Illinois Makes Asking for Employees' Social Network Passwords Illegal
Modernizing Authentication — What It Takes to Transform Secure Access
Illinois has become the second state in the country to pass legislation banning companies from asking employees or job applicants for their login information for social networks.
The bill, which Gov. Pat Quinn signed into law Aug. 1, makes it illegal for an employer to request social network account information in order to gain access to their profile. It also prevents employers from screening potential job candidates or reprimanding current employees based on information from social networks that would otherwise be private.
"Employers certainly aren't allowed to ask for the keys to an employee's home to nose around there, and I believe that same expectation of personal privacy and personal space should be extended to a social networking account," Christine Radogno, state senate minority leader and co-sponsor of the bill, said in a statement. "This law will not only protect employees reasonable rights to privacy on the Web, but will shield employers from unexpected legal action."
Illinois is the second state to enact this type of law; Maryland did it as well earlier this year. The issue rose to prominence when news reports surfaced of companies asking for Facebook passwords in order to access information about prospective employees. The controversy prompted Erin Egan, Facebook chief privacy officer, to issue a statement in March calling the practice "alarming."
"We don't think employers should be asking prospective employees to provide their passwords because we don't think it's the right thing to do," she wrote in a post on Facebook's privacy page. "But it also may cause problems for the employers that they are not anticipating. For example, if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don't hire that person."
In May, analyst firm Gartner predicted there would be a significant increase in the amount of snooping on social networks by employers, with 60 percent projected to do it by 2015. Andrew Walls, research vice president at Gartner, told eWEEK Aug. 3 that while the actual number of incidents where businesses requested login information is low, it is appropriate to create boundaries to intrusive actions by employers.
"This does not mean that monitoring of publicly available content is to be avoided," he said. "Monitoring and analysis of social media content is a good way to assess market reaction to corporate activities and to assess a variety of issues related to employee satisfaction or happiness."
Many employers already monitor social media informally with spot checks of Facebook or LinkedIn profiles and status updates, he continued, and an increasing number are monitoring social media using automated mechanisms.