First, I consider this the equivalent of asking to record conversations I have with my friends. If you as an employer think that it’s part of your business to eavesdrop on my friendships and romances, then we know where we stand and I will be over here working with someone else.
Second, I can’t give you my FB credentials even if I wanted to. The reason is that by doing so, I am violating the privacy expectations of other people, who do not expect that the things they share with me in private messages or on their wall or photos will be shared with my employer.
I have a similar arrangement with the person I date. She is welcome to ask me about my FB and email, however she is not allowed to rifle through it at will because other people may have an expectation of privacy in things they have emailed me.
This may work for you now, and I stand my ground the same way, the reason this is so alarming is because eventually, EVERY employer may ask this and then you simply won't have a choice.
I am curious, however, what will happen to people who really don't have a facebook. I've never had an account, would they believe me or assume I deleted it?
Eventually, EVERY employer may ask this and then you simply won't have a choice
Two hours later, here is what I sincerely suggest you say:
The people I interact with have an expectation of privacy around the things
they share on FB with me, or even the fact that we know each other.
When I come to work here, you will have certain expectations about my discretion
and ability to respect the company’s need for privacy and my co-worker’s needs
for privacy by not sharing things I see, hear, or are privy to with a third party,
even—or especially—if I am offered a financial inducement such as an attractive
offer of employment with a company I respect.
I therefore ask you to recognize that I am giving my friends and family the exact
same expectation of privacy that you can reply on from me once I join your firm.
I don’t think that’s smarmy or righteous, it’s just good old-fashioned golden rule stuff, and you are demonstrating your integrity. There will be a certain number of companies who ask to shoulder-surf your facebook, and I will guess that some of them will back down if you say those words to them and mean it.
JM2C, of course, I am not qualified to give career advice.
> This may work for you now, and I stand my ground the same way, the reason this is so alarming is because eventually, EVERY employer may ask this and then you simply won't have a choice.
At that point I delete my Facebook account and never look back.
And if they do want it, there's probably a damn good reason anyways.
Given some of the silliness engaged by the government (e.g. placing a GPS tracker on a Muslim Redditor's car, supposedly because of a comment on Reddit), I don't think we can really take that statement as correct. :-)
As soon as you apply for a job that is high level or sensitive enough, that information will be part of the dossier they review. Depending what is in your FB, or any other comment history you may have, it MIGHT be wise to keep that FB. Lest they think you were trying to hide something.
Let's say you are trying to get a job with the FBI or obtain a security clearance. You will be asked to provide a list of family, friends, bosses, teachers, etc. from throughout your life, and those people will be interviewed (about their knowledge of you, not their own propensities to get too drunk, etc.). Lots of public and not-so-public records will be analyzed, etc., etc. Not much privacy.
What's interesting is that the purpose of the background check process seems to be threefold (as I gleaned from talking to an FBI Special Agent who interviewed me about a friend):
1. Identify possible ways in which the investigated person might be manipulated. Having an affair? Had an affair a few years ago which the current spouse doesn't know about? Gambling problem? Drug issues? If so, you might be susceptible to blackmail or bribery.
2. Identify propensities for dishonesty or lack of trustworthiness. Did you cheat on tests? Do you follow-thru on promises? I was asked a lot of questions about how much I trusted this friend.
3. Identify possible 3rd party allegiances. Are you someone identified by the mafia at age 15 as a person who will go to college, look sparkling clean, and then infiltrate the FBI? To make sure, the FBI interviews people from many phases of one's life. It would be really hard to have seemingly normal friends while you were secretly off training with some foreign terrorist organization. I suspect I was also background checked, but I never signed-off on it. The FBI seems to be using the social graph transitively to verify that you aren't hiding anything. No proof of this last statement though.
I've been told that, at least for normal governmental security clearances, the goal is not to determine if you are a good or bad person -- it's to determine if you are hiding something. If your wife knows about the affair you had five years ago, it will be hard to use that knowledge to blackmail you. However, if it remained a secret, you might do something not so good for the USA to save your marriage.
I was asked about the additional names (expressed only as initials due to space constraints) on my friend's condo deed. She had purchased the condo while in law school, and her parents co-signed on the loan. Only after the interview did I realize that the FBI was confirming she did not have a sugar daddy!
I have a FB profile. I don't post status updates or even articles. I have only the profile picture, no albums. I constantly refine my privacy settings to the strictest possible. Nobody can tag me in photos, etc. Nobody can see me wall (even friends).
I need a FB account for work. When FB inevitably becomes so invasive that people begin to panic and delete their profiles, I can safely delete (deactivate) mine. FB may keep all of my data, hopefully I won't have given them anything that isn't worthless.
I think the only safe policy is to refrain entirely from adding any information to the system; you may never get it back. Even seemingly innocuous status updates and public conversations could look suspicious/unprofessional/embarrassing later on.
Same situation, i needed one for work. Worked @ a social media management company...Facebook doesnt like "Fake accounts" so maintaining a real one for work, for the purpose of testing was something you needed to do.
