Have you ever actually read the fine print on any of the web sites on which you post information about yourself and others? Do you know what your rights are or what laws and the courts say? Have you searched yourself online recently? Do you know what is online about yourself? Do you know who is accessing your online information? You might want to think about it the next time you or your HR department decides to do a background check on existing or prospective employees on the Internet.
Employers and prospective employers beware.
Many of us have profiles on LinkedIn. It is a networking site for professionals and arguably, seeking out the information posted by individuals on this site is legitimately done by employers and prospective employers — provided it is for a legitimate business purpose.
Sites like Facebook are more problematic, however. Case law suggests that having hundreds of friends on Facebook means that individuals do not necessarily have a reasonable expectation of privacy — particularly if they have taken to trashing an employer. However, it would probably be difficult for a prospective (or existing) employer to prove that there was a legitimate business purpose for searching an individual’s Facebook profile for the purposes of doing a background check when that profile contains personal information including photos (also of third parties) wholly unrelated to their professional life.
At the risk of running afoul of applicable human rights and privacy laws, digging into social networking sites like Facebook can be a risky business.
Being informed about and understanding the application of human rights and privacy-related laws is one way to manage risk: another is to simply avoid conducting such searches in the first place, unless prior consent has been given (which would be tricky with Facebook in any event because of the risk of accessing third-party information without consent).
As one lawyer wrote, would you ask to see someone’s diary for the purposes of conducting a background check? If not, then why would you expect to legitimately have access to their Facebook page? Furthermore, if it isn’t a question you should be asking during a live interview with a candidate — you shouldn’t be looking for or collecting such information from the Internet.
It seems counterintuitive in some ways that people share so much of themselves on the Internet and yet it could very well violate their rights — or the rights of implicated third parties — if you collect it. The key is that as an employer, existing or prospective, the information may only be collected for a demonstrably legitimate reason within the scope of applicable laws, otherwise you do so at your own peril.
Once hired, as it relates to employees accessing personal accounts, be it Facebook, personal e-mail, or otherwise, during business hours on company equipment (and let’s face it, for those of us who work long hours it does happen from time to time), provided Internet use policies and expectations regarding Internet use and monitoring are made clear to employees, disciplinary action including termination may be justifiable in certain circumstances.
Just be sure you are only logging the time they spend surfing the net, and not actually accessing any of their accounts. Whether or not “excessive” personal Internet use constitutes theft of an employer’s time where the employee is on the clock has not been ruled on by the courts; however, two arbitrations in 2011 considered the possibility. In both Andrews v. Deputy Head (Department of Citizenship and Immigration) and Health Employers Association of British Columbia v. Health Sciences Association of British Columbia, the facts led the arbitrators to ruling in favour of the employee.