Some employers are demanding that job seekers provide their Facebook passwords as part of their employment application. Is this a smart step in pre-emptive security or simply a coercive hiring practice?

In this context, it’s worth noting that social network profiles can be deeply data-mined without having the user password. Private investigators routinely – and legally – assess ‘social intelligence’ from Facebook,
LinkedIn, and other social media during background checks, pre-litigation investigations, corporate due diligence, and civil and criminal investigations.

Facebook now has over 500 million users and 77% of U.S. users visit their Facebook pages during work hours Human resources and IT departments must contend the consequences, ranging from lost productivity to coworker cyberstalking to security threats. Many states, however, have already proposed laws banning employers from demanding employees’ passwords to social network sites.

Do employees have any right to privacy on their office computers and company-issued smartphones? If an employee is suspected of wrongdoing, what kind of information is accessible to corporate investigators?

The Supreme Court has upheld public employers’ right to review personal messages on work-issued cell phones, but that unanimous 2010 decision unanimous 2010 decision shed little light on expectations of privacy in the private sector.

Do businesses have the right to search personal email accounts and social networks if they were used during work hours? Facebook, for its part, has cautioned employers against asking for workers’ passwords. Evidently the company has been chastened by the public backlash to its own awkward attempts to “liberalize” privacy settings and the uproar that followed .CEO Mark Zuckerberg’s memorable declaration that privacy is no longer a “social norm”

Beacon’s investigators and forensic computer specialists have assisted corporations and small businesses in trade secret protection, employee theft, embezzlement, and other sensitive matters. We know that even the most security-minded employees leave digital footprints that allow their activities to be tracked by qualified experts. Web browser history, file transfers, documents, passwords, personal email activity, Google Docs and Skype logs – these kinds of records can often be recovered even when a computer’s hard drive has been completely deleted. New forensic tools provide comparable insights into user activity on smartphones, too.

Best practices dictate that businesses should issue clear guidelines to new employees that clearly define their right-of-access for work computers, email and company-issued smartphones. New hires should be asked to sign these agreements. At the same time, employers should be sensitive to addressing employee concerns and periodically revisit and update their policies. If any employees are later suspected of wrongdoing, clear company policies and signed employee agreements can clarify the scope and extent of any necessary investigation.