Facebook Privacy – A Prospective Employer’s Request For Your Log-in Info?

Helping You Is What We Do!


I recently read the following article discussing the fact that employers are requesting that prospective hires provide their Facebook user name and password, during the initial interview process : Can Employers Legally Ask You for Your Facebook Password When You Apply for a Job? Why Congress and the States Should Prohibit This Practice. As indicated in the title, the focus of this article was what law makers can do, should do, and are or are not doing about this employment practice. What this article fails to address is what the prospective employee should do with regard to this practice?

From the standpoint of both an employer and an employment law attorney, I will attempt to briefly tackle this question. The question is – until there are actual laws put in place to prevent the practice of an employer requesting an interviewee’s Facebook log-in information, what can you do to protect the privacy of your Facebook during your hunt for a new job?

Is My Facebook Information Private?

Yes and No. Let me explain . . . .

Privacy Settings

First, keep it clean! Always be mindful that Facebook is constantly (it seems) changing its interface and privacy settings – keep on top of these changes and select your own personal security and privacy settings wisely. Only put things out there in the public, which you wish for the public to see. Notwithstanding the ability to select privacy settings, you should assume that some alterations to these settings or breaches in security down the road could cause your “privately” posted information to go public. Moreover, anything you post is really not truly private anyway, which is really the reason we “post” on FB in the first place – as it is shared amongst your Facebook “friends.” Be aware that those friends’ accounts could be shared or accessible by their spouses, family members, friends, and thus the information that you make visible to them could be shared with others – accidentally or deliberately.

Expectation of Privacy

Next, notwithstanding the above, I still believe that there is an “expectation of privacy” to many aspects of our Facebook accounts. We expect that the privacy settings will work as intended and our comments, posts, etc. will not be shared with the public at large, even if we have contemplated the possibility that friends or family members of friends might see our posts, comments and page(s). However, clearly we have an expectation that the settings themselves that we choose, our passwords, our private emails to friends through the FB email interface will remain private. When a prospective employer requests your username and password, they are requesting private and sensitive information – your password, which may be linked to other accounts or have some other personal significance that we do not wish to share. In addition, they are requesting access to all of your activity on Facebook – every post, every game, every comment, every email. Many of these things in an of themselves are reasonably expected by you to remain private. Further, the cumulation of this data, is reasonably expected to only be seen by you. Would any prospective employer request access to your private email account, the hard-drive from your computer, the entire metadata & internet browser history from all of the sites you have ever visited on your computer. Of course they would not – but logging into your Facebook account grants this same type of information – access to any personal emails you have sent through the Facebook email interface, a complete view of any and all posts and comments you have ever made, a quick view of ALL of your Facebook activity, spanning the entire time that you have had your Facebook account, and access to your security settings, friends lists, blocked friends, etc. This is an invasion of your reasonable expectation of privacy.

How do I respond to a request by a prospective employer for My Facebook log-in information?

If you have read the above paragraph, I think a very pragmatic approach to addressing such a request would be to explain in response to such an inquiry, outlining the concerns detailed above. Couple those privacy concerns with an offer of a less intrusive method for the prospective employer to obtain what information they seek. What is it that the employer is seeking? In part, it might simply be to gauge how you respond to such a request. Thus, prepare to respond confidently, addressing your privacy concerns and offering a different approach, and turning the question back to the employer. Ask the interviewer or prospective employer what it is that they are looking for and if reasonable, in your mind’s eye, offer to “friend” them to give them a glimpse of the information that is available. Alternatively, you could offer to simply answer their questions about any given topic – thus putting the onus back on them to explain what precise information they are seeking. These approaches show a problem solving ability and critical thinking on your part, which are likely good qualities for any job you are seeking. They show that you are cooperative and constructively work to resolve potential conflicts, while standing up for your beliefs. Here are a few possible responses:

a. Advise the employer that it is against Facebook’s policy to share your password, and accordingly decline to share yours.

b. Simply inform them that you use Facebook strictly for personal reasons, that your private personal life is exactly that – private, and moreover that you value the confidentiality of your social circles, and your friends’ information that would be revealed by granting anyone else user access to your Facebook.

c. Stress how seriously you take privacy and make a point of the fact that if called upon in your position of employment with the would-be employer, you would equally value and respect private company information.

d. You could also employ the Socratic method of response by inquiring back, in as respectable and composed fashion as possible – “would you grant me access to all of your family photos, a timeline of your activities with your spouse, significant others, family and friends, and your personal emails?” After all, an interview is a two-way street; thus, it might be interesting to turn such an inquiry on its head and see how the interviewer responds.

Should I Create A Second Facebook Profile?

Creating a second, “clean” or dummy Facebook profile is one possible approach to the situation, as well as a way to “friend” your mother or other family members, while protecting the privacy of your less discrete or more salacious or frivolous postings and activities between you and your more intimate “friends.” However, keep in mind that by doing this, the friends, family members, or prospective employers with whom you share the information on the dummy account, may discover or know of the existence of your other account(s) and may react unpleasantly to the deceit of being directed or relegated to a second, dummy account.

Can I Use my Work Computer or Cell Phone for Personal, Social Media, Email, Facebook?

The simple answer to this question is NO! I get asked this question a lot, and the basic answer is that there is no reasonable expectation of privacy in any information transmitted or entered digitally into/through a work computer, cell phone, or other device. The device belongs to your employer, and thus the employer has a right to seize or view the device itself at any time, and regardless of your deleting the ESI (electronically stored information), as most people understand in this digital age, deleting ESI rarely ever actually completely deletes and destroys that information. Without getting into the technical details of it (which I am not qualified to fully expound upon anyway), when you delete electronically stored information, you are merely deleting the ROM’s access to and indexing to that information – the actual information itself remains on the drive, although partitioned away somewhere and unindexed. It may over time become partially or entirely overwritten, but that may not happen for a considerable length of time, if ever. Further, by transmitting information through your corporate device, that information will likely pass through and be processed by your company’s server, leaving traces of and the actual underlying information there for your employer to see. Also, automatically stored passwords and such, if enabled, may provide your employer easy access to ALL of your account information. This topic deserves much more, but that is not the purpose of this article.

In conclusion, this is a very interesting topic, from both a legislative and an employment standpoint, and I am eager to read any relevant comments, anecdotes and ultimately to see how this landscape evolves over time. Click here to return to our Employment Law page.