Facebook: Legal Action Against Employers Asking For Your Password 504
An anonymous reader writes "Facebook today weighed in on the issue of employers asking current and prospective employees for their Facebook passwords. The company noted that doing so undermines the privacy expectations and the security of both the user and the user's friends, as well as potentially exposes the employer to legal liability. The company is looking to draft new laws as well as take legal action against employers who do this."
A least one U.S. Senator agrees with them.
But now... (Score:4, Insightful)
...employers will just ask potential employees to accept their HR staff's friend request, as the article yesterday stated. But one could easily get around that by making sure the HR staff is in a Facebook list that has no access to a user's wall/timeline and other info. Still, seems like the employer wouldn't like that and they would find some way to get the employee to let HR in. :(
Ever actually happened? (Score:4, Insightful)
Has a single company that has done this been identified by name? Every article I've seen does NOT mention any name, making it sound more anecdotal than factual.
Re:But now... (Score:4, Insightful)
Create another FB account solely for work purposes. And when the HR rep b-tches about that, tell them the HR rep's FB account is obviously a work account and not the HR rep's actual personal FB account.
Sure, I'll give you that FB password... (Score:5, Insightful)
Right after you give me the root password to the company's servers!
Seems like a fair trade to me...
Comment removed (Score:5, Insightful)
Re:Ever actually happened? (Score:2, Insightful)
I agree with the parent poster. Without anyone naming the companies doing this, it will just be dismissed as an urban legend.
But if it is true: If an employer is stupid enough to try to force a potential employee to break a terms of use agreement, what does that say about any agreement they want the employee to agree to? That they are to be taken lightly?
So, if anyone knows anything else, name the companies so that we can avoid them like the plague. I don't care much for Facebook, but any companies with practices as stupid as these deserve to get a beating.
Re:Ooh! Ooh! Simple Solution (Score:5, Insightful)
As I posted in a similar story discussion, this will just become an HR screen checkbox requirement that will play out like this:
"Please provide your FacePlace login information here."
"I don't use FacePlace."
"Right. Applicant failed to produce FacePlace login information."
My answer is "I don't use facebook" (Score:5, Insightful)
And it will always be my answer. Whether or not I use facebook is no one's business. Not my family. Not my friends. Not my co-workers or employers. "Please wear this delightful necklace with a GPS and a camera to take pictures of whatever is around you at any given time. BTW, it's a condition of employment." There's just something dark and sinister about that. How any employer could think this is a great idea when they know damned well they wouldn't be willing to share that information with their employees is looking upon their employees as a "lesser being" and certainly not equal as idealized by the US constitution. If this is not a "discriminatory act" it most definitely leads to discriminatory behavior.
There is already a list of things an employer cannot ask an employee for. I think it's time to make a law which issues a WHITE LIST of things employers can ask for rather than using the black list system we have today. The potential for this to become an ever-growing problem is too great.
Re:But now... (Score:5, Insightful)
Or better yet - don't have a Facebook account.
Re:What happens when the answer is "mu?" (Score:5, Insightful)
What happens when the answer is "mu?"
They will be suspicious that you are lying and not hire you. Or they will think you are a technophobe and not hire you. Or they will think you are a cow and not hire you. That may sound unreasonable, but if they were reasonable, they would not ask for the information in the first place.
Another law? (Score:3, Insightful)
Re:But now... (Score:3, Insightful)
At which point you inform them that you do not have a Facebook account because you are not in high school.
Re:Sure, I'll give you that FB password... (Score:4, Insightful)
Right after you give me the root password to the company's servers!
Seems like a fair trade to me...
Um, no.
I have the root password to the company's servers. It's sort of required when being a senior sysadmin.
But the company has no right to my private accounts, any more than I have the right to access the CEOs or HR people's private accounts.
I don't have a FB account, so that one is rather easy not to give them. But if they asked for another non-work account, I'd report them to the company's ethical hotline.
Re:So employers do ask for Facebook passwords? (Score:5, Insightful)
its worse. many (!) employers ask/demand to have you pee in a cup, for them.
its fine and reasonable to say that you don't have a FB account. but just try telling them you don't have any piss in you! they just won't believe it.
