Forgot your password?
typodupeerror
Facebook Privacy Your Rights Online

Senators Ask Feds To Probe Facebook Log-in Requests 396

Posted by samzenpus
from the no-friend-list-of-mine dept.
thomst writes "Cnet's Michelle Meyers reports that democratic senators Richard Blumenthal and Charles Schumer have asked the Justice Department to investigate what they call a 'new disturbing trend' of prospective employers demanding job applicants to turn over user names and passwords for their social networks. 'Employers have no right to ask job applicants for their house keys or to read their diaries — why should they be able to ask them for their Facebook passwords and gain unwarranted access to a trove of private information about what we like, what messages we send to people, or who we are friends with?' asked Schumer. Last Friday, in response to complaints from employees, Facebook published a post expressing its opposition to the practice, which it said undermines both the security and the privacy of the user and the user's friends. Erin Egan, the company's chief privacy officer for policy, offered that employers who demand password information for prospective employees might just end up getting sued."
This discussion has been archived. No new comments can be posted.

Senators Ask Feds To Probe Facebook Log-in Requests

Comments Filter:
  • Frist Psot (Score:5, Funny)

    by Galestar (1473827) on Monday March 26, 2012 @10:16AM (#39473825)
    Posted from my employee's account
  • by Oswald McWeany (2428506) on Monday March 26, 2012 @10:19AM (#39473861)

    Pah! So what happens to people like me with no social network? The can't ask me to send something I don't have.

    Whereas, I am legitimately not on any social network. I wonder if they could prove otherwise for people who are.

    • by Oswald McWeany (2428506) on Monday March 26, 2012 @10:23AM (#39473917)

      Oh, and yes... I know they can search for you if you use your real name and have a public profile. That to me seems silly. If I were on a social network it would be under an alias and would be private so they couldn't search for me.

      Yes, I know- technically aliases arn't allowed... but facebook would have no better way of knowing my real name was not Billy Bob Beerhouse then Slashdot would that my real name isn't Oswald McWeany.

      • by Opportunist (166417) on Monday March 26, 2012 @11:03AM (#39474409)

        I'd probably have two. One "family friendly" for... well, you know, family. And one for friends who neither family nor employer should encounter.

      • by ffflala (793437) on Monday March 26, 2012 @02:51PM (#39477169)
        It's actually not difficult for facebook to know that you're using a pseudonym. Even if you don't accept, many family members will probably at least send you friend requests. If you accept any, many of them will also try to indicate your familial relationship --you can choose not to confirm it, but it's still telling. Many of your friends will address you by your real name. Even worse, people you're not connected to but have known in the past might label your pictures with your real name, regardless of whether or not you're f/b friends.

        Each of these might be weak proof on its own, but add enough of them together --particularly tagged photos-- and you soon have a lot of circumstantial evidence indicating that Billy Bob Beerhouse is actually Osawald McWeany.

        I signed up with a pseudonym, and by now every one of the examples I've mentioned above has happened, some frequently. F/b would have to be intentionally ignorant by this point *not* to know what my real name is. While pseudonyms are officially against f/b policy, I think they tend to let it slide as long as you're generating enough data/revenue.
    • by fuzzyfuzzyfungus (1223518) on Monday March 26, 2012 @10:26AM (#39473947) Journal
      HR presumably just assumes that you are either telling the truth, and must be a radical isolationist living in a mountain cabin amidst heaps of antigovernment screeds and bomb-making apparatus, or lying because your real facebook profile is nothing but pictures of you doing things that would Reflect Poorly On the Reputation Of The Company. Circular file.

      Anybody who feels comfortable demanding extremely intrusive access to personal information will likely not even think twice about assuming that anybody who isn't as transparent as the norm probably has something to hide.
      • by gnasher719 (869701) on Monday March 26, 2012 @10:44AM (#39474177)

        Anybody who feels comfortable demanding extremely intrusive access to personal information will likely not even think twice about assuming that anybody who isn't as transparent as the norm probably has something to hide.

        Anybody who feels comfortable providing extremely intrusive access to personal information will likely not even think twice about providing strangers access to company confidential data, and should not be hired.

