Facebook gives employers lots of reasons to worry. There are employees who leak confidential company information, talk badly about supervisors, and complain about customers. There's also the NLRB's recently settled complaint, brought against a Connecticut employer, that alleged that the employer's social-media policy was overly broad. And, for several years, employers have struggled with the question of whether they can or should "research" candidates online before making a hiring decision. We've posted about this question many times but the debate continues.
The most recent headline is sure to jettison the debate yet again. The American Civil Liberties Union has taken up the cause of Maryland corrections officer Robert Collins. According the ACLU's blog, Collins was required to provide his Facebook login and password to the Maryland Division of Corrections (DOC) during a recertification interview. Once he provided it, the interviewer logged on to his account and reviewed the content. The ACLU's letter to Maryland's Public Safety Secretary and a video of Mr. Collins telling his story can be found on the ACLU Blog.
Once this story gets some publicity, it's not likely to be defended by many. The only other employer that I've heard of who required potential employees to turn over their log-in information was the town of Bozeman, Montana. When news of the town's practice hit the Internet, a firestorm of negative publicity resulted. Shortly thereafter, the practice was abandoned.
I learned of a similar practice from students at the Wharton School of the University of Pennsylvania when I gave a lecture there last spring. The students told me that it had become common practice in the financial sector to require candidates to log into their personal Facebook accounts to let the interviewer review the information in the candidate's presence. As you may have guessed, the students were not happy about this interviewing "technique."
I expect that the Maryland DOC will see quite a bit of negative publicity, once the ACLU's story makes its way around the social-networking sites. And for good reason--it's a bad policy.
Although I try not to be too judgmental when it comes to the various choices made by employers, I can't defend this policy. Here's why. This policy requires an individual to relinquish his control of his Facebook page. The employer could then turn over this control to any person or persons in the organization. There would be nothing to prevent an employee in the Maryland DOC from changing the password and actually excluding the individual from his or her Facebook page.
When I've discussed the Bozeman situation with employers and human-resource professionals in the past, I usually suggest that, perhaps Bozeman was using this practice as a screening tool--anyone who actually relinquished their confidential password and log-in information without any kind of assurances about the controls in place to keep that information secure would not be hired. But, alas, it turned out Bozeman just had a bad policy.
I suggest that the same is true for the Maryland DOC. For an agency charged with security responsibilities, it seems irrational to ask current employees or applicants to relinquish control over confidential information. But, hey, that's just my opinion.