Its a real pain in the ass, mixes personal and work way too much. I had a Facebook account already, and i still do, so i didn't mind too much....but i dislike the left overs its causes (installed apps, pages in my name, app keys in my name etc...although this was just due to poor management of these assets)
I receive occasional announcements and event invitations through FB groups. Sadly, this is the only way my company chooses to disseminate some information.
I'm still not clear on the "Getting rid of Facebook" process. If I recall correctly, there are three levels. First, you can simply deactivate it ("I've got a big project this week guys, so no Facebook for me.").
A step further, and this is where I think I am, is the "delete" option, where you, small 'd', "delete" Facebook, but your information is still there in case you want to come back. It's not accessible to your buddy Joe Blow, but it's there.
Finally, and I might be wrong here, but there is a big 'D' "Delete" option, where facebook deletes your info "permanently" or as "permanently" as they'd like you to believe.
I don't plan on going back to facebook soon, but I'm with you in worrying at times that a sensitive employer would look at a "deleted" or "Deleted" facebook and think "What is this guy trying to hide?"
This would do it. But I suppose that some people still keep their myspace accounts, or worse yearbook accounts. And those things can be searched via Google.
Also, deleting these accounts does not assure complete invisibility on the net. If you've used your account to comment on a public facebook account or page, there is no assurance that deleting your account would delete that post too.
I am curious, however, what will happen to people who really don't have a facebook. I've never had an account, would they believe me or assume I deleted it?
Diligently create a facebook "version" of yourself which appears to be a great worker/student/whatevertheywant?
I mean you can fight the system, but sabotaging it is so much more fun.
"Put it all together and I think we all now see the fundamental utility of LinkedIn — it’s the one place where you can demonstrate how honest, decent and accomplished you are, even if you have to lie and cheat to do it."
http://www.creators.com/lifestylefeatures/humor/work-daze/li...
The savvier kids have been maintaining multiple Facebook accounts for years: one where they friend their parents, family, church pastor, etc., and the other (under a pseudonym) where they have fun. It's like the social equivalent of a TrueCrypt hidden volume. Plausible deniability is the name of the game.
>...the reason this is so alarming is because eventually, EVERY employer may ask this and then you simply won't have a choice.
At that point, I would start my own company, we wouldn't check Facebook accounts (and would let people know this) and we would have a line out the door of job applicants who want their privacy respected.
What if you worked in some sort of regulated, specialized industry and were unable to set up your own company? What if you worked in one organization for a long time, built up seniority and benefits, and suddenly they changed their rules and you had to either quit or let them view your private accounts?
It seems to me that this is clearly the sort of thing that should be illegal because there is a huge imbalance in terms of bargaining power in these situations.
This is a non-story. They cite a couple of examples in the article, but the headline makes a completely unwarranted leap of induction to "employers and colleges across the country". I bet there are more cases every year of "employers and colleges across the country" who ask applicants to strip naked as a prerequisite for a job offer.
Even if we take this argument to a logical conclusion where every employer will eventually feel compelled to do this, this would destroy the value proposition of Facebook entirely. It would effectively turn Facebook into LinkedIn. If it can't be used for fun, people won't use it, which is entirely against Facebook's interests (which means they'll adjust the privacy policy and sue offending employers).
The idea that this is a serious phenomenon gets clicks, but it has no legs to stand on.
I expect a lot of things too, but I never cease to be surprised by the world we live in.
Consider that as popular as Facebook is, it is still mostly popular for younger people, who vote less than older people.
Consider how easy it is to convince the government to end almost any right or freedom if you mention security/terrorism.
Consider that while this might become an election issue, it almost certainly won't be the election issue. The economy, abortion, and all the other old standbys, will be the votes that really matter to an elected politician, not a vote, or lack of a vote, either way on facebook.
Consider that once this violation of privacy becomes status quo, it becomes 100x harder to roll it back.
I expect a lot of things, but I would not be surprised if this forced access to friend only level of information on facebook becomes the norm.
This is the case with drug tests currenty, in a lot of industries. Submit to a wholesale invasion of privacy or don't work. I understand Silicon Valley is pretty hip and savvy, but this is the reality for blue collar industrial jobs, retail, government work and, perhaps in the near future, welfare.
Drugs are about as easy to quit as Facebook for some people...
A former employer of mine supposedly mulled drug testing, but abandoned the idea when they realized they would no longer have a creative department.
On a more serious note, it seems to be that drug testing is only required where physical safety is compromised by drugs, like drivers, warehouse workers, etc. Similar to how people who have direct responsibility of money may have to undergo credit checks. Properly managed, these seems like acceptable precautions to me.
I've never been asked to take one, nor would I submit to one for a software development job, despite being drug-free.
I am having trouble coming up with a legitimate need that an employer would have for a facebook account password, short of someone who has a high level security clearance where phone taps and surveillance are also to be expected.
