A reader asks: I was recently asked to hand over my Facebook password at a job interview. I thought this was outrageous but after talking to friends realise it is quite common, especially after Facebook publicised its new privacy settings.

What should I do in this situation? Am I legally obliged to hand it over? Obviously, I am concerned that they will get more access to my life than I would like a prospective employer to see.

Sheila Fahy, counsel at law firm Allen & Overy, says:

Would you give prospective employers the keys to your home so that they could rummage around your personal belongings to get a better picture of the “real” you?

Absolutely not!

Handing over your Facebook password amounts to the same thing. The employer has no more right to your password than it does to your front door key. So don’t give it.

There is nothing unlawful in an employer asking to do pre-employment checks – after all, it will want to make sure that it employs the right person for the job. But these checks must be relevant to the skills of the job and proportionate.

Occasionally it might be necessary to do more intrusive vetting, such as criminal record checks, but this would only be appropriate where there are particular and significant risks in a role, such as working with children or within a regulated financial environment, such as in a bank.

While it might not be unlawful for an employer to “ask” for your Facebook password, neither is it good recruitment practice. By saying “no”, you might be doing the employer a favour, because in its search for the “real” you, it might discover more than it bargained for.

Apart from your social activities and proclivities, your Facebook details could reveal characteristics which are legally protected from discrimination in the workplace, even during the recruitment process.

Let us say you are a strong candidate for a job but your application is rejected. If your Facebook data showed your sexual orientation or ethnic origin, disability, age or religion – all protected characteristics and totally irrelevant for most jobs – an employer could be exposed to a claim of discrimination if it was unable to show with evidence that there were non-discriminatory reasons for rejecting your application.

So just say no.

Alternatively, say “I will if you will”. After all, you want to get a better picture of the “real” employer and its workforce. You might not get the job, but do you really want to work for an employer who can walk through your front door into your personal life at any time?

Paul Whitfield, solicitor at Fox Whitfield, says:

This relatively new development from the US is spreading to the UK as an evolution of the already common practice of recruiters conducting online research into candidates, such as viewing their public profiles on social networking sites and carrying out Google searches.

As is often the case, the law is far behind technological advances. Germany already outlaws this sort of conduct. In the US, on the other hand, an attempt to create similar legislation on the issue failed in the House of Representatives on March 28.

Facebook, the world’s largest social networking platform, has now threatened to bring claims against anyone who asks for people’s private passwords. The organisation’s chief privacy officer recently issued a statement which stressed that the practice undermines the privacy expectations and security of users and their friends. The statement went on to highlight how giving a password to a potential employer would be in breach of the site’s terms of use.

You are under no circumstances obliged to hand over any of your personal passwords.

However, it is not unlawful for a potential employer to ask for it either. In reality, and perhaps unfairly, you are probably unlikely to get the job if you refuse. I would anticipate widespread outrage at this notion but, nonetheless, there is no obvious course of action since you always have the right to refuse such a request.

If you did hand over your password and then did not get the job, you might be able to bring a claim.

In this scenario it is the employer who is taking a risk in accessing your account. They might discover that you are pregnant, gay or suffer from a disability: all unlawful reasons not to give you the job and ones that could enable you to bring a claim for discrimination. It would be hard for the employer to prove that information from your personal accounts did not influence their decision.

Email your recruitment questions to: recruitment@ft.com

Get alerts on Recruitment when a new story is published

Copyright The Financial Times Limited 2019. All rights reserved.

Follow the topics in this article