Slashdot Mirror
Employer Facebook Password Requests Suspended
Hugh Pickens writes "The Washington Post reports that Maryland's Department of Public Safety and Correctional Services has suspended a roughly year-old practice of asking prospective employees to voluntarily divulge their user names and passwords to social media Web sites such as Facebook. In a statement, the department said requests for user names and passwords had been voluntary, and had not been taken into account when evaluating job applicants. Nonetheless, 'in light of these concerns raised by the ACLU and because this is a newly emerging area in the law, the department has suspended the process of asking for social media information for 45 days to review the procedure and to make sure it is being used consistently and appropriately.'" We covered this story back when the ACLU took the case.
I'll give them my password! But I was taught to change my password if I accidentally show it to someone, so I guess I should go change it now, too!
The information is out there publicly anyway.
Lesson: governments and corps never give up power unless forced to.
If they had their way, each citizen would be assigned a "minder" in addition to electronic ankle bracelets and GPS.
I'm not a lawyer, but I play one on the Internet. Blog
Here is how I would implement a policy like that. I would ask, all applicants for their facebook username and password up front.
Then, everyone who gave it to me, would get a polite letter informing them that they did not get the job because they so easily violated the TOS of facebook, with whom they had a standing agreement before they applied with us. Thus, there is no way that we could trust them with access credentials on our system.
You failed the test, you are the weakest link, goodbye.
"I opened my eyes, and everything went dark again"
I just love to hear that disclosure was voluntary when you were interviewing for a job! Sure, it's voluntary, don't tell us and you don't get the job. I'm not sure about private companies making that "voluntary" request -- but certainly not a government agency.
Here's what I'd say:
User name: Fuck
Password: You
Thinking is for the ruling class, peasant. Do what you're told.
"Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
Wait, so "requests had been voluntary, and had not been taken into account when evaluating job applicants." If that statement is true then asking for the information serves absolutely no purpose at all. Seriously, was their only purpose to invade their employees privacy and put them in a potentially conflicting situation?!
If their statement is true then this raises even more serious questions about what this information was used for. If it was a lie then we need to ask why they feel they need to lie about this program (hint: it is illegal either way).
I'll make it easy. It's never appropriate to ask and expect a username and password from anyone. It doesn't take 45 days to figure that out. OK, maybe in the government it might. Better make the review process 180 days instead and create a committee dedicated to this issue.
What legitimate reason could an organization have for needing this information? As in, they say: "Would you voluntarily give us your Facebook username and password?" I say (because I am a man, not a sheep): "Why?"
They could have my user names and logins, but not my passwords or any other credentials. Just asking would pretty much make at least me turn around and walk out, likely rather annoyed at having wasted my time on such losers. Why don't they ask for my address book and business card files while at it? Can I have theirs?
do they think we're stupid?
They don't think you are stupid. They think the people they're hiring are stupid and have a passion for yielding/wielding command as part of a hierarchy with no regard to the consequences of their actions.
Considering they're hiring prison guards, that's a fair assumption.
Oh, it is standard deception. No, they will not take into consideration whether or not you disclosed your username and password, but they will allow the information that such access would grant them to count for you in the interview. You were not rejected for failing to provide the username and password; you were rejected because someone you are competing with for the job did and they saw positive things in his profile.
Palm trees and 8
I am reasonably certain that what would be done in this case is to check everything you have ever done on Facebook. Also, all of those people should expect their security questions to have been changed just in case the passwords are changed someday.
Also, keeping the people working on this from fraping random people must be really hard, but they do it, right? Right?
I didn't think so either.
Andy Dufresne unfriended the Sisters and they let him be, but I can't.
Lets face it, They say it has no bearing on the process but we all know it is BS.
Heck, 20 years ago I worked for Pinkerton. The hiring process had a list of "Optional" questions. Things like
What church do you attend?
Do you believe in the second coming of Christ?
Are you gay?
Are you the type of person to drop the hanky?
etc, etc
They make sure to state that it did not effect the hiring process, however, those that did not answer the questions were let go within 30 days of being hired. For me, I was asked to work 2 back to back 12 hour shifts, then dismissed for a dirty uniform.
Lets face it, if they have the information they will use it!
"We're only asking about your religious preference because y'know, we're just *curious*. It has NOTHING to do with whether or not were going to hire you, really. So that's OK, right?"
I work for the Department of Redundancy Department.
Things like this are all the more reason to never use your real name on social networking sites, ever .
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
The people doing this were bureaucrats in a department of a small state. If they are the ruling class, so is half of everybody else.
Nerd rage is the funniest rage.
To be honest, I don't think it deserves such deep analysis.
It probably started off simply being "a good idea" dreamt up by some clueless middle manager to exert some power over potential minions but, as usual for 21st Century Management Trainees, he/she didn't even stop to consider the ramifications of such a decision when it came to privacy etc.
I bet if you go to them in 45 days time and ask them what they're decision is on the matter, you'll get a "What Facebook password issue?" response - this is because middle managers, being bereft of backbones, are incapable of just saying "Yep, I fucked up, it was a crap idea and sorry for causing such hassle."