      • by MickyTheIdiot (1032226) on Monday March 26, 2012 @10:52AM (#39474277) Homepage Journal

        I know this is a joke, but this is the type of B.S. conclusion that H.R. folks are now TRAINED to jump to. There are tons of these.

        The one that has been making me angry lately is: "the person sent their resume in PDF so we will throw it away since they must not know Office and thus be computer illiterate." It's the exact OPPOSITE of what you want as the person probably used PDF to be friendly to cross platforms. I had a recruiting officer give me a lecture about this while I was job hunting. I don't even own a copy of Microsoft Office.

        I think H.R. procedure is akin to voodoo right now.

    • by Nadaka (224565) on Monday March 26, 2012 @10:26AM (#39473949)

      You are on slashdot.

      You can friend people, have a journal, post articles and discuss crap.

      You are on a social network.

      • by vlm (69642)

        Ah but I am guessing your resume doesn't list "/. UID Nadaka (224565)" as a contact method.
        It could, but most people do not do that.

      • by Oswald McWeany (2428506) on Monday March 26, 2012 @10:34AM (#39474049)

        I am not on slashdot.

        Oswald McWeany is on slashdot. Oswald McWeany is just a random name taken from combining two names on a children's TV show with a "Mc" thrown in for fun. Good luck connecting my real name to Oswald.

        Even my e-mail account that created the Oswald McWeany account uses a different made-up-name.

        • by Columcille (88542)
          But it is still you on the social network, even if you aren't using your name. If an employer asked for your social network information and you don't tell them about Slashdot, then they would be correct to assume you had lied to them.
        • Re: (Score:3, Funny)

          by Anonymous Coward

          People always ask me why I act like such a douche on Slashdot. Now I know why; could you please stop using my name?

          -- Sincerely, Oswald McWeany

        • by necro81 (917438)

          Oswald McWeany is just a random name taken from combining two names on a children's TV show with a "Mc" thrown in for fun

          Really? I'm genuinely curious: where'd the "Weany" come from? Seems like a strange character name, even for children's TV?

      • But an H.R. drone isn't going to know what slashdot is.

        To H.R. drone, not knowing what something is means it is not important. Therefore you're at the same outcome.

    • by tompaulco (629533) on Monday March 26, 2012 @10:29AM (#39473981) Homepage Journal
      Pah! So what happens to people like me with no social network? The can't ask me to send something I don't have.
      Asking for your facebook password is the modern equivalent of asking that you turn over your "Little Black Book" or your Dayrunner (Remember those?) to the company. This goes far beyond what an upstanding company would do, but is not illegal. This is one of those areas where there is no law because you shouldn't have to legislate common sense. Unfortunately, it looks like we are going to have to make a law because common sense seems to have gone extinct.
      • by daem0n1x (748565)
        I'm pretty sure this is illegal. At least in any civilised country. Like here in Europe.
      • by msobkow (48369) on Monday March 26, 2012 @12:03PM (#39475213) Homepage Journal

        ...but is not illegal

        Actually, it is illegal in Canada, and given the similarity between clause 8 of the Charter of Rights and the American Constitution's clause on "search and seizure", it should be illegal in the US as well.

        The difference is that in Canada, companies and people asked the government and legislators for an interpretation to confirm that it's illegal.

        In the US, companies went ahead without legal advice and are waiting to be sued so the courts can clarify their position -- in 5-10 years, and after a few million has been spent on a class action law suit.

      • by Belial6 (794905)
        Companies do open themselves up to serious liability by asking for this. It is expected that people will put their marital status, and parental status on their Facebook page. These are questions that employers are not allowed to even insinuate that they want to know. The Facebook account is also likely to indicate a person's nationality, sexual preference and religion.

        Knowing this kind of information during the hiring process has little to no value, but does create liability.
    • Re: (Score:3, Insightful)

      by metlin (258108)

      Seriously? Just because you're antisocial and do not care about being on a social network because of your tinfoil hat does not mean the rest have to follow suit.

      No matter what social network I'm on, it is reasonable to expect a semblance of privacy, especially if any information I share is for consumption only within my friends in that network.

      While I'm unsearchable on Facebook, most of my friends on Facebook are from college and there's a certain degree of immaturity in our interaction. However, that is in

      • by Oswald McWeany (2428506) on Monday March 26, 2012 @10:40AM (#39474139)

        Seriously? Just because you're antisocial and do not care about being on a social network because of your tinfoil hat does not mean the rest have to follow suit.

