Forgot your password?
typodupeerror
Facebook Businesses Privacy News Your Rights Online

Facebook: Legal Action Against Employers Asking For Your Password 504

Posted by Soulskill
from the nip-this-in-the-bud dept.
An anonymous reader writes "Facebook today weighed in on the issue of employers asking current and prospective employees for their Facebook passwords. The company noted that doing so undermines the privacy expectations and the security of both the user and the user's friends, as well as potentially exposes the employer to legal liability. The company is looking to draft new laws as well as take legal action against employers who do this." A least one U.S. Senator agrees with them.
This discussion has been archived. No new comments can be posted.

Facebook: Legal Action Against Employers Asking For Your Password

Comments Filter:
  • by drodal (1285636) on Friday March 23, 2012 @12:44PM (#39453715) Homepage
    it would be fun. Help me facebook.
    • by mcavic (2007672) on Friday March 23, 2012 @01:01PM (#39453965)
      Your comment reminds me of when my company did layoffs:
      Employer: ... and an extra two weeks of severance if you agree not to sue us.
      Employee: Wait... I can sue you?
      • by jhoegl (638955) on Friday March 23, 2012 @01:33PM (#39454435)
        I find Facebook's concern for privacy ironic considering this... [net-security.org]
        Although it should be against the law for businesses to pry into our personal lives, including our financial history, Facebook is the wrong company to lead the charge.
        • by drodal (1285636) on Friday March 23, 2012 @01:49PM (#39454617) Homepage
          Well in all fairness, facebook is the only one here that can stand up and make a difference. It's nearly impossible for each person that's been wronged
          to prove their point, but if facebook gets enough complaints they can wave there deep pocketed arms and say, "wanna fight us, cuz we can fight for a loooong time"

          So no, they aren't the bastions of privacy, but they are on the right side here. So good for them.

          • by g0bshiTe (596213) on Friday March 23, 2012 @01:54PM (#39454691)
            Why sign up for social media as yourself in the first place? Yes I'm on FB, but not as me so no one that doesn't already know my ident can find me.
            • by MightyMartian (840721) on Friday March 23, 2012 @02:48PM (#39455351) Journal

              And what if a potential employer demands access to your email accounts? That's apparently been happening as well. The real solution here is a legislative one, banning the practice.

              • by bored_engineer (951004) on Friday March 23, 2012 @03:49PM (#39456051)
                Why is refusing to provide such information not also a real solution? I would no more give access to my e-mail than I would provide the details of conversations between me and my wife.
              • by HapSlappy_2222 (1089149) on Friday March 23, 2012 @04:06PM (#39456283)
                Agreed. The practice is just another way to weed out candidates without actually committing someone to examine actual qualifications. In the meantime, "I prefer not to disclose that information." is the proper response, just like the checkbox in the "Race" field of employment applications.

                If the request then turns into a demand, give the interviewer the ever-elegant "Raised Eyebrow of Self Respect" and end the interview right then and there. There will be something better if you keep looking (likely something you'd have missed if you took this job) and you shouldn't waste your precious time on this type of blatant asshattery.

                Some other sucker can work under that company's bullshit scrutiny (if the company's opening gambit is spying on your personal life, do you really think it stops there?) while you keep looking for a **Real Job**. We all need to pound it into our brains that we have the right and the responsibility to choose who we work for, even in a shitty economy. Sure, you have bills to pay, so it's very hard to turn down a job, but be realistic. You'll either be right back at the job hunt in two months or you'll wanna be hanging from the rafters.
            • by Stewie241 (1035724) on Friday March 23, 2012 @06:46PM (#39457605)

              But this is entirely the point of why Facebook is fighting this. If anybody believes it is about their terms of service or about standing up for their users out of benevolence they are ignorant.

              Facebook *has* to try to stop this. If this practice becomes too invasive then it could possibly affect Facebook usage. This is bad for Facebook's business.

              Facebook has to convince its users that they can freely share information and maintain some sense of control over who gets their data. They can't allow the precedence to be set of employers asking for account information and expecting to get it.

              Now, when it comes to those who say they would just say no, I would say that it is a great situation to be in. You must keep in mind however that this practice isn't specific to the IT industry - it seems to be happening in industries where competition is steeper. There are some industries where opportunities for interviews are few, let alone jobs. When faced with the choice between potentially not getting a job or giving up a little bit of privacy, some people see little choice other than to make that sacrifice. If the practice becomes too commonplace and prevalent, then it could mean that this becomes the norm rather than the exception, and you too could one day face that choice.

              I'm glad I'm not in the job market.

        • by niftydude (1745144) on Friday March 23, 2012 @02:06PM (#39454869)
          Well Facebook only breaches your privacy when a company pays for the service. They have no desire to give that info out for free.
        • by Anonymous Coward on Friday March 23, 2012 @02:18PM (#39454989)

          They aren't protecting your privacy, they are protecting their own data integrity.

        • by Applekid (993327) on Friday March 23, 2012 @04:36PM (#39456583)

          There's no conflict there. Facebook just doesn't want people:
          * to stop using them, since even a passive usage is a product they can monetize in ads and data-mining
          * to create duplicate "clean" versions of themselves that they give away, as it will pollute the data-mining efforts

          Pretending to care about people's privacy is just a happy side effect.

      • by Caratted (806506) * on Friday March 23, 2012 @01:48PM (#39454599)

        Your comment reminds me of when my company did layoffs: Employer: ... and an extra two weeks of severance if you agree not to sue us. Employee: Wait... I can sue you?

        That's when you say, "no, I won't sign that."

        And see how much more they offer you. Sales 101, my man.

      • by mjwalshe (1680392)
        and of cause you then say ok boss you have admitted that you have done something wrong so shall we say 2 months for each year of service for me signing the compromise agreement.
      • by Nom du Keyboard (633989) on Friday March 23, 2012 @03:02PM (#39455539)

        Employer: ... and an extra two weeks of severance if you agree not to sue us.
        Employee: Wait... I can sue you?

        This should be your sig line.

    • No new law is needed (Score:5, Interesting)

      by perpenso (1613749) on Friday March 23, 2012 @01:31PM (#39454415)

      it would be fun. Help me facebook.

      Humor aside, if that is your goal you do not need help from facebook nor a new law. Existing laws will do quite nicely. For example it is illegal to ask a job candidate their age and a prospective employer can get sued for doing so. Logging into a facebook account exposes a prospective employer to much such prohibited information.

      • by Aryden (1872756)
        This is untrue in the U.S. It is illegal for them to not offer you employment due to your age, religion, sex, race or disability, but they can ask. They tend to not ask it as it could open them up to litigation, but it is not illegal for them to ask.
    • by Anonymous Coward on Friday March 23, 2012 @01:38PM (#39454499)

      I won't even give my boss my work password. IT's my account and any access by another person to it would violate my ability to know anything done with that account was done by me. We have a policy against it. No one not even a superior is supposed to have access to our A/D account. Any changes have to be documented. They have the ability to change my password. There would be a record of who did it and questions can be asked then. I view all of my accounts with the same level of security. My companies involvement with me ends at their network.

    • by Nom du Keyboard (633989) on Friday March 23, 2012 @03:00PM (#39455509)

      it would be fun. Help me facebook.

      You make light of this, however, Facebook would seem to have a case (disclaimer: IANAL). If bosses and companies start asking for Facebook logins people may well delete their FB accounts instead. I would. And even if you keep it, suddenly you're double-thinking everything before you post it which removes the charm (or some other more appropriate word) that is Facebook.

      Facebook's value is based on the number of members that they have and how much those members use it. The National Labor Relations Board even protects some concerted employee activities on social media including FB. Anything that causes people to avoid using Facebook directly affects FB's valuation and profits, in which case FB has a case for tortious interference in their business process. This, I feel, is a stronger argument than just a violation of the FB ToS.

  • But now... (Score:4, Insightful)

    by vjl (40603) <vjl@[ ].org ['vjl' in gap]> on Friday March 23, 2012 @12:45PM (#39453717) Homepage Journal

    ...employers will just ask potential employees to accept their HR staff's friend request, as the article yesterday stated. But one could easily get around that by making sure the HR staff is in a Facebook list that has no access to a user's wall/timeline and other info. Still, seems like the employer wouldn't like that and they would find some way to get the employee to let HR in. :(

    • Re:But now... (Score:5, Informative)

      by SerpentMage (13390) <ChristianHGross.yahoo@ca> on Friday March 23, 2012 @12:50PM (#39453811)

      And a company has the ability to say, "hey we don't want to hire you." As the article states you could sue for discrimination. But in this economy that has as about as much chance as snowball in hell. IMO the reality is that with social networks whether or not it is "private" you are putting information out that could get in the wrong person's hands.

      Since the beginning of the web (I started developing websites around the beginning of 95) I have been ever careful of what I put out... The key is to make it look "real", but not enough to make you look bad.

      • Re:But now... (Score:5, Interesting)

        by ohnocitizen (1951674) on Friday March 23, 2012 @12:54PM (#39453871)
        We do have another alternative, as unlikely a road to victory as it may seem. We can create a PR storm targeting the company using twitter and other social networks to call a company out on its privacy violating ways. Even a year ago I would have ignored the various online petitions and such as not having actual power. But the recent victories against Bank of America and Verizon have really got me thinking. Perhaps if a company is big enough or the violation flagrant enough to garner some buzz, there is a way to punish companies for misbehavior.
        • Re:But now... (Score:4, Insightful)

          by sdnoob (917382) on Friday March 23, 2012 @03:18PM (#39455699)

          facebook is kinda in the driver's seat here due to its size and popularity, both with users and with companies trying to reach those users.....

          so if facebook terminated company accounts when they receive some sort of proof that the company is asking for passwords or forcing friend requests of employees or job seekers -- as well as the accounts of known employees of said company -- the resulting shit storm (from employees-turned-collateral-damage, and from marketing / pr departments / execs, when they can't use facebook) should cause most companies to back off.

      • Re:But now... (Score:5, Interesting)

        by Culture20 (968837) on Friday March 23, 2012 @01:06PM (#39454037)
        It's actually easier to sue for discrimination if you allow them full access. They'll suddenly know your age, political preference, your other-racial significant other, sexual preference, etc. Plenty of fertile ground for lawsuits.
        • Re:But now... (Score:4, Informative)

          by AngryDeuce (2205124) on Friday March 23, 2012 @01:47PM (#39454591)

          Plenty of fertile ground for lawsuits.

          If you can find a lawyer willing to take the case, of course. From my own experiences dealing with discrimination as an employee of a major corporation, I couldn't find any lawyers in my area willing to take the case because it would have been ridiculously expensive to bring to trial, not because my case didn't necessarily have merit (although I admit it would have been a difficult case, as much of the discrimination was in the form of verbal comments and bias in terms of scheduling and double-standards, still, there were numerous witnesses and others that were discriminated against to varying degrees).

          Not to say that there aren't frivolous discrimination lawsuits, but the mere size and resources of the defendant has a definite chilling effect on those cases being brought.

        • Re:But now... (Score:4, Interesting)

          by rickb928 (945187) on Friday March 23, 2012 @01:57PM (#39454743) Homepage Journal

          Exactly. Employers asking for your age can be annoying, but that is usually illegal. Suing doesn't enhance your resume, but I for one would look elsewhere for emloyment if they seriously asked me for either my Facebook account access or to be friended to look over my profile. I would ask them why, and anything other than a specific 'we are looking for signs of dangerous behavior that could cause problems' would get a vacant stare and a short interview. Even then, put it in writing and I'll tell you if I can agree to 'not do that', unless of course it's unreasonable, which also results in a short inteview.

          Yes, these are difficult times, but some employers are not worth it.

        • Re:But now... (Score:5, Interesting)

          by pixelpusher220 (529617) on Friday March 23, 2012 @02:30PM (#39455123)
          Or is this a test? Those who say 'sure' don't get return calls, those who say 'not a chance'...show the requisite intelligence and are kept in the running for the position?
      • by mounthood (993037) on Friday March 23, 2012 @01:31PM (#39454411)

        Overbearing employers are nothing new; this is just HR prying into applicants lives with 'on the internet' appended. Whether it's drug tests, credit checks, IQ exams or 3-day multi-person interviews, some companies will push the boundaries and the people will have to push back, sometimes with politics and laws.

        Imagine if an employer said they want to inspect your home and interview your family. If the job involves a top secret clearance maybe that's OK but not for 99% of jobs. And here's my point: nobody would agree to having their home inspected and HR wouldn't even think to ask. It's only because social networking is new that anyone even wonders if might be reasonable.

        Since the beginning of the web (I started developing websites around the beginning of 95) I have been ever careful of what I put out... The key is to make it look "real", but not enough to make you look bad.

        I've filtered myself too, as I'm sure most of Slashdot has, but we should really focus on fighting for everyones rights. No matter how well we may protect ourselves we all have to live with societies attitudes. As technical folk we have the best chance of setting the norms for life on the internet.

    • Re:But now... (Score:4, Insightful)

      by Anonymous Coward on Friday March 23, 2012 @12:51PM (#39453813)

      Create another FB account solely for work purposes. And when the HR rep b-tches about that, tell them the HR rep's FB account is obviously a work account and not the HR rep's actual personal FB account.

      • Re:But now... (Score:5, Insightful)

        by arth1 (260657) on Friday March 23, 2012 @12:57PM (#39453903) Homepage Journal

        Or better yet - don't have a Facebook account.

        • by compro01 (777531) on Friday March 23, 2012 @12:59PM (#39453925)

          But then you're a anti-social and therefore likely to go on a shooting rampage.

        • by EvilBudMan (588716) on Friday March 23, 2012 @01:16PM (#39454187) Journal

          Yeah just give them your /. password instead.

        • Re:But now... (Score:5, Insightful)

          by xero314 (722674) on Friday March 23, 2012 @01:25PM (#39454297)
          This is the reason that Facebook is stepping into this issue. Facebook may or may not care about your privacy, but the whole reason they are taking an interest is out of fear of losing members. I personally do not have, and see no reason to ever have, a Facebook account so it doesn't affect me, but I would still walk away from any employer that even asked me for access to my, non-existent, Facebook account.
        • by gl4ss (559668)

          -"ok mister, we're looking for social media integration experts.. "
          -"well, I don't do facebook. or slashdot. or any of that !!"

          I think it's telling how ridiculous american culture has become when a large amount of people expect their potential employees to be slave-bitches for anything they come up with.

          I mean, facebook shouldn't have to do this. it should be expected that you don't ask for peoples letters if you're looking to employ people. did the soviets win? why not just start asking for blowjobs from a

    • Re: (Score:3, Insightful)

      by rhook (943951)

      At which point you inform them that you do not have a Facebook account because you are not in high school.

    • ...employers will just ask potential employees to accept their HR staff's friend request, as the article yesterday stated. But one could easily get around that by making sure the HR staff is in a Facebook list that has no access to a user's wall/timeline and other info.

      Your personal, private affairs do not belong in the workplace at all. Although I have friends at work, and we do socialize with them, none of them are facebook friends, nor ever will be -- and they all seem to be OK with that.

      I'm not sure what I would do if a personal friend came to work for this company, but since it isn't likely I won't fret.

      Time and time again I see people losing jobs -- and friends -- by failing to keep their employers/jobs/work out of their private lives and vice-versa.

      My answer

  • by Anonymous Coward on Friday March 23, 2012 @12:46PM (#39453737)

    Has a single company that has done this been identified by name? Every article I've seen does NOT mention any name, making it sound more anecdotal than factual.

  • by hiryuu (125210) on Friday March 23, 2012 @12:47PM (#39453745)

    I find myself curious as to what these (current or prospective) employers do with candidates who, assuming they meet all other criteria for the job, don't have social media accounts? That's one I haven't seen addressed in the various articles that have discussed this topic in recent weeks.

  • by cpu6502 (1960974) on Friday March 23, 2012 @12:48PM (#39453763)

    You can't have my password no more.....

    • I would give such an employer a little surprise to make them think twice next time. :-)

      Sure I will just have a fake facebook. Pick of me on my user icon just like my real one. Give them the password and as soon as they log in have a very large zoomed in pic of the bloody ass in GOATSE as my post.

      With white text caption saying you violated my rights I figured I would violate yours. Enjoy your lunch hour ... come on guys. Be creative

  • How about this? (Score:5, Interesting)

    by olsmeister (1488789) on Friday March 23, 2012 @12:49PM (#39453783)
    Make part of the Facebook login process to enter your your race, age, marital status, or other things that it is illegal for employers to ask you about in an interview. If they ask you to log in for them, you can claim that that is a form of asking you that information and is not allowed.
  • Already illegal (Score:5, Interesting)

    by gurps_npc (621217) on Friday March 23, 2012 @12:50PM (#39453797) Homepage
    If you have a good lawyer, you can probably sue them already. In most facebook accounts, people provide a lot of information that it is illegal for the employer to ask about - age, gender, race, sexuality. Employers can't ask these questions, and similarly, they can't ask questions that they know will reveal that information. We don't really need a new law, just a smart lawyer
  • by msobkow (48369) on Friday March 23, 2012 @12:51PM (#39453815) Homepage Journal

    My content is posted publicly, but many of my friends don't do the same.

    So for me to give out my password to a prospective employee would only gain them the ability to spy on people who aren't even applying for the job!

    So if you want my password, get a warrant. And if you can't get a warrant because you're not law enforcement, who the hell are you to be asking in the first place?

    • by leonardluen (211265) on Friday March 23, 2012 @01:28PM (#39454347)

      a better way to say it might be "I can't give you my password. if i were to so easily hand out my personal passwords, then how could you trust me to keep any work passwords secret"

      • Excellent answer.
        and if they press on with "this is different" you give them a speil about trust, and how people that have friended you and trusted you not to hand out friends data, thus you still can not reveal the pwd.

        I came back with a simple "Why?" when they asked for my pwd once. Their answer was to ensure I was not posting disparaging content about them or my previous employer. I responded that would be silly of me, if someone with a public profile re-posed it it would be public, in addition my prev

  • by Nyall (646782) on Friday March 23, 2012 @12:51PM (#39453825) Homepage

    Since the current laws about unauthorized network/computer access are vague enough to include doing something against any website's terms of service couldn't FB just put it their TOS? Then setup a bounty or whistle blower reporting system.

  • by kbob88 (951258) on Friday March 23, 2012 @12:52PM (#39453831)

    Right after you give me the root password to the company's servers!

    Seems like a fair trade to me...

    • by arth1 (260657) on Friday March 23, 2012 @01:06PM (#39454033) Homepage Journal

      Right after you give me the root password to the company's servers!

      Seems like a fair trade to me...

      Um, no.
      I have the root password to the company's servers. It's sort of required when being a senior sysadmin.

      But the company has no right to my private accounts, any more than I have the right to access the CEOs or HR people's private accounts.
      I don't have a FB account, so that one is rather easy not to give them. But if they asked for another non-work account, I'd report them to the company's ethical hotline.

  • just dont. (Score:5, Insightful)

    by nimbius (983462) on Friday March 23, 2012 @12:52PM (#39453841) Homepage
    it should be legislated that at any time someone declares social media to be the wave of the future, a round of eye rolling and fart-noise making should commence immediately.
    this is a company that spies on you for the US government, sells your data to anyone who wants it, and is totally content to insist it has full legal rights over all of your content, indefinitely, with or without your consent.

    close your facebook account and consider checking out some meat-space human interaction tools like meetup.com. there arent any buttons to indicate the position of your thumbs, and when you like something you just tell someone "hi, i enjoy this." Best of all, no asshole corporation pretending theyre doing you a favour by scouring your personal life for hints of product placement opportunities or subversive anti-government opinions. As a bonus, your employer will have the freeedom to hire you based on their objective opinion of your job skills and critical thinking ability, not your farmville or mafiawars score and picture of that drunken bender at grizzlebees where you wore the fried onion like a head-crab from Half-Life.
  • by jimmerz28 (1928616) on Friday March 23, 2012 @12:55PM (#39453879)

    I'd just use this as a screening question for potential employees.

    If you willingly give me your login credentials I should just assume you're a moron and not hire you.

  • by erroneus (253617) on Friday March 23, 2012 @12:55PM (#39453881) Homepage

    And it will always be my answer. Whether or not I use facebook is no one's business. Not my family. Not my friends. Not my co-workers or employers. "Please wear this delightful necklace with a GPS and a camera to take pictures of whatever is around you at any given time. BTW, it's a condition of employment." There's just something dark and sinister about that. How any employer could think this is a great idea when they know damned well they wouldn't be willing to share that information with their employees is looking upon their employees as a "lesser being" and certainly not equal as idealized by the US constitution. If this is not a "discriminatory act" it most definitely leads to discriminatory behavior.

