“Social media background checks are a hot item,” says attorney Kevin McCormick, “but I’m not a fan.”
Sneaky, Low, Invasive
Furthermore, social sleuthing smacks of “Sneaky,” “Low,” and “Invasion,” says McCormick. “One thing I know is what juries like and what they don’t like, and they don’t like that.”
Chair of the Labor and Employment Section of Baltimore law firm Whiteford, Taylor & Preston, LLP, McCormick is also a member of the 50-state Employers Counsel Network. His remarks came at the Advanced Employment Issues Symposium held recently in Las Vegas.
McCormick points to the following issues involved in social media background checks:
- New state laws prohibiting password requests
- More information than you want (discovering protected class status can lead to Title VII and other discrimination claims)
- NLRA/Concerted Activity claims
- Fair Credit Reporting Act and state equivalent violations
- Negligent hiring
- State laws relating to off-duty conduct
- First Amendment
State Law Actions on Social Sleuthing
Many states have taken or are considering legislation related to social sleuthing, McCormick notes. For example:
- Illinois: Amended “Right to Privacy in the Workplace Act” to prohibit employers from requiring or requesting that employees or applicants reveal the usernames and passwords for personal accounts on websites such as Facebook and Twitter.
- Maryland: User Name and Password Privacy Protection and Exclusions Act: Employers may not refuse to hire an applicant or discipline employees for failure to disclose a user name, password, or related information.
- California: There is pending state legislation, the Social Media Privacy Act, that would prohibit requests for passwords or access.
Similar bills pending/soon to be passed in:
- New Jersey
- South Carolina
- New York
Privacy and Off-Duty Conduct Concerns with Social Sleuthing
Furthermore, says McCormick, 29 states limit employer ability to regulate employees’ off-duty conduct:
- “Tobacco” states: Connecticut, District of Columbia, Indiana, Kentucky, Louisiana, Maine, Mississippi, New Hampshire, New Jersey, New Mexico, Oklahoma, Oregon, Rhode Island, South Carolina, South Dakota, Virginia, West Virginia, and Wyoming
- “Legal Products” states: Illinois, Minnesota, Missouri, Montana, Nevada, North Carolina, Tennessee, and Wisconsin
- “Lawful activities” states: California, Colorado, New York, and North Dakota
“Exercise caution when taking action based on lawful conduct described or in photographs on social media sites,” says McCormick.
Federal Level Action
On the federal scene, Sen. Charles Schumer (NY) and Sen. Richard Blumenthal (CT) have pushed the EEOC and the DOJ to launch a federal investigation regarding legality of username and password requests, and the Password Protection Act of 2012 proposed federal legislation that would prohibit employers from compelling or coercing access to any online information stored anywhere on the Internet if that information is secured against general public access by the user.
Erin Egan, Facebook’s chief privacy officer, says that demanding passwords from employees “undermines the privacy expectations and the security of both the user and the user’s friends…. It also potentially exposes the employer who seeks this access to unanticipated legal liability.”
And the ACLU has a “DemandYourdotRights” campaign that condemns employer password policies and pushes for legislation protecting password privacy.