        ---------------

        I've found aluminium blocks the rays better.

        If you are unsearchable then you don't exist. Thus nothing to hand them.

      • Re: (Score:2, Insightful)

        by GmExtremacy (2579091)

        Just because you're antisocial and do not care about being on a social network because of your tinfoil hat does not mean the rest have to follow suit.

        Why exactly do you assume he's antisocial? Why do you assume he's wearing a tinfoil hat? What if someone doesn't care about social networks, like me? I just don't find them useful.

        I know it can sometimes be difficult to comprehend that different people have different preferences and needs, but come on.

    • by Mistlefoot (636417) on Monday March 26, 2012 @10:36AM (#39474069)
      You can be fired in most jurisdictions for lying on a resume, if it's proven, so I'd be carefull with that.

      Facebooks Terms of Use prevent you from providing your password to another. "You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account."
      Anyone using Facebook agrees with this the same as they do any other EULA or agreement. Any potential employer who requests your password is asking you to break the legal agreement that you have with Facebook before you can work for them.
      http://www.facebook.com/legal/terms?ref=pf
      • You can be fired in most jurisdictions for lying on a resume, if it's proven, so I'd be carefull with that.

        I wouldn't put "I am not on a social network" on my resume.
        I'd be surprised if many people listed the social networks to which they belong/didn't belong on their resume.

      • by Billly Gates (198444) on Monday March 26, 2012 @11:04AM (#39474417) Journal

        Really easy for you to say when you have not been on unemployment for over a year, your wife is about ready to leave you, your house is in foreclosure, repo guys are going to come take your car away, and the collection agencies you around the clock demanding you pay them back and harassing your family members.

        In such a scenario is unfortunately, very typical in this economy for those who got laid off at the absolute worst time.

        What are you going to do? So no sir Mr. potential boss. You can kiss my ass. My wife will gladly accept this, and my kids really didn't need to be fed anyway etc.

        You will do it and not only will you bend over, but you will be happy with no lube and have a big smile on your face. Anything is better than not working right?

        Employers are taking advantage of people in a bad situation and it is disgusting. I know I am an evil socialist for dare saying the government get involved, but this is where it is a good case to do so. This is not 1999 anymore where employers compete with you if have any reasonable talent. Today, they do not care and can under pay, overwork, and make unreasonable demands because their competitors are doing it and why not?

      • I'm just amazed that this isn't illegal in many ways. Tortious interference for requiring you to break your agreement with Facebook, fraud for impersonating you when they login, whatever crime hacking is considered for accessing Facebook in a way not approved by them, etcetc.

        I mean, if someone blackmailed you into giving them your passwords to work email accounts and other servers, the company having their stuff accessed without permission would obviously have a case. What about the login credentials Kevin
        • whether it's legal or not.

          I'm not in the market for a job (I'm a freelancer), but if I were, I have plenty of other ways for prospective employers to find information on me outiside of Facebook.

          The first (and only) thing I'd say to an HR person asking for my login/pass is this: "I use Facebook to connect only with family and friends (I really do). I do not "friend" people that I do not know in real life. Should you hire me and we become friends, I'll gladly "friend" you. Until then, if you would like to

    • by mlts (1038732) *

      What will happen will be similar to what happened to me when I was job hunting a couple years back:

      The HR person will narrow their eyes once they get the answer that you don't have a FB account and ask, "If you are a so called IT person who is applying for something better than flipping burgers, then why are you not keeping up with modern day technology? Why should we hire a fossil, when any middle school kid can understand the concept of a social network, which you have demonstrated that you have failed t

      • by Dog-Cow (21281) on Monday March 26, 2012 @10:56AM (#39474333)

        That's silly. You should have explained to them that you don't need to belong to a social network to understand the concepts. And if they can't understand that, you should grab the nearest large object and bash their head in until they do. And then tell them they are too stupid to work for and spit on them as you leave.

        Seriously, though. Any HR person who can't understand that using and understanding are different things will just cause you endless trouble if you were to be an employee. It's best to turn those jobs down.