    There is already a list of things an employer cannot ask an employee for. I think it's time to make a law which issues a WHITE LIST of things employers can ask for rather than using the black list system we have today. The potential for this to become an ever-growing problem is too great.

    • by 93 Escort Wagon (326346) on Friday March 23, 2012 @01:08PM (#39454061)

      Whether or not I use facebook is no one's business. Not my family. Not my friends.

      That's one quiet Facebook profile you've got there...

    • by TheGratefulNet (143330) on Friday March 23, 2012 @01:08PM (#39454063)

      I went in for a haircut recently. first question out of this clerk's mouth was 'your email address?'.

      in total surprise, I delayed and then said 'uhm, no; just here for a haircut, please'.

      they had no problem accepting no; but it was damned strange to have that be the first 'hello' from them. or really, any question at all!

      the guy in front of me happily gave them their desired info. goes to show that if you ask a sheep to do something, likely they will not even question it.

      I'm not adding my name to some mailing list that a haircutter is collecting! wtf??

    • by Americano (920576) on Friday March 23, 2012 @01:18PM (#39454205)

      And it will always be my answer. Whether or not I use facebook is no one's business.

      That's great - if you don't use Facebook. If you do use it, then you're *lying* to a prospective employer, telling them you don't. Two wrongs don't make a right. They can't coerce you into giving it, so simply decline to provide it.

      Employer: "May we have your Facebook password so we can (save the children / fight the global war on terror / end domestic assault / some other well-meaning but bullshit excuse for invading your privacy)?"
      You: "No you may not. My use (or non-use) of Facebook is none of your business. I guess we're done here."

      The simple fact that they ASK for it, regardless of the reasoning and regardless of whether or not you use it, should be enough to warn you that you don't want to work for them.

  • Up until now I thought it was just an urban legend. "Like any company would smear itself with mud by doing something so vile and contemptible." And now it turns out, this actually happened!? o_O

    As a Finn, I hope this is one of those macabre policies of corporations running rampant and unchecked, confined to the USA. At least in Finland (and I think most of the EU) this shit just wouldn't stand legal ground.

  • Another law? (Score:3, Insightful)

    by losttoy (558557) on Friday March 23, 2012 @01:00PM (#39453953)
    Right. That is the fix. A new law. Lets make a new law for every issue that crops up and see how long the judicial system lasts.
  • DMCA (Score:4, Interesting)

    by RichMan (8097) on Friday March 23, 2012 @01:03PM (#39453985)

    Why does the DMCA not apply? Why are these companies all not in violation of the the DMCA.
    The users contents is private and password protected. The users content is copyright protected work of the user and their friends.

    ***ANY*** attempt to violate the users password protection would seem to me to be a violation of DMCA. Does not ANY method to break DRM include intimidation of the key holder ?

  • Did I miss something?

    The company is looking to draft new laws

    I know we've all heard about regulatory capture by corporations and lobbyists, but has it gotten so blatant that businesses don't even try to hide it nowadays?

  • by space_jake (687452) on Friday March 23, 2012 @01:31PM (#39454413)
    How is Facebook supposed to sell this information if companies can demand it for free from new hires?
  • by Tolvor (579446) on Friday March 23, 2012 @01:35PM (#39454449)

    It is possible (and very easy) for a company to install key loggers and monitoring software on their own company computers. Once employees steal time from their employer and update their Facebook page the employer now has the password. When the employer does use the password they check it through a proxy service like Tor. Easy, untraceable, and quiet.

    When there is something that the employer doesn't like on the Facebook page the employee will face eventual job termination. Their performance reviews will be poor, the monitoring logs will be used to show misuse of company computers and time, and any complaints by customers will be fully utilized. The content of the Facebook posting will never be referenced and the person will be terminated for valid reasons. After being fired any unemployment benefits will be contested (yes, the ex-employee usually wins regardless), and then appealed (50-50 chance).

    Certainly this is not how it is done at any company that I manage.

  • by Quila (201335) on Friday March 23, 2012 @03:41PM (#39455959)

    If he coughs up the password, definitely do not hire him.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (2) Thank you for your generous donation, Mr. Wirth.

Working...