Employers continue to wrestle with the issue of whether to require employees and prospective employees to divulge their social media passwords. Some critics of the practice, including Owen Kerr of George Washington University Law School, have asserted that surrendering a Facebook password is like handing over a key to a home.
So far, few courts have issued decisions that provide any guidance about the legality of seeking social media login information from employees or prospective employees. In Pietrylo v. Hillstone Restaurant Group, 2009 U.S. Dist. LEXIS 88702 (D.N.J. Sept. 25, 2009), a federal trial court case in New Jersey, the plaintiffs were restaurant employees who belonged to a chat group. Access to that group required an invitation and then a member’s MySpace account and password. One of the restaurant’s managers asked another restaurant employee for her login information for the chat group, which the employee provided. The plaintiffs brought a civil suit against the restaurant, claiming (among other things) that the managers had violated the Stored Communications Act (SCA). The jury found in favor of the plaintiffs and awarded them, collectively, $3,403 in compensatory and punitive damages.
California, Illinois, Maryland and New Jersey have active legislative efforts to regulate employers’ collection and use of login information regarding social media sites and federal law may follow. In the meantime, however, the practice currently is not prohibited. Even so, employers should refrain from doing so.