Slashdot Mirror
Bozeman, MT Drops Password Info Requirement
mcmoodle writes "Bozeman, Montana has decided that they don't want applicant personal information after all, citing a worldwide backlash on the issue:
'"Effective at noon today the city of Bozeman permanently ceased the practice of requesting that candidates selected for positions under a provisional job offer to provide their usernames or passwords for candidates' internet sites," said Chris Kukulski, Bozeman City Manager. ... Kukulski says after a 90 minute staff meeting held earlier today, officials decided asking applicants to provide their passwords to sites such as Facebook or MySpace, "exceeded that which is acceptable to our community." Kukulski apologized for the negative impact the issue has generated from news organizations and blogs around the world.' I didn't have any doubt this would be immediately squashed. Now I'm just curious as to how many personal accounts they actually went through!"
What else can we start worldwide backlashes against? They seem to fucking work.
In a system like ours, each branch of government has a specific role to play. The legislature crafts and passes laws. The judiciary determines whether the laws are valid. And the executive branch takes actions prescribed by the laws.
But only the executive branch has the power to actually do anything about the laws. It is almost a travesty how much power this puts into one single branch of government. Where we expect checks and balances, there is only unbalance in favor of the executive branch.
FTFA:
The city will continue using the internet as part of background checks to judge the character of applicants, and although the city will stop asking for passwords Kukulski says the passwords already given by previous applicants will remain the confidential property of the city.
It doesn't matter if searching online is legal or not. In fact, it may be illegal to consider anonymous online sources as actionable information. As long as the executive branch says it is going to do something, there are no laws that can truly restrict it.
Reality is 9/10th of the law.
Interesting that they declare the passwords they've already received to be the "property of the city."
Bodes not well, that's for sure-- and it shows that the city still doesn't "get it." They likely just know that a lot of people got very upset, and figured they'd back away from something they just don't grasp...
. . . well, the world now knows that there is a place called Bozeman, Montana.
"Come visit Bozeman this summer for vactation . . ."
"See the lovely lakes . . . "
"Please leave your passwords at the door . . ."
"What out for the moose . . ."
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Are you implying that a person's passwords to their personal accounts on websites are subject to public information requirements?
Because the FBI has maintained that obtaining a person's passwords without their consent is a crime.
FanFictionRecs.net
I gave them all my passwords, but each had at least one character that was unprintable, unpronounceable and ambiguous when written down.
1. Fill out form, including password.
2. Send it in
3. Change password
Sheesh.
First, this is not a cabinet position. This is fucking Bozeman, Montana, which no one had heard of until they pulled this stunt.
Second, who watches the watchers?
Third, define "nothing to hide"? As a simple example, I don't think my body is horrible, though it could certainly be better. That doesn't mean I want to be strip-searched to get on the bus to go to work.
It's not about whether you have anything "suspicious" worth hiding. It's about whether you have anything you'd consider private. There's a reason privacy is part of the universal declaration of human rights.
Don't thank God, thank a doctor!
Whenever a management decisions will be visible to those who are not subject to the decision-maker's authority, "management" is often seen to drastically scale back the scope of what it first mandated as necessary, instated as "policy", and enforced. The downside is that climbdowns are rarely the result of a realization of "Oops ... what we did was really stupid, so lets not do it anymore", but mostly "Oops ... we're getting bad publicity on this one ... time to do some managerial damage control". Stupidity remains unchallenged (unless it can be used by a manager to discredit a rival).
This example is also a salutary lesson for those who thought that Dilbert stories are all based in an imaginary world. As Scott Adams said: many of his examples come from real-life occurrences that he either witnessed himself or were emailed to him.
... citing a worldwide backlash... ceased the practice of requesting that candidates selected for positions under a provisional job offer to provide their usernames or passwords for candidates' internet sites
The common sense question would be why hasn't the city Manager and his accomplices been fired without severance because of this severe incompetence and lack of judgment. Reacting to a reaction is the worse kind of Management. These people should show some Leadership and resign from their positions without asking for severance pay or Letters of Reference.
While Bozeman's government's actions aren't kosher, can we really defend against it? Records are records, and if they decide that they absolutely must have it for such and such, it's not something you can completely prevent
This is nothing but the typical "if you don't have anything to hide, then you should be OK giving up your information" defense, slightly rephrased. Please read Daniel Solove's excellent evisceration of this argument here in PDF, and stop accepting the blanket "interests of national security" line without questioning on a case-by-case basis if it is reasonable.
