For the past three months, we’ve looked at officers’ rights and risks on the social network. Most of the risks involved officers being burned when their imprudent comments or photos were found on social network pages by:
- The media;
- A citizen;
- An advocacy group;
- A defense attorney in a criminal case; and
- A plaintiff’s attorney in a civil lawsuit.
But the social network page has turned. Police agencies are cybervetting applicants, recruits and officers, including their social network postings. This raises new questions for the frontline and management:
- Are you prepared to be cybervetted?
- Where do your Internet privacy rights begin and end?
- What are agencies’ due diligence responsibilities to screen out unsuitable applicants or officers?
Note: Each applicant, recruit, officer and agency operate in different jurisdictions of federal, state and local court rulings, statutes, regulations, policies, collective bargaining agreements, job contracts, community perspectives and available resources. So the discussion here is necessarily general.
What Is Cybervetting, & Who’s Doing It?
Cybervetting is a background check into information found on the internet. And it’s being done even though there are, [N]o generally accepted guidelines and procedures for fair, complete and efficient Internet searches for this purpose.
That’s according to a December 2010 Special Report to the International Association of Chiefs of Police (IACP) and the U.S. Dept. of Defense (DoD). It’s one of the things the report attempts to address.
Despite the lack of generally accepted guidelines and procedures, a recent survey by Microsoft indicated:
- 79% of U.S. human resource professional respondents used online information to evaluate candidates
- 70% have rejected a candidate based on online information.
Law enforcement is catching up. An IACP survey in September 2010 revealed that 37% of the 728 responding agencies used social media for vetting and background investigations. [Link below.] Of those, nearly 65% found the use of social media for this purpose to be valuable. As with officers’ use of social media, expect these numbers to grow.
On the One Hand, Applicants & Officers Have Privacy Rights
The U.S. Constitution contains no express right to privacy. But the Bill of Rights reflects the framers’ concern for protecting certain aspects of privacy:
- Privacy of beliefs—1st Amendment.
- Privacy of the person and possessions against unreasonable searches by the government—4th Amendment.
- Privacy of certain personal information—5th Amendment.
- And the elusive 9th Amendment’s provision that the "enumeration of certain rights" in the Bill of Rights "shall not be construed to deny or disparage other rights retained by the people."
In Griswold v. Connecticut (1965), the Supreme Court interpreted the 9th Amendment as justification for reading the Bill of Rights to protect privacy in ways not specifically provided in the first eight amendments.
A few state constitutions contain an explicit right to privacy—Alaska, California, Florida and Montana.
Two areas of protected privacy relevant to cybervetting are:
1. The individual’s interest in avoiding disclosure of personal matters.
2. The individual’s interest in being “let alone” concerning personal matters—e.g., sex, opinions, use of legal substances, hobbies and other off-duty activities—and keeping them free from interference so long as they don’t impede the individual’s job performance or the operations of the public safety agency.
The extent to which private social network postings about personal matters or other private digital information (email messages, for example) are legally protected is evolving, just not as fast as the technology.
You Can Waive Your Right to Privacy—Intentionally & Not
Applicants and officers can waive their right to privacy. Most law enforcement employers require applicants to sign waivers of privacy claims as a condition for considering their application. Such waivers have been upheld as legal.
Applicants and officers can also waive their right to privacy by posting information in a manner that relinquishes their reasonable expectation of privacy. If the information is posted in “plain view” where anyone can see it, regardless of the intention of the poster, there is no reasonable expectation of privacy.
For instance, there would be no reasonable expectation of privacy in a Facebook public profile, visible to 500 million Facebook users. At the other end, there is a reasonable expectation of privacy in information protected by the requirement of a user name and password.
Then there’s information available to a limited number of friends. One argument is that posting information to a limited but large group of friends (say, 20 or more) relinquishes any reasonable expectation of privacy because any one of those friends can copy and post the information to the whole internet. Another argument is that if the posted items are limited to a small group, the poster might expect that they are private.
Let me ask you, how many friends in high school would you have trusted with a gossipy bit of information about yourself? I can think of two, maybe three, but even then I suspect they would’ve talked about it amongst themselves, maybe at the soda counter of the local diner (my high school days pre-date Starbucks) with some other students in a nearby booth listening in. That narrows it down to one friend whose promise “not to tell a single, living soul or let me burn in hell” I would trust with keeping the titillating tidbit quiet.
Consider the high school gossip question when contemplating what your reasonable expectation of privacy is to information you post on your social network page. I think it’s a great question for an employer defending against your invasion of privacy claim or an attorney subpoenaing your posts to ask you in a deposition or courtroom.
Chances are the high school gossip wouldn’t get much beyond the high school or local community. Share something with one friend on the internet and how many clicks does it take for that person to share it with the world? How many times do you think that has ever happened? And what if your trusted friend and you have a falling out? An attorney would love to ask you about the chances of all these and more occurring to determine whether your expectation of privacy in internet postings was reasonable.
On the Other Hand, Police Agencies Must Meet Due Diligence
Pushing against employee privacy rights are employer due diligence responsibilities. From what I hear from recruits and front line officers, police management doesn’t do a very good job explaining why they may need to dig deep through digital information about applicants and officers. Let me try and bridge some of that gap.
State and federal law aimed at protecting public health, safety and welfare strives to ensure employers and employees act responsibly in the workplace. Employers must exercise due diligence in preventing potentially harmful employees from entering or remaining in the workplace. Employers may be held civilly liable for negligent hiring and retention if they fail to exercise due diligence in their duty to the safety of other employees and the public.
Public safety agencies have one of the highest due diligence duties. That’s because public safety employees directly impact the health, safety and welfare of others. Employers of commercial airline pilots similarly have a higher duty of due diligence than shoe sale companies.
Lawsuits for negligent hiring or retention cost U.S. businesses an estimated $18 billion a year. I couldn’t find a comparable figure for public safety agencies but, safe to say, police management has a reason for wanting to know as much information as they can about a candidate or officer that might reflect on their suitability for the unique demands and powers of the job. It may cost them a bundle, and the loss of community trust, if they don’t dig for the digital dirt on applicants and officers.
In fact, a law enforcement newsletter advises management, “The basis for a solid defense against a charge of negligent hiring is a documented, legitimate, and thorough background investigation. Because management has the responsibility to be aware of its employee’s history, it’s important to know as much about the employee as possible. This is especially true when hiring police employees because they hold extraordinary authority and power over citizens.”
So How Deep Can Agencies Dig for Digital Dirt?
Now that we know the competing law and interests, we’ll take a look next month at:
- How deep public safety agencies are digging for digital dirt on applicants and officers;
- How deep they legally can dig; and
- How deep they should dig in light of public backlash that has already occurred and the potential to lose good applicants and officers.