Postmedia reports that a man named Rob MacLeod says that in 2009, he was asked by an
interviewer for his Facebook login and password so the interviewer could screen
MacLeod’s photos as part of the consideration process. The story goes that when
MacLeod asked why this was necessary, the interviewer implied that he must “have something to hide.”

Of course, the question on everyone’s mind is
“WHAT? Can they DO THAT???” (Or some variation thereupon.)

MacLeod, 28, was applying for a law enforcement
position, so I wondered if the standards are and should be different. An AP
article on the same subject,
however, uses the example of Justin Bassett, a New York statistician. Bassett
was also asked for his login information so an interviewer could view his
private profile. He refused and withdrew his application.

David Fraser, a Halifax-based privacy lawyer who
runs the Canadian Privacy Law Blog, tells Postmedia that this is “a
completely unjustified invasion of privacy.”

Canada’s privacy laws, though, are kind of all over the place.

We have the federal Privacy Act, which
“protect[s] the privacy of individuals with respect to personal information
about themselves held by a government institution.” And we have the Personal
Information Protection and Electronic Documents Act, which is supposed to protect
personal information collected in the private sector. But there’s no law
against collecting social media information.

Toronto-based business lawyer Javad Heydary told
Postmedia that requiring social media passwords is not illegal in Ontario,
while Fraser said provinces with privacy legislation have a “baseline
requirement” that all collected information must be
“reasonable.” And he suggests, not unreasonably, that requiring an
applicant’s social media login info is unreasonable.

And even if you give it willingly, you could
arguably have been coerced, since you needed the job.

Fraser likens the request to asking to see your
diary, while Orin Kerr, a George Washington University law professor, tells the
AP it’s like asking for your house keys and agrees that it’s “an egregious
privacy violation.”

Of course, we’ve noted before that you have to
be very careful about what you post online and we have written about social
media firings. Don’t post pictures of yourself totally pie eyed and
peeing in someone’s hat, or looting during a riot, or rock climbing when you’re
supposed to be home sick.

Brian Bowman, a Winnipeg-based lawyer specializing in privacy and social media, told Postmedia that this may become a
more common problem in the future. Yes, I supposed it does seem like a slippery
slope from there to asking to see your private communication and internal
organs. But really, that seems very unlikely. Something will happen soon enough
to put control on these things.

Facebook itself jumped into the fray today to
take a stand. In a statement, Facebook said it might file lawsuits to prevent
employers from demanding passwords.

“Facebook takes your privacy
seriously,” Facebook Chief Privacy Officer Erin Egan said in the statement.
“We’ll take action to protect the privacy and security of our users,
whether by engaging policymakers or, where appropriate, by initiating legal
action, including by shutting down applications that abuse their
privileges.”

Interestingly, sharing or soliciting a password
is already a violation of Facebook’s user agreement.

“As a user, you shouldn’t be forced to
share your private information and communications just to get a job,”
Facebook said. “And as the friend of a user, you shouldn’t have to worry
that your private information or communications will be revealed to someone you
don’t know and didn’t intend to share with just because that user is looking
for a job. That’s why we’ve made it a violation of Facebook’s Statement of
Rights and Responsibilities to share or solicit a Facebook password.”

The statement goes on, “We don’t think
employers should be asking prospective employees to provide their passwords because
we don’t think it’s the right thing to do. But it also may cause problems for
the employers that they are not anticipating. For example, if an employer sees
on Facebook that someone is a member of a protected group (e.g. over a certain
age, etc.) that employer may open themselves up to claims of discrimination if
they don’t hire that person.”

Yes. We see the irony, given that Facebook is
often called out for its own privacy policies. Still…

Have you ever been asked for your social media
login information as part of the job seeking process? Are you an employer who
has asked for it? Would you give your information?