Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Internet Privacy Technology

New Illinois Law Protecting Social Media Rights In the Workplace 147

sl4shd0rk writes "Illinois (USA) Governor Pat Quinn signed a new law this week protecting employees' privacy rights concerning social media. Bill 3782 makes it illegal for an employer to request an employee's or job candidate's social network login credentials, in order to gain access to their account or profile. 'Members of the workforce should not be punished for information their employers don't legally have the right to have,' Governor Quinn said. 'As use of social media continues to expand, this new law will protect workers and their right to personal privacy.'"
This discussion has been archived. No new comments can be posted.

New Illinois Law Protecting Social Media Rights In the Workplace

Comments Filter:
  • Wait. What? (Score:5, Funny)

    by SDuensin ( 67959 ) on Thursday August 02, 2012 @09:45AM (#40856073) Homepage

    Illinois did something that makes sense? WTF?

    • Re:Wait. What? (Score:5, Insightful)

      by Bigby ( 659157 ) on Thursday August 02, 2012 @09:50AM (#40856149)

      This doesn't make sense at all. They can't ask for credentials? So they will ask to be "friended" or "circled" just to get an interview. Sucks for me, since I don't have a Facebook account and will be excluded as if I am hiding something...

      • Re:Wait. What? (Score:5, Insightful)

        by fuzzyfuzzyfungus ( 1223518 ) on Thursday August 02, 2012 @10:05AM (#40856335) Journal

        There is arguably a difference between 'doesn't make sense' and 'will be relatively easy to evade'.

        Most worker protection legislation suffers from the basic problem that there are just so many innocent-sounding reasons to get rid of someone for reasons wholly unrelated to any legally protected trait.

        Whistleblowers, assorted wage/salary/time-worked accounting shenanigans, occupational hazards, harassment, and virtually anything else all fall into that category.

        Trouble is, unless you've got a bold plan to achieve an enormous restructuring of the economy (at least to the point where the labor market is a seller's market, perhaps even to the point where most people aren't 'employees'(and no, the 'oh, he's an "independent contractor" because those are cheaper than employees, he just resembles an employee in all other ways'/permatemp doesn't count)), the condition of employees in your economy will be one of the greatest determinants of the welfare(and even the day-to-day freedom) of most of the population.

        That makes ignoring the problem a bit... unpalatable.

    • Re: (Score:3, Insightful)

      Actually, it doesn't make sense.

      If an employer wants my Facebook Password, it is really simple, "NO". I don't need a law to protect me.

      And in fact, should anyone ever ask for my password, I'd start passing that info on to the social networking sites as a warning to others. We don't need government creating idiotic laws that will last well beyond the technology's life span.

      If everyone acted the same way, with the same level of outrage, the problem would go away on its own. We don't need government to fix stu

      • by Stirling Newberry ( 848268 ) on Thursday August 02, 2012 @09:57AM (#40856217) Homepage Journal
        Always funny with a post and it's sig contradict each other.
      • Re:Wait. What? (Score:5, Insightful)

        by thaylin ( 555395 ) on Thursday August 02, 2012 @10:09AM (#40856393)
        And what about in a state like where I live, NC? Employeer "I want your facebook information" me "no" Employeer "ok you are fired" me "doh!" a lot of states are right to work states where they can fire you for nothing if they so chose to. Even if not they can find something to fire you for in no right to work states.
        • And what about in a state like where I live, NC? Employeer "I want your facebook information" me "no" Employeer "ok you are fired" me "doh!" a lot of states are right to work states where they can fire you for nothing if they so chose to. Even if not they can find something to fire you for in no right to work states. Sounds like you were fired for cause, and an unjustified cause at that. I'd hire a lawyer. They can't fire you for refusing to break the Facebook's Terms of Service.
          • by s73v3r ( 963317 )

            1). Where does an unemployed person find the money for a lawyer?

