Leave Facebook out of your hiring decisions
  • leadership
  • Blog post

Leave Facebook out of your hiring decisions

Are you asking job candidates to hand over their Facebook passwords? Stop it. Stop it now.

Some employers have taken it upon themselves in recent months to ask all job candidates to surrender the login information for their Facebook and other social media profiles. The practice has been a subject of debate in HR circles for some time, but last week Facebook weighed in with their thoughts. Here’s what Facebook Chief Privacy Officer Erin Egan said in a blog post:

“As a user, you shouldn’t be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn’t have to worry that your private information or communications will be revealed to someone you don’t know and didn’t intend to share with just because that user is looking for a job.”

For hiring managers, it might be nice to be able to weed out candidates with poor judgment by rooting around Facebook profiles, but Egan is absolutely right here. Demanding that users turn over their login information isn’t just unfair for them; it can put you in a lot of legal trouble.

Look at it this way: Say that, while combing through a job candidate’s Facebook page (after getting his login information), you discover that she has a child with a long-term illness. Or the person is a recovering alcoholic. Or that they weren’t born in the United States. Any of these facts, in addition to countless others, reveal your job candidate to be in a protected class.

Congratulations! You just laid the groundwork for a hiring lawsuit. Even if you have a perfectly valid reason for not hiring the candidate, the person has now got evidence that you didn’t hire them for less acceptable reasons.

Look, I get it. You want to know as much as you can about a job candidate ahead of time so you can avoid a disastrous hire. No one is saying you can’t do your due diligence and try to weed out poor or irresponsible job candidates before they become a problem. But demanding a potential hire give up their login information isn’t just an invasion of privacy for the candidate, it’s a legal disaster for hiring managers, too.

Readers: How is your organization using Facebook in its hiring efforts (if it is at all)?

4 Comments

  • Also, keep in mind, the vast majority I users will reuse their password for additional services. By a third party logging into another persons password at a potential insecure location, you have weakened the viability of this password. If a hacker sniffs it, they would attempt to use it for additional services registered to a user. Hell, if middle management writes the password down on a sticky note and leaves it on a desk somewhere or any number f mistaken areas middle managers often do, it’s vulnerable for a grab. What if you company allowed access to this persons medical records? Bank account? You are liable in California for making a person less secure.

  • Also, keep in mind, the vast majority I users will reuse their password for additional services. By a third party logging into another persons password at a potential insecure location, you have weakened the viability of this password. If a hacker sniffs it, they would attempt to use it for additional services registered to a user. Hell, if middle management writes the password down on a sticky note and leaves it on a desk somewhere or any number f mistaken areas middle managers often do, it’s vulnerable for a grab. What if you company allowed access to this persons medical records? Bank account? You are liable in California for making a person less secure.

  • Also, keep in mind, the vast majority I users will reuse their password for additional services. By a third party logging into another persons password at a potential insecure location, you have weakened the viability of this password. If a hacker sniffs it, they would attempt to use it for additional services registered to a user. Hell, if middle management writes the password down on a sticky note and leaves it on a desk somewhere or any number f mistaken areas middle managers often do, it’s vulnerable for a grab. What if you company allowed access to this persons medical records? Bank account? You are liable in California for making a person less secure.

  • Also, keep in mind, the vast majority I users will reuse their password for additional services. By a third party logging into another persons password at a potential insecure location, you have weakened the viability of this password. If a hacker sniffs it, they would attempt to use it for additional services registered to a user. Hell, if middle management writes the password down on a sticky note and leaves it on a desk somewhere or any number f mistaken areas middle managers often do, it’s vulnerable for a grab. What if you company allowed access to this persons medical records? Bank account? You are liable in California for making a person less secure.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share:

Get a demo of all our training features

Connect with an expert for a one-on-one demonstration of how Rapid Learning can help develop your team.