility to notify the police.
[Note: If your current or former employer has asked for or demanded any personal passwords or logins from you during the hiring process or while employed, please contact firstname.lastname@example.org to tell your story.]