California, Congress Move to Keep Facebook Passwords Private From Employers

California’s Assembly passed legislation Thursday that would forbid employers or prospective employers from demanding access to employees’ personal, private online lives, such as their Facebook accounts.

The development comes a day after Sen. Richard Blumenthal (D-Connecticut) and Reps. Martin Heinrich (D-New Mexico) and Ed Perlmutter (D-Colorado) proposed similar legislation on the federal level. The idea is a response to a handful of reports of employers demanding such access.

California’s bill, if ultimately adopted, would follow a Maryland law approved last month preventing employers from demanding passwords as a condition of employment. At least three other states are mulling similar bills.

The federal legislation, which would be binding on all of the states, was pushed by the American Civil Liberties Union, which said its time has come.

“It’s an issue. It’s clearly happening,” Christopher Calabrese, the ACLU’s legislative counsel, said in a telephone interview Thursday. “I feel confident we have to start drawing the line somewhere. This is a pretty good line to draw.”

The federal measures, which have not been to committee, have a few loopholes. They do not cover students nor do they protect university or other students from their administrators.

It’s no trivial matter of what private data could be gathered by an employee giving up a Facebook password. Accessing somebody’s Facebook account would grant them the rights to see all of their private Facebook text messages, pictures and even Facebook e-mails. The same kind of information is held by Google Plus, which is part of a Google package of online services that includes e-mail, voicemail, texting, documents and even private blogs.

Facebook had made a public splash announcing that employer-password requests are a violation of its Statement of Rights and Responsibilities, which widely bans sharing or soliciting Facebook passwords.

Facebook’s chest-thumping aside, the social-networking site in 2010 settled a privacy lawsuit for $9.5 million while denying it illegally breached the privacy of its users under its now-defunct Beacon program. That mostly abandoned system published what Facebook users were buying or renting from Blockbuster, Overstock and other locations without their permission.

Reports of employers demanding passwords have been sporadic, and don’t appear to be a common practice yet.

In June 2009, the city of Bozeman, Montana, made headlines when it was revealed that its job application forms asked for usernames and passwords for the job seekers’ accounts on “social networking,” including everything from Facebook and Twitter to YouTube and Google. Earlier this year, the American Civil Liberties Union took aim at the Maryland Department of Corrections after it asked a Maryland man for his Facebook credentials during a recertification interview. And the Calgary Herald reported on a similar incident in Canada.

Photo: Scott Beale/Flickr