Facebook password measure placed on hold
Friday, Mar 23, 2012 - Posted by Rich Miller
* It’s back to the drawing board for Rep. Ford…
Legislation that would prohibit employers from seeking job applicants’ social network passwords is on hold in the Illinois House. Democratic Rep. La Shawn Ford’s measure would allow job-seekers to file lawsuits if asked for access to sites like Facebook. Bosses could still ask for usernames that would allow them to view public information on the sites.
But critics questioned a provision that safeguards an employer’s ability to “maintain lawful workplace policies” regarding electronic equipment and investigating suspected unlawful or improper activity. They say that contradicts the password prohibitions.
* I hadn’t realized this was much a problem, but even Facebook is upset about it…
Some companies and government agencies aren’t just glancing at a job applicant’s social networking profiles — they’re asking to log in as the user to have a look around. And Facebook wants an end to it.
The social-networking giant weighed in on the controversy Friday morning, reasserting a point in its privacy regulations intended to prevent such requests that makes it a violation of Facebook’s policy to request your log in. […]
Since the rise of social networking, it has become common for managers to review public Facebook profiles, Twitter accounts and other sites to learn more about job candidates. But many users, especially on Facebook, have their profiles set to private, making them available only to selected people or certain networks.
Companies that don’t ask for passwords have taken other steps — such as asking applicants to friend human resource managers or to log in to a company computer during an interview. Once employed, some workers have been required to sign nondisparagement agreements that ban them from talking negatively about an employer on social media.
Asking for a candidate’s password is more prevalent among public agencies, especially those seeking to fill law enforcement positions such as police officers or 911 dispatchers.
* There’s a proposed bill in Maryland as well…
And since 2006, the McLean County, Ill., sheriff’s office has been one of several Illinois sheriff’s departments that ask applicants to sign into social media sites to be screened.
Chief Deputy Rusty Thomas defended the practice, saying applicants have a right to refuse. But no one has ever done so. Thomas said that “speaks well of the people we have apply.”
When asked what sort of material would jeopardize job prospects, Thomas said “it depends on the situation” but could include “inappropriate pictures or relationships with people who are underage, illegal behavior.”
In Spotsylvania County, Va., the sheriff’s department asks applicants to friend background investigators for jobs at the 911 dispatch center and for law enforcement positions.
“In the past, we’ve talked to friends and neighbors, but a lot of times we found that applicants interact more through social media sites than they do with real friends,” said Capt. Mike Harvey. “Their virtual friends will know more about them than a person living 30 yards away from them.”
* From the ACLU…
“It’s an invasion of privacy for private employers to insist on looking at people’s private Facebook pages as a condition of employment or consideration in an application process,” ACLU attorney Catherine Crump said in a statement. “People are entitled to their private lives. You’d be appalled if your employer insisted on opening up your postal mail to see if there was anything of interest inside. It’s equally out of bounds for an employer to go on a fishing expedition through a person’s private social media account.”
What do you think of this?
* Roundup…
* Lawmakers address Caylee’s law, trans fats, straight on red: Legislation inspired by a Florida jury’s acquittal in July of Casey Anthony advanced in the state Senate on Thursday. The measure is among two competing versions of a push to make it a Class 4 felony if a parent fails to notify officials in a timely manner if their child is missing or dead.
* Illinois to become first state to allow online lottery sales
* Press Release: Hutchinson fights to keep Hunger Relief Check-off on Illinois Tax Forms
* Local Officials, Workers Say “No Quinn Cuts” to Illinois Health Facilities, Prisons
- wordslinger - Friday, Mar 23, 12 @ 11:37 am:
Can there be an expectation of privacy when you put it out on Facebook?
Folks, if you’re going to put your business out there, people are going to snoop around. My advice: don’t put it out there.
- Frank - Friday, Mar 23, 12 @ 11:41 am:
If a facebook profile is marked “private”, employers should have no right to request access. What’s the difference between accessing private facebook profiles and someone’s private e-mail account?