        • Have you looked for a job recently? HR = silly.

          Go ahead and flame, but it's an entire profession of people who are 95% incompetent.

        • That's silly. You should have explained to them that you don't need to belong to a social network to understand the concepts. And if they can't understand that, you should grab the nearest large object and bash their head in until they do.

          Code Monkey not say it... out loud. Code Monkey not crazy... just proud.

      • Re: (Score:3, Interesting)

        by mrbester (200927)
        "If you are a so called IT person who is applying for something better than flipping burgers, then why are you not keeping up with modern day technology? Why should we hire a fossil, when any middle school kid can understand the concept of a social network, which you have demonstrated that you have failed to do so?" My retort to such insulting questions: "If you knew anything about IT you'd be asking questions related to my experience and suitability for the position. You know nothing about me, yet have m
      • the new (and correct) reply is: I don't accept the TOS of the current social networks and so I'll pass until their TOS is acceptable to me.

        there. all you need to get a graceful 'out'. and its true, too. 100% true for many of us.

      • by vux984 (928602)

        My answer was something along the lines of:

        "I am quite familiar with facebook and how it works. I understand how people use it, and I understand its business model. However I believe facebook encourages people to put too much information online, and this creates too much opportunity for both personal and professional liability."

        "In fact, the fact that you are requesting access to any facebook account I might have during this interview process demonstrates just how concerned the company is about this sort of

    • by geekmux (1040042) on Monday March 26, 2012 @10:45AM (#39474199)

      Pah! So what happens to people like me with no social network? The can't ask me to send something I don't have.

      Whereas, I am legitimately not on any social network. I wonder if they could prove otherwise for people who are.

      Potential Employer: "Er, so you are saying you're not part of any social network online whatsoever?"

      You: "Yes, that is correct."

      (Potential Employer quietly checks the box next to "Does not play well with others", and upon conclusion of the interview, places your resume in the "don't bother" pile)

      Think they really need to "prove" anything at all? Companies that stoop to this level of valuation of a potential employee obviously have their priorities screwed up, so don't be shocked if this kind of crap actually goes on.

      Social networks performing social engineering on society. Gotta love watching the brainwashing of the masses.

      • Think they really need to "prove" anything at all? Companies that stoop to this level of valuation of a potential employee obviously have their priorities screwed up, so don't be shocked if this kind of crap actually goes on.

        No, I suppose they don't need to "prove" anything. That kind of company I probably wouldn't want to be part of anyway though.

        For the record, I have moved around a bit in my career, and have never been asked about social networks in any interview.

        As a disclaimer- I am an introvert- but I am able to fake otherwise in a social/business setting- and I am legitimately a friendly person and get along well with everyone. I've just never liked throwing my real name out in person online. I take part in all sorts

    • You're on Slashdot though... Wait, that's not legitimate, sorry.
      • Honestly, although slashdot has some features of social networks I've never considered it a social network. News aggregator/blog... there are several things I would call it ahead of "social network".

        Even though it has those capabilities- I've never used it as a social network- I've not used the friend/foe/journal/personal blog sections.

        I will sometimes search using google. That doesn't mean I'm part of Google+.

    • by 0racle (667029)
      I do not have a Facebook profile or the like. If I was asked for login credentials, I would simply say no you can not have them, state that I would not want to work for a company that believed this was a legitimate request and walk out.

      Whether you have a profile somewhere or not, the request for credentials tells you everything you need to know about a place.
    • by Inda (580031) <slash.20.inda@spamgourmet.com> on Monday March 26, 2012 @11:00AM (#39474377) Journal
      I do well in interviews. Always have, and probably always will. It's the smile, the handshake and my unwillingness to bullshit.

      Some businesses just want to tell you how great they are. Some people just want to tell you how great they are; how they've climbed the ladder - "You too could be a fat manager on 50k if you turn yourself into a lying slob like me!" No, not me, you're mistaken.

      Other businesses just stick to the questions, one after another after another. These are the hardest. They don't care that I'm not planning to be here in five years, and can't understand me not wanting to answer the question. ("I need a job to pay the bills", was an actual answer that landed me one job. Ask me that question again after I've worked for you for a month).

      The best interviews are always friendly chats.