            2). In just about every "Right to Work" state there is, the employer does not actually have to state the reason why they are firing you. Leaving the burden completely on you to prove that the fired you because of not handing over the FB password. And likely they will have something else stored away for just such an occasion, like a violation of the "Network Acceptable Use Policy" (He browsed Slashdot at work!).

            • by bky1701 ( 979071 )
              "1). Where does an unemployed person find the money for a lawyer?"

              There are plenty who will do it for a cut if it looks likely to win. Firing someone for refusing to violate the law? Multi-millions right there.
              • by s73v3r ( 963317 )

                Again, you have to be able to actually prove it. That's not going to be easy.

                • If the lawyer will take the case for a cut of the proceeds, what do you have to lose? Time? What's it worth to you when you are unemployed?
                  I know several people that make a decent living just off of suing somebody or 4 or 5 years. Sad but true. If you get fired for not turning over a FB password, that is a legitimate lawsuit, IMHO.
      • by Bigby ( 659157 )

        They can create this law, but they won't create a law to prevent your employer from asking for your bank and investment accounts (SEC regulation). The Federal government will usurp this law under the guise of terrorism prevention.

      • We don't need government to fix stupidity, we just need an educated public.

        There's this thing called a legislature. People elect other people to go and make laws in the legislature. It makes it easier for people to get things done so they don't have to organize a concerted show of outrage towards companies. Instead they argue the merits of such a law and the elected persons make it so.

      • If I asked somebody for their Facebook password in a job interview, and they gave it to me, that would tell me that they don't have enough clue to be worth hiring :-)

        Asking for their Facebook user name is different - There are jobs for which it may make sense to see what somebody's public profile looks like (as opposed to what they're showing their friends.) There are HR people who there who would also want to look at who their friends are, which is getting into creepy, of course. And there are jobs that

        • by s73v3r ( 963317 )

          If I asked somebody for their Facebook password in a job interview, and they gave it to me, that would tell me that they don't have enough clue to be worth hiring :-)

          If you are out of work for almost 2 years, and you're insanely desperate for any kind of paycheck, you'd do almost whatever they'd ask to try and get a job. And people like you would look down on them for this.

      • by sirwired ( 27582 ) on Thursday August 02, 2012 @10:42AM (#40856801)

        If you are out of work, really need a job, and an employer is making an unreasonable (but still legal) demand, you are in a rather unequal bargaining position. It's all well and good to stick up for yourself if you have the luxury of turning down a new job or aborting a promising interview, but not everyone is in that position. The law levels the playing field by prohibiting employers from even asking for something they have no business getting.

      • by Sir_Sri ( 199544 )

        I don't need a law to protect me

        If the company can refuse to hire you because you refused to provide a password, even if they are violating the Facebook TOS, and if there is no legal recourse against that company for how they are behaving then yes, you need the law to clarify its position (which is more what this is).

        Worse still is if governments have ruled through various agencies that they *can* ask for your passwords legally - which they probably cannot, and this clarifies that they aren't allowed to do that. Keep in mind that laws wi

      • If an employer wants my Facebook Password, it is really simple, "NO". I don't need a law to protect me.

        What if you need the job? And what if the employer next door wants your password too?

      • by h4rr4r ( 612664 )

        Which is why no jobs ever drug test, right?

        I say no now, but I know if I ever end up hungry I too will take a wizzquiz.

      • Actually, it doesn't make sense.

        If an employer wants my Facebook Password, it is really simple, "NO". I don't need a law to protect me.

        Prior to this law, you could be fired for giving that answer in Illinois.

      • The problem is, no one has any balls today. People have been brainwashed into believing that "there should be a law". Hence - we have a myriad of nonsense laws to "protect" us. Strange how all those laws designed to "protect" us can be used to hammer us senseless when we come to the attention of law enforcement officials.

        Yes, I'm all for an educated public. Unfortunately, the departments of education around the country are largely responsible for the brainwashed condition of the masses.

        • by s73v3r ( 963317 )

          No, the problem is that employees have very little bargaining power compared to employers today, and that many of them still like to eat.

