Slashdot Mirror
California Employers Can't Ask For Your Facebook Password
J053 sends word that California has passed legislation making it illegal for both colleges and employers to request social media account access from students, employees, and prospective hires.
"Assemblymember Nora Campos, who authored the bill, called AB 1844 a 'preemptive measure' that will offer guidelines to the accessibility of private information behind what she calls the 'social media wall.' ... According to Campos' office, more than 100 cases currently before the National Labor Relations Board involve employer workplace policies around social media. Facebook has also said it has experienced an increase in reports of employers seeking to gain 'inappropriate access' to people's Facebook profiles or private information."
Privacy is not dead, it's just losing the war.
Take arms and fight back!
If a business I worked for or was interviewing at asked me for my passwords to anything not work related, I wouldn't be working there anymore.
We actually need a law for this?
Really, I live in a (arguably) much less "free" country and I couldn't imagine anyone would ask something like this as a requirement for hiring.
What kind of idiot asks this?, what kind of idiot accept it?
You're a spineless asshole if you give it up. You only make more difficult for the rest of us. You're giving up our rights! Yet another strike against majority rule.
“He’s not deformed, he’s just drunk!”
FB users make a legally binding agreement not to share their passwords as part of the ToS for having a FB account.
I'd like to see one of these cases in detail because I can't get my mind around how an employee would feel compelled to give up their facebook (or other) private passwords to their employer. Nor can I get my mind around an employer thinking it's within their power to make such a request.
Correct me if I'm wrong, but an employee is protected by law to not even have to tell their employer if they have kids or not let alone access to private information.
I came to the datacenter drunk with a fake ID, don't you want to be just like me?
The federal version was voted down in the House by the Republicans.
http://www.huffingtonpost.com/2012/03/27/facebook-password-protection-amendment-congress_n_1384045.html
This space for rent.
What I don't understand is why employers even think this is reasonable. Yes, yes, I know, corporations bad, but corporations are still made up of humans and you would think some of those humans would understand that this is overreaching into people's private lives.
I don't see what someone's social media accounts have to do with their ability to work. Sure, they may party hard, or bad mouth their employers, but it's not exactly uncommon and it's not going to stop just because people don't put that on their FB account.
I suppose I am not surprised that someone would try this, what I am more surprised about is that they have gotten this far with it. Forcing people to turn over personal information should be something that a corporate legal department knows is going to get them in legal hot water.
I refuse to use any social media site with exception of Linkedin... So if they ask I have to say no... And the next thing out of their mouth will be. Thank you for coming in....
The celebration over AB 1844 is premature. Governor Brown has not yet signed it.
And if they actually agreed, I wouldn't hire them (and I wouldn't actually let them give it to me). If they can be so easily coerced into sharing confidential information and giving up their rights, they don't have the backbone I expect in my employees.
Now, in my job people are given significant authority and responsibility that needs to be safeguarded, so that's a real concern. In other jobs maybe that's not a criteria for hiring decisions.
MadCow.
I used to have a sig, but I set it free and it never came back.
But is anyone else finding that ticking the "disable advertising" box is having exactly the same effect as not ticking it, i.e. advertising is being displayed regardless?
To have a right to do a thing is not at all the same as to be right in doing it
In Illinois, a law like this has already been signed, and will take effect on January.
Reading the text of that law, it doesn't ban employers from using packet sniffers.
If I were an employer, I'd ask for the password just to see what type of idiot's actually give them up. Then I'd hire the ones that stand up for their rights, but politely.
DNA -- National Dyslexic Association
Before someone makes the point that it's exactly what it is, it's not. I have my facebook locked down as well as an inmate can hope to clamp his anus shut in a prison shower and the ones I do share it with are limited in number.
This just means that if employers want that sort of access, they have to go through official Facebook channels. Why else do you think Facebook supported this?
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
a facebook account, just like any other account in the universe is your private fun. i really wonder how this can even be worth any discussion in the US. if an employer in europe asked you for your private password to anything you would just laugh at them and leave.
*shakes head*
...but what happens when they ask anyways? Is the company or school fined? What form of punishment do they face? I actually read the article which was the side salad equivalent of a story.
Want my vote this November? Post your FB password here:
Have gnu, will travel.
What if the Terms of Service forbids someone allow third party access to their account? What if the Terms of Service forbid the company from accessing an account they do not own? Can Facebook hold the employer accountable?
Or at least until you "friend" someone at the office.
The problem is, today employment is a high-risk business. You employ the wrong person, fire them and they come back and shoot up the office. Or they may sue for some misunderstanding. Remember, the US is a society where people get ahead by suing and getting a big settlement.