- Little Egypt - Friday, Mar 23, 12 @ 11:47 am:
I’m extremely happy I’m retired and don’t have to deal with this. However, I will say that any employer could look at anything on my FB and could look at any of my “friends”, with one caveat though. They would have to learn to play Farmville and help harvest my crops. They would also see the fine folks I associate with, the “top friend” on my list being the Honorable Rich Miller.
- TCB - Friday, Mar 23, 12 @ 11:48 am:
Maybe next time I’m on a job interview the guy will ask for my keys & walk out to search my car. Or maybe they can go through my wallet & pockets. Perhaps they could just following me back to my house and look in my medicine cabinet?
This is a bit of a slippery slope argument, but still…..this is absolutely an invasion of privacy. If these employers are so worried about their applicants being criminals, make them sign an affidavit at the interview, then the employer will have legal recourse to fire them instantly upon uncovering illegal activity.
- Wensicia - Friday, Mar 23, 12 @ 12:05 pm:
We discussed this not too long ago on Zorn’s blog. No employer should have the right to request an employee’s Facebook name and password upon hiring. But, as an employee in a public school district, I’m aware anything I might post on my page could be up for review by my administrators, if made public.
Once it’s out there, anyone may some day access your comments.
Be careful what you post…
- Skeeter - Friday, Mar 23, 12 @ 12:06 pm:
The guy charged this week with a shooting a Chicago PO had photos of himself throwing gang signs posted on his Facebook page.
I suspect an employer (McDonalds in his case) would consider gang membership to be relevant.
That being said, asking to “friend” a person/organization is one thing. Asking for passwords is another.
- Skeeter - Friday, Mar 23, 12 @ 12:09 pm:
For more on the Chicago PO/Facebook photo story, see:
http://www.suntimes.com/news/11446592-418/man-charged-with-shooting-chicago-police-officer-in-chest.html
- Ron Burgundy - Friday, Mar 23, 12 @ 12:13 pm:
I agree that this practice should be impermissible. Prospective employers should and can look at public profile information, but should not be permitted to use an applicant’s password to access things that are “locked down” by privacy settings.
Sure, by doing so they could claim they are just looking for things like pictures of you hoisting a beer or engaging in lewd behavior, but it raises other issues as well. Prospective employers can’t ask interviewees certain questions by law regarding their marital status, sexual orientation, certain disabilities, etc. By requiring people to give up their passwords, it could be viewed by the courts as coercing people in an effort to sidestep the legal restrictions they face on this information. In other words, if I can’t legally ask these questions, I’ll just go looking for the answers myself in their social media pages… Interesting legal question.
- Oswego Willy - Friday, Mar 23, 12 @ 12:17 pm:
“I put it on the Internet, I expect it to be private!”
I agree with schools that deny kids entrance into college that have underage drinking on their Facebook page.
I have no problem with an employer taking action against an employee who NEEDS time off for a “Family Situation” day off and then that employee posts on Facebook, “Hawaii, here I come!!”
If you do things that may have ramifications against you by posting them on the most Un-Private place ever created, the Internet … then you probably get what you deserve.
I totally laugh, and have no sympathy for the kids or the parents that complain, “My kid got denied admission into Stanford (pick any school) because he/she posted pictures of themselves at a party, drinking from a keg, and doing body shots … I don’t understand the school’s decision.”
Your actions have consequences … I guess we can do, or post, or be whatever we want, and not one person, school, or employer can hold us accountable to the ignorance of posting dopey things? …
Pathetic
- In 630 - Friday, Mar 23, 12 @ 12:26 pm:
Employers have no more business poking around people’s Facebook and Twitter accounts than they do having investigators follow them around to eavesdrop on their conversations in bars and restaurants.
- TCB - Friday, Mar 23, 12 @ 12:29 pm:
@Willy
I’ve never heard of this practice. Is this something that actually happens?
If so, do these universities do ongoing checks once these students are accepted? I mean, I sure this totally prevents current students who are underage from embibing, right?
Seems a little silly to me.
- Retired Non-Union Guy - Friday, Mar 23, 12 @ 12:30 pm:
Facebook allows you to have both public and private posts and also private groups, such as family, friends, etc. So there is an expectation of privacy if you do a private posting. Given the amount of Facebook hacking that has occurred over the years, maybe there shouldn’t be … but the expectation is there.
