Social media screening has moved from occasional practice to routine procedure. A Kaplan survey of admissions officers found that 67% consider reviewing applicants' social media profiles to be fair game, though only 28% report actually doing so. In employment contexts, the numbers run higher. A ResumeBuilder survey on hiring practices showed 73% of hiring managers use social media to evaluate applicants, treating online profiles as part of candidate evaluation to verify credentials, assess cultural fit, and identify potential red flags.

The practice sits at the intersection of legitimate vetting and significant legal exposure. Organizations that screen without proper protocols risk discrimination claims, privacy violations, and data security failures. This article covers what employers and admissions officers need to know: the legal framework, platform considerations, proper implementation, and how candidates can present themselves effectively online.

What Social Media Screening Involves

Social media screening is the review of a candidate's publicly available online presence. Screeners examine posts, photos, comments, likes, and interactions across platforms to assess character and behavior beyond what applications and interviews reveal.

Organizations pursue screening for several reasons. The first is risk mitigation. Publicly visible threats, harassment, or illegal activity can signal problems before someone joins your institution. The second is brand protection. Content that conflicts with organizational values can damage reputation if it surfaces after hiring. The third is verification. Comparing a candidate's LinkedIn profile against their resume can reveal inconsistencies in credentials.

A less obvious driver is negligent hiring liability. Courts have held that employers may be responsible when employees cause harm if warning signs were reasonably discoverable. The U.S. Equal Employment Opportunity Commission addresses employer liability standards, and case law has extended this to situations where background screening might have prevented harm.

Screeners typically flag hate speech, violent threats, discriminatory remarks, evidence of illegal activity, and sexually explicit content. They also note positive indicators: professional engagement, industry involvement, and community participation.

Legal Requirements for Social Media Screening

Social media screening is legal when conducted properly. The legality depends entirely on execution.

Federal Regulations

The Fair Credit Reporting Act governs background checks conducted by third parties. The Federal Trade Commission has confirmed that FCRA applies to social media screening when employers use outside vendors. This means obtaining written consent before screening, providing candidates with copies of reports used in adverse decisions, and following adverse action procedures before rejecting someone based on findings.

The U.S. Equal Employment Opportunity Commission enforces federal anti-discrimination laws that prohibit hiring decisions based on protected characteristics: race, religion, national origin, age, sex, disability, pregnancy, and genetic information. Social media profiles frequently reveal this information inadvertently. A candidate's photos might show religious attire, pregnancy, or disability status. Once a screener sees protected information, defending against discrimination claims becomes difficult if that candidate is rejected.

The National Labor Relations Board protects employee discussions of wages and working conditions, including on social media. Penalizing candidates for posts about pay or workplace issues at previous employers can violate federal labor law.

State Laws

State legislation adds complexity. Over 25 states prohibit employers from requesting passwords to private social media accounts. Some states restrict when screening can occur during the hiring process. California's Consumer Privacy Act and similar state laws impose data handling requirements on information collected during screening.

Legal Exposure

The risks break down into categories. Discrimination claims arise when rejected candidates argue that protected characteristics visible on social media influenced decisions. FCRA violations occur when employers skip consent requirements or fail to follow procedures. Privacy claims emerge from attempts to access private accounts. NLRB complaints result from penalizing protected speech about working conditions.

Platforms Subject to Screening

alt="Horizontal bar chart comparing key risks of social media screening in hiring and admissions, including legal liability, data privacy breaches, bias and discrimination, inaccurate information, reputational damage, and compliance violations. Bar lengths show relative severity, with legal and privacy risks ranking highest among listed concerns."

Employers and admissions officers review multiple platforms, with focus varying by role and candidate demographics.

LinkedIn receives the most attention in employment contexts. Its professional design means candidates expect review, and the platform allows verification of employment claims and professional endorsements. According to hiring manager surveys, LinkedIn, Facebook, and X are the three most commonly checked platforms. Facebook's large user base makes it a common target, though privacy settings determine visibility. X exposes public statements permanently, and its rapid-fire format leads to impulsive posts that later cause problems. Instagram's visual focus reveals lifestyle content and tagged photos. TikTok matters increasingly for younger candidates, particularly interns and entry-level hires.

Third-party screening services extend beyond major platforms. Vendors search thousands of online sources including blogs, forums, news archives, and public records.

College admissions officers face additional challenges. Problematic content often surfaces through screenshots of private group chats, tagged photos posted by others, or comments on friends' pages. Harvard rescinded ten acceptances in 2017 after discovering offensive content in a private Facebook group. The university took similar action in 2019 when private messages surfaced. These cases demonstrate that private settings offer limited protection when others can share screenshots.

Relationship Between Social Media and Background Checks

Traditional background checks and social media screening are separate processes. A standard criminal background check covers arrest records, employment verification, education confirmation, and credit history. Social media content appears only when specifically requested.

