Employer demands Facebook login credentials during interview

Employer demands Facebook login credentials during interview

Summary: Officer Robert Collins tells the story of how the Maryland Division of Corrections demanded his Facebook login credentials during a recertification interview.


The American Civil Liberties Union (ACLU) has taken up the cause of Officer Robert Collins, a Maryland man who was forced to hand over his Facebook login credentials during a recertification interview with the Maryland Division of Corrections (DOC). Collins took the time to describe what happened in his specific case in a video on YouTube.

On January 25, the ACLU of Maryland sent a letter (PDF) to Public Safety Secretary Gary Maynard on behalf of Collins, concerning the DOC's blanket requirement that applicants for employment, as well as current employees undergoing recertification, provide the government with their social network account usernames and passwords for use in employee background checks. It has been three weeks, and they have still not heard back.

"The demand for Facebook login information is not only a gross breach of privacy for Officer Collins and his friends, it raises significant legal concerns under the Federal Stored Communications Act and Maryland state law, which protect privacy rights and extend protections to electronic communications," an ACLU spokesperson said in a statement. "As many of us begin to rely on sites like Facebook to stay connected to our friends and family, it's important for employers and the government to keep in mind that, for most users, Facebook is a medium for private communications."

It's important to note that this is not equivalent to checking what a job applicant has posted publicly on the Internet. Collins emphasized that his Facebook account has the highest privacy settings employed, meaning that all of his messages are private. This is more like the government agency going through his personal mail.

"I was subjected to a customary usual background investigation," Collins said. "What was not customary usual was a request or to me, rather a demand, which was the insinuation for my Facebook e-mail and login information, my personal login information. Here I am, a US citizen who hasn't broken any laws, who hasn't committed any crime, and I have an employer looking at my personal communications, my personal posts, my personal my pictures, you know looking at my personally identifiable information... you know, where my religious, my political beliefs, my sexuality; all of these things are possibly disclosed on this page. It's an absolute total invasion, and an overreach, and overstep of their power."

Topics: Collaboration, Government, Government US, Social Enterprise

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Employer demands Facebook login credentials

    This is likely to be an interesting case. Facebook accounts are highly likely to disclose information that answers questions that are prohibited in an employment interview (e.g., sexual orientation, marital status, religion, political beliefs, ethnicity), as well as other extremely private information about the account holder, as well as acquaintances of the account holder. Thus, there is also a question of third party disclosure.

    Similar questions need to be raised in other contexts, including those involving jurors, where the audience is broader, and the protections are potentially murkier. The problem is also broader than any individual social networking site. What about other sites, dating sites, community fora, religious institutions?

    I discussed some of these questions in "Colliding Worlds: Juries in the World of Pervasive Connectivity and Social Media", accessible at: http://www.rlgsc.com/blog/ruminations/colliding-worlds-juries-connectivity.html

    I had similarly discussed some of the issues surrounding micro-blogging and its disclosure of information in: "Micro-blogging and Personal Self-Surveillance" at http://www.rlgsc.com/blog/ruminations/micro-blogging-and-personal-information.html

    - Bob Gezelter, http://www.rlgsc.com
  • www.retardedemployer.com

    i'm sorry but i would tell this employer to go jump of the golden gate bridge and get eaten by a shark in the pacific to be specific.
    • RE: Employer demands Facebook login credentials

      @143love So you believe the answer is to give up your source of income? (The guy was already an employee.) Yeah, that'll solve everything.

      Remember, Maryland is the same state that decided it was appropriate to invade the home of a MD Air National Guardsman because he posted video of a traffic stop on YouTube. Maryland's views of personal rights correlate pretty closely to some governments of the late 1930's.

      • RE: Employer demands Facebook login credentials

        @ejhonda ; agreed--demanding that an employee give up private information for a "fishing expedition" with his livelihood on the line is nothing less than blackmail. I once applied for a job in which I was told on the application that I could be expected to answer about anything and everything (was never called for an interview, so I didn't have to face that matter)--and that would have been bad enough. But to demand that of an employee in good standing is criminal.
        I am ashamed today to state that I was born in Maryland.
      • RE: Employer demands Facebook login credentials

        @ejhonda ; I have just submitted a complaint to the Governor of Maryland concerning this matter. The URL for contacting the Governor's Office is http://www.governor.maryland.gov/mail/ .
  • Illegal request

    Getting info form publicly open data or via a search warrant is one thing, demanding the password in exchage of employment is another ..... and totally illegal.

