Have We Just Been Punk’d by Facebook and US Lawmakers?

It was a simple
story. The Associated Press reported on March 20^th that some US
employers have been demanding that job applicants reveal their social
media/email log-ins as part of the interview process. Unsurprisingly, the
public responded indignantly to the news. Facebook published a statement warning
of the possibility of legal action against such deviant employers and some US
politicians declared that legislation may be needed to cure this disease.

A classic case of good versus evil – and, sure enough, good,
in the form of Facebook and US federal and state legislators, has prevailed. The
state of Maryland, where one the cases reported by the AP originated, was the
first to pass a bill forbidding employers from requesting private log-ins.
Eight other states are following suit, including California, whose Assembly has
passed a bill this month. Federal legislators are coming to the rescue too. The
Password Protection Act Of 2012 has been presented to the Senate with the
intention to stop employers making access to private accounts a condition of
employment. Representative Eliot Engel has filed his alternative solution, the
Social Networking Online Protection Act

A horrible disease is being addressed and privacy
safeguarded for the user by noble legislators and internet companies, right? So
you would think if you merely scanned the news. It is a different story if we,
as we all must but often fail, read the news critically and demand evidence for
effusive statements.

The evidence tells a different story. Maryland’s new law
prohibits employers from asking applicants or employees to disclose any means
for accessing any personal account or service – which includes Facebook and
email accounts. However, there is no enforcement clause in the law, meaning
that its practical use to job applicants could be very limited. Moreover, a
proposal to protect students from similar demands by universities and schools
was rejected.

California’s proposed legislation actually permits public
sector employers to ask for social media passwords. Considering that it was
specifically public sector employees – law enforcement, security contractors
and 911 dispatchers, that were highlighted by the AP as ‘victims’ of the
practice, this exception sidesteps the crux of the issue. It is notable that
private email accounts are excluded from protection.

Meanwhile the federal bill, the Password Protection Act Of
2012, in its current form does not prohibit employers from asking for log-in
details. It merely precludes them from making the disclosure a condition of
employment. How a rejected job applicant could know whether they had been
trumped by a better candidate (as the employer will insist) rather than because
they failed to disclose their social media log-in, is unclear. Again, the
practical use to the job applicant seems limited.

Despite the feverish activity and noble proclamations by
legislators (“We feel strongly about this
issue. What’s private and personal should remain private and personal” said
Californian State Senator Leland Yee) the reality is that the real problem
cited in the Associated Press report is not being addressed. The problem is a
narrow one, focused predominantly on public sector workers involved with
sensitive persons and information. The unspoken consensus, as evidenced by the
actual provisions of the new state and national legislation (as opposed to the
headlines surrounding them), is that such invasions of privacy are not actual a
“problem” and go with the territory with these types of workers.

Julie Totten, employment law partner in California with the
firm Orrick, Herrington & Sutcliffe, told the LA Times that she knows of no
employer that asks for social media passwords. Her conclusion is stark: “It’s a boon for the legislators who get to
pound their chests and say, ‘Look at what we did. This is not going to change
anyone’s policies and procedures.”

It was a boon, too, for Facebook. The news broke mid-March
and, in the wave of media chatter and legislative activity, the company has
appeared to be at the forefront of privacy protection – just in time,
conveniently, for its historic $30-something-a-share initial public offering on
the stock market. The fact that the legislation that Facebook has incited is
decidedly patchy and probably ineffective is not widely publicised. Nor is the
fact that not long after its publication, Facebook edited its statement against
invasive employers by removing the phrase threatening the possibility of legal
action.

News stories that are depicted as simple good versus evil
affairs are never accurate and so it is in this case. Do internet companies
that rely
on user information to meet profit targets really care about the public’s
privacy? Do politicians and legislators who regularly acquiesce to security
agencies’ tracking and monitoring of vast
quantities of private data really think of privacy as sacrosanct?

The answer is not really, but give them a soap box and they
will really go for it. Whether we fall for it or not depends on how critically
we read our news.

This article reflects
the opinion of the author only. If you have any comments or feedback, drop us a
line at [email protected].