The first three parts of this series covered ownership of work-related social media and a variety of employer-employee issues. For the final portion, I’m taking a look at the controversies concerning social media and privacy concerns.
Social Media Law Part IV: Privacy and Social Media
A study commissioned by Microsoft and Cross-Tab (here is a link to a Word version of the document) found that 70% of HR representatives report rejecting an applicant because of information found online. While a person can take precautionary steps to avoid a problem such as this (for example, by Googling themselves to see what pops up and by setting privacy controls on their social media accounts so that the public cannot access them), a new trend has been reported wherein employers are asking for a job applicant’s password to their Facebook (and other social media) accounts so that the prospective employer may review what’s behind the privacy controls. Some employers have taken it to the next level, asking current employees for their social media passwords whenever issues related to social media arise at work.
Kimberley Hester, a teacher’s assistant at an elementary school, was fired for refusing to give her Facebook password to her employer. On her own personal time, Hester jokingly posted a picture of a co-worker’s pants around her ankles with the caption, “Thinking of You.” A parent of a child at the school, who was also a Facebook friend, saw the photo and complained to the school. The superintendent asked for Hester’s password three times, but Hester refused to provide the information each time. Hester received a letter notifying her of her termination, which she reportedly plans to use in a legal battle against the school. The school and Hester are scheduled to go to arbitration in Fall 2012. After Hester’s story became national news, Michigan state leaders contacted her, asking her to use her story to help pass a bill that would make it illegal to for employers to ask for social media passwords.
Congress has already begun to act in response to the outcry against employers asking for social media passwords. New York Senator Charles Schumer and Connecticut Senator Richard Blumenthal have asked the United States Department of Justice to investigate if the practice violates federal laws. The senators are concerned the practice may expose private information such as age, national origin, and race – information that is barred from being used to make an employment decision under Title VII of the Civil Rights Act. Furthermore, the senators were concerned that asking for the employee or applicant’s password could be violating the Stored Communications Act, which prohibits intentional access to electronic information without authorization, or the Computer Fraud and Abuse Act, which bars intentional access to a computer without authorization to obtain information. An amendment to FTC regulations that would have banned current or prospective employers from requiring workers to hand over personal passwords as a condition of keeping or getting a new job was defeated by House Republicans. However, Senators Schumer and Blumenthal are currently drafting legislation separately in attempt to stop current or prospective employers from engaging in this practice.
A number of states are in the midst of passing legislation to prevent employers from being allowed to ask for social media passwords. Maryland recently passed a social media privacy bill. California, Illinois, and Michigan have bills pending in its legislature as well.
Facebook has also spoken out against employers asking for Facebook passwords. Facebook’s Statement of Rights and Responsibilities, which are not legally binding, state it is a violation to share or solicit a password. Facebook’s privacy officer, Erin Egan, released a statement on behalf of the company, expressing the company’s opinion that asking for someone’s password undermines privacy expectations and the security of both the user and the user’s friends. Facebook has threatened to take legal action to protect the privacy and security of their users.
While there are many cases pending currently, one case that has already been decided might set precedent. A 2009 case, Pietrylo v. Hillstone Restaurant Group, dealt with employees who were fired for posting derogatory comments on a Myspace page. The managers “strong-armed and threatened a member of the private group so that the member was forced into providing them with the member’s email and password.” A jury found the restaurant managers violated the Stored Communications Act and the New Jersey Wire Tapping and Electronic Surveillance Act by accessing the Myspace page without authorization. This jury decision was upheld by the Federal District Court of New Jersey.
Generally speaking, employers are advised to avoid asking for private information, including online passwords. While background checks are a part of today’s hiring environment, too much information can create a great deal of potential liability for the employer. The trend at the state and Federal level is towards recognizing and protecting the privacy of an employee’s online life outside of work. An employer who finds itself on the wrong side of that line is risking both public relations issues and potential legal liability.
This concludes my review of social media law, for the moment. This is, of course, an evolving and dynamic industry in which new legal questions are coming up all the time. I will continue to use this blog to report on developments in social media law, and, of course, I welcome all your questions, comments, and suggestions for future topics. Thanks for reading.