Gentoo Linux - another day, another USE flag.
"Employer Facebook Password Requests Suspended" should be "Employee Facebook Password Requests Suspended", no?
S
http://stephan.sugarmotor.org
Total bullshit from top to bottom. That's all I've got to say.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
Here I am, in an interview, trying to impress you with my willingness to be a team player, and you ask me for my username and password. There is definitely pressure there to comply. If it's not being taken into account when evaluating employees, why is it asked? That just reeks of falsehood.
Currently hooked on AMP
Anybody (American) who cares about these kinds of issues should send a thank you in the form of a few dollars to the ACLU. When the government tries pulling this kind of bullshit, they're the ones who have your back.
I find it interesting that this post ever had to exist in the first place. What, would possess anyone to even consider requesting that information in the first place? Those comments about being a security test, I could see that to an extent. I think, that a wise would be employee, should reverse the questions and in the spirit of openness and trust request the facebook login username and password of the individual requesting theirs. Alas, then they would both be in violation of the TOS and since this post is about "...Facebook Password Requests Suspended..." that it is a a moot point anyhow, I suppose.
While you're at it, we'll need a key to your home. At your discretion, we'd also like a full copy of your personal diary for our records.
Okay, great. Now strip for the camera and bend over. This will only take a minute or two.
Use my userscript to add story images to Slashdot. There's no going back.
Because in The Day this type of behaviour was according to US politicians only expected from communist dictatorships.
This type of behaviour includes the ban on Unionisation in Wisconsin, 30 years ago US diplomats, politicians and the free press would have had a field day blasting such policies.
Would Barack Obama today be the same man he was during his presidential campaign he'd be drawing blood among the officials responsible for those infractions against general human rights.
Or just imagine how Ronald Reagan would have responded...
The bottom line is: the USofA does not have any useful privacy legislation.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
There is no privacy online. The Internet is our biggest postcard. Treat it as such.
Online Security never really has been secure for all. There are many levels of risk. Social risk is just one of the many.
The U.S. Attorney's office in Baltimore confirmed that there have been arrests in a federal investigation into police corruption. Vicki LeDuc with the U.S. Attorney said she can only confirm that there have been arrests of city police officers and it involves a corruption investigation. She declined to say more.
Yeah, because half of the guards at the place i worked were either IN the military, or retired military. Quite a few were going to college part time, myself included. Even though i hated the job, the only reason i stayed as long as i did were my co-workers. If you think all prison guards are just power hungry police-squad drop-outs you show your ignorance very well.
But hey, lets just let all those child molesters, murderers, thieves etc, out and see how safe you feel.
I don't have a Facebook account. No, really, I don't. Now what? I don't get hired? Sounds like a lawsuit to me.
Bow before me, for I am root.
Drop the hanky is a game where women drop a hanky and men pick it up. Baiscally a seduction game.
BTW the first time I was asked the question the only thing I could think of was drop the soap, so I said no.
not to have a Facebook acct - what bull$%^#$%#
The point is, they think we're too weak to do anything about it.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
http://www.ehow.com/how_4532062_play-drop-hanky.html
"Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
Entirely aside from the direct attack on privacy that asking for social networking login info represents, this policy is an insidious way of 'un-levelling' the playing field in favour of ass-kissing suck-ups who would sell their souls for job advancement. Those who co-operate are likely to get preferential treatment come review time, while those who protect their privacy, (and by extension ours as well), are likely to be discriminated against in subtle or not-so-subtle ways. Such prying into individuals' personal lives on the part of ANY employer should be made illegal, with stiff penalties for first offences and even more onerous ones for repeat offences.
45-day review of the policy? Get stuffed, you bastards! You don't own ANY part of me beyond working hours, and my private life is none of your fucking business!
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
But hey, lets just let all those child molesters, murderers, thieves etc, out and see how safe you feel.
You mean drug users, right? Cause the number of arrests for drug abuse has risen dramatically, while all other crime has dropped (in some cases just as dramatically) in the last 15-20 years. http://bjs.ojp.usdoj.gov/index.cfm?ty=kftp&tid=3
...sometimes, in order to hurt someone very badly, you have to tell that person terrible lies. - PA
If they can't show the information wasn't used when provided, they've opened themselves up to serious legal liability.
Facebook profiles have entries for birthdays (and hence age) and religion, just to consider two potentially protected categories off the top of my head (age is only protected if it's 40-65). Facebook accounts are encouraged to have photos, which will normally show race.
This means that, if you applied for a job there that you were qualified for, provided your username and password as requested, and have anything halfway specific in the religion field or a birthday showing an age between 40 and 65 inclusive, or a photo showing your race, or other information showing you're in a protected category, and they hired somebody besides you, you may have a case of illegal discrimination under Federal employment law.
It may be that the state government can handle all of these claims, but the fact that they may have to should factor into some people's annual evaluations.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
They're hiring people to guard people who have either fucked up, either big time, like murder, or small time, like shoplifting. Either way, most of those people are going to get out eventually, and whether or not they fuck up again depends partly on how they are treated during their time in prison. Do they learn job skills that expand their economic opportunities? Do they learn the social and behavior skills to get along?