Someone needs to create a privacy argument checklist for /. like the "why your spam solution won't work" checklist.
An old-timer with old-timey ideas.
It's completely unenforceable. People can just claim they have no Slashdot account (for example) and therefore not have to give their passwords away. Why anybody would be stupid enough to randomly give every potential employer their passwords is beyond reason. I could understand setting up temporary proxy accounts that would be used to, for example, say good things about the company in anticipation of a job interview.
The people who thought up this scheme are obviously stupid. How do people get into Management?
Because the FBI has maintained that obtaining a person's passwords without their consent is a crime.
You are using the credibility and authority of the FBI as a case for privacy rights. I suppose they are more credible than the NSA.
about this, and decided I would leave a comment. A small-print note on the page said that registration was required to leave a comment. However, there was no login or register link anywwhere that I found on the page. So I filled out a comment anyway, and I got a popup window asking for my information. I filled out my information, and clicked submit, and... nothing.
My comment did not appear on the page, so I tried again to see if there was some kind of link to login, and I got some strange dropdown asking me what kind of authentication I wanted to use: gmail, Open ID, and about 7 others I did not recognize. I tried a couple that I thought might represent the agency I had just "signed up" with, but no go.
Man, their website is a mess. The upshot is, though, that I never got to tell them what idiots they were being.
If you have nothing to hide...
Maybe if you posted with your name and address and some way of validating who you are instead of Trolling with an AC moniker then people will take you more seriously.
Yes, it was. But Vulcans don't give up theirs passwords.
So they were evicted with GUNS!!!!
Records are records, and if they decide that they absolutely must have it for such and such, it's not something you can completely prevent.
Records are records, but information that could be used to harm an individual in any way must be defended. The risk for that is just too great.
I don't mind if any employer wanted my Slashdot user name just to see what I post here (well, they'd have good time hunting some of the boring comments I've posted as AC). What I post is publicly available information. If they wanted my password, I'd be a little bit worried if they would suddenly start spamming corporate propaganda under my name - that would be a little bit awkward, now wouldn't it?
I was going to read the feature article, but I think the site is suffering from the legendary Slashdot effect, either that, or the link is broken...
Laughter is the best medicine, except if you have a broken rib.
I've found that when managers are ignorant about technology they often pretend that they understand. Chris Kukulski, Bozeman City Manager, seems to be one of those. Yet he says, "Integrity, leadership, service, and teamwork are the core values of our organization..."
Although he has stopped asking for passwords, there is no evidence that he actually understands, because the story says this: "... although the city will stop asking for passwords Kukulski says the passwords already given by previous applicants will remain the confidential property of the city." That's a surprisingly ignorant position to take, since site owners can change their passwords at any time.
Some people can see that technology is re-shaping our world in an exciting way and want to be part of that, but they don't want to do the work of actually understanding how and why.
It would be interesting if someone would collect all the Slashdot stories about managers pretending they understand the more complicated world surrounding technology, but actually being very ignorant. For example, yesterday there was this story about a university needlessly losing money: IT: Univ. of Wisconsin's 30-Year-Old Payroll System Needs a $40 Million Fix.
Reality is 9/10th of the law.
perception is reality
therefore
perception is 9/10 of the law
Your'e all thinking it, I just said it for you
A reaction taken from the article;
"Note to self, don't apply in Bozeman for a city job," one person wrote.
which is scary, because everyone knows that there will likely be at least one candidate who decides to apply for a job with the public service, which means the public service is going to get the cream of the intellectually dull and the morally bankrupt. They claim (as many other employers do) that it is important to hire based on a person's moral character. If these managers were not liars and hypocrites then they would insist that people prove that they are marijuana users and affirmed atheists before hiring. They would also confirm that these people are anti-war, anti-torture and against other right-wing neo-conservative ideals. If you are going to hire based on moral character, then you should make sure that the correct moral characters be hired.
The story broke on June 17 and by the 20th they had smartened up.
Seriously people, pull your fingers out.
Then again, it could have been a 1 minute vote and then 89 minutes of pin-the-blame on whoever's not there.
