Bosses requiring employees to disclose their social media passwords

Employers now asking for Facebook passwords

Because legislation on social media privacy has not been adopted at the speed that consumers have adopted the tools, questionable situations have popped up all over the world, even here in America. Employers are asking potential employees to share their Facebook passwords and binding employees to strict “social media policies,” and tech writers across America are expressing rage at the ignorance of businesses, but at AGBeat we thought we would take a look at the flip side – why are businesses comfortable asking interviewees and employees for this access?

As a business owner, monitoring how your brand is being used online is important. Knowing how your employees are portraying the brand you’ve built is important. Some believe that social media is a great way to know the inner workings of employees, particularly if they are engaged in any illegal behavior.

Because these three things are relevant to a business owner or team leader, many are either asking employees (or potential employees) to share their Facebook (or other social networks) passwords or are asking them to log in in their presence to “shadow” them. While the legality is being questioned, it certainly raises many red flags. Not only is it an invasion of privacy, it is likely to be illegal with amended legislation.

Business owners may think it is harmless and have no intention of taking action on any findings, but as a business, if you wouldn’t ask an employee for a copy of their house key, the combination to their personal safe, or for permission to put cameras in their home, you wouldn’t ask for access to their personal social networking sites.

Forcing employees to be Facebook friends

For the more tech savvy businesses that recognize the red flags and how invasive (and in the long run, potentially illegal) it is to request password information, some are requiring¹ employees to befriend someone in human resources or in the organization that can monitor their public profile and public status updates. This still lends privacy in that private messages are not accessible, but still raises red flags.

Again, business owners are not aware of the implications of what they are demanding, and most are small businesses simply trying to make sure their brand is represented properly. For example, ReadWriteWeb² recently reported that one company notified an ex-employee that they were in violation of their social media policy for not updating their social network profiles to reflect she was no longer in their employ.

As a business owner, you likely take their side in that your name is still being used publicly and likely benefiting the former employee’s credibility, but this particular company thought ahead enough to have a social media policy, but not only did it not likely include a time frame for which employees must change social profiles online after leaving, but allegedly failed to include this requirement in the exit paperwork. It is becoming common for companies to have a social media policy, but most fail to follow through and include any requirements in exit paperwork or elsewhere.

Simply finding a way around the potentially unethical practice of demanding social network passwords is not good enough, businesses must have a social media policy and must execute it across the board.

Facebook forbids password sharing

Fascinatingly, when users sign up for a Facebook account, they agree to the Facebook Statement of Rights and Responsibilities (the equivalent of the Terms of Service). In Section 4, “Registration and Account Security,” item number 8 reads, “You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account.”

Also notable to employers, Section 3, “Safety,” item number 5 reads, “You will not solicit login information or access an account belonging to someone else.”

The Facebook Help Center tells users in the “Security Tips” section, “Never give out your username or password. Never share your login credentials (ex: email address and password) for any reason.”

So what should businesses do?

Most businesses aren’t trying to be Big Brother, many are simply trying to protect their brand. To achieve this same peace of mind, employers need to do three things.

First, establish a meaningful social media policy that is available online so that potential employees can review before showing up to an interview that asks for their Facebook password (which some will give out of intimidation), and so that current employees can review in depth.

Second, this policy must be thorough and implemented across the board, and as mentioned before, any requirements must be made clear at the time they are necessary, for example requiring employees to remove your brand name as their employer on social networks within 7 days of their leaving the organization.

Lastly, businesses need to use common sense. If you wouldn’t ask your employees for a key to their personal storage unit, their bank account password, access to interview their spouse and children about their character, or an STD panel, you shouldn’t ask for first hand access to their Facebook, Twitter, Pinterest, or any account. Your having their password is against the policies of these social networks, even if you think it’s ethical (which it is not, even if you’re well meaning).

Set up monitoring on what your employees say publicly and enforce your social media policy, but don’t ask for passwords or require any user to befriend HR – legislation will (likely) eventually outlaw any business from having access to a personal social media account. Social networks are public and private companies can outline their rules if their employees’ accounts are public, but asking for passwords is over the line even if it is legal.

¹MSN Money
²ReadWriteWeb