    Before the can view the data, they must legally obtain the consent of every single person on the friends list not just the employee. Since access to private data, photos and info was given only to the account holder, not some random person. Access by any other person (without a warrant) constitute a violation of privacy laws and possibly illegal wiretapping laws.
  • RE: Employer demands Facebook login credentials

    I know jobs are scarce but I'd have told that particular interviewer where he can shove his illegal request for the login credentials to any of my personal accounts or even business account.
  • hottest fashions for your spring


    50% Discount fashion :Sandle,t-shirt,caps,jerseys,handbag and brand watches!!!
    $30 Air Jordan shoes,shox,tn,LV shoes
    $33 True Religion jeans, Ed Hardy jeans,LV,Affliction jeans
    $15 Ed Hardy ,LV ,Bikini
    $15 Polo, Ed Hardy, LV, Lacoste T-shirts
    $25 Coach,LV,Prada,Juicy,Chanel handbag,
    $10 Ed Hardy sunglasses
    $9 New Era caps.
  • RE: Employer demands Facebook login credentials

    Disable the account, in all honesty tell them you don't have an active account, reenable it again.

    There'd be nothing they could do.
    • RE: Employer demands Facebook login credentials

      @alsobannedfromzdnet Indeed, you can either temporarily disable account or have two created with different email addresses - one of them nearly empty.

      Also, maybe this is an area where Diaspora with its aspects can bring something innovative?

  • RE: Employer demands Facebook login credentials

    I agree with alsobannedfromzdnet - disable the account. Let the employer do a regular background check. Take action -https://secure.aclu.org/site/Advocacy?cmd=display&page=UserAction&id=2824 by telling Maynard to stop snooping private profiles and get a life! What he is doing is illegal according to the Federal Stored Communications Act. http://www.law.cornell.edu/uscode/18/2701.html
  • Against Facebook's terms of use

    See http://www.facebook.com/terms.php ?4.8: "You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account."

    So that settles it I guess :)
  • Time for a New Business Model

    I feel now would be an ideal time to spend creating false and promising Facebook accounts to sell to the highest bidder. They be fresh from the start and push the idea of getting the "Proper" friends. For instance, if you know your employer is a conservative, you can be friends with "Sarah Palin" and "Bill O'Riley"
  • RE: Employer demands Facebook login credentials

    The City of Bozeman, Montana tried to implement a similar policy in the summer of 2009. The policy last less than 24 hours because of the national backlash they received. Here's a link to one of the stories about it, on Mashable. com: http://mashable.com/2009/09/03.../.

    Last fall I wrote a white paper on the subject of "social screening," which relates to this post. It's called, "Social Screening: Employees - and Organizations - Beware." It can be accessed via http://tiny.cc/SocialScreening.... I wrote a follow-up blog post entitled, "Social Screening: The Expanded Discussion," which can be accessed via http://tiny.cc/SocialScreening....

    Finding the right approach to social media policies is critically important, and many organizations are guilty of overreaching. A couple of weeks ago, for example, the NLRB settled its "Facebook case" with an employer (AMR), and one of key terms of the settlement was that the employer agreed to revise its "overbroad" policy. I wrote about this case both when the complaint was filed and after it was settled. Here are links to each piece: http://tiny.cc/SMinOrgsNLRBpos... and http://tiny.cc/SMinOrgsNLRBset....

    This week I'll be publishing a post on social media policies that addresses the issue in a more holistic way. This is an important issue that requires a thoughtful, balanced approach.

    Courtney Hunt
    Founder, Social Media in Organizations (SMinOrgs) Community
  • At least they bothered to ask him for it

    instead of paying some contractor to hack his account without him knowing about it. There are people and companies out there who offer these as part of their "research" services. It's just not printed on their normal list of services ...
    terry flores
  • Just more proof...

    ...that Americans are wage slaves. Your employer owns you. This is a logical consequence to the way in which employees have been treated since 1980. <br><br>The American worker needs to assert his rights. Your employer has no prerogative to own you 24/7. Our grandparents and great-great grandparents struggled and died to bring dignity to the workplace, but we have thrown that all away. I'm sure leaders in business and government would like all of us old folk to die off so that the young'uns won't remember that, once upon a time, the American worker was treated like a human being.
    sissy sue
    • You would have a point if....

      He ha simple given over his password. Proff you are just trying to stand on a soapbox with nothing of value?
      • And what value...

        ...have you added to this discussion, other than sloppy writing?
        sissy sue
  • Hmmmm

    Asking if you have a Facebook account [to see how you are] is one thing, but the credentials?

    If the state wasn't so lazy, they can easily find out about you.
    Gis Bun
  • Ignorant legislators

    Sounds like the employer (DOC) was trying to obey a new law written by ignorant legislators. It might be almost reasonable to demand to see an employee's Facebook page. Corrections officers hold power over inmates that could easily lead to corruption and abuse; comments on Facebook might reveal a pattern of abuse of inmates or cover-up of wrongdoing.<br>But to demand the complete login credentials is to demand access to his online identity, not to merely monitor it, but to pose as the employee, posting anything in his name.<br>I think clueless legislators wrote a law that went far beyond what they intended. Using an old-fashioned snail mail analogy, they wanted to open his mail, but wrote a law allowing the employer to forge letters in the employee's name.<br>Or maybe they really did intend that, and they're all stupid and/or corrupt. The answer to that one will be revealed when a reasonable amount of time has passed to rescind the law.