At the core it really comes down to wanting an excuse to justify spending half the day on the net looking at facebook etc. Also HR is very much seasonal work where there is really nothing to do most of the time but you need enough people to cover the busy periods, so we end up with riduculous scope creep with busy work invented so that HR people can justify their existence when things are not busy. In the places where they have facebook details they are probably spending a lot of time looking at current employees pages looking for an excuse to fire, which is a horrible waste of resources especially if they find something. A meeting where a boss has to justify keeping an employee that has put something lewd on the net from home is a complete waste of everyone's time - it has nothing at all to do with the job
I may be unjustly predjudiced here since I have not yet met a HR person that was capable of doing their job effectively, but I do see this poking about on social networking sites as an irrelevant waste of time that at best can exclude good canditates for entirely fictional reasons. Poking about people's sites and treating exaggerated stories of drunken parties as truth is not going to help the organisation at all and it's getting dangerously close the the slave owner mentality exhibited by the nastiest types of managers. What you do on your own time never matters unless that makes you a security risk (and that will hopefully be assessed by professionals and not some idiot looking on facebook or another idiot with a "lie detector") - but we're certainly not talking about classified positions here.
It's just a waste of time and evidence of a mismanaged HR department. Where I work the HR people deal with logistics during the quiet times - accomodation bookings, travel, making sure gear arrived on site etc. At a former workplace they organised social football and other activities, dealt with charities etc. There are plenty of things they could be doing if there is no hiring going on (and most of them should be left out of the firing process if possible - ethics is not the strong point of 99% of HR people IMHO).
Kukulski apologized for the negative impact the issue has generated from news organizations and blogs around the world.' I didn't have any doubt this would be immediately squashed. Now I'm just curious as to how many personal accounts they actually went through!"
Certainly, no one can mistakenly attribute that thought to Kukulski instead of the submitter!
A simple "mcmoodle further contributes:...." would be too much effort though.
"What kind of music do pirates listen to?" -Paul Maud'dib
"Yeeeaaarrrrr n' Bee!!" -Stilgar, Leader of Sietch Tabr
Laws are meant to be broken. - Ref some Wall Street lawyer
Only in the Mirror universe. Yes, there were some good Enterprise episodes.
In most of the places I have worked, Human Resources is stocked via lateral transfer from other areas. They're the deadwood that can't be easily be fired, but must be moved out for the good of the department. I'm entirely unsurprised that some HR drone came up with this idea. Unfortunately, they're still the first people job applicants usually encounter.
I've calculated my velocity with such exquisite precision that I have no idea where I am.
At least the Bozeman city officials had some idea about "how them internets work". When their bad judgement was pointed out to them, they took the right path instead of digging in their heels and making complete asses of themselves
1. Give employer passwords
2. Have an alibi while some friend posts kiddieporn/whatever to one of the pages from an open wireless AP.
3. Sue them because nobody else had the account data so it must be them.
4. Profit.
It's completely unenforceable
Don't start down the "acceptance" road already - this "hacking into job-applicants' email" malarkey was always unacceptable and should never have happened and should never happen again and any law purporting to support it must be removed, as should any politician who votes for it.
It's not time to fall-back to the "this is okay so long as it's not enforced" argument which justifies stunts like this.
Actually, it's more like "Well, even the FBI, which not the most "privacy conscious" of organizations, thinks that accessing someone's personal accounts without their permission (or a warrant, or special PATRIOT act permission) is a crime."
Heh.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
Personal security is a myth that rose from the ashes of wishful security.
Passwords are passwords: designed to distinguish those who have the rights from those who don't. If you grant anyone else the right to modify your personal website (except of course those who maintain it under your supervision), you shouldn't be a politician.
Oh, and any information that gets into a buerocratic machine is public from a security point of view. Take my word for it.
Are you implying that a person's passwords to their personal accounts on websites are subject to public information requirements?
Because the FBI has maintained that obtaining a person's passwords without their consent is a crime.
Consent is the requirement.
I was privileged to work for years with a really good HR guy. While he was in charge, no strikes, no industrial action, low staff turnover, and the quiet word in our community (this being politically incorrect years ago) was that gay people would never be subject to embarrassing questions if they applied for jobs. When he retired to grow fruit and win all the golf club trophies till they asked him to stop, he was replaced by a typical corporate drone who within six months had managed to lose two expensive wrongful dismissal cases, upset the union to the point of a strike, and cause several of the better managers to look for new jobs. Stuffing HR with idiots who should be fired is actually more expensive than getting a good HR person to work through the process of getting them legally dismissed.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
It would have been one thing had they just requested applicants list all of their social networking sites. And even listed their usernames with each site so that they would know who they were on those sites since most people don't use their real names as their logins. Clearly my real name is not yoshi_mon.
It still would have been a very invasive and ethically dubious practice but not too surprising for a 'red state'.
