Web-Surfing Your Job Applicants—TMI?

Labor & Employment Newsletter

Client Alert


The ever-increasing volume of information that people—your current employees, former employees, and job applicants—publish through the use of social media, email, tweets, and other types of electronic posts can be helpful in evaluating job applicants. However, do you know if your hiring decision-makers are surfing the web to find such information and whether it really makes sense to do so? You should consider the potential pitfalls.

A 2013 Harris Interactive poll involving more than 2,000 hiring managers and human resources (HR) employees looked into the use of social networking sites as a means of learning more about job applicants. According to the poll, 37 percent of the companies surveyed used social networking sites to prescreen candidates, and 11 percent said they planned to start doing so in the future. Only 15 percent of companies had policies prohibiting the practice.

Social media pages often contain personal information such as the individual’s age, marital status, religion, status as a parent, and political views. Indeed, some websites actively solicit, collect, and distribute such information. But when individuals voluntarily provide such data to the public, haven’t they waived any privacy rights to the information? Possibly. So what could go wrong with taking a look?

Where’s the Harm?

First, those making the hiring decision might be put in the uncomfortable position of having to admit they are aware of an applicant’s religious beliefs, physical or mental impairment, political views, and workers’ compensation history when deciding whom to hire or interview. In short, they learn the kind of information they would never ask about in a job interview.

Case in point, a religious discrimination case made headlines when an astronomer, believed to be a creationist based in part on writings on his personal webpage, was denied a university position. He then sued his employer for religious discrimination and survived the defendant’s request for dismissal before trial. Ultimately, he received a six-figure settlement. If you surf applicants’ social media pages, keep in mind that in addition to some potentially helpful information, you could be exposing yourself to information that should not be considered in making a hiring decision.

Additionally, an indiscrete HR staffer could fail to keep the information confidential and allow it to be known by coworkers, particularly if there is no clear policy on the issue. For example, learning that a new hire has a history of suing former employers could create suspicion among coworkers. Gossiping about the details of an applicant’s religious practices could lead to a claim of discrimination and harassment. Therefore, the information should be held in strictest confidence.

Wait! There’s More

A related practice that has provoked strong reaction is known as shoulder surfing, which involves having the applicant log in and go through his own Facebook or other social media page while a representative of the prospective employer looks on. Not surprisingly, this practice has received media attention and drawn objections from online sources such as Facebook. In 2012, Maryland became the first state to pass legislation banning employers from asking current and former employees to disclose passwords to personal online accounts. Since then, several states have enacted similar legislation, including Arkansas, California, Colorado, Illinois, New Jersey and New Mexico. Many other states are expected to pass similar laws.

Federal legislation designed to prohibit employers from requiring or even requesting that employees provide a username, password, or other means for accessing a personal account on any social networking website has not yet been passed. The bill, titled the Social Networking Online Protection Act (SNOPA), was introduced in 2012. Regardless of the status of federal legislation and state law in your area, shoulder surfing should be avoided.

Additionally, the Stored Communications Act (SCA), which is part of the Electronic Communications Privacy Act of 1986, affords privacy protection to “private” communication that is transmitted and stored electronically. Although the act predates the invention of the internet, it is being raised in cases involving, for example, information posted on a Facebook wall.

In a recent case, the court held that specific Facebook postings were subject to privacy protection under the SCA because they were accessible only by the employee’s Facebook friends because of the privacy settings the employee placed on the Facebook account. Thus, forcing an applicant or employee to provide his password could violate the Act.

Practice Points

As with most employment issues, the best defense is a clear policy that is applied and enforced consistently. When drafting your hiring policy, carefully consider the following:

  • Discuss with key decision-makers whether the organization should adopt this practice at all;
  • Determine what characteristics you’ll be looking for when reviewing candidates and employees online, and identify the types of things that would give you cause for alarm if seen on a candidate’s online profile;
  • Designate an individual who will not be involved in the hiring decision to perform prescreening searches;
  • Document anything that raises concern about an applicant and provide only that information to the hiring decision makers;
  • Do not ask an applicant for his Facebook password or other login credentials or attempt to gain access indirectly—e.g., asking an employee who is a Facebook friend to show you the applicant’s profile;
  • Make it clear to supervisors that they are not to search the internet for information about a candidate and that only designated individuals may do so; and
  • Apply the policy consistently with all job applicants and employees.

Finally, some employers have had success using an independent third party to perform prescreening internet searches and report only the relevant and appropriate information to the hiring decision-makers. That is another option to consider.