Anything someone is dumb enough to publicly post is fair game for current or potential employers. If they are that stupid or ignorant, you probably don’t want to hire them anyway …
Asking for access to the private postings by a current or potential employer is crosses the line. It should be illegal to condition employment on private access to social media postings in most cases. I can envision certain situations in Law Enforcement / National Security type considerations … but the general rule should be no access to private postings. Besides, those type of organizations can legally request access through the courts if there is some grounds for concern.
Volunteering to provide access is a different issue. If you have nothing to be concerned about, you could give access for a 24 or 48 hour window and then immediately change your password. It would be a way for some applicants to stand out from the crowd.
But the bigger question is how do you police it to be sure an applicant who doesn’t provide access still gets considered for the job? Yes, you could always sue for discrimination … but most job applicant’s don’t have that kind of money or they wouldn’t be looking for a job in the first place.
The best course is to not post that kind of stuff on social media because it never really goes away. Even if you delete it, there are places on the web where you can find decades old data.
- Oswego Willy - Friday, Mar 23, 12 @ 12:33 pm:
- TCB -
“Use the Google” … and yes, they do, its been done and is BEING done …
- Oswego Willy - Friday, Mar 23, 12 @ 12:37 pm:
Less than 5 seconds …I found this …
http://madamenoire.com/111316/facebook-posts-costing-some-students-college-opportunity/
Zero Sympathy …
- Newsclown - Friday, Mar 23, 12 @ 12:38 pm:
Look, an H.R. person accessing your facebook profile is violating Title VII. You know, that little federal law that says you can’t ask me my age, race, religion, gender, political affiliation, etc.?
They would also be violating a federal law on Computer security, just asking for a password. They are also violating, or asking you to violate, the Terms of Service you agreed to with Facebook when you signed up.
Realize, too, that by accessing your unprotected Facebook, they get around the privacy protections chosen by all your FB friends, and will thus gain, thru your account, unsecure access to dozens or hundreds of otherwise private accounts to see their pictures and their writings. Those friends chose to keep their postings limited to a private circle, not the general public, and you letting Betty Joe from H.R. go trolling thru your account exposes all these other people who are NOT interested in being hired. They might be interested in suing, though.
Put this another way: It’s no different than having them ask Mr. Miller to reveal your Pseudonym for all the posts you ever made to this blog. Yes, you made a public statement on the blog, but it was under the implicit understanding that Miller was not going to out you to just anyone who wants to know your true name.
We need to nip this kind of thing in the bud. An H.R. person can legitimately research you by Googling you and that should be enough. Demanding on pain of non-employment that you consent to an illegal search of your private computer information is beyond the pale.
- sangamo better blues - Friday, Mar 23, 12 @ 12:39 pm:
I found myself in disbelief when this first came up in committee. Some of the GOP members went to great lengths to defend an employer’s legitimate need to ask for usernames and passwords of social media accounts. What happened to the party of freedom? What if an applicant is LGBT and in the closet but has pictures of their partners on their FB? What if an applicant has liked FB pages about unions, political beliefs or religious affiliation? What if a person had a bad day at work and vented about it to her friends? What if a person has a medical condition and posts on a FB support group? Seems to me this is ripe for discrimination. I agree that this is akin to asking for personal email passwords. I can maybe see an exemption for law enforcement and related careers, but for some Joe/Jane Schmoe applying for a 9-5 job….now way
- Newsclown - Friday, Mar 23, 12 @ 12:43 pm:
And you can’t make it optional or “voluntary” for some, because that naturally sets up the class of non-voluntary people for discrimination, this is the “tyranny of the Majority” that says if some people choose to surrender their privacy, all must comply, or face economic pressure. It’s a Constitutional mess and we should avoid the whole thing, make it illegal to ask just like asking your religion is illegal when hiring.
- Oswego Willy - Friday, Mar 23, 12 @ 12:48 pm:
I have yet to hear of a case where someone sued about a school/employer/etc., firing or denying enterance into a college and the affeted party (student, employee, etc.,) win those cases … are those out there?
I hear about the denials and the firings … we have any that have been overturned yet?