But to then ask for peoples passwords? That is where the whole thing gets surreal. Why the hell do you need access to the accounts? I've yet to see any real explanation for that part of this nonsense. Not that there really could be a good explanation for it but I'd really like to see what kind of twisted rational was given.
Really, I know what I'm doing...Ohhhh, look at the shiny buttons!
I think the bigger question beyond the job application. I think this should spur an investigation into HR's and management's practice over at good old Bozeman. How many present employees at this place, have been forced to turn over passwords and other personal information and what was the scope information. Who else has been threatened with job loss, or loss of promotions and other intimidation. I would think if they treat prospects like this, then what about the poor souls already employed there.
When no one there saw the obvious in just how wrong that was, then you have to ask yourself. Just how persuasive is this mentality in the city structure as a whole, from top down?
According to the Lori Drew precedent, violating the ToS of a site is no different than hacking into that site. That makes it a conspiracy to violate the federal anti-hacking laws. Facebook and the other sites involved would be well within their rights not only to sue the city, but to have whoever came up with that policy arrested on federal hacking charges.
Personally, I think diversity is a Good Thing. It avoids the formation of a monoculture, groupthink and organizations susceptible to a single adverse event (see Wall Street). Of course diversity is not measured by skin color, but by many factors, such as culture, education, language, gender, sexual orientation, origin, tolerance of risk, and finally, character. When Bozeman says it wants to check job candidates' "character", you can be sure that it is not to create diversity, but to eliminate anyone with an original thought.
Bozeman is not unique in this regard, which is why I look at corporations' and educational institutions' pious diversity statements with such pity. Such a culture will be the loser in the long run.
Prove anything by multiplying Huge Number times Tiny Number
The people who thought up this scheme are obviously stupid. How do people get into Management?
I would think the statement answers the question..... :-)
"City hall" in German is "Rathaus" Kinda explains a few things......
Exactly. If you ignore it because it's unenforceable, then what happens when 5 years down the road they figure out some way to _actually_ enforce it.
You'll complain, but your complaint will be meaningless, because "It's been that way for 5 years, and you're only just complaining now? If this was a problem, you would have brought it up before now. Obviously you're not as concerned as you say you are. We'll go ahead as planned."
"City hall" in German is "Rathaus" Kinda explains a few things......
Wait... Bozeman, Montana?
suddenoutbreakofwarpdrive
Anybody want my mod points?
you really need to bring out what you mean to be truly taken as inciteful.
Such an insightful typo....
"City hall" in German is "Rathaus" Kinda explains a few things......
In Star Trek: First Contact, Zefram Cochrane launched the Phoenix from a missile silo just outside Bozeman, Montana. But yeah, that's about it.
...it's not something you can completely prevent.
You can prevent it by saying NO and walking away.
If you don't have the stones to say no then your password is the least of your problems.
I'm giving up mod points to voice my agreement with you. Anyone else remember Tuttle, Oklahoma? I don't expect managers, even IT managers, to know everything, but it would be nice if they admitted they made mistakes rather than acting like jerks.
404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
[GPG key in journal]
I don't have an account on any of those sites.
I don't use "Not Q. Real" for name on employment applications. I don't use my real name online. Completely different people, any similarity is a coincidence.
This issue is a bit more complicated than you think.
It's also the base station for some of the best backcountry skiing and riding in the US. And home to Montana State University.
this isn't as witty as I'd like.
There was a movement at my high school to have the lunch lady replaced by Pamela Anderson. I think we were being more realistic
Like this comment? I accept Bitcoin! - 153sc8UUBXyp12ofQqfAWDmJrzyiKCYC1x
Most forums state comments posted are solely the property of the poster. A user is given an account, which is their property, albeit granted under whatever TOS the forum uses. A password protects this account (property).
My house is protected by a key - those who have the key have (usually) have permission to enter, right?
Bozeman, MT had no authority to demand a password. Even with the difference between "real property" and other forms of property, the password and housekey serve the same purpose: to protect the property. Bozeman would never think of asking for candidates' housekeys.
Thanks for reposting that link.
Are they still asking for a list of each applicant's personal websites? It seems to me there is no legitimate reason to force disclosure of such information. It's one thing if a background check produces a list of an applicant's public websites on its own, but to force disclosure of an applicant's websites as part of a job application still strikes me as very much an unwarranted intrusion into the applicant's personal affairs.
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
The people who thought up this scheme are obviously stupid. How do people get into Management?
