Think Twice Before Requesting Employees’ (or Potential Employees’) Facebook Password

Scoping out employees’ and potential employees’ online lives has become commonplace for employers, and there are many solid reasons to do so. However, requesting employees’ Facebook passwords, or any access information to their personal online accounts, is another situation entirely. Not only does gaining such access to employee accounts bring little useful information, it delivers a negative message to employees and may expose employers to a host of ethical and legal issues.

First, consider the message that you send to your employees when you request their passwords to their personal online accounts. Do you really want to be Big Brother, with a finger in every aspect of your employees’ lives? Do you really want to encourage employees to conceal information from you, which is what they are likely to do in an attempt to maintain a modicum of privacy? Do you want to send the message that you place such a low value on information security that you would ask your employees to violate the security policies of their online services providers?

Second, consider the ethics of such a request. Can you honestly say that you have a business interest in gaining such access to your employees’ private online accounts? Can you honestly say you have the right to access these accounts? Is it ethical to place an employee in a position of having to choose to protect their privacy or please their employer?

And finally, such requests carry numerous legal implications. While this area of law is unsettled, such requests likely violate the law on several fronts.

  1. Terms of Use Violation. Requesting that employees provide their passwords is asking employees to violate their contracts with the online providers. Nearly without exception, online providers’ Terms of Use prohibit users from sharing their passwords, and the practice of requesting employees’ access information has already been condemned by Facebook and other social media providers.
  2. Unauthorized Access. Some courts have found that an employer’s request for access information from an employee is essentially coercive because of the power imbalance between employer and employee. Therefore, using such information may then be considered “unauthorized access” in violation of some state laws.
  3. Discriminatory Information. Accessing your employees’ private online accounts may provide you with information that you, as an employer, may not request or consider in making employment decisions, such as ethnicity or religious affiliation. An employer may not legally use such information in the employment arena, and merely possessing such information may cause future headaches in the case of a disgruntled employee looking to bolster a discrimination claim.
  4. National Labor Relations Act. Requiring your employees to provide you with their passwords to social media sites is likely in violation of the National Labor Relations Act, a federal law that prohibits, among other things, employers from acting to discourage employees from “concerted activity” regarding their employment and working conditions. Recent case law has held that employees’ actions on social media are considered protected “concerted activity” and that employers are limited in what they can do to regulate or restrict such social media activities.

Overall, requesting your employees’ Facebook passwords or other access information to their personal online accounts, while perhaps the latest trend in employee relations, is a high-risk, low-reward strategy that employers should avoid.

 – – –

Lauren Burgon is an associate at Equinox Business Law Group, working closely with business owners to ensure they are minimizing risk and protecting assets. While she especially enjoys working with business owners in planning ahead to avoid litigation, other areas of Lauren’s practice include protecting clients’ intellectual property rights and assisting them in drafting carefully written nondisclosure and confidentiality agreements. More recently, Lauren’s practice has developed in Internet and online issues, advising her clients on their online presence, retail activity, social media, and the ramifications of virtual work with customers worldwide. Read more about Lauren.

One response to “Think Twice Before Requesting Employees’ (or Potential Employees’) Facebook Password”

What are your thoughts? Let's discuss: