S.M.A.R.T. Blog

What do you get when you cross the Maryland Department of Public Safety and Correctional Services (DPSCS or DOC), an employee applying for recertification, an (alleged) policy asking for login information for social media sites (e.g., Facebook), the American Civil Liberties Union (ACLU) and YouTube?

Apparently, a media frenzy, heightened emotions , misunderstandings and misrepresentations, irrational, profanity-laced discourse, and a clear hue and cry from a populace that basically says “no way, no how – not now, not ever!”

And if you're a savvy employer, you (re)evaluate your own policies and practices related to individual use of social media and revise them accordingly…

I was alerted to the latest chapter in the ongoing saga about where the lines for managing employer/employee relations in the Digital Era should be drawn early Monday morning, as I was drinking coffee and starting my day. I spied a tweet from Social Media Today that linked to a post written by Neville Hobson, which in turn linked to a piece he had read in The Atlantic entitled, “Should Employers Be Allowed to Ask for Your Facebook Login?” Intrigued, I then ran a couple google searches and read dozens of other articles, opinion pieces and blog posts, as well as comments from readers.

Here’s the basic outline of the story, as I understand it:

• In the fall of 2010 employee Robert Collins applied to be recertified by DPSCS after taking a leave of absence.
• During an interview, he was (allegedly) asked to provide his login information for his Facebook account and was told they’d need to have access for 1-2 months while they completed their background investigation. He says he was told this was DPSCS policy by both the person doing the interview and a personnel officer he followed up with later.
• After taking on his case, the ACLU sent a letter to DPSCS in late January 2011 detailing their understanding of the facts of the case, citing reasons for their issues with DPSCS’s (alleged) request, and asking that the policy be rescinded. They also recorded a video of Robert Collins telling his story and posted it to YouTube.
• The letter and/or the video were picked up by various journalists and bloggers and the story started to spread, creating a mini media-frenzy and strong reactions from readers.

To my knowledge, DPSCS has not formally responded to the ACLU’s letter; however, in this story from NBC News in Washington, DC, a DPSCS spokesperson said, “We don't require anyone to give us a password. The ACLU drastically misrepresented this." And as far I know, no one has produced a document indicating that asking for login information is – or was – a formal DPSCS policy.

UPDATE (2/24): See link in comments section below. DPSCS has now responded to the ACLU's letter, and has suspend the "practice" while they investigate.

As with other recent stories on related issues (see below), it’s difficult to discern the truth, especially when strong emotions are triggered (often by inflammatory headlines and misrepresentations of fact). Regardless of whether the ACLU’s allegations against DPSCS are correct, this story provides an(other) important set of lessons for all employers about the new rules of engagement between them and their employees (and candidates) in the Digital Era.

As I discuss in Part 3 of the Social Media Primer, the balance of power is shifting, with organizations losing their relative dominance not only with respect to current/prospective/past customers, but also with current/prospective/past employees. Not only that, the landscape is much more complicated now than it’s ever been, and there is no clear guidance from existing laws and regulations, many of which don’t reflect the realities created by changing digital technologies. New rules are being defined and refined as we go, and the process of change is simultaneously dramatic and laborious as cases arise seemingly out of nowhere, get intensely debated and quickly decided upon in the court of public opinion, and then make their way slowly through the judicial process.

To provide interim guidance for both individuals and organizations, last fall I wrote a white paper that addresses the use of social media sites and information in the recruitment process, which I followed up with a blog post. Here are links to each:

• White paper: Social Screening: Candidates - and Employers - Beware
• Blog post: Social Screening: The Expanded Discussion

Finding the right approach to social media policies is critically important, and many organizations are guilty of overreaching. For example:

• The City of Bozeman, Montana tried to implement a policy similar to DPSCS’s (alleged) policy in the summer of 2009. The policy lasted less than 24 hours because of the national backlash they received. Here's a link to one of the stories about it.
• A couple of weeks ago, the National Labor Relations Board (NLRB) settled its "Facebook case" with an employer (AMR), which it alleged violated the National Labor Relations Act (NLRA) in several respects when it fired an employee. One of key terms of the settlement was that the employer agreed to revise its "overbroad" social media policy. I wrote about this case both when the complaint was filed and after it was settled. Here are links to each piece:
  • The NLRB’s Recent Action: Separating Fact from Fiction – and Unfounded Fear
  • The NLRB “Facebook Settlement:” Let’s Focus on the Facts

Later this week I'll publish a post on social media policies that addresses the issue in a more holistic way and articulates the need for a thorough, thoughtful, and balanced approach. Stay tuned …