      My point? Interviews are a two-way process. They want to know about me and, this is the part some don't understand, I want to know about them.

      What was your turnover last year? And the year before? (are you going to be around next year?)

      Why did this vacancy become available? Why did the other person leave? (is this a shit job? Are they willing to bullshit me?)

      What are the staff turnover rates? (is this whole place shit?)

      Can I have your Facebook password? (never been asked, but if they want mine...)

      Ask questions. Ask why. Ask it five times. And remember that bullshit stinks. It may take a while to reach your nose but it stinks all the same. Everyone knows the smell.
  • stuff like this opens employers to disability & discrimination issues. So they should even be asking for them or looking at your page any ways.

    • by 0racle (667029)
      I see this a lot, and it is really just silly. If they don't want to hire black people, they won't hire a black dude that came in for an interview and just say he wasn't what they were looking for. Same for a disabled guy or a woman (or man depending on the place). Only long-term illness and religious affiliation are protected statuses, well and sexual orientation in places that too is protected, that would be opened up looking at your profile and really that would probably become evident during your probat
  • by CastrTroy (595695) on Monday March 26, 2012 @10:21AM (#39473891) Homepage
    If you don't want to hand over that information, then don't. If employers hear this enough, then maybe they will start to smarten up. If the only people they can hire are the ones stupid enough to give up their Facebook passwords, they probably won't be getting any great employees. That said, there's a lot of people who will probably feel they have no other choice. Just like employers often require drug tests, references, and personality tests. You could always tell them you don't have an account. Being in a technology related field, I think it would be an interesting test of somebody's security/privacy mentality to ask them for their password, with no intention to use it, but those who refuse to give the password are probably the ones you want to hire.
    • The First rule of hiring. It is better to let many excellent applicants not get the job then hire a bad employee.
      • The Second rule of hiring: Hire stupid people who will do what you say and who you can blame when what you told them to do did not work.

      • by 0123456 (636235)

        The First rule of hiring. It is better to let many excellent applicants not get the job then hire a bad employee.

        If you want to end up with a company of mediocre employees.

        • by vlm (69642)

          If you want to end up with a company of mediocre employees.

          Half the companies are always going to be below median no matter how much downsizing you do...

        • H.R. procedure.

          We need to fire these people and do the hiring ourselves. I don't care if it takes more time. If I am ever lucky to run a business this is how I will do it, and I a guarantee you I'll have the best staff of anyone.

      • by vlm (69642)

        Second rule is that "in this economy" there are 20 qualified applicants for each opening. So pulling another name out of a hat isn't going to be a problem.

        There are monetary costs... So the local printing company has been advertising for a CCIE for $50K for years (this is no exaggeration truth BTW I distantly know the people involved) as part of their H1B filing process... If the H1B guy refused to give up his FB password got 50K/yr, the monetary cost might be $51K/yr for the next guy, who is willing to gi

      • by CastrTroy (595695)
        Yeah, but the people willing to give access to their facebook are probably all the wrong people, so if that's your filter, then you're just left with the the applicants who you wouldn't want anyway. I agree that interviews should be difficult and I understand the logic of turning down seemingly good people on the risk they aren't as great as they seem at first glance. However, make sure your requirements don't filter out all the good employees.
        • by vlm (69642)

          However, make sure your requirements don't filter out all the good employees.

          This misses the point that many/most job postings are asking for con men and liars.
          A dumb set of hyperspecific job requirements sometimes means they're just dumb, sometimes means they're doing a H1B posting requirement, and sometimes means they're looking for someone with a flexible attitude toward legality and the truth.

          In quite a few fields and companies, legal and ethical does not equal your assumption of good employee.

    • by garcia (6573)

      I recently did a job search and had numerous offers none of which asked for my social media logins. If they had asked I would have moved on to the next.

      That said, if it came down to it I'd have "William Roehl" on Facebook and I'd keep my Bill Roehl account for my usual FB needs. While my FB account has nothing questionable aside from birth announcements to family/friends which could be used against me, I'd be happy to hand over the l/p to a completely empty account.