Introducing facebook background searches!
For a low fee of $2499, fb will comb through your prospective employee's postings and alert you of any trouble spots!
You need to acknowledge and own the power you have to tell assholes to go pound sand (phrased nicely like OP of course). Learn it early and practice often. If you produce value then the employer has more to lose than you do.
If every employer demanded this I would have the easiest choice in the world. Start my own company and not ask to read my employees personal communications.
> then we know where we stand and I will be over here working with someone else.
Hah, do you think for a huge amount of people simply getting a different job is really that easy? The working class of the US is completely on the ropes, they are told to take any job they can get because they are so desperate for work. It's nice, as a privileged person being able to go up yours I'll keep my dignity and my rights, but the impoverished and desperate do not have that luxury unless they want to starve.
Facebooks ToS prohibits password sharing. Only the media accounts they give out can be used by multiple people. You could simply list the accounts your employer was using and Facebook would nail them.
Also simply give a fake facebook account with a few fake contacts for your friends and family. Most people are too stupid that they wouldn't recognize the inactive accounts as fakes.
It may indeed be the case that communications issued through "friends only" might give rise to findings of "confidence" -- you'd be on the hook for breaking confidences.
An employer or college who obtains an applicant's Facebook password and uses that password to access the applicant's Facebook account may be committing a federal crime under 18 U.S.C. 1030 (Computer Fraud and Abuse Act, prohibiting access of protected computer systems without authorization or in excess of authorization). (Note that the Facebook Terms of Service prohibit sharing one's password or logging in under another's account.) See http://volokh.com/2011/12/01/judge-orders-plaintiff-to-give-... (noting that such access may be a federal crime even if authorized by a state court order).
The statute (18 U.S.C. 1030) also creates a civil remedy; Facebook may be able to sue employers who access an applicant's account. Even if the statute is held to not apply in such situations (or held to be unconstitutional as applied in such situations [1]), Facebook may still be able to sue under state law for inducing said applicants to breach their contract with Facebook (tortious inteference) by sharing their password.
[1] E.g., see U.S. v. Lori Drew, 259 F.R.D. 449 (C.D. Cal. 2009), where a district court held that 18 U.S.C. 1030 criminalized TOS violations (including falsifying one's date of birth) but was unconstitutional in that regard.
This is relevant, but not really sufficient to prevent employers from accessing Facebook accounts. Employers that get "permission" from employees or candidates to access a social media account can (likely successfully?) argue that they are proxy for the account owner.
We've seen something very similar in the discussions around data rights when people die-- family who inherit passwords are unlikely to be sued where there is explicit permission granted-- because they are not "impersonating" anyone.
What could to prevent this is if requests in this manner can be considered coercion or duress-- automatically disqualifying contracts with language requiring disclosure of private passwords, and penalizing parties that try to include similar clauses.
I'd love to cite some cases, but have to run (I do appreciate the legal thoroughness!)
And then the article requires a Facebook account to comment.
"Hey look, we're quickly aggregating all of our personal data into one centralized place creating an obviously appealing target for authority as evidenced by this recent trend of college sports programs invading the privacy of students. Let's all talk about it on Facebook."
Yes, this is one of the worst trends right now. It's one of the primary reasons I killed my Facebook account and null routed all Facebook on my home network.
Any site that requires Facebook as a login or comment function is dead to me.
Any employer who does this would leave themselves wide open to lawsuits based on anti-discrimination laws, as there's no way you can troll someone's private Facebook profile without learning protected information such as age, religion, national origin, disability, marital status, sexual orientation, etc.
Social media is becoming the main agent of a police state in a frightenly quick pace. I'm starting to think that the only reason these practices were not so common before was because of a technical barrier, and not because our rights were once valued.
Putting bugs in your phone and residence is difficult, requires technical expertise and people to actually monitor. So well, what can you do? Like the article says, the option was to educate. But then comes social media and kills the technical barrier, so great, lets spy on our students, candidates, etc, and have them give us clearence to do so through intimidation.
We never had those rights to begin with, spying was just more of a hassle then than it is now.
Now begins the real fight for those rights. If we fail, then we are left with a socialitariam-regime and forced to keep using some hypocritical-media in order to be able to get jobs/loans/etc while we keep private matters offline (until new technology breaks that barrier too).
This won't work in practice. Any situation with many equally qualified people competing for a very small number of spots becomes what amounts to a beauty pageant. What I mean by "beauty pageant" is that since every candidate is so well-qualified, any superficial imperfection begins to be treated as a useful criteria for selection.
When all worthwhile criteria are equal, worthless criteria are used to decide.
"This guy swore in a facebook post, so lets go with the other guy."
That would be good but not enough when there's money on the stakes. Say for instance a company that has decide between two candidates and one of them has a complicated medical history that can be infered from exchange of messages with friends and family. This is subtle enough that it would be very hard for the employer to be liable and also quite impairing for the candidate that will have a very difficult time getting a job because he has people that care for him and express those feelings through social media.