Re:My answer is "I don't use facebook" (Score:4, Insightful)
That's great - if you don't use Facebook. If you do use it, then you're *lying* to a prospective employer, telling them you don't. Two wrongs don't make a right. They can't coerce you into giving it, so simply decline to provide it.
Employer: "May we have your Facebook password so we can (save the children / fight the global war on terror / end domestic assault / some other well-meaning but bullshit excuse for invading your privacy)?"
You: "No you may not. My use (or non-use) of Facebook is none of your business. I guess we're done here."
The simple fact that they ASK for it, regardless of the reasoning and regardless of whether or not you use it, should be enough to warn you that you don't want to work for them.
Re:But now... (Score:5, Insightful)
Job interview ... 'on the internet' (Score:5, Insightful)
Overbearing employers are nothing new; this is just HR prying into applicants lives with 'on the internet' appended. Whether it's drug tests, credit checks, IQ exams or 3-day multi-person interviews, some companies will push the boundaries and the people will have to push back, sometimes with politics and laws.
Imagine if an employer said they want to inspect your home and interview your family. If the job involves a top secret clearance maybe that's OK but not for 99% of jobs. And here's my point: nobody would agree to having their home inspected and HR wouldn't even think to ask. It's only because social networking is new that anyone even wonders if might be reasonable.
Since the beginning of the web (I started developing websites around the beginning of 95) I have been ever careful of what I put out... The key is to make it look "real", but not enough to make you look bad.
I've filtered myself too, as I'm sure most of Slashdot has, but we should really focus on fighting for everyones rights. No matter how well we may protect ourselves we all have to live with societies attitudes. As technical folk we have the best chance of setting the norms for life on the internet.
Selling your information (Score:4, Insightful)
Re:i would love to sue my boss for that (Score:5, Insightful)
Although it should be against the law for businesses to pry into our personal lives, including our financial history, Facebook is the wrong company to lead the charge.
Re:i would love to sue my boss for that (Score:5, Insightful)
I won't even give my boss my work password. IT's my account and any access by another person to it would violate my ability to know anything done with that account was done by me. We have a policy against it. No one not even a superior is supposed to have access to our A/D account. Any changes have to be documented. They have the ability to change my password. There would be a record of who did it and questions can be asked then. I view all of my accounts with the same level of security. My companies involvement with me ends at their network.
Re:But now... (Score:3, Insightful)
Right, and those of us who don't live in Mommy's basement realize that there's ways to find a job without allowing your employer to violate you.
Or did you think that "lying to get a job from an employer under false pretenses" and "working for an employer who you know to be morally and ethically bankrupt" are exemplary characteristics of adult independence?
Re:This seems like common sense... (Score:4, Insightful)
It makes me feel dirty, but "Go Facebook!"
On the other hand, the cynical side of me thinks this is just so Mark can monetize giving the information to employers as part of a "background check". They could provide "compatibility rankings" based on employeer criteria without ever letting the employeer see the private data itself and thus avoiding privacy issues. Yeap, I think I'll keep with my no Facebook policy and if someone doesn't want to hire me because I don't have one, I don't want to work for them anyway.
Re:i would love to sue my boss for that (Score:5, Insightful)
to prove their point, but if facebook gets enough complaints they can wave there deep pocketed arms and say, "wanna fight us, cuz we can fight for a loooong time"
So no, they aren't the bastions of privacy, but they are on the right side here. So good for them.
Re:But now... (Score:4, Insightful)
Ditto. From an interviewer point of view, the question might actually have some value for the opposite reason. Interviewer: "I need you to give me access to your Facebook account, Twitter account, webmail account, etc.". Interviewee "OK, no problem". Interviewer "Then you're a very foolish person who clearly gives not two damns about data privacy and are likely to be a complete liability to our company's data, network security and fraud defences. But thanks for your time".
Re:i would love to sue my boss for that (Score:5, Insightful)
I didn't realise there were large companies that didn't do this. It seems like common sense.
Expecting common sense from large companies is certainly one way of ensuring that your life is full of surprises...
Re:i would love to sue my boss for that (Score:5, Insightful)
They aren't protecting your privacy, they are protecting their own data integrity.
Re:i would love to sue my boss for that (Score:5, Insightful)
And what if a potential employer demands access to your email accounts? That's apparently been happening as well. The real solution here is a legislative one, banning the practice.
