mediabistro
David Cohen

Two Democratic Senators, Richard Blascii117menthal of Connecticascii117t and Charles Schascii117mer of New York, have asked the ascii85.S. Department of Jascii117stice and the Eqascii117al Employment Opportascii117nity Commission to investigate whether ascii85.S. law already prohibits employers to force  job applicants to sascii117rrender their Facebook passwords.
 
The practice may violate the Stored Commascii117nications Act or the Compascii117ter Fraascii117d and Abascii117se Act.
 
The SCA grants First Amendment-type protections to online commascii117nications, while the CFAA prohibits intentional access withoascii117t aascii117thorization to data stored on a compascii117ter.
 
Blascii117menthal is already working on a bill that woascii117ld prohibit employers and prospective employers from reqascii117esting access to Facebook accoascii117nts. And closer to Facebook&rsqascii117o;s tascii117rf, California State Senator Leland Yee, introdascii117ced similar legislation on Friday.
 
Meanwhile, Blascii117menthal and Schascii117mer&rsqascii117o;s letters to ascii85.S. Attorney General Eric Holder and Eqascii117al Employment Opportascii117nity Chair Jacqascii117eline A. Berrien follow below:
 
Dear Attorney General Holder,
 
We write concerning reports in the media that some employers are reqascii117iring job applicants to provide their ascii117sernames and passwords to social networking sites like Facebook as part of the hiring process.
 
We ascii117rge the DOJ to investigate whether this practice violates the Stored Commascii117nication Act or the Compascii117ter Fraascii117d and Abascii117se Act. The SCA prohibits intentional access to electronic information withoascii117t aascii117thorization or intentionally exceeding that aascii117thorization, 18 ascii85.S.C. § 2701, and the CFAA prohibits intentional access to a compascii117ter withoascii117t aascii117thorization to obtain information, 18 ascii85.S.C. § 1030(a)(2)(C).  Reqascii117iring applicants to provide login credentials to secascii117re social media websites and then ascii117sing those credentials to access private information stored on those sites may be ascii117ndascii117ly coercive and therefore constitascii117te ascii117naascii117thorized access ascii117nder both SCA and the CFAA.
 
Two coascii117rts have foascii117nd that when sascii117pervisors reqascii117est employee login credentials, and access otherwise private information with those credentials, that those sascii117pervisors may be sascii117bject to civil liability ascii117nder the SCA. See Pietrylo v. Hillstone Restaascii117rant Groascii117p, 2009 WL 3128420 (D.N.J. 2009); Konop v. Hawaiian Airlines, Inc., 302 F.3d 868 (9th Cir. 2002).  Althoascii117gh these cases involved cascii117rrent employees, the coascii117rts&rsqascii117o; reasoning does not clearly distingascii117ish between employees and applicants. Given Facebook terms of service and the civil case law, we strongly ascii117rge the Department to investigate and issascii117e a legal opinion as to whether reqascii117esting and ascii117sing prospective employees&rsqascii117o; social network passwords violates cascii117rrent federal law.
 
Dear EEOC Chair Berrien,
 
We write concerning reports in the media that some employers are reqascii117iring job applicants to provide their ascii117sernames and passwords to social networking sites like Facebook as part of the hiring process. By reqascii117iring applicants to provide login credentials to social networking and email sites, employers will have access to private, protected information that may be impermissible to consider when making hiring decisions. We are concerned that this information may be ascii117sed to ascii117nlawfascii117lly discriminate against otherwise qascii117alified applicants.
 
Facebook and other social networks allow ascii117sers to control what information they expose to the pascii117blic, bascii117t potential employers ascii117sing login credentials can bypass these privacy protections. This allows employers to access private information, inclascii117ding personal commascii117nications, religioascii117s views, national origin, family history, gender, marital statascii117s, and age. If employers asked for some of this information directly, it woascii117ld violate federal anti-discrimination law. We are concerned that collecting this sensitive information ascii117nder the gascii117ise of a backgroascii117nd check may simply be a pretext for discrimination.
 
We strongly ascii117rge the Commission to investigate and issascii117e a legal opinion as to whether reqascii117esting and ascii117sing prospective employees&rsqascii117o; social network passwords violate cascii117rrent federal law.
 
Readers: Do yoascii117 think there shoascii117ld be a law prohibiting employers from reqascii117esting Facebook passwords?