With the rise of social networking sites, managers want to check Facebook profiles, Twitter accounts, and other publicly available websites to learn more about candidates and employees.
Many Facebook users don’t have their profiles set to private, which would make them available only to select people or certain networks. There is a big difference between an Employer viewing public postings and private information.
Employees and potential employees should have the right to keep their Facebook, Twitter or other social media profiles containing confidential information private from the prying eyes of their bosses.
Employees and job applicants have an expectation of privacy when it comes to using social media such as Facebook and Twitter, including the right to have their right to freedom of expression protected.
Employers do not need to require access to applicants ‘or employees’ private password protection information stored online. Yet there have been a number of reports of job applicants during interviews being asked to log into their Facebook and other websites and allow potential Employers to browse their profile, acquaintances and other personal information, whilst others are simply being asked to list their passwords on job Applications. Other job seekers have even been asked to befriend HR managers!
Traditionally, employers have not required job applicants to hand over the keys to their home or bank account information, so why should they be able to access your private information stored online?
It’s like allowing your employer to access your mail to see if there is anything of interest inside. It would give Employers the ability to act as imposters and assume an employee’s identity, continually access, monitor, and possibly even manipulate an employee’s personal social activities, communications, associations, and opinions.
Facebook’s Bill of Rights and Responsibilities states that sharing or requesting a Facebook password is a violation of its terms of service; however, Employers cannot count on Facebook to sue an Employer for such a violation.
Legislation is being passed to address the current situation, based on the Computer Fraud and Abuse Act, which addresses hacking, to safeguard Employees’ online identities. The Password Protection Act of 2012 will prohibit employers from accessing “protected computers” where social media files are stored.
Subject to some exceptions, it will prevent employers from forcing employees and prospective employees to provide access to their private online systems, including Facebook, email, and other online storage.
The bill is broad in its wording and is not limited to any specific website. It focuses on the servers where the information is hosted or stored, without emphasizing the need to identify and define a particular type of Internet service. This means that an employer will not be able to force an employee to provide access to their Facebook or Twitter account as a condition of their employment.
It will prohibit Employers from forcing employees to provide access to information stored on any computer that is not owned or controlled by the employer. The law will protect the information even if it is accessed from an employer-owned computer. It will also prohibit an employer from discriminating or retaliating against a current or potential employee if that employee refuses to provide access to a password-protected account.
Therefore, if an employee is only looking at a social network on their work computer, an employer will not be able to force the employee to reveal a password, as this would allow the employer to access another computer, the computer of the relevant nework social being that the employee is examining. The protection afforded by the Act extends to employee-owned Gmail accounts, photo-sharing websites, and smartphones.
Since the law is written in a way that is largely technology neutral, its effects are unlikely to be affected by changes in technology. New online technologies continue to evolve and emerge, rendering the legislation out of date. However, because the Password Protection Act of 2002 is not limited to protecting a particular service such as a social networking service, it is flexible enough to herald the changing uses of technology as it focuses in accessing a computer.
The law covers any new service as long as it is not hosted on any employer’s computer. However, there are exceptions in the legislation and students are not protected from social media monitoring and may therefore be forced to hand over their passwords to social media.
However, there is another law to be introduced, the Social Media Online Protection Act, which will fill this gap by providing protection to both employers and students.
However, if you are a government employee or an employee who works with children under the age of 13, the law allows states that legislate in this area to provide an exemption, while another exception allows the executive branch to exempt entire classes of workers if they come into contact with classified information, including soldiers. These exceptions to the protection conferred, therefore, sanction extensive and radical fishing expeditions in the privacy and communications of Employees.
There is already a wide range of means to investigate employee misconduct. Additionally, Internet activities constantly create many new types of records, and these can already be used against employees in investigations.
While the new legislation is a major step forward in preventing employers from taking adverse action as a result of an employee’s refusal to provide access to their private accounts, employers still reserve the right to allow social media activities within your office only on a voluntary basis and implement policies regarding employer-operated computers. Once you are employed, you may be required to sign an acceptable use policy regarding the use of social media in the workplace. You may have enjoyed free speech online, however, you may be asked to sign a non-disparagement agreement that prohibits you from speaking negatively about an employer on social media sites. Therefore, employees who violate these acceptable use policies will remain liable for any activity that violates those policies.