      They want to play stupid games? I can play

    • by Jessified (1150003) on Monday March 26, 2012 @10:39AM (#39474125)

      I think the way I would put it is this:

      "I'm going to say no to you, potential employer, and here is why you should hire me over those who applicants who comply. When people add me as a friend and grant me access to their page, they are trusting me with information. When they contact me privately, they are trusting me not to share what they say. If, in the future, I were to leave this company and a future company asked me for confidential secrets regarding your business, you would rightfully expect that I would decline to cooperate. The fact that I am risking an employment opportunity by declining to cooperate with you here shows you that I am a trustworthy person, even under duress, and other candidates who cooperate with you are not so much."

    • by dkleinsc (563838)

      Being in a technology related field, I think it would be an interesting test of somebody's security/privacy mentality to ask them for their password, with no intention to use it, but those who refuse to give the password are probably the ones you want to hire.

      That may be true, but (assuming your working in a large enough company to have them) HR drones will have the opposite mentality, and assume that anybody that won't tell them all about their private life must be a bad choice. Never mind that such questions may be illegal.

    • by mlts (1038732) *

      You would be surprised. In this economy, even people with a clue are looking for a job, and they have to fight against people with far less skills, but are far more willing to do anything asked of them by an employer, laws be damned.

      When I was looking for work, I told more than one company where to stick it when the HR rep demanded a password and said that if a candidate wasn't doing something illegal or immoral, they would hand it over. The classic, "if you didn't have something to hide" type of BS.

      In a

  • Do not have a Facebook account. If you are denied a job over that, it is probably not the sort of place you want to be working.
  • by vlm (69642) on Monday March 26, 2012 @10:25AM (#39473935)

    Facebook, who cares. I used it for 6 months, net effect slight negative (lots of wasted time, nothing productive happened because of FB) so I deleted it some years back. I'm not so worried about HR floozies asking for my facebook account. I do worry about clueful supervisor asking for my /. account login and/or name. That could be awkward. "Looking for senior sysadmin, /. UID below 100K preferred, no eight digit UID noobs or goatse posters please"

    I think the real concern is FB is/was/will sell, at some expense, full access to anyones account for HR purposes, and they're pissed off that some HR floozies are sneaking around to backdoor their profitable little sales channel. If I tell Ms H R Floozie my password and she logs in as me, how is FB supposed to send HR a $250 bill for social network consultative services, Ms Floozie has already seen all my furry pics and fan status for the NORML page, so she's not about to pay FB to learn the same thing...

    FBs only hope is to sell full access to not just my account, but full access to all my friend's accounts... I can give Ms HR Floozie my complete login info, but not me friend's info. Although I suppose asking applicants to ask their FB friends for their login info is the next logical step against that.

    One possible hope for FB is to stock the hell out of FB with all kinds of protected stuff, like orientation (thats protected, isn't it?) and race and especially religion, and then crucify people (err, HR I mean) in the courts if they fail to hire someone who is a christian/jew/black on their uncensored page. They can sell access to a carefully censored for legal purposes portal for HR to use that somehow magically removes all references to Jehovah and the flying spaghetti monster.

    Speaking of the FSM, his G+ page is better than I expected.

  • Drawing the line (Score:5, Insightful)

    by XxtraLarGe (551297) on Monday March 26, 2012 @10:25AM (#39473939) Journal
    A lot of my co-workers are friends on Facebook, and I've received requests from them to be friends. I politely declined, explaining that I like to keep a strict line between my work & my private life. If I was applying for a job and they did not want to respect my desire for some form of privacy, I'd probably just throw out the application. If it was during an interview, I'd probably tell them "Thanks, but no thanks" and walk out.
  • by MadX (99132) on Monday March 26, 2012 @10:26AM (#39473941)

    I think this is where the actual rights of an employee, are never really understood by said people. There are probably many other examples where companies have violated laws regarding their workforce, because of what I perceive to simply be insecurities on the part of the company.

    In short - companies get scared that their name will be tainted from the inside, and so they are willing to go above (or below) the law to try and "protect" their image. So it's good to see that lawmakers are standing up and taking note. Now, just to educate those who don't read tech sites :)

  • How else will employers weed out undesirables?

    Background checks that will include posting on public forums, likely even ones which used aliases. Thanks to third party tracking cookies many are already able to match up people with their 'anonymous', eventually someone will monetize it by allowing searches through decades of posting.