          I hope the idea that you still "have balls" would provide you comfort when you're unable to find a job.

      • by s73v3r ( 963317 )

        YOU might not. Recognize that not everyone has the same position you do, and there are people who are very desperate for a job.

        But I forgot, that infringes on your ideals of "Fuck them, I've got mine."

      • by Bengie ( 1121981 )
        "we just need an educated public" - Why not just ask for a utopia?

        There will always be a sucker willing to give up their FB info, who is "good enough" to fill a position that you want.
      • by sjames ( 1099 )

        And unless there is a law to protect you, that NO will send your resume into the round file every single time. Eventually, as you stand in the rain digging ditches for minimum wage, you will break.

        OTOH, if it is illegal for them to even ask, you won't face that problem.

    • Politicians protecting themselves from investigation. The legislators likely doesn't want the state to ever ask for their facebook credentials.
    • >> Illinois did something that makes sense?

      The legislature is like the monkeys with the typewriters...

    • by mcgrew ( 92797 ) *

      Like the Chicago Cubs say, "you can't lose 'em all." Actually, I've found Illinois politicians actually listen to their constituents (some are better than others, of course) and the constituent doesn't have to be a campaign contributor, or even in the same party (which party's primary you vote in is a matter of public record in Illinois).

      As to Illinois doing something that makes sense, do farms make sense? Most of the state is famland. Does subatomic particle physics make sense? Before the LHC, Illinois had

  • by sohmc ( 595388 ) on Thursday August 02, 2012 @09:46AM (#40856085) Journal

    Read the full text of the law here [ilga.gov]

    At least they cited the bill number. I hate it when news outlets don't tell you the bill and have to go searching for it.

  • Sensibility (Score:4, Insightful)

    by Schmorgluck ( 1293264 ) on Thursday August 02, 2012 @09:46AM (#40856087)
    Some sensibility in lawmaking. That's refreshing.
    • Re:Sensibility (Score:4, Insightful)

      by sohmc ( 595388 ) on Thursday August 02, 2012 @09:57AM (#40856215) Journal
      Are/Were companies doing this because it's cheaper than running a background check?

      Additionally, sharing your Facebook password is against the TOS [facebook.com] (Section 4, subsection 8). You can tell an employer/prospective employer that you will reveal your credentials if they assume the legal responsibility for breaching the contract.

      That should get them off your back. Whether you get hired/fired, that's an entirely different matter.
      • Are/Were companies doing this because it's cheaper than running a background check?

        Some companies are doing this because they like to think of themselves as having control over their employees outside of work. It's the same impetus as drug testing: Sure your work performance might be great, but we don't want you if you smoke pot on the weekends or have an account on Fetlife or went to a political protest for a cause the company doesn't agree with.

        • by sohmc ( 595388 )

          I imagine that drug testing has little to do with work performance than it does liability. If an employee is high or has drugs on company property, it would give the police cause to do a full search. Probably just to the employee's work area, but it's something the company wants to avoid.

          IANAL or a LTE, but makes sense to just not hire someone who refuses a drug test than assume the risk and have something happen later on. I imagine this was the same rationale for giving up your social network credential

          • by h4rr4r ( 612664 )

            So instead they can use that information to not hire you because they can tell you are diabetic, or have some other medical condition or smoke or drink or do other legal but detectable things.

            Drug testing is far more intrusive than asking for a Facebook password. I think both should not be legal, until after something has happened and should be done by a court not your employer.

      • by sconeu ( 64226 )

        Interviewer: Oh, by the way, we need your Facebook credentials.

        Me: I'm sorry, that's a violation of the TOS, and if you used them, you could potentially be commiting a felony by violating the Computer Fraud and Abuse Act. At which point, I would be an accessory to the felony. So, no, you may not have them.

        • by s73v3r ( 963317 )

          Interviewer: Well, it's been nice meeting you. We've decided to go with Ben over here, who really needs the job, and is willing to surrender his credentials. Don't let the door hit you on the ass on the way out.

