Google quiet on social network privacy

Google is yet to follow Facebook's lead and commit to a password privacy policy that would prevent intrusive employers snooping through Google+ profiles, though pressure is likely to mount as lawmakers wade into the debate. Facebook made headlines last week by altering its "Rights and Responsibilities" policy to make sharing or soliciting an account password a violation of its terms & conditions, threatening legal action to anyone found doing so. The move followed reports that some job applicants had been forced to hand over access to their Facebook accounts for scrutiny by would-be employers.

Facebook's argument for the policy change is one that's likely to apply to Google as well, particularly with regards to the Google+ social network. As well as violating privacy rights for the individual user themselves, Facebook's chief privacy officer Erin Egan pointed out, third-party access also violates the privacy of that user's friends, who will have set their own content visibility levels based on assumptions about who will be viewing it.

However, Google's current terms & conditions – recently modified to pull together policies for around sixty products into one document – makes no mention of third-party access. That wasn't always the case; in the previous version, dated 2007 and superseded this year, Google highlighted that password security was the responsibility of the individual user:

"You agree and understand that you are responsible for maintaining the confidentiality of passwords associated with any account you use to access the Services. Accordingly, you agree that you will be solely responsible to Google for all activities that occur under your account. If you become aware of any unauthorised use of your password or of your account, you agree to notify Google immediately"

Nonetheless, no mention – in either new or old versions – to situations of being coerced into handing over a password by a potential employer is given. In fact, it appears the possibility did not occur to it (or seem important enough to mention) when the company drafted the policies.

That stance is unlikely to remain an option for much longer, with the American Civil Liberties Union (ACLU) demanding more attention on the topic and insisting that the government should step in:

"Congress should pass legislation prohibiting any employer or school from accessing your private social networking information. It's an egregious privacy violation, comparable to poking around in your house or reading your personal email. In a time when we share so much through new technology, we need clear rules to makes sure that we can keep control of our own information. One of them should be that a password means "stay out" — whether you're an employer, a school or the government. And end-runs around password protection, like asking an employee to login so someone can take a look, are also unacceptable" Chris Calabrese, Legislative Counsel, ACLU

Connecticut Democrat Senator Richard Blumenthal has announced that he is drafting a bill, ready "in the very near future", that will prevent prospective employers from an "unreasonable invasion of privacy" such as demanding passwords. Whether that comes before Google+ and other social networks update their own policies to address the issue remains to be seen.

We reached out to Google for a comment on its official stance on password sharing, but are yet to receive a reply.