Not being a computer aficionado, I cannot understand why anyonewould list his or her comings and goings, likes and dislikes,private practices, pictures and relationships on the computer. Inmy opinion, this personal information is interesting only to theperson who publishes it. I also thought that such information wasprivate until I read about some companies requesting/demandingFacebook usernames and passwords from potential employees. Thistactic hit home recently when my daughter was faced with this issuewhile applying for a job.

My first thought when she told me about the “request” was thatthe company had no right to pry into her personal life. But then Irealized that perhaps the company had sound reasons to seek as muchinformation as possible about a potential employee. And finally, Istarted to think about this from an insurance perspective;specifically, can the company be sued for violating a person'sprivacy, and would a liability policy apply to such a lawsuit?

Read MoreFC&S Blog Posts at the Coverage Cafe

Accepting the fact that people can sue over anything these days,the question becomes: How would the insurer respond to a claimagainst its insured for violation of privacy? Using the CommercialGeneral Liability (CGL) policy as a starting point, the insurer hasa duty to defend its insured against any lawsuit seeking damagesunless it is absolutely clear and unmistakable that the insurancecoverage does not apply to the claim. When it comes to a violationof privacy claim, coverage B in the CGL form is the section toreview.

Coverage B applies only to damages because of personal andadvertising injury, which is a defined term. The definitionincludes an “oral or written publication, in any manner, ofmaterial that violates a person's right of privacy.” So, if acompany gets a person's Facebook password, reviews the personalinformation contained therein and then allegedly publishes thatinformation, a claim made against the insured company would warranta defense by the insurer (at least until an applicable exclusioncan be utilized).

But would the insured employer become legally obligated to paydamages—and thus, be eligible for indemnity—because of this privacyviolation? Without expressing a legal opinion, there seems to be atleast two issues to be raised: First, was there a publication?Second, since the Facebook password was given voluntarily, is theemployer guilty of anything?

Without a publication, the definition is not met and there is nopersonal and advertising injury. “Publication” in the CGL formrequires data being made known to the public in general. Mostprobably, the information gleaned from a person's Facebook by apotential employer is going to be shared only by those with theability to hire someone, and this is not the general public. Ofcourse, if embarrassing personal information about the Facebookuser is leaked to others outside the human resources circle, thatcan be troublesome. The lawyers would have to fight it out overwhether the leak was a publication.

See Related Article: Facebook Faceoff Pits Employers Against Job Seekers

As for the potential employee voluntarily giving up the Facebookdata, if a person really needs a job and being hired depends onvolunteering that information, doesn't this actually smack ofcoercion on the part of the employer? Again, a battle for lawyersto settle.

As far as I know, there have been no high-profile lawsuits andinsurance-coverage disputes over an insured employer asking for(demanding) Facebook passwords and then being sued by the Facebookusers. Some states are looking into this practice in order to decideif any laws are being violated or if public policy needs to be set.As for insurers and insureds, the question of defense and indemnityover this issue will have to be addressed and clarified sooner orlater.