    • Sensibility!=sense
  • Is This For Real? (Score:5, Interesting)

    by crow_t_robot ( 528562 ) on Thursday August 02, 2012 @09:55AM (#40856193)
    What are these jobs that make you surrender your personal login credentials? Is this really happening? How would this ever be considered acceptable practice?
    • by MickyTheIdiot ( 1032226 ) on Thursday August 02, 2012 @09:59AM (#40856261) Homepage Journal

      When you have so many job seekers and a real unemployment up in the 12-15% range employers start to think a bunch of new things are acceptable!

      This is just one of them. Another is having an unwritten policy that they won't hire anyone that is unemployed. Another is an unspoken policy that they'll make job descriptions so tight they can use H1-B visa holders. The list goes on and on.

      • Asking for their Facebook user name is one thing - a company might want to see the public profile the person presents, and a creepy HR department might want to see who their friends are. But any HR department that wants your password is exposing the company to legal liability for misuse of the information, and really has some 'splainin to do about why they want it the ability to forge the job candidate's information.

        I do computer security - anybody dumb enough to give us their password is too dumb to hire,

    • There were prisons asking guards for social media credentials so they could check for gang associations IIRC.
    • by azalin ( 67640 )
      Good question actually and I would really like to see a list of companies that do this published.
    • by s73v3r ( 963317 )

      I would far, far, far rather employers be told "NO! You can't do this! Bad employer!" pre-emptively than for the practice to actually take hold. It would be a lot harder to get rid of it, and business would bitch and moan even more how saying they can't do it is "anti-business".

  • Definition (Score:5, Interesting)

    by Cajun Hell ( 725246 ) on Thursday August 02, 2012 @10:08AM (#40856377) Homepage Journal

    (4) For the purposes of this subsection, "social networking website" means an Internet-based service that allows individuals to:

    1. (A) construct a public or semi-public profile within a bounded system, created by the service;
    2. (B) create a list of other users with whom they share a connection within the system; and
    3. (C) view and navigate their list of connections and those made by others within the system.

    "Social networking website" shall not include electronic mail.

    Great, now I have to look up the definition of electronic mail. Is it going to be things which talk rfc822? Or it is going to be things which transmit messages between different users? (I just checked Facebook and it has some kind of messaging thing in it; would be hilarious if Facebook didn't qualify.)

    I bet most sites which use logins, could be made to become social networking. Even banks, if you get creative.

    I hate laws like this, which are so needlessly specific to handle ephemeral trends. Why didn't they just make it illegal to impersonate other people? Who profited by lobbying against that?

    • I hate laws like this, which are so needlessly specific to handle ephemeral trends. Why didn't they just make it illegal to impersonate other people? Who profited by lobbying against that?

      Actors. Actors often have to "impersonate" another person - see anyone acting in a biographical movie, for instance.

      So once again, we can blame Hollywood! Yay Slashdot!

    • by s73v3r ( 963317 )

      I hate laws like this, which are so needlessly specific to handle ephemeral trends. Why didn't they just make it illegal to impersonate other people? Who profited by lobbying against that?

      Debt collectors and private investigators.

  • by DaMattster ( 977781 ) on Thursday August 02, 2012 @10:33AM (#40856677)
    If in an interview I am ever asked to friend a potential employer or give out my login credentials, I will politely say, "Thank you very much for your time and consideration but I am no longer interested in employment with your company." On one hand, I like the idea of making this illegal. On the other, I think it would be stronger to let market forces end this practice. If enough people simply stand up and walk out when asked to cough up their facebook information, the practice would stop immediately because the company would be unable to hire anyone. If the work force were more united and less divided, market forces could dictate more workplace friendly policies. However, because Americans live in such abject fear, most are likely to just aquiesce so we need a law to provide a security blanket for the fearful.
    • Standing up for your rights when an employer asks you to do something legal, but unreasonable is all well and good if you are actually in a position to refuse. But if you are out of work, and really need the money, refusing an offer or aborting an interview because of crap like this is quite a bit harder.

