Next month, Maryland’s ban on requesting or demanding social media account information from employees and job applicants goes into effect. Maryland was the first state in the nation to pass such a law, but it wasn’t the last: A similar ban goes into effect in Illinois in January 2013. Other states have also proposed social media privacy legislation.
If new and potential state laws haven’t prompted employers to abandon the practice of demanding access to applicants’ and employees’ social networking accounts, the danger of potentially violating the federal Stored Communications Act (SCA) might do the trick.
It has long been a violation of the SCA for an employer to obtain and read an employee’s emails that go through an outside server, such as an employee’s Gmail account. This is because the account doesn’t belong to the employer and the employer doesn’t have permission freely given from the employee to access those messages. This applies to personal email messages, even when an employee reads them at work. It may also apply to social networking messages or posts.
An employer’s requirement that applicants or employees provide their social network usernames and passwords might violate the SCA because it is “unduly coercive,” according to U.S. Sens. Charles Schumer, D-N.Y., and Richard Blumenthal D-Conn. The lawmakers have asked the Department of Justice and the U.S. Equal Employment Opportunity Commission to investigate the practice and determine whether or not it violates federal law.
Additionally, providing a third party (e.g., an employer) access to one’s social media account can violate a site’s terms of service agreement. Applicants may not appreciate being put in such a position.
In short, requesting or demanding access to an individual’s social media account is a risky (and, in some locations, illegal) act. Employers who engage in this practice should rethink their approach to pre-employment screening.
Employers Still Have Options
While they should avoid yielding to the temptation of asking for access to an individual’s account, employers should remember that information on social networking sites that is publicly available is still generally fair game. Illinois’ law regarding workplace privacy specifically calls out the fact that employers are not prohibited from obtaining information that is in the public domain. If a job applicant’s Facebook page is public, an employer likely would not violate the new Illinois law or the SCA by viewing the posts and pictures displayed on the page.
Yet, the employer might still have liability in this situation.
It’s often easy to figure out an applicant’s race and approximate age from a photo. Depending on the content of the social media profile, the employer might also discover the applicant has a disability or is a follower of a particular religion. An employer cannot use this information in the hiring process because it is discriminatory to take adverse employment action based on protected class status.
If an applicant knows or suspects that an employer is checking his or her social media account, it might be easy for the applicant to assume or claim that he or she wasn’t hired because of the protected class information the employer found. If the applicant files a claim, the employer would then need to prove that it didn’t use that information in making its hiring decision.
Ways to Reduce Liability
There are several actions an employer can take to reduce liability when screening applicants and employees via social media.
Employers should consider having someone at the organization who does not make the hiring decision review social media pages. This person should not report information regarding race, religion, or other protected characteristics to the person or group that makes the final hiring decision.
The employer should be able to document this division of duties in its records. This way, if an applicant brings a discrimination claim alleging that the employer’s discovery of his or her protected class status led to the decision not to hire the applicant, the employer can show that the hiring manager took only nondiscriminatory qualifications into account.
An even safer option might be to involve the services of a third-party service. The service reviews applicants’ profiles on the employer’s behalf and reports “red flags,” such as inappropriate messages or pictures containing illicit drug paraphernalia, while leaving out information regarding whether the candidate belongs to a protected class. However, if an employer has another company screening social media pages on its behalf, it will need to comply with the federal Fair Credit Reporting Act.
Employers will also want to remind employees that company-sponsored social media accounts may be monitored. Reinforcing the fact that employees should not expect privacy in relation to these accounts should send a message to employees that not only might their company account social media activity be monitored on a day-to-day basis, it might receive a more in-depth review should an employee be up for a promotion or transfer.
Employers should expect to see future developments on the issue of applicant and employee social media privacy, possibly on a federal and/or state level.
Staying up to date on the almost-daily changes to requirements and best practices in this area can be a challenge, but might ultimately end up saving an employer thousands or even millions of dollars in discrimination lawsuit costs or noncompliance penalties. As always, knowledge and prevention is the best course of action.
About the Author
Rebecca Bentz is a human resources subject matter expert and associate editor with compliance resource firm J. J. Keller & Associates, Inc. The company offers a diverse line of products and services to address the broad range of responsibilities held by HR and corporate professionals. Bentz writes and speaks on topics such as audits, employment screening, and payroll. For more information, visit www.jjkeller.com and www.prospera.com.