The FTC's guidance on FCRA compliance confirms that social media reports must meet the same requirements as other consumer reports when used for employment decisions. This includes using compliant vendors, obtaining consent, and following adverse action procedures.

Many organizations conduct informal searches instead of using third-party services. This creates problems. Common names lead to false identification issues, where content from a different person with the same name gets attributed to the candidate. Hiring managers who conduct their own searches see protected characteristics, opening discrimination exposure. Inconsistent application across candidates weakens legal defense. Informal searches leave no documentation trail.

Third-party services address these issues through identity verification before attributing content, redaction of protected information, consistent criteria application, and thorough documentation.

Proper Screening Procedures

Organizations that screen should formalize their approach.

Policy Development

Document your process before implementation. Specify which positions or applicant categories will be screened, which platforms you will review, what evaluation criteria apply, who conducts screening, who receives results, and how adverse findings will be handled. The Society for Human Resource Management provides guidance on screening policies.

Tie evaluation criteria to job-relevant factors. Evidence of violent threats relates to workplace safety. Family status does not relate to job performance.

Process Structure

Legal guidance suggests conducting social media screening after initial interviews rather than at the application stage. This keeps early evaluation focused on qualifications and creates a cleaner timeline for defending decisions.

Separate the screening function from hiring decisions. Have someone other than the decision-maker conduct searches and filter results. This person reports only job-relevant findings and removes protected characteristics before sharing. The separation creates a barrier between protected information and hiring decisions that strengthens legal defense.

Third-Party Services

FCRA-compliant screening vendors offer built-in consent workflows, automatic redaction of protected information, consistent application across candidates, and documentation for legal defense. Using these services requires written candidate consent and adherence to adverse action procedures.

Prohibited Practices

Never request passwords or access to private accounts. Do not attempt to "friend" or follow candidates to circumvent privacy settings. Apply screening consistently to all candidates for a given role. Do not base decisions on protected characteristics regardless of how you discovered them.

Admissions Considerations

FERPA does not prohibit social media review, but institutional policies may impose restrictions. Create clear guidelines for what triggers screening. Random spot-checking creates inconsistency that is difficult to defend. Document rationale thoroughly when rescinding offers based on findings, as these decisions attract scrutiny.

Information Security Requirements

Social media screening generates personal data that requires protection under multiple regulatory frameworks.

Applicable Regulations

The General Data Protection Regulation applies to screening of candidates from EU countries, imposing consent requirements and data handling obligations. State privacy laws including California's CCPA create similar requirements domestically. Industry-specific regulations add requirements for healthcare, education, and financial services organizations.

Data Handling Practices

Establish retention and deletion policies before collecting screening data. The intersection of GDPR and FCRA requirements means organizations must determine how long reports will be kept and enforce that timeline. Delete data that is no longer needed.

Use screening vendors with recognized security certifications such as ISO 27001 or ISO 27701. Encrypt stored data. Limit access to authorized personnel. Maintain audit trails documenting who accessed screening data and when. Conduct regular security assessments. Evaluate vendor security practices as part of procurement.

Organizational Liability

Organizations face exposure from both screening and failure to screen. Liability can arise when employees cause harm and warning signs were visible. Some jurisdictions allow personal accountability for executives and HR leaders in these situations. Document your screening decisions and rationale regardless of whether you choose to screen.

Building a Professional Online Presence

Social media screening creates risks for candidates, but a professional online presence can strengthen applications.

For Job Candidates

Maintain a current LinkedIn profile consistent with application materials. Search your own name to see what employers find. Remove or archive content that could be misinterpreted. Adjust privacy settings on personal accounts, but avoid deleting all presence, as empty profiles raise questions. Engage professionally in industry discussions and groups.

For College Applicants

Set personal accounts to private or review all visible content. Check tagged photos and remove yourself from questionable images. Search for old accounts you may have forgotten. Use LinkedIn to document academic achievements. Follow target schools and engage positively with their content.

Strategic Value

For roles involving public engagement, communications, or marketing, a strong online presence demonstrates relevant skills. Documented volunteer work, professional achievements, and thought leadership can reinforce application claims. Candidates who show they can build audience and engage professionally gain advantage over those with minimal or problematic presence.

Conclusion

Social media screening is legal, increasingly common, and likely to expand. The proportion of employers and admissions officers who view it as acceptable continues growing.

Effective implementation requires formal policies with documented processes, third-party services for FCRA compliance when feasible, separation between screeners and decision-makers, training on anti-discrimination requirements, secure data handling with defined retention periods, and consistent application across all candidates for a given role or category.

Organizations that build careful processes gain legitimate insight while managing legal exposure. Those that screen informally or inconsistently create liability that outweighs any benefit from the information obtained.