I thought stupidity was a prerequisite?
-Mike
I'm sorry; I don't know what I was thinking!
I tried to read Daniel Solove's PDF, but fell asleep around page 15. His citations are mostly from anonymous internet blog posters, and the essay has a rambling nature that wanders down every side street before (presumably) arriving at some kind of conclusion. That's a great style for a college PhD thesis, but I'm not a panel of professors obligated to read every page he writes. To be persuasive, he needs to convince me that his essay is worth my time. Instead of 3 pages outlining the document structure and 25 pages slowly building to a point, it should have been 3 pages summarizing the thesis and 25 pages of supplementary minutia.
-Gonz
My facebook profile's arguably most prominent features are my religious and political affiliation, marital status, and age. It is illegal to ask about this stuff when being considered for a job. I think it would be very easy to argue that they are in effect asking these questions when they require access to the profile.
46 & 2
I seem to have struck a nerve, so be it, I think I am in better company as regards what happens once you have a large permanent standing army, rot, corruption then tyranny and dictatorship set in, and human misery knows no bounds then. Here's a few quotes:
James Madison: "Of all the enemies to public liberty war is, perhaps, the most to be dreaded, because it comprises and develops the germ of every other. War is the parent of armies; from these proceed debts and taxes; and armies, and debts, and taxes are the known instruments for bringing the many under the domination of the few. In war, too, the discretionary power of the Executive is extended; its influence in dealing out offices, honors, and emoluments is multiplied; and all the means of seducing the minds, are added to those of subduing the force, of the people.... [There is also an] inequality of fortunes, and the opportunities of fraud, growing out of a state of war, and ... degeneracy of manners and of morals.... No nation could preserve its freedom in the midst of continual warfare." and.."A standing military force, with an overgrown Executive will not long be safe companions to liberty. The means of defence agst. foreign danger, have been always the instruments of tyranny at home. Among the Romans it was a standing maxim to excite a war, whenever a revolt was apprehended. Throughout all Europe, the armies kept up under the pretext of defending, have enslaved the people."
Patrick Henry: "A standing army we shall have, also, to execute the execrable commands of tyranny; and how are you to punish them? Will you order them to be punished? Who shall obey these orders? Will your mace-bearer be a match for a disciplined regiment?"
"[The Declaration of Independence] listed the colonists' grievances, including the presence of standing armies, subordination of civil to military power, use of foreign mercenary soldiers, quartering of troops, and the use of the royal prerogative to suspend laws and charters. All of these legal actions resulted from reliance on standing armies in place of the militia."
source: http://www.fff.org/freedom/fd0409a.asp
General Smedley Butler: "War is just a racket. A racket is best described, I believe, as something that is not what it seems to the majority of people. Only a small inside group knows what it is about. It is conducted for the benefit of the very few at the expense of the masses.
I believe in adequate defense at the coastline and nothing else. If a nation comes over here to fight, then we'll fight. The trouble with America is that when the dollar only earns 6 percent over here, then it gets restless and goes overseas to get 100 percent. Then the flag follows the dollar and the soldiers follow the flag.
I wouldn't go to war again as I have done to protect some lousy investment of the bankers. There are only two things we should fight for. One is the defense of our homes and the other is the Bill of Rights. War for any other reason is simply a racket.
There isn't a trick in the racketeering bag that the military gang is blind to. It has its "finger men" to point out enemies, its "muscle men" to destroy enemies, its "brain men" to plan war preparations, and a "Big Boss" Super-Nationalistic-Capitalism." source: http://www.fas.org/man/smedley.htm
General and then President Dwight Eisenhower: "Now this conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence -- economic, political, even spiritual -- is felt in every city, every Statehouse, every office of the Federal government. We recognize the imperative need for this development. Yet, we must not fail to comprehend its grave implications. Our toil, resources, and livelihood are all involved. So is the very structure of our society.
In the councils of government, we must guard against the acquisition of unwarranted influence
People get into management by being less intelligent and able than their boss...Who likes competition?
Actually, this could provide any of the people that submitted with a perfect scapegoat*. Anyone could say "well, the guys down at the city have my password too, it could be someone there that sent the bomb threat that conveniently emptied the very building in which they work."
* Don't try it, it just might not work out so easily.
... said Anonymous Coward.
For bunnies sakes...
IANAL but write like a drunk one.
Pretty far outside, since far as I know the nearest silo is over 100 miles away!
~REZ~ #43301. Who'd fake being me anyway?