      • by Sique ( 173459 )

        It is legal now to break contracts? And I thought, pacta sunt servanda.

        If you sign up with Facebook (or any other site), you are contractually bound by the Terms of Services. Facebook's ToS explicitely state that you are not allowed to give your credentials to anyone else. If your future employer asks you to break contracts, you are fine with that?

        • by s73v3r ( 963317 )

          If your future employer asks you to break contracts, you are fine with that?

          Depends. How long since I was last able to afford food?

        • Hmmmm.... you can choose between:

          A) Impending foreclosure, unemployment, hunger, and bankruptcy.
          B) Making sure you keep to a strange term in a unilateral contract that you are being asked to violate under duress.

          Gee... such a tough decision.

          There are times to draw a line in the sand, and turning down much-needed employment in order to enforce Facebook's ToS isn't one of them.

    • Re: (Score:3, Funny)

      by Anonymous Coward

      let market forces end this practice

      You still believe in the easter bunny, don't you ?

    • by s73v3r ( 963317 )

      On the other, I think it would be stronger to let market forces end this practice

      No, it wouldn't Not with the high unemployment levels we're currently experiencing.

      If enough people simply stand up and walk out when asked to cough up their facebook information, the practice would stop immediately because the company would be unable to hire anyone

      No it wouldn't. They'd simply claim there's no qualified applicants, and get an H1-B visa to do it.

      If the work force were more united and less divided, market forces could dictate more workplace friendly policies

      That would be a great thing. Unfortunately half the workforce has fallen under the influence of the ultra right-wing, Tea Party, "not allowing business to do whatever they want is anti-business!"

      However, because Americans live in such abject fear, most are likely to just aquiesce so we need a law to provide a security blanket for the fearful.

      Or, it's because of reality, and the fact that most people simply do not have the bargaining position necessary to rebuff these request

  • This practice is, arguably, already illegal under the US Computer Fraud and Abuse Act.

    http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act [wikipedia.org]

    It all depends on whether your employer would be considered "authorized" to access the computer just because you coughed up your credentials.

    If giving your credentials to other people is against the TOS of the site, one might argue that your employer is not authorized and, furthermore, that you might be guilty of "Knowingly and with the intent to defraud, trafficking

    • You can't authorize somebody to access Facebook's servers unless you work for Facebook. Access is granted in the T&C for users when they sign up, but it explicitly forbids giving others your login details.

      Simple solution: Facebook should set up a "panic password" which you can hand over, the first time this is used it locks the account down, records the IP etc and flashes up a big page informing the "hacker" that they have broken laws X,Y and Z, that the authorities and the original user have been i
      • by sohmc ( 595388 )

        You forget that Facebook is not the product. It's users are the product.

        A panic password does little to nothing for Facebook and only creates more work for them.

        In this case, we would need a law to force Facebook and others to do this.

        • Given the stories of "fake users", bots and the like currently doing the rounds, you'd think it would make sense for them to at least make an attempt at linking accounts to their owners. There's little point advertising the latest cosmetics to the 56 year old male boss of an 18 year old female...
    • I don't know if the wording of this bill addresses it either, but your TOS point would arguably be defeated just by asking the employee/candidate to login themselves.
    • by s73v3r ( 963317 )

      I still like the idea of explicitly telling employers, "NO! You can't do this!"

  • Emphasis on the part that I felt was entirely overdue.

    HB 3782 prevents employers from screening potential job candidates or reprimanding current employees based on information from their social network accounts that would otherwise be private.

    ie. They can't just friend you or your friends in order to glean info off of your account and then fire you for it. I would imagine that if you have the info set to openly public it might be in the gray area.

    Now if we could get them to remove the stipulation in affirmative action laws that allow them to decide what they think you are (race/gender/etc) and document it after you choose to opt out of offering them the information. (I've had several issues w

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...