Illinois Bans Facebook, Social Network Password Requests by Employers

Illinois joins Maryland as the second state to sign legislation preventing employers from snooping on employees and job applicants on social networks, provided the applicants’ security settings are set to private.

Illinois has become the second state in the country to pass legislation banning companies from asking employees or job applicants for their login information for social networks.

The bill, which Gov. Pat Quinn signed into law Aug. 1, makes it illegal for an employer to request social network account information in order to gain access to their profile. It also prevents employers from screening potential job candidates or reprimanding current employees based on information from social networks that would otherwise be private.

"Employers certainly aren€™t allowed to ask for the keys to an employee's home to nose around there, and I believe that same expectation of personal privacy and personal space should be extended to a social networking account," Christine Radogno, state senate minority leader and co-sponsor of the bill, said in a statement. "This law will not only protect employees€™ reasonable rights to privacy on the Web, but will shield employers from unexpected legal action."

Illinois is the second state to enact this type of law; Maryland did it as well earlier this year. The issue rose to prominence when news reports surfaced of companies asking for Facebook passwords in order to access information about prospective employees. The controversy prompted Erin Egan, Facebook chief privacy officer, to issue a statement in March calling the practice "alarming."

"We don€™t think employers should be asking prospective employees to provide their passwords because we don€™t think it€™s the right thing to do," she wrote in a post on Facebook's privacy page. "But it also may cause problems for the employers that they are not anticipating. For example, if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don€™t hire that person."

In May, analyst firm Gartner predicted there would be a significant increase in the amount of snooping on social networks by employers, with 60 percent projected to do it by 2015. Andrew Walls, research vice president at Gartner, told eWEEK Aug. 3 that while the actual number of incidents where businesses requested login information is low, it is appropriate to create boundaries to intrusive actions by employers.

"This does not mean that monitoring of publicly available content is to be avoided," he said. "Monitoring and analysis of social media content is a good way to assess market reaction to corporate activities and to assess a variety of issues related to employee satisfaction or happiness."

Many employers already monitor social media informally with spot checks of Facebook or LinkedIn profiles and status updates, he continued, and an increasing number are monitoring social media using automated mechanisms.

Under the Illinois law, employers can view any information that is publicly available. However, Consumer Reports estimated in May based on a survey that as many as 13 million U.S. Facebook users do not use or are unaware of the site's privacy settings. In addition, Consumer Reports estimated that during the previous 12 months, 2.6 million users discussed their "recreational use of alcohol" on their Facebook wall, while 4.6 million discussed their love life.

"The upshot: you can still be as law-spurning, drunken and/or unprofessional as you want on Facebook and other sites, but at least for now, you have a chance to keep that behavior out of employers' sight - if you work in Illinois or Maryland, that is," noted technology writer Lisa Vaas on Sophos' Naked Security blog. "Of course, if you're one of the estimated 13 million U.S. Facebook users who don't use and/or are oblivious to the site's privacy controls, the new law means zilch."