Re:i would love to sue my boss for that (Score:4, Insightful)
it would be fun. Help me facebook.
You make light of this, however, Facebook would seem to have a case (disclaimer: IANAL). If bosses and companies start asking for Facebook logins people may well delete their FB accounts instead. I would. And even if you keep it, suddenly you're double-thinking everything before you post it which removes the charm (or some other more appropriate word) that is Facebook.
Facebook's value is based on the number of members that they have and how much those members use it. The National Labor Relations Board even protects some concerted employee activities on social media including FB. Anything that causes people to avoid using Facebook directly affects FB's valuation and profits, in which case FB has a case for tortious interference in their business process. This, I feel, is a stronger argument than just a violation of the FB ToS.
Re:But now... (Score:4, Insightful)
facebook is kinda in the driver's seat here due to its size and popularity, both with users and with companies trying to reach those users.....
so if facebook terminated company accounts when they receive some sort of proof that the company is asking for passwords or forcing friend requests of employees or job seekers -- as well as the accounts of known employees of said company -- the resulting shit storm (from employees-turned-collateral-damage, and from marketing / pr departments / execs, when they can't use facebook) should cause most companies to back off.
Re:i would love to sue my boss for that (Score:5, Insightful)
If I asked a potential employee for their personal passwords and they handed them over, they most certainly wouldn't get the job. I want employees with a clue about security - if they are happy to hand over their personal passwords, I can only assume they would also be happy to hand over confidential company data to a third party.
I think it's a good test for a sysadmin (Score:4, Insightful)
If he coughs up the password, definitely do not hire him.
Re:i would love to sue my boss for that (Score:5, Insightful)
Re:i would love to sue my boss for that (Score:5, Insightful)
If the request then turns into a demand, give the interviewer the ever-elegant "Raised Eyebrow of Self Respect" and end the interview right then and there. There will be something better if you keep looking (likely something you'd have missed if you took this job) and you shouldn't waste your precious time on this type of blatant asshattery.
Some other sucker can work under that company's bullshit scrutiny (if the company's opening gambit is spying on your personal life, do you really think it stops there?) while you keep looking for a **Real Job**. We all need to pound it into our brains that we have the right and the responsibility to choose who we work for, even in a shitty economy. Sure, you have bills to pay, so it's very hard to turn down a job, but be realistic. You'll either be right back at the job hunt in two months or you'll wanna be hanging from the rafters.
Re:i would love to sue my boss for that (Score:3, Insightful)
who would comply with this? Anyone who would is not worth hiring, as he will be the person handing out all company-data to the next social engineer. When the social engineer comes around the corner and says "hey, data-inspection day, please hand over all the company passwords" ... you really hope none of your employees complies.
Re:i would love to sue my boss for that (Score:5, Insightful)
There's no conflict there. Facebook just doesn't want people:
* to stop using them, since even a passive usage is a product they can monetize in ads and data-mining
* to create duplicate "clean" versions of themselves that they give away, as it will pollute the data-mining efforts
Pretending to care about people's privacy is just a happy side effect.
Re:i would love to sue my boss for that (Score:5, Insightful)
If I were applying to any company, it would be as technical staff (IT.)
Handing over a password to *anything* would be proof of a lack of competence for the job, and I'd tell them that.
Re:i would love to sue my boss for that (Score:5, Insightful)
But this is entirely the point of why Facebook is fighting this. If anybody believes it is about their terms of service or about standing up for their users out of benevolence they are ignorant.
Facebook *has* to try to stop this. If this practice becomes too invasive then it could possibly affect Facebook usage. This is bad for Facebook's business.
Facebook has to convince its users that they can freely share information and maintain some sense of control over who gets their data. They can't allow the precedence to be set of employers asking for account information and expecting to get it.
Now, when it comes to those who say they would just say no, I would say that it is a great situation to be in. You must keep in mind however that this practice isn't specific to the IT industry - it seems to be happening in industries where competition is steeper. There are some industries where opportunities for interviews are few, let alone jobs. When faced with the choice between potentially not getting a job or giving up a little bit of privacy, some people see little choice other than to make that sacrifice. If the practice becomes too commonplace and prevalent, then it could mean that this becomes the norm rather than the exception, and you too could one day face that choice.
I'm glad I'm not in the job market.