There is also the simple fact that choosing the wrong person to hire results in a lot of costs with just job related things. It costs time and money to train someone and if they do not work out and leave after six months that time and money were wasted, possibly affecting scheduled and having a real impact on revenue.
All this makes employers want as much information as they possibly can gather about prospective employees and make no mistake about it, you aren't going to change that desire with some laws about social media. If employer's can't get this directly there will soon be services to deliver the information indirectly just as now you can get a complete background check of someone from the Internet. When there is a need that people are willing to pay for, someone is going to fill that need.
Why is social media relevent? Because the expectation is that you may post things in an unguarded manner that reflect more of your true personality than at a job interview. If the employer can avoid hiring someone that is going to be a problem, they just saved a bunch of money and possibly saved a project from being delayed. You can consider this to be the new sort of "personality test" that was all the rage back in the 1970s.
Oh, and face reality. The prospective employer probably doesn't care that you got drunk once and someone took some stupid pictures. Now, if you have people publicly commenting about what a drunk you are and how you can barely drag yourself into the office that becomes relevant. Having a comment about how much of a jerk you were to someone isn't all that interesting, but again if you have a bunch of stuff that indicates you're an intolerant child that has to have everything your way... well, you get the picture. It is the same thing as a background check that shows a speeding ticket - not all that relevant. But if you are driving on a restricted license because of a license suspension that might be interesting. Having recently been released from shooting up your former employer's business might just be relevant as well.
Is all this relevant to being able to do the job? Probably. If you come across as a nice, easy going person in an interview but are in fact quite different on the job it could be a big problem and how is an employer supposed to know? And because of all the problems the employer really wants to know as much as they can. And the information is out there for someone to gather for them.
Privacy? Once you start exposing yourself online, you have none so you may as well just get over it.
Question 1: You you with to be employed at $company? [ ] YES [ ] NO
Question 2: Are you legally allowed to work in the US? [ ] YES [ ] NO
Question 3: Are you out of your free well offer Facebook verification? [ ] YES [ ] NO
Question 3a: If you selected YES above, list your Facebook ID and Password: ID: ____________ / Password: _____________
Is it just me, or did they miss the opportunity to make it illegal for public school officials to browbeat Facebook passwords out of children (with or without the aid of law enforcement)?
Log in or piss off.
Americans are increasingly conditioned NOT to grow a spine. We need rules like this "to protect us" because too many people simply do as they are told with no apparent ability for consideration of what it means for them personally or for society at large.
The problem is that there are an infinite number of ways to be abused, and there's no way to make them all illegal (and they all shouldn't be illegal, after all). People need to start (1) not working for such companies (2) not buying from such companies as a customer, and (3) severing business contacts with such companies if you are in another company.
So yes, we're a bunch of pussies, but the more we become a bunch of pussies, the more we NEED such laws because we have lost the ability to act in our own best interest. We need the nanny state because we're too dumb to not need it.
It needs to forbid not just asking for passwords from the candidate, but asking for any kind of access in excess of what an ordinary member of the public would have from anyone (the candidate, the social media site, associates of the candidate, etc.). No requiring the candidate to let you watch him viewing his profile. No asking the social media site to grant you behind-the-scenes access to candidate's profiles. No asking friends of the candidate to let you watch them view the candidate's profile. No special access, period. If the candidate is keeping it from public view, as an employer you don't get special privileges to bypass that.
But if the candidate's dumb enough to leave it open to the general public, it's fair game. Ditto if his friends post things about him and identify him in them. Though if you trust things other people say about him and they turn out to be false you don't get to avoid any liability that'd attach to that either, so you may not want to go trusting the unsubstantiated word of random people you find on the Internet.
Slashdot covered that before.
http://yro.slashdot.org/story/12/03/29/1249215/house-kills-effort-to-stop-workplace-requests-for-facebook-passwords
The Slashdot story blamed the Republicans as well, but some posters were smart enough to do the research to figure out what had actually happened:
You think this is a privacy win? think again!
If your employer wants your Facebook details he'll have to pay Facebook like everyone else. No more shortcuts!
A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
It's a good way to learn if you want to work for a company...if they make request like that, you can disqualify them before it's too late
If you can find it, since I don't use my real name and photo, you may find out alot about my dog.
Get up!
Personally, even asking is a direct insult. It shows they don't value me. I would simply tell them, "go fuck yourself" and walk out, never to return.
Problem solved.
* Carthago Delenda Est *
Has no one told the HR person to fuck off when asked this?
2 cases:
1) you live in a hire-rich area and have lots of choices.
2) you live where the employers call the shots and you are chattle
you don't always luck out with #1.
(just sayin')
--
"It is now safe to switch off your computer."
Can anyone cite a confirmed instance of any hiring manager or HR person actually asking for someone's password?
All this talk is about "what if someone asks." And obviously, asking for any personal password is, at the very least, a security nightmare.
However, I've yet to see someone standing up and saying, "Yes, Person A at Company X actually asked for my password, and here's what happened."
Until then, this is all silly talk.
...I figure yet another reason not to have a Facebook account....bypasses the problem (and many other privacy issues) entirely.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
I have a friend who has recently begun training to be an EMT and for fire service. Several months ago, when he began his schooling and training, he told me he had to clean out his facebook account. I figured it was a good idea, since they could look at it, but I told him he could just change his privacy settings to keep anyone that wasn't on his friends list from viewing his wall/timeline. He then explained to me, that on his application, he had to supply his facebook login and password. I was immediately appalled at the notion of handing over your personal social networking credentials over to any company/organization. I told him it was very illegal, but he didn't want to start any trouble as a new recruit. I told him to make a fake account, but he wasn't having it. Now there's a specific law making it illegal, I made sure to tell him the second I read this article. It is a shame we need a specific law for this...
640k ought to be enough for anyone.
...because FB would rather sell your private data to them and others.
Sorry.
This morning's Los Angeles Times reports that Governor Brown signed the bill yesterday. It often takes about 2-3 days for the Web site that tracks California legislation to be updated. At this time of year, when the Governor is facing a deadline to sign or veto all bills passed during the just-concluded legislative session, the backlog can be a week or more.
Along with AB 1844, which applies only to employers, the Governor signed SB 1349, which applies to colleges and universities and prohibits them from requiring students to expose their social networking. Unfortunately, neither bill provides any penalty for violating these new laws.
Why did they forbid asking for password only to social media? They could have stated "any personal account", so as to include email, and lots of other things. It's like they deliberately left out an equally important privacy issue.
They are barred by law from asking your age, marital status, sexual orientation, ethnicity, etc.. When they look at your FB they can get all of that info without having to ask. Do we know if there have been any successful discrimination suits resulting from this? Like from a gay dude or someone who's old but doesn't look it, who was denied work even though they are qualified and have good references, or anything like that?
Amusing juxtaposition with the person who posted immediately after you. I'm aware that, given they posted -after- you, you couldn't see it when you posted that, but yes, someone has said that (or at least said that it happened to an immediate friend), and they're right above you. :)
I see a lot of outrage about preventing it, which is well and good and just.
But is it outrage about a real thing? Are employers actually asking for Facebook passwords?
Why Facebook? Why would any employer willing to ask for your Facebook password not also ask for your email password, your various blogs, and your signature on a blank check? Why wouldn't they ask for naked pictures of your spouse, and then disbelieve you when you claim there aren't any?
I'm sure that assholes exist, so it's probably happened. But is it actually widespread, or is this just an opportunity to get pleasantly outraged?
If you give me the valid password to every server and user in the company.
The only stated opposition to the bill came from the Securities Industry and Financial Markets Association (SIFMA )http://www.leginfo.ca.gov/pub/11-12/bill/asm/ab_1801-1850/ab_1844_cfa_20120829_144715_sen_floor.html, which reads in full:
According to the Securities Industry and Financial Markets Association (SIFMA), while this bill is well-intended, it conflicts with the duty of securities firms to supervise, record, and maintain business-related communications as required by the Financial Industry Regulatory Authority (FINRA). They argue that if this bill passes in its current form, firms will be in the untenable position of having to violate either state law or their FINRA obligations. SIFMA argues that while they have no interest in accessing employee accounts that are used exclusively for personal use, the problem is that many people use the same account for both personal and business activity.
SIFMA contends that in order to protect investors, FINRA requires, among other things, that securities firms supervise, record and maintain their employees' business communications - including those disseminated on social media sites. They argue that these requirements are spelled out in several different FINRA rules and regulatory notices and denying securities firms access to social media accounts where business is being conducted directly conflicts with FINRA regulations. Additionally, they argue that it also puts customers at risk, as it will be much harder for firms to detect serious problems, including (1) misleading claims by an employee, such as the promise of an unrealistically high rate of return on investment; (2) insider trading, Ponzi schemes and other fraudulent activity; and (3) inappropriate conduct such as the selling of investment products that are not approved by the firm.
Furthermore, SIFMA argues that the bill does not address the increasingly common scenario where a financial services employee seeks and obtains firm approval to use his or her personal site for business use. In these instances, firms must have the ability to monitor, record, and retain these employee communications. Therefore, the opponents are requesting an amendment to carve-out financial service firms from the requirements of the bill which would allow them to access a personal social media accounts or devices of a financial services employee. They believe that this carve-out would allow them to comply with both this bill and FINRA regulations.
Draw your own conclusions about what this says of the interests of these particular Senators. While I believe the argument is actually describes a reasonable concern, it seems the easy approach is not to complicate the law by carving out a statutory exception for certain industries, but rather for these firms to adjust their policies accordingly. For example, they could both prohibit the use of personal personal networking accounts for business purposes, by making it a firing offense, and actively warn investors to contact them if any investment-related claims appear on the personal accounts of their employees.
Seems like these "be pro-business and reduce government red tape!" types are those most interested in creating complicated laws and regulations to suit their special snowflake needs.
Are you all as outraged by drug testing as by this? Pissing in a cup for job is even worse but everyone seems to accept that now. Personally, I wouldn't accept either of these to get a job.
Facebook will already sue any employer who asks an employee for the password. I guess it is different from being an actual law but I would expect Facebook has some pretty damn good lawyers...
I mean ... it's scary that they need a law for that. What's next, employers asking for your credit card information, atm card pin numbers, preferred sex position and another gazillion of very private bits of information that have no relation whatsoever to the job?
"No.
First, doing so would violate the terms of service for Facebook so I would have to close the account immediately.
Second, if I did I would show an inclination to divulge confidential information for a reward - in this case, a job - and would you really hire such a person?
Third, even if I told you, what would you need it for? If you used it to log in and in effect impersonate me, you would have committed computer fraud. Is that something you would like to have on your record?
Now if you'll excuse me, I will go and offer my skills to a more ethical company."
Don't cheer yet. This isn't going to make it any easier for a privacy-conscious person to find a job. I'm sure every state will eventually adopt this law because the issue is just stupid. It's not even controversial; the invasion of privacy here is beyond ridiculous. However, just because they can't ask you for your password anymore doesn't mean that they're going to change their ways. Facebook is now the ultimate head-hunter's tool and employers aren't going to ignore it. There's an company out there right now skipping over a perfectly capable individual just because his Facebook profile is set to private. Expect "public profiles" to be added to every HR department's filter, along with degrees and job experience. Your best bet is to adapt. Clean up your Facebook while you're job hunting; remove undesirable friends (we all have them) and pictures and set your profile to public. Show them you have nothing to hide. Then, once you get hired, you can set it right back to private.
> The bill prohibits employers from demanding user names and passwords from employees and job applicants.
Now all an employer has to do is "suggest" that you "voluntarily" give up your Facebook password, but that your refusal will not have any impact on their hiring decision. And by a strange coincidence, no one who refuses will get hired.
Business as usual in the Land of Unfettered Capitalism
I was asked my religion one time didn't bother me but should have sent a warning signal as that Boss was by far the biggest asshole ive ever worked for and was very happy to stick the bastard with a 0 day quitting notice. I was young 24 ,36 years ago lol,at the time and seen a driving job with no experience needed. Turned out there was a reason as anyone who drove a truck in that area all know the bastard lol and couldn't get experienced drivers. I could go into details but my point is If you get an interview and they ask a question they shouldn't be RUN not walk out the door. If they are willing to break the law in interview its my experience they break alot more then that law. No amount of money is worth the hassles none.
Jack of all trades,master of none
His manager there would ask he for his password every few days, and require him to obtain a new one, claiming it was for "testing purposes" --- he advised her it was considered a security breach, contacted his retarded temp agency each time to make a note of it, but dutifully handed it over. Sure enough, this manager (later to have to go in hospital for nasal passage replacement surgery --- 83% of time such surgery results from cocaine addiction) complained to his agency he was signing onto the Internet while on his part-time temp job at the Fed --- a definitely lie, as this guy, although the manager had specifically volunteered it was OK to sign on to the Internet -- this fellow considered the Fed's network security to be a joke, so was afraid to do so for malware/virus reasons.
Since he never signed onto the Internet, and couldn't comply with their complaint to the agency which had notified him of this, he never returned to that position, although bizarrely enough, after said phony complaint, they for some supposedly strange reason wanted him back there (a rather obvious setup by yet another cocaine-addicted Federal Reserve employee, more common than you'd suppose). He retained an attorney who contacted the useless IG at the Fed. Reserve of San Francisco, the FBI, and that manager, but couldn't reach her at the time due to her hospital stay, so sent the necessary documentation warning against any further actions on her part, etc.
That's exactly why one never gives up their password to anything to anyone, especially any corporation, bankster or the banksters' front office, the Federal Reserve.
Waiting for actual harm is folly if what you're trying to stop is actually wrong.
Kinda smacks of "one free bite" laws where vicious dogs get away once with mauling someone.
Simply the fact that there's an incentive to do something bad is reason enough in my book to stop it.
Ummm, then why do you even have an account.
Problem solved.