The Facebook password backlash

March 26, 2012, 5:25 PM UTC

FORTUNE — Two senators have asked the Justice Department to investigate the practice of employers requiring  job applicants to hand over their social-media passwords.

Meanwhile, Facebook issued a statement on Friday warning that such employers “undermine privacy.” Similarly, so do peeping toms and identity thieves.

If it seems insane that Facebook’s Erin Egan, the company’s chief privacy officer, had to issue such a statement, that’s because it is. The Associated Press reported last week that some employers not only look at applicants’ public profiles, but either force the candidates to turn over their passwords or to sign in to their social media accounts so the employer can root around in their private data, which of course can include personal email messages, hidden photos and other personal information.

On Sunday, Sens. Charles Schumer (N.Y.) and Richard Blumenthal (Conn.) asked the DOJ to probe whether the practice violates the Stored Communication Act or the Computer Fraud and Abuse Act. The practice “represents a grave intrusion into personal privacy,” they said in a statement.

Facebook isn’t messing around, either. Egan issued a threat: “We’ll take action to protect the privacy and security of our users, whether by engaging policymakers or, where appropriate, by initiating legal action…,” she wrote.

The AP reported that these bizarre and almost certainly illegal acts are “more prevalent among public agencies, especially those seeking to fill law enforcement positions such as police officers or 911 dispatchers.” It’s hard to know how true that is since the AP didn’t indicate where that fact came from. But the news agency cited several instances of local governmental employers demanding passwords or forcing applicants to sign on so the hiring agent could take a peep.

Egan’s statement points out something that the Associated Press left unmentioned: Such intrusions violate not only the privacy of job candidates, but also of their friends or others with whom applicants correspond.

“As a user,” she wrote, “you shouldn’t be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn’t have to worry that your private information or communications will be revealed to someone you don’t know and didn’t intend to share with just because that user is looking for a job.”