That's also just scratching the surface of the problem when you begin to consider sexual inclinations, religion, political views and ehtnicity.
None of that information should be relevant to most job applications, but once available they will surely be used to the employers will and you have no say in it.
I know in the real world it is not that simple, that is why in the meantime there are workarounds. Similar to how I am not pushing for real name policies but do want the problems to be fixed if possible.
A friend of mine is a doctor. One day she refused to perform a dangerous procedure for a patient. The procedure had already failed once, and she knew for a fact if it didn't work the first time it wouldn't work this time either. The patient insisted that she do the procedure anyway. He turned out to be a big donor, and a hospital administrator told my friend that she could either do it or lose her job. She wasn't doing that well financially at the time, and had three kids to feed at home. Put yourself in her shoes. You're staring in the administrator's face. There's a 3% chance this procedure will kill the patient, and a 0% chance it will help him. What do you do?
I hope you'd walk away, and I hope I would too. But my point is, it's easy to say what your ethics are, and a lot harder to act ethically in the moment. Doing that little thing you were sure you would never do is so easy when your boss is staring at you, or your coworker needs you to cover their ass, or you stand to make an extra $20k a year if you get this job, or whatever.
My friend said she realized that day that in order to be a good doctor, you have to always know, at any given moment, that you might just have to walk away. You have to be ready.
I'm not a doctor, but it's a rule I've taken to heart.
Sure. Although if we want to get nerdy about it -- and I trust we do -- that saying was a lot more useful before scientific medicine. When doctors mostly had tools like bloodletting available to them, and didn't know to wash their tools before doing surgery, it was almost always better to do nothing. (Interestingly, religious prohibitions on seeing doctors made quite a bit of sense back then ...)
In modern medicine, it's almost never a choice between doing harm and not doing harm. It's more like, "well, assuming we've properly guessed what's wrong with you, the studies say you have a 20% chance that this surgery will work and won't kill you, and a 10% chance of living more than three months without the surgery. Your family will have to go into debt to make the surgery happen, so your call." The best you can do is explain as much as you can to the patient and let them decide -- so it becomes their impossible ethical decision instead of yours. That's better, right?
She did the procedure. She got lucky and the patient wasn't hurt. Then she found a job in a hospital run by doctors instead of administrators.
I feel bad even telling this story, because my friend is a super ethical person and this is far from her proudest moment. But that's how these things go, right? You come to a moment where every practical consideration tells you to do the thing you don't believe in, and no one ever has to know, and it probably won't cause any harm this one time ... and you become someone you never wanted to be. It takes real strength and forethought to make the right call there in the moment.
For college athletes sometimes that option isn't there. If you've only got one school interested in you, and they're requiring you to provide it - calling their bluff is a risky move (on the other hand, might be worth pursuing a career in something other than sports if you're only talking to one school).
So just create a 2nd "fake" account with seemingly "real" data and show them that. Or tell them you don't actually have a facebook account. It is possible to set the security so that people are unable to find/search for you.
Anyway, I presume this is a US thing, this would never happen in the EU, it would go to the european court of human rights (or some court or other) so fast you won't even have time to apply lube!
The article says they are longer requesting username/password and instead looking over the shoulder.
Why not add in some of your real friends? I said nothing about bots. Tell them why you need this. Change the name of your real account to something else. Hide it. Disable it.
I think also that the new facebook timeline allows you to place "stories" and "events" to any point of time in the past.
Or start deleting what you want hidden from your facebook account and then hand over the details.
Or, how about some foresight. I don't know, how about I create a second account and keep that running side by side right now, because I'm in one of those industries that are douches about this kind of thing. I know some people that do this to keep stuff hidden from family members.
Man, I have to think of everything round here... :)
Everything I've just said I think is extremely wrong and if an employer asked me for these then I'd tell them to go fk themselves.
Yes, you can try to hack the system- but if they think you're lying or being misleading your chances of playing for them may be gone. This shouldn't be legal in the first place- but doing the second or fake account workaround (or saying you don't have an account when you really do) is risky if they ever find out.
I'm just going to repost a comment I made during an HN thread on trolling here:
"....However, on a general note, I think it is important to realize that every text message you send, every cell phone conversation you have, every post to the CNN forum you make, every tweet you send ... is directly attributable to your IP whether you use your own name or not. With Facebook and Google tracking everything you do, whether you are logged in or not, I would go one step further, and say all of these things are directly attributable to you personally.
I would strongly urge young people to really think about what they are putting out there. Consider this, the military was doing the equivalent of credit checks for sensitive positions during the 60s. Now you need a credit check to do ANYTHING, even things that don't require credit. How long before an internet and phone background check is standard in the background checks organizations do before offering jobs?