No snark, I am asking …
- Name Withheld - Friday, Mar 23, 12 @ 1:27 pm:
As Newsclown mentioned, giving someone else your Facebook user name and password is a violation of their terms of service, which could result in getting your account suspended or terminated. Here’s a link to the TOS page:
https://www.facebook.com/legal/terms
I direct you specifically to Section 4, where it specifically says “You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account.” Furthermore, the TOS prevents me from creating a ’second’ account, transferring my account, and a whole host of other things. In short - my account is my account, and can only be used by me.
Additionally, the Justice department has previously interpreted the violation of Terms of Service as a criminal offense (exact charge escapes me) - even though they are not actually enforcing it at the moment. Anyone remember Lori Drew from St. Louis? Even though she wasn’t convicted, the feds did try.
Giving people access for a limited time before changing the password isn’t a good idea either. Someone could update your information before you have a chance to stop them.
Here’s another wrinkle. People regularly put information on Facebook like birthday, marital status, religious affiliation, group affiliation, and so forth. That information is perfectly fine in a social context when shared among true friends, but it has absolutely no place in an employment-consideration context and opens that employer up to claims of discrimination. Also, my Facebook friends didn’t sign up to have their information accessible by someone who isn’t me but is impersonating me. Someone logging in as me could see any information on my friends that they’ve made visible to me.
I understand about privacy and putting stupid stuff on the internet, but social media such as this has only been around for the past decade - and only really taken off in the past 5 years. People are scrambling to learn exactly how to behave in this new era. Additionally, what I may have done 4 years ago in college or whom I talk with is my business - and none of yours.
The bottom line is that even if I put the stupidest thing online, employers have no business snooping into my personal life beyond what’s necessary to establish that I’m a valid candidate for a position.
- wishbone - Friday, Mar 23, 12 @ 1:48 pm:
“It’s no different than having them ask Mr. Miller to reveal your Pseudonym for all the posts you ever made to this blog.”
So that Mr. Miller guy knows who wishbone is? He’s good.
- Responsa - Friday, Mar 23, 12 @ 2:12 pm:
Knowledge is power. What many people miss is how very much of the stuff they put on facebook is readily available even to people they have not friended and do not even know. When I warned a friend in another state that she was putting too much info out there she pooh-poohed it and said, “Oh, I thought you were not a fan of facebook and now you’re on it!”. I told her I was not a facebook member and reminded her that surely she knew that I had not officially friended her. I then proceeded to describe in detail pictures she currently had up, and listed about 25 of her contacts. (Relax–this is not stalking–she’s one of my dearest and oldest friends and I was making a point.) She was stunned, as she’d actually thought she was assured some level of privacy based on the settings she had in place. Ha.
Lots of kids and young adults, though, don’t even want to use privacy settings. The idea is to get as many followers as possible and to say unique things and post shocking pictures and meet new people on-line. This is my long way of saying that demanding passwords and IDs is not needed to snoop. There are already myriad perfectly free and legal ways through regular search engines and twitter for schools and employers to find out plenty about you, whom you hang around with, and what you do when you are hanging around with them.
- Anonymous - Friday, Mar 23, 12 @ 2:12 pm:
I always take all my yearbooks, wedding photos, baby book, sonograms of my kids, pen pal letters, thank-you notes to grandparents, home movies and slide shows of all of my vacations to any prospective employer. Interviews run well in to the next day and I am still gainfully unemployed. Please help, will work for weekly colonoscopy.
- Oswego Willy - Friday, Mar 23, 12 @ 2:13 pm:
- Name Withheld -
I have yet to hear of a case of someone terminated for something on Facebook, or someone being denied entrance into a College overturned, against the “Snooper”.
So, until Facebook joins those suits for re-instatement of a job, or helps some dopey kid to get into a college after posting something ignorant … AND Facebook joining the complaint AND paying the legal fees, I am going to take it as lip service from Facebook.
- What planet is he from? - Friday, Mar 23, 12 @ 2:24 pm:
Like Newsclown said, “They would also be violating a federal law on Computer security, just asking for a password.” As an IT guy, one of the most basic tenets we preach in cybersecurity is DON’T GIVE YOUR PASSWORD TO ANYBODY. And if I’m willing to break one of the cardinal rules of computer-dom at an interview, what does that say about me as an employee?