  • by acoustix (123925) on Monday March 26, 2012 @10:28AM (#39473977) Homepage

    I'm hearing a lot about this, but I have yet to actually find someone who will confirm that they've been asked to hand over their account information. While I agree that employers should not be asking for this information, I suspect that a lot of this noise is just noise.

    I want to see people name names. List the companies that are asking for usernames and passwords.

    • A quick Google search turned up this [msn.com] article. It gives the names of two people who were asked for passwords, one by a prospective employer (he refused and withdrew his application) and one by an employer he was returning to (he gave his info because he felt he had to). For the second of those, it names the employer: the Maryland Department of Public Safety and Correctional Services. Evidently they stopped asking for passwords after complaints by the ACLU.

  • by concealment (2447304) on Monday March 26, 2012 @10:29AM (#39473989) Homepage Journal

    This is a public service announcement with some food for thought regarding Facebook and similar sites.

    Do not post anything on these sites that you do not want the world to know!

    1. User agreements. Almost all of these sites retain ownership to what you post. They can re-sell or re-publish the material later, like Twitter, and there is no guarantee that your privacy settings will be intact.

    2. Follow the money. Search engine advertising is falling because it is not targeted, but social networks are easily targeted for advertising. Your data will be sold, and if it's anonymized, there's no guarantee that the anonymization will be done so completely that it won't be easy to correlate your anonymized data to your public profiles.

    3. It's easy to get to your data. If your friends let in someone who's crazy, that data will be public.

    4. Security is not guaranteed. These sites can get hacked and their data published, a la Wikileaks. Even if the data isn't public, it will be for sale to people including the security firms that your future employers will want.

    5. People are stupid. They think it's funny, and they re-share your stunts and exploits, and then there's the picture of you naked beer bonging on your supervisor's desk.

    Think defensively and don't trust large corporations like Google and Facebook with your data.

  • This is a lose/lose situation on both sides:

    • * employee: do you want to work in such a place where your employer ask you for personal information
    • * company: unless you want to staff your company with only yes-men, and stupid people, you do not want to do this

    I just do not get it

  • Unfortunately, whether this practice is 'legal' or 'illegal' is only going to be of limited interest for anybody who doesn't have sufficient skills, and the right kind, to make it a seller's market for their services. There are occasional exceptions, when somebody screws up and is a bit too overt about what they think of cripples, or where they like their women, or what they think of uppity darkies at work; but the overwhelming majority of the time, when somebody doesn't shove their foot in their mouth and
  • by mahler3 (577336) on Monday March 26, 2012 @10:35AM (#39474063)
    If you give a prospective employer your password, you're proving that you can't be trusted. Mike Loukides said it well. [oreilly.com]
    • by gweihir (88907)

      Indeed. Sorry, I have no mod points, but that link sums it up pretty good.

  • Who cares? (Score:5, Insightful)

    by CrAlt (3208) on Monday March 26, 2012 @10:37AM (#39474085) Homepage Journal

    How about a probe in to how companies use people's credit reports for hiring decisions?

    How is that OK but looking at people's facebook page NOT?

  • by Br00se (211727) on Monday March 26, 2012 @10:37AM (#39474089)

    I don't know about other countries, but in the US, employers may not ask about the following.

            Race
            Color
            Sex
            Religion
            National origin
            Birthplace
            Age
            Disability
            Marital/family status

    Let the person asking the question know that by asking for the Facebook information, they are using a back door approach to gather information they are not entitled to ask and that you object to giving that information.

    Any reasonable employer would not want that legal liability.

  • by SemperUbi (673908) on Monday March 26, 2012 @10:39AM (#39474113)
    I'd say that if they make their request in writing, and I sign it in the presence of a witness and of course get to keep a copy, I'll agree.

    It'd be fun to see them break out in a cold sweat.

    But let's say they agree. After all is signed, then I say "You do realize that my profile likely contains at least one piece of protected information that would be illegal for you to ask me to share, don't you?"

    Heh...
    • by CrAlt (3208)

      It'd be fun to see them break out in a cold sweat.

      It'd also be fun to see them NOT hire you :P
      Getting the HR guy all worked up is a good way to not get the job.