I can tell you the military is doing this sort of screening right now for sensitive positions, but at least you are confronted about it. It still basically ends your career, but they will give you a chance to explain your posts. In the private sector in the future, they will just deep six your application and you won't know what happened. Or they'll let you in at entry level, maybe, and subsequently you'll start running up against an invisible barrier as you try to advance beyond the first or second layer of management. Or you will find resistance to you advancing into management at all.
Also be mindful, it can affect more than your professional life. Think about what the background checks for apartments will look like in the 2020s. Or what 'dating sites' will be like in the 2020s.
Please consider your future before you make comments on ... say ... black people and Hurricane Katrina ... that might be misconstrued. Or post an opinion on ... say ... American soldiers in Afghanistan ... that could be taken out of context and viewed in a negative light.
All that said, the absolute best defense against these sorts of situations is just not to be a douche, which isn't very hard..."
----
I think that comment is apropos here as well. I encourage all of the young people I work with, as often as I can, to be careful about what comments they put ANYWHERE on the internet. To be mindful of what they say during ANY cell phone conversation. And to try to limit their use of text messaging.
I know this sucks, but this stuff is serious...these things WILL affect your future.
> Or they'll let you in at entry level, maybe, and subsequently you'll start running up against an invisible barrier as you try to advance beyond the first or second layer of management. Or you will find resistance to you advancing into management at all.
I've seen this post before. (edit: no offense intended - a lot of people post the same thing on repetitive topics, your one is just a little unique)
I'm wondering how you came up with this idea. It seems ... odd but strangely credible. Is this an extension of some process which already happens?
Ah, but see, even that fact right there is quite telling. Do you have anything to hide? Even though you don't, how could you convince your future employer of that?
You're obviously doing it wrong if you use 7 proxies and then log into an account that can be easily traced back to you. Proxies should only ever be used with anonymous and/or throwaway accounts.
Be sure you go outside the Basic Multilingual Plane. A lot of software runs into weird bugs when you use characters that can't be represented in 16 bits in UTF-16. Bonus points if it uses bidirectional control characters.
You might as well add a few 'drop table;'s in there, just in case. That way, if/when your potential employers accidentally wipe the databases at Facebook (or wherever they happen to be invading your privacy), they'll have two lawsuits on their hands!
(The first being the one you file for an invasion of privacy, of course).
>Shear has gotten the attention of Maryland state legislators, who have proposed two separate bills aimed at banning social media access by schools and potential employers.
Why is this specifically targeted at social media? No one should request copies of people's private keys as part of any routine interview process. This is no different from asking for a copy of someone's PO box key, and the law should also clearly say that that is illegal (if it isn't already?)
I'm no less disturbed by this than anyone else, but you do not truly own your Facebook account in the way that you would own a PO box.
Your data belongs to Facebook, not to you. Sad, but true.
Edit: (submitted too soon) I'm sure there's something legally dubious about requesting private keys in this way, but the PO box example was a clear reminder to me about how we wrongly think of our data on private services as "ours".
Really, I think I'm being charitable towards the schools with my interpretation. If we look at it from the "Facebook owns your data" perspective, then you have no right to give them your keys even if you honestly want to, because that's against Facebook's TOS and the employer/school could be charged with felony unauthorized use of computing resources, aka hacking.
Really, I'm probably trying to hard. This is phishing, plain and simple, and should be treated as such.
Facebook's "ownership" of your data is no different from that of Yahoo! Mail, GMail, cell phone companies, landline phone companies, the postal service, Western Union, and all the other organizations people been sending messages through for hundreds of years. (Skype being P2P and encrypted might make it an exception...)
Facebook has no more or less access to/ownership of your life than your ISP and cell phone company.
For those who don't click through, the article's title is supremely misleading. There are only anecdotes about corrections departments and college athletics. But hoooooly crap this little gem:
Social media monitoring on colleges, while spreading quickly among athletic departments, seems to be limited to athletes at the moment. There's nothing stopping schools from applying the same policies to other students, however.
Look, college athletics has a lot of issues. Colleges secure all economic benefits associated with player performance in exchange for a college scholarship (I hope O'Bannon v. NCAA solves that problem soon). [0]
But how can anyone extrapolate requirements from college athletes to the entire student body? Would any Ivy School dream of asking an applicant for their password, when said applicant's mother might be a partner at a law firm? What about the constitutional issues regarding the same request from a public university (funded by taxpayer money)?
There can and must be only one answer to such a request:
"You want WHAT!? Are you joking?"
If they weren't joking, walk out immediately, stating why. Warn others.
I could and would never work in a place where a "social network username and password" field has made it as far as the application process, even if it isn't mandatory (yet). And neither should you.
So glad I work in an industry where I'm comfortable saying no if asked for my Facebook login, knowing I can then go talk to the next company down the street. I can't imagine being in the position where my college scholarship or only job opportunity I may have for 3 months is at risk unless I provide my superiors with access to my most private conversations.
The next (which would be the first) employer who asks me for information of that nature will be politely asked to perform a variety of degrading sexual acts with themselves, various farm animals, and several types of construction equipment and power tools.
