New Social Media Privacy Law Taken Up by Congress

The social media privacy debate continues to rage – and now Congress has taken up the reins.

Recently we blogged about a handful of states that have passed laws that restrict employers from accessing passwords to private social networking accounts. Now Rep. Elliot Engel, D-N.Y., has introduced H.R. 537, the “Social Networking Online Protection Act.

Engel’s bill would make it illegal for employers to ask job applicants and employees for passwords to access their social networking sites and email accounts. If passed, it will address the concerns of 21 states that have similar legislation pending, and provide a national legal standard that has already been adopted in California, Delaware, Illinois, Maryland, Michigan, and New Jersey.

It’s the public stuff online that causes trouble

While a national standard on this issue would be a positive step toward protecting individual privacy, it will not change an employer’s ability to see what is shared publicly. And let’s face it, 99 percent of the time, it’s the public stuff that gets us into trouble.

In fact, I have seen very few documented incidents where employers have even bothered to ask for private information. The more likely scenario is that an employer will troll Google or Facebook to check up on prospective employees, looking for incriminating photos, or simply to glean some insight into personality and character.

Who can blame them? We all do it. If you have any doubt that people are still dumb enough to tweet, post, and blog themselves out of a job, just check one of my favorite web blogs, The Facebook Fired. The social media background check is definitely not going away.

Keep in mind too, that the proposed federal law will have no impact on discovery requests that can and will continue to allow access to social media. In some cases, like the sexual harassment suit I blogged on a few weeks ago, the courts are granting access to private posts. If your employee claims emotional distress, you might be entitled to break though that privacy wall and see the inner-most personal postings.

What is private, or not, constantly changes

To complicate the issue, the ground continues to shift below our feet — what is private, and what is not can change as quickly as the Cleveland weather.

Article Continues Below

Consider the recent $9.5 million Facebook settlement addressing Facebook’s “Beacon” feature, a program that broadcasted users’ activities like online purchases, web site visits, and “likes” in their Facebook news feed. The judges in the 9th U.S. Circuit Court of Appeals in San Francisco allowed Facebook to pay a cy pres award, a special type of award where the money goes to charity instead of being paid directly to the 3.6 million plaintiffs themselves.

The newly created Digital Trust Foundation (DTF) will get much of the settlement, which will fund initiatives related to Internet privacy. Facebook will choose one of the foundation’s three directors and have an equal say in the selection of a second. Facebook has already selected its own chief lobbyist to sit on the foundation’s board.

So we can all rest easier now, knowing that the fox is watching the hen house, and Congress is going to see to it that our Facebook posts are safely in the vault, right?

What employers need to remember

Employers, if you want to dip into that all-you-can eat Facebook buffet, keep a few things in mind:

  • DON’T ask for passwords. Engel’s bill is on the table, it is already illegal to request passwords in six (6) states, and 21 additional states are considering similar proposals. It is not a good practice, and may also damage your company culture and have a negative impact on employees.
  • DO beware of TMI. Be prepared to find more information than you want, need or can legally use. A simply Facebook search could turn up information that, if used against the employee or applicant, could result in a Title VII discrimination claim. Remember, information readily available on a public page, say, for example, sexual orientation or religion or race gleaned by glancing at a profile pic is protected class information.
  •  If you still want to look, DO put a well-trained individual who is knowledgeable about potential legal claims in charge of reviewing and vetting the information.
  • DO include social media information in your discovery requests. If you are being sued by a disgruntled employee, depending on the claims, a court may allow you to dig into their private information.
  • DON’T believe everything you see online. Accuracy is difficult to verify, especially in a world of Photoshop and user-generated content.
  • DO consider FCRA (Fair Credit Reporting Act) implications. The FTC has been calling out web services like Spokeo for acting as consumer reporting agencies when supplying aggregated data from social media sites to employers. That means that an employer who uses Spokeo has to obtain prior written consent and use adverse action notices.

This was originally published on the EmployeeScreen IQ blog.

Angela Bosworth JD, is vice president of compliance and general counsel for EmployeeScreenIQ, a global provider of employment background screening. Angela has broad industry experience including more than 20 years as a licensed attorney and 12 years as a leader and expert in the background screening industry. She has extensive expertise in employment law, privacy law, EEO law and the Fair Credit Reporting Act.

Contact her at abosworth@employeescreen.com .

Topics