Employers and colleges that demand Facebook passwords or other access to social network profiles are doing more than violating the First Amendment, as advocates argue. They’re also violating Facebook’s terms of service.
Almost three weeks after Bob Sullivan of msnbc.com’s Red Tape Chronicles first broke the story of government agencies and colleges demanding inappropriate access to Facebook accounts, both the social network and a U.S. senator are calling shenanigans on this violation of privacy, which is also a potential liability problem for the inquiring institutions.
The practice of requesting Facebook passwords and other access to user profiles “undermines the privacy expectations and the security of both the user and the user’s friends,” Egan said in a statement on the social network’s privacy page. “It also potentially exposes the employer who seeks this access to unanticipated legal liability.”
As an example, Egan posited, “if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don’t hire that person.”
Egan went on to say, it is now a “violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.”
On Wednesday, Sen. Richard Blumenthal D-Conn. told Politico he’s writing a bill that would outlaw the practice as well:
The senator cited longstanding federal prohibitions against administering polygraph tests to potential employees as a rationale for a new law.
Even for prospective employees who voluntarily surrendered account access to improve their chances of landing a job, Blumenthal said there remain concerns. “The coercive element of the request,” he said, “really makes it less than voluntary.”
ACLU attorney Catherine Crump had stronger words for the practice. “People are entitled to their private lives,” she said in a statement. “You’d be appalled if your employer insisted on opening up your postal mail to see if there was anything of interest inside. It’s equally out of bounds for an employer to go on a fishing expedition through a person’s private social media account.”
Here are some of the egregious examples of Facebook privacy violations, first reported by Sullivan on March 6:
In Maryland, job seekers applying to the state’s Department of Corrections have been asked during interviews to log into their accounts and let an interviewer watch while the potential employee clicks through wall posts, friends, photos and anything else that might be found behind the privacy wall.
Previously, applicants were asked to surrender their user name and password, but a complaint from the ACLU stopped that practice last year. While submitting to a Facebook review is voluntary, virtually all applicants agree to it out of a desire to score well in the interview, according Maryland ACLU legislative director Melissa Coretz Goemann.
Student-athletes in colleges around the country also are finding out they can no longer maintain privacy in Facebook communications because schools are requiring them to “friend” a coach or compliance officer, giving that person access to their “friends-only” posts. Schools are also turning to social media monitoring companies with names like UDilligence and Varsity Monitor for software packages that automate the task. The programs offer a “reputation scoreboard” to coaches and send “threat level” warnings about individual athletes to compliance officers.
As well as likely violating the First Amendment, such practices also herald legal problems for the institutions, noted Bradley Shear, a Washington D.C.-lawyer who first brought these cases to the attention of Maryland polticians and the ACLU. As an example of liability, he told Sullivan:
“What if the University of Virginia had been monitoring accounts in the Yeardley Love case and missed signals that something was going to happen?” he said, referring to a notorious campus murder. “What about the liability the school might have?”
Following scrutiny by the ACLU, Maryland state legislators proposed two separate bills aimed at banning social media access by schools and potential employers, Sullivan reported. At the time of the original story, a Facebook spokesperson wouldn’t specifically address the state legislation except to say that many of these school and employer policies appear to violate the site’s terms.
Though it was more than two weeks in coming, a definitive statement and action from Facebook against such privacy violations is in the social network’s best interest, more so than the interests of its users. Allowing the practice to continue means more organizations will feel free to make password demands, making users feel increasingly less comfortable sharing their personal information via Facebook. Less sharing on Facebook means less personal info for targeted marketing, which is the social network’s bread and butter.
As Facebook continues to make us more comfortable with less and less privacy, this may be one of the few cases where everybody benefits from the social network’s pro-sharing business model.