When I get done laughing, I'll happily write down my 'password' for them: if they have any shame, they'll be beet red when they get done reading it.
OK, I probably won't get the job, but that's OK since it's clearly somewhere I wouldn't actually have wanted to work anyway.
Seriously, this whole notion is so asinine that it's almost beyond belief. I mean, why not just ask me for a copy of the key to my PO box, a copy of my car key, permission to tap my phone, and access to put a camera in my living room? Get real, people...
Great, now I have to go unfriend everybody who might be willing to hand over their access since they would otherwise allow others to see what I have written.
> All this scrutiny is too much for Bradley Shear, a Washington D.C.-lawyer who says both schools and employers are violating the First Amendment with demands for access to otherwise private social media content.
> "I can't believe some people think it's OK to do this,” he said. “Maybe it's OK if you live in a totalitarian regime, but we still have a Constitution to protect us. It's not a far leap from reading people's Facebook posts to reading their email. ... As a society, where are we going to draw the line?"
Surely they are misquoting this lawyer, or did the First Amendment start applying to corporations all of a sudden?
Considering he is referencing the Maryland Dept of Corrections and the University of Virginia, a public institution, I'd say the 1st Amendment applies. UNC is also a public university and is mentioned prominently.
I love how, even without a constitution, things like this would never fly in Europe, yet here in the US, WITH a constitution, we get these events taking place.
It's almost like the existence of the constitution encourages challenges to privacy. The "if you had a defense but didn't use it then you must be okay with what's happening" thinking.
In UK we have the Criminal Records Bureau who provide a full record check for people in certain occupations (working with children, prison/police/uniformed services &c)
I have three current CRB 'disclosures' as I worked for three employers for a brief period last year. A full disclosure is not limited to convictions but can include cautions and other information that the police may have. Bit more concrete than some prison manager having a quick look at a facebook profile.
"Aside from the free speech concerns, Shear also thinks colleges take on unnecessary liability when they aggressively monitor student posts."
Yes, I'd have thought there was a huge vicarious liability/duty of care issue with this. I don't want to know what my students put on their facebook accounts!
"Goemann also noted that the rush to social media monitoring raises an often overlooked legal concern: It's against Facebook's Terms of Service."
That occurred to me as well as soon as I read past the first few sentences. Many people on this forum provide Web services. Do you actually have any way/interest in enforcing this aspect of the typical ToS or is it just there as some kind of protection for you?
That would be my initial objection too. There's no real point in going beyond that. If the FB ToS have any legal weight then it would be most likely unlawful for me to share my FB login details with anyone.
An employer who attempted to do that and then sacked you would be performing constructive dismissal and probably be in breach of the [letter of the] Computer Misuse Act for attempting to gain access to a computer system without proper authorisation.
A company that followed through and consulted your FB would then be holding private information on your friends and there are all sorts of regulations that they're supposed to comply with then. Presumably they'd also be in breach of the European Convention of Human Rights @ Art.8 (at least).
TBH it sound quite fun. One could create a FB profile as a honey-trap - access would provide the evidence for a willing barrister to take a large company to the cleaners ... or that's how it seems.
I think getting sued has become commonplace in the US, up to a point that institutions and corporations don't really care. If there is money to be had, that is. These kind of things get tried because they seem to offer some value, and the experiment keeps running until someone sues. In Finland, getting sued can tarnish your reputation quit badly, were you an individual or an institution. Somehow we still care about that.
About this thing in special. Finland has a pretty strict law against privacy violations in job interviews. You ask a wrong question as an interviewer and the whole recruitment process might be at risk. Of course you can ask about hobbies and whatnots, but anything too private may get you a "I don't feel like answering that" as an answer. And then you are in trouble. But that works just fine for us. A job interview is supposed to be about the work, not the applicants past time.
* It goes without saying that a request for access to personal data like this is something that nobody should ever comply with.
* Asking somebody for access to their email/social network account is actually a great question to ask in a job interview. If somebody is so careless about their private data to easily give away access to it upon request, that would easily disqualify them in my book.
This is unbelievable. With all of these studies showing up that employers/schools use public social media channels to make a decision on applicants, this is way over the top.
It is worse than that -- say you are friends with some former coworkers on facebook (because well, you actually like them) and they then show some other company their facebook page while interviewing there. They might or might not hire them, but even if they do, they have seen private stuff that you might cause them to not hire you.
Honestly. I learned the hard way that you can't take back what you say on the net. No matter how young you may have been when you said it, or how you meant it when it was first written. If it can be misconstrued, it's there for all eternity.
