In a blog post from earlier this week, I detailed the alarming Associated Press story about a New York City man who, during a job interview, was asked to provide his Facebook login credentials. He refused and withdrew his application from the company.
Another man, during a reinstatement interview after a leave of absence, was also asked to provide his Facebook username and password to his employer. Faced with the possibility of unemployment, he complied.
The debate over whether or not a company has the right to request—and even demand—employees’ social networking usernames and passwords struck a nerve with CIO.com readers.
In a CIO.com poll that asked, “Would you give your company access to your social networking accounts?” a resounding 95 percent (335 respondents) replied, “No, that’s an invasion of privacy.” Just 5 percent (17 respondents) said they would because they had nothing to hide.
The trend—and the overwhelmingly negative response from its users—struck a nerve with Facebook, too.
Today, Erin Egan, Facebook’s chief privacy officer, responded on behalf of the social network.
In the post, she not only calls into question the privacy and security risks it poses to the user, but to the user’s friends as well:
“As a user, you shouldn’t be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn’t have to worry that your private information or communications will be revealed to someone you don’t know and didn’t intend to share with just because that user is looking for a job. That’s why we’ve made it a violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.
Facebook’s Statement of Rights and Responsibilities clearly states in the section “Registration and Account Security” that, “You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account.”
Also, according to the Statement, “If you violate the letter or spirit of this Statement, or otherwise create risk or possible legal exposure for us, we can stop providing all or part of Facebook to you.”
But it’s not potentially harmful to just you and your Facebook friends. Egan says the practice of sharing your username and password with your employer can put it at risk, too.
“[…]If an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don’t hire that person.
Employers also may not have the proper policies and training for reviewers to handle private information. If they don’t—and actually, even if they do—the employer may assume liability for the protection of the information they have seen or for knowing what responsibilities may arise based on different types of information (e.g. if the information suggests the commission of a crime).
Facebook, which has a rocky past with security and privacy matters, has taken a strong stance on this issue: It’s not OK for employers—or anyone else—to access your account. Does its stance put you at ease?