- Bill L - Friday, Mar 23, 12 @ 2:30 pm:
I’m glad I have a job and I have no intention of leaving it.
I do not have a Facebook account, nor do I ever want one. I don’t have a Twitter, FourSquare, Linkedin, or any other type of newfangled social media account. I’m just not that social. I was raised to believe that you keep your business within the walls of your own home.
My question is, will a potential employer take someone not providing passwords and other account information against them? What kind of recourse would someone have if they were not hired or even complete an interview process because they aren’t involved in social media?
- Responsa - Friday, Mar 23, 12 @ 2:38 pm:
Bill L., As long as you had the required credentials you’d probably get hired on the spot once they figured how smart you are to steer clear of social media!
- Name Withheld - Friday, Mar 23, 12 @ 3:19 pm:
Oswego Willy - do a Google search on NLRB and Facebook. Some employees were fired for discussing their employer on FB and they filed a complaint with the National Labor Relations Board.
http://www.businessmanagementdaily.com/14335/after-nlrb-ruling-can-employees-really-trash-you-on-facebook
Frankly, you’d have to be a near-sighted midget with glaucoma to see that this is the worst idea to come along since Han Shot First.
Again - it’s not just my information that they would be getting access to - it’s all of my friends, groups, associations, Facebook application, email (because Facebook has email), and everything else that’s contained within that ecosystem. Unless you can show me why any employer has a need to know who you talk to, what you say to them, what groups you affiliate yourself with, what games you play, who you went to high school with, who your friends talk to, what groups your friends affiliate themselves with, what your friends say to their friends, what games your friends play, and so forth - then its nothing more than a snoop through someone’s personal life.
- Colossus - Friday, Mar 23, 12 @ 3:24 pm:
Name Withheld seems to have succinctly summarized the issue at hand.
Not bad for a stuck up, half-witted, scruffy looking nerd-herder.
- Learning the Ropes - Friday, Mar 23, 12 @ 3:25 pm:
Also, Facebook is now discussing potential legal action against employers: http://arstechnica.com/business/news/2012/03/facebook-says-it-may-sue-employers-who-demand-job-applicants-passwords.ars
- Squideshi - Friday, Mar 23, 12 @ 3:37 pm:
Not only is it a violation of Facebook’s Terms of Service for anyone other than you to access your Facebook account; but it is also a CRIME, according to the Department of Justice.
- Responsa - Friday, Mar 23, 12 @ 3:53 pm:
Name Withheld and Colossus–
I hear your concerns. I’m pretty much of a privacy freak myself. I oppose any demand for passwords, etc. But as to the rest, you may be sort of naive if you really don’t understand that in this day and age there are solid and legitimate reasons for employers to have some idea about the character of a person they are considering giving the keys to the door, and who will be privy to company strategy and assets. Or, for college deans to have some idea about the ethics of individuals other young students will be living and studying and socializing with in close proximity.
- What planet is he from? - Friday, Mar 23, 12 @ 4:08 pm:
“Sure, I’ll give you my Facebook password if you give me the admin password to your web server. Don’t worry, I’m not going to change anything, I just want to look around at the code and data to see if this is the kind of place where I want to work.”
- Oswego Willy - Friday, Mar 23, 12 @ 4:57 pm:
- Name Witheld -
Thanks for the info. What is really great about this place, is the stuff you learn.
However, I will be a bit surprised if Facebook “watching” increases before it decreases, and further, those thinking posting everything without a filter won’t come back to haunt them, they are going to be hurt far more than helped in the long run.
Keep thinking the Internet has privacy, and we will see more dopes being hurt in the long run.
- zatoichi - Friday, Mar 23, 12 @ 5:08 pm:
Once the info is on the Internet, it can show up anywhere. Want privacy? Don’t upload.
I can see a future interview:
“What do you mean you do not have a Facebook account?”
‘I never bothered. Don’t care what others do.’
‘Sorry we can’t hire you. You are not technology advanced enough for us.’