Prison guards are part of the process of rehabilitation. In a sane society, the job would pay six figures and require an advanced degree in criminology (plus extensive martial arts training).
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Thanks for the link, very instructive !
Previous posters that mentioned having something dirtier in mind while trying to figure out what the expression means probably imagined dropping something like this :
http://en.wikipedia.org/wiki/Mr._Hankey,_the_Christmas_Poo
Everything I write is lies, read between the lines.
Better to show them a site that implies your family and friends are powerful people who they fear.
-fb Everything not expressly forbidden is now mandatory.
I meant what I said and "do you mean" is a rude statement. The place I worked at mostly incarcerated sex offenders, so yeah, I felt good about keeping them in there.
Learn the difference between "to" and "too" dammit!
I'm tired of grammatically incompetent know-it-alls. You have two errors in your "correction." You need a comma before "dammit." Also, "damn it" is the correct way to damn somebody. Good lord the internets is full of tards.
What the hell...45 days to "review" a "procedure"? Pure bureaucracy. We need just one reasonable person to spend 10 seconds using a Sharpie to cross out this step in the "procedure" so life can go on.
"Microsoft killed my company, I hold a personal grudge. I don't use Microsoft products and neither should you."-JWZ
Private passwords?
Hello?
No, you do not share your username and password with your boss, and your boss has no ****ing business even asking for it in the first place!
This sort of invasion of one's privacy is completely unacceptable. And any boss that asks for this stuff, let alone makes it a condition of employment, is either an oppressive snoop looking to play brain cop, totally clueless about technology and/or personal boundaries, or both.
This is the sort of information we hold a deathgrip on unless a warrant or subpoena pries it from our cold dead hands. There is no fucking WAY a boss in the private sector has any business even thinking about this.
Stand your ground, and if your boss tells you to take a hike after you refuse to cough it up, then move on and be glad you dodged a bullet.
Same old same old ....
"The greatest lesson in life is to know that even fools are right sometimes" - Winston Churchill
Snippits from the TOS: Safety: 5. You will not solicit login information or access an account belonging to someone else. ...
Registration and Account Security:
8. You will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account.
Sig is on vacation
But they should have: No-one deciding to breach the terms of a security-relevant agreement (with the social networking provider in the instant case) for personal gain should work at a correctional facility.
Only candidates declining this outrageous request should have deemed eligible for the job, as all others may be expected to become just as oblivious to provisions of the laws and contracts governing their high-risk employment.
> No-one deciding to breach the terms of a security-relevant agreement (with the social networking provider in the instant case) for personal gain should work at a correctional facility.
Neither should people that ask you to breach the terms of a security-relevant agreement.
Don't kid yourself. It's the size of the regexp AND how you use it that counts.
> No-one deciding to breach the terms of a security-relevant agreement (with the social networking provider in the instant case) for personal gain should work at a correctional facility.
Neither should people that ask you to breach the terms of a security-relevant agreement.
Of course not, but if they did, the interviewer's defense (credibility aside) might be that it was just a test of the applicant's ethics and integrity.
Having demonstrated their neglect for either, in front of the recruiting officers, those consenting to that demand should never be given such jobs (what if otherwise an inmate ever similarly offered them a "bonus" to their wage later on?), even if the request had been made in bad faith, i.e. to actually access applicant's personal information.
Goes without saying that those asking the question, and everyone in command responsibility for them, should be fired all the same (and possibly indicted where applicable).
Rude? Possibly, but less rude than flat out accusing you of making false claims (either intentionally or unintentionally) in order to exaggerate your own perceived worth to society. You were trying to imply that you served as some sort of protector for society by locking away the big scary men. I pointed out most of those you locked away weren't a threat. So now you retort that they were in fact sex offenders (OMG, think of the children!). Sorry, also not protecting society. The vast majority of sex offenders are not repeat offenders (less than most other crimes) and most actual sexual assaults come from friends and family. Since I don't personally know anyone in prison for sexual assault, my chances of being assaulted if they were all let out of prison would increase by almost nothing.
Do these people deserve to be in prison? For the sake of argument, we'll assume a perfect justice system and say yes. Is a prison guard serving a useful function? Yes. But the idea that you and the chip on your shoulder retort "You can't criticize us b/c without us you would be raped and killed in your sleep!" is simply an offensive, dishonest statement. And one that doesn't directly address the assertion that prison guards are stupider than the general population; indirectly, it certainly seems to support it.
...sometimes, in order to hurt someone very badly, you have to tell that person terrible lies. - PA
Personal analogy time?
Alright... 1) one of primary school bullies (close to the bottom of their pack though... simply because he was nearly most stupid) 2) an extended family member following generally the least demanding routes of educational system, rejected by police recruitment process 3) an educator of sorts at local prison, rehabilitation mostly via paper models group last time I checked, overall a nice guy and leading such classes with kids in the open.
2 out of 3...
One that hath name thou can not otter