With all the ado surrounding employers asking prospective employees for Facebook passwords, Facebook has finally spoken out.

Their stance on the issue? Don’t do it, or you could get sued. Facebook’s Chief Privacy Officer, Erin Egan, wrote on Friday, “This practice undermines the privacy expectations and the security of both the user and the user’s friends. It also potentially exposes the employer who seeks this access to unanticipated legal liability.” The original statement from Egan posted on the site’s Facebook and Privacy pages was clear about their intentions to protect the users: “Facebook takes your privacy seriously. We’ll take action to protect the privacy and security of our users, whether by engaging policymakers or, where appropriate, by initiating legal action, including by shutting down applications that abuse their privileges.” Another spokesperson for Facebook later corrected the statement, taking a less active stance on the situation, but still emphasizing that it is and can be a serious issue.

Many states are considering making this practice illegal, including Maryland. Companies may face lawsuits for violating certain laws, including discrimination laws (discovering age groups or affiliations based on “likes”) and privacy laws (for violating Facebook’s terms of use as well as the privacy of the prospective employee and the users friends).

This is certainly an issue that needs to be dealt with by HR. It can be dangerous for both the company and the people it affects. What is your company’s stance on checking Facebook profiles? Let us know in the comments!