      Companies are getting away with stuff like this on the job interview because they have 100's of applicants for each position. My bet is people are handing over the PW because they don't want to put a negative or confrontational spin on the interview.

  • by bodland (522967) on Monday March 26, 2012 @10:39AM (#39474121) Homepage
    Expect a bill to be introduced by Republicans that allows employers full access to employee's personal account info if at anyway related to the employment.

    Also companies are increasingly utilising social networks for marketing and PR and will use employees as a "PR" echo chamber to evangelise the employer and or it's products.

    Expect this to be made legal....and the justification is the old terrorism mantra...."If you have nothing to hide, then what's the problem...?"
  • Cuts both ways (Score:2, Insightful)

    by D66 (452265)

    What we seem to be missing is that we have 2 senators defining digital data in the same terms as personal possessions and papers. Using THIS argument as a starting point, I can see a good opening for the EFF and ACLU to step in and require like protections on Digital data from Government search and seizure.

    The Constitution protects your possessions and papers from unreasonable search and seizure, however, megaupload and a dozen other events have shown that Law enforcement sees Digital data as something

  • by i_ate_god (899684) on Monday March 26, 2012 @10:44AM (#39474181) Homepage

    I have yet to see a single recruiting firm or employer called out on doing this.

  • Employers have no right to ask job applicants for their house keys or to read their diaries

    Really? What law prevents them from doing that? I was under the impression that, at least in the US, employers can ask prospective employees almost whatever information they damn well please. The only exceptions I'm aware of is stuff that could then be used to illegally discriminate against you, such as your religion and race. Unless something in your house or in your diary exposes you as a member of a protected c

  • by msobkow (48369) on Monday March 26, 2012 @10:56AM (#39474321) Homepage Journal

    Fortunately this past week has seen many groups and legislators in Canada confirming that asking for Facebook passwords is illegal here. It's an invasion of privacy, what would be in American terms an "unwarranted search and seizure" by someone who not only has no warrant, but isn't even law enforcement.

  • by 9mm Censor (705379) on Monday March 26, 2012 @11:04AM (#39474415) Homepage
    They do not want your boss getting this info for free, when they can sell it to your (prospective) employer instead.
  • by fast turtle (1118037) on Monday March 26, 2012 @11:05AM (#39474425) Journal

    Let Facebook deal with the problem in the only way these idiots are going to learn, through a Lawsuit from Facebook for interfering with their business since that's esentially what they are doing. Facebook also has the right to remove all listings/postings by that company and employees for the TOS violation. Combine that with a nice juicy lawsuit, even if FB doesn't win and the CEO's/Boards will get the message quick time.

  • "Facebook have no right to ask job applicants for their house keys or to read their diaries — why should they be able to ask them for their email account passwords [as part of the Find Friends feature] and gain unwarranted access to a trove of private information about what we like, what messages we send to people, or who we are friends with?"

    And this is a practice to which Facebook is opposed and over which Facebook is willing to take legal action? Hmm. Sounds like *checks his Facebook account's Find

  • by hedrick (701605) on Monday March 26, 2012 @11:08AM (#39474461)

    I agree with the FB position. I do work with youth at Church. Several of them are my friends on FB, although these days more of my friends are professional colleagues. Their parents know that. My privacy is set somewhat tighter than the default, to minimize their exposure to others.

    While I am not silly enough to put anything that matters on FB, some of the kids have said things that, while actually not very serious, they might not want other people to see. The difficulty with letting third parties use my account is that most of what's there isn't my postings, but postings of my friends. And they might well not want my potential employer to see them.

    I don't know what kind of suit FB has in mind, but if I were going to make up a case I'd make it up based on compromising the privacy of minors without the consent of their parents.

  • by sirlark (1676276) on Monday March 26, 2012 @11:15AM (#39474583)
    Isn't handing over your login credentials a violation of Facebook's ToS? And if so, isn't requiring that prospective employees do so in essence forcing them to violate contractual terms? And isn't THAT illegal somehow? IANAL, and I'm genuinely curious.
  • by seven of five (578993) on Monday March 26, 2012 @11:44AM (#39474945) Homepage
    How about a public list of those companies who have asked for access to FB, Myspace or any other private information.

The clearest way into the Universe is through a forest wilderness. -- John Muir

Working...