Employers and colleges that demand Facebook passwords or other access to social network profiles are doing more than violating the First Amendment, as advocates argue. They're also violating Facebook's terms of service. Almost three weeks after Bob Sullivan of msnbc.com's Red Tape Chronicles first broke the story of government agencies and colleges demanding inappropriate access to Facebook accounts, both the social network and a U.S. senator are calling shenanigans on this violation of privacy, which is also a potential liability problem for the inquiring institutions. On Friday, Erin Egan, Facebook's chief privacy officer on policy, was direct and referenced the possibility of legal action. The practice of requesting Facebook passwords and other access to user profiles "undermines the privacy expectations and the security of both the user and the user's friends," Egan said in a statement on the social network's privacy page. "It also potentially exposes the employer who seeks this access to unanticipated legal liability." As an example, Egan posited, "if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don't hire that person." Egan went on to say, it is now a "violation of Facebook's Statement of Rights and Responsibilities to share or solicit a Facebook password." On Wednesday, Sen. Richard Blumenthal D-Conn. told Politico he's writing a bill that would outlaw the practice as well:     The senator cited longstanding federal prohibitions against administering polygraph tests to potential employees as a rationale for a new law.     Even for prospective employees who voluntarily surrendered account access to improve their chances of landing a job, Blumenthal said there remain concerns. "The coercive element of the request," he said, "really makes it less than voluntary."ACLU attorney Catherine Crump had stronger words for the practice. "People are entitled to their private lives," she said in a statement. "You'd be appalled if your employer insisted on opening up your postal mail to see if there was anything of interest inside. It's equally out of bounds for an employer to go on a fishing expedition through a person's private social media account." Here are some of the egregious examples of Facebook privacy violations, first reported by Sullivan on March 6:   In Maryland, job seekers applying to the state's Department of Corrections have been asked during interviews to log into their accounts and let an interviewer watch while the potential employee clicks through wall posts, friends, photos and anything else that might be found behind the privacy wall.  Previously, applicants were asked to surrender their user name and password, but a complaint from the ACLU stopped that practice last year. While submitting to a Facebook review is voluntary, virtually all applicants agree to it out of a desire to score well in the interview, according Maryland ACLU legislative director Melissa Coretz Goemann.  Student-athletes in colleges around the country also are finding out they can no longer maintain privacy in Facebook communications because schools are requiring them to "friend" a coach or compliance officer, giving that person access to their “friends-only” posts. Schools are also turning to social media monitoring companies with names like UDilligence and Varsity Monitor for software packages that automate the task. The programs offer a "reputation scoreboard" to coaches and send "threat level" warnings about individual athletes to compliance officers.