It's to the point where I think you could almost start one of those hipster movements I'm always hearing about. Give it a sophisticated name like Entropism. Set an example by running around the Internet behind seven proxies, inside a virtual machine, with JS disabled, running firefox, with a fake user agent, going over each one of your posts with a style-analysis program and dataset, clearing most history every five minutes, blocking cookies, deliberately messing with the response times of your hardware to prevent device fingerprinting, spoofing your MAC, etc etc.
this is a business opportunity - curate some fb pages within a network with believable handles (ie, jj334) and then just sell them to a recent grad that wants a fb profile that looks squeaky clean. try not to put too many 'saved 4,000 kittens' links or it'll get suspicious... ;-)
but seriously - scrubbing your youthful indiscretions from the goog or fb is a high-value service at a point in time where people realise they need it.
btw i'm not saying the OP is right, i think it's a terrible precendent and i'd have told them to @#$@#$ off.
"Before we hire you, we'd like you to make a copy of your house keys for us. You know, so we can check in occasionally and make sure you're not doing anything that would make The Company look bad..."
I was a college athlete back in the day, and my athletic department tried to do something similar -- they would make shell accounts controlled by athletics/ncaa compliance and try to friend whole teams. We got around it by having a shared block list of the shells. If I recall correctly, we had 20 at a given time.
But, our team was small (30 people), and not in the "money sports" (football, basketball, baseball), so we could get away with this. Larger teams in higher profile sports won't be able to do this.
I hope you realize that you are exaggerating. Out of all of those, the only one that an employer has ever had any interest in was my GitHub account and I have gotten software dev jobs before I even had one
Of course i'm exaggerating, I've worked in software for 10 years and never had any of those. Until about 3 months ago I didn't have a twitter account. I've never been out of work.
BUT, the amount of people that look at me funny because I didn't, and the article that i linked to just reinforces that.
I can't wait for a service to pop up where for $500 they will make you an amazing, sterling Facebook account you can "share" with people. It will be populated with believable postings from other people you know, yet all of these other people will be cardboard cut-outs.
My cousin and I came up with a similar idea; we called it Fakebook, and then promptly went on to forget about it. There's gold in them there hills, though!
This gives me an idea of how to understand a developer's integrity and views on privacy before hiring. Ask them if they're ok with giving you their facebook account. But don't really ask for it. If they ask "so should I write down my password". You just say "I don't really want your account, just wanted to know if you were ok with it".
What? It's not a request to commit a crime, it's a check of the strength of their belief in privacy. There's nothing wrong with the action you're asking them to do.
IANAL, but: It's easy, "Just Say No." If they really want the information, they'll get it somehow or refuse you employment, at which point they may open themselves for a lawsuit involving discrimination based upon race/sex/creed and/or privacy violation and/or libel and/or slander, which will net you more money than if you had accepted the job in the first place. If everyone in an industry begins to refuse you based on your privacy standards, you may be able to sue based on suspicion of collusion.
On a humorous note, if personal lives are a deciding factor in whom a business chooses to employ over and above other, skills-based qualifications, the job you are applying to is likely very easy, and thus the kind of job that robots will be doing soon.
If you're going in for an interview and now this is a requirement, why don't you just deactivate your account and tell them that.
Then, if you get the job (although I don't think I'd want to work at a place that's looking over my shoulder constantly), you can reactivate it whenever you want.
I'm willing to say for many things, "You don't have to work there if you don't want to" but this particular issue bothers me. Most firms can Google you, and find a lot of public Facebook info. If that's not enough, asking for your password is basically wiretapping a mobile phone for which you make no business calls. It's VERY hard to live with this.
I'm struggling to come up with any justification. About all I can fathom is a world in which they have to prove 100% that you're not insider trading. But if they need your Facebook to prove this, this need to tap your personal phone # and read all your snailmail too. And every personal email account.
Who's to know whether or not Facebook is considering plans to monetize this sort of behaviour by offerring institutions you have listed on your profile the opportunity to see everything you have listed for a fee.
Considering that if this practice were revealed, it would cause a total collapse in Facebook's user base and thus its revenue engine... unlikely, to say the least.
Facebook is subject to EU data protection laws for all EU users. If they did this over here they would be - well, the technical term is "reamed." Especially if the proposed new penalties come in: the relevant quote is "[Data protection authorities] will be empowered to fine companies...up to 2% of the global annual turnover of a company."
Are you sure it would cause a collapse in its user base? I don't think it would, given that it's so ingrained in the lives of college students. At most there would probably be some outcry followed by a symbolic climbdown by Facebook, but a 'total collapse' is extremely unlikely.
Facebook would be putting short-term revenue over not just user happiness, but user career prospects. Selling user data in a way that can cause direct harm to users seems several unforgivable steps beyond any privacy violations we've seen from Facebook thus far. But maybe I'm naive/old-fashioned.
Most people don't care about privacy violations. That's especially true of the Facebook userbase, because if they did care they would not be Facebook users.
Seriously, most people will say things like "I don't have anything to hide so it doesn't bother me".
I don't know if it's apathy, so much as it's lack of awareness. People are simply ignorant of how the things they say and post on Facebook can come back to haunt them, and when, and with whom, and in which settings. It's a safe bet to assume that most Facebook users simply don't know how Facebook data works, or what its ramifications could be.
They won't know, or care, until they run into a specific case where it affects them -- at which point, chances are, it will have taken them entirely by surprise. (It takes only one off-handed reference to a drunken Facebook photo in a job interview, for instance, to put the fear of God into many users).
I'm not suggesting that people would abandon Facebook en masse if they were better informed about it. And hell, I'm not sure many people even would care all that much. But I bet you'd see a marked shift in user behavior in pretty much any users in college or older. (Basically, anyone thinking about employment).
This always comes up and I think everytime, if people knew they would care. Most people really do want to hide things, I promise. They probably even want to hide things from you, specifically; I promise. The problem is really just, as another user said, awareness.
I don't know. In the UK there are two recent issues that might be relevant.
i) National ID cards. These failed not because of (well publicised) privacy concerns, or because people didn't want to have to carry an ID card, but because the government said that cards would cost > £100 for most people.
ii) National Criminal DNA database. The UK has a huge DNA database, and it used to include profiles from people who had been arrested but never charged nor convicted. A court of human rights said that it's abuse to keep those indefinitely; government offered 12 years but that was reduced to (I think) 6 years. Many people said they didn't care if they were on the database, saying that they were innocent and that if it helps the police they'd volunteer. (Missing the problem of false positives and having to keep too much data).
For both of these things there were active campaign groups warning about the risks, but many people just didn't seem to care.
Meanwhile I am trying to read the article and having problems doing so because ghostery keeps on popping up notifications of adblocking.
I might aquiesce to a FB access request as long as I was also given access to all emails, phone calls, SIN numbers, banking information and sexual habits of the Deans or CEO of the institution. That seems fair, considering I never use FB.
As a Facebook game developer, all of our employees are friends with everyone in the company. We wouldn't require any of our employees to do this but so far none have complained. I think, however, that someone who didn't friend us would somehow be alienated from the rest of the company. I don't know how a situation like that should be properly handled.
This is your reaction to this? Really? I wouldn't comment except that you say you're a Facebook game developer; it's like being a part of the problem. If anything, I would think the FB dev community and FB itself should make statements stating that they publicly disagree with how organizations are using their services to abuse their users and that is highly unethical. I prefer that to tacit acceptance, personally.
As a Facebook game developer, all of our employees are friends with everyone in the company
--------------------
And this is why Facebook is going to crap ... the idea that you can just friend anybody is why myspace quickly became a ghetto and facebook will eventually go down that road too.
For those struggling with privacy concerns, I have a very workable (albeit ugly) simple solution to this problem that actually works: Create a second Facebook account.
You'll likely have to make other provisions--but if it's really a big deal, it's not that difficult or taxing, really. Plus you can have a bit of fun creating your fake you for these types of things.
Insanity.
I would never in my life willingly give up any of my passwords, to anyone. Especially not something that contains so much private information as Facebook. Sure, Facebook themselves may share some of that information, or all if asked by a court but generally speaking it is somewhat safe.
Want my Facebook password? No thank you, I will go somewhere else.
It's worth noting that the "you have to add the coach as a friend" strategy has a hole in it now that Facebook has the "restricted" list, allowing you to apparently add someone as a friend without actually giving them any access. Of course, Facebook is so terrible to navigate that I'd bet most users don't even know this exists.
This is disgusting. But be thankful for it: if a company or school does this, they're letting you know immediately that they're the type of soul-crushing institution that you wouldn't want to associate with in any fucking way. That could save you a lot of time, at least. (have to look at the bright side!)
This doesn't make any sense. What if I don't have any social media, in fact, how do you even know that I do and that it that account searched, is, in fact, me. Why don't you also ask me to surrender my cell phone and dig through all my text messages; why not read my email and look in my bathroom as well?
Pretty glad I work in an industry that's hard up for talent enough that I can walk out of an interview if I'm ever asked this, you guys.
Not that I use Facebook or have used it in the past enough that there's anything on there I wouldn't want any given person to see, but this is some bullshit business.
Easy answer, is to either say "I'm not on Facebook" or simply give them access to a fake account. Everyone should be setting their Facebook settings to be reasonably strict so that they would have a damn hard time telling you have another profile.
Is there a running list of companies/colleges that engage in this kind of practice? I'd like to know to keep my distance from them. Since they are so keen on invading other peoples privacies I gather they wouldn't mind being exposed on this issue.
If only no one actually succumbed to the demands. Then the colleges and employers would have no choice but to reverse the decision. Unfortunately, those who agree to this will coerce others to do the same.
I wouldn't even give them the password to accounts I have on their systems, they should be able to access it themselves if the requester really has permission to view that data. The only exception I would make is to encrypted hard drives that they gave to me, but I would just de-crypt before ever giving them my password.
It's like if any company asked you for this info - I would ask for access to the CEO's email - or the financial drive and tell them that in order to work there, you'll need to perform an audit of their ethics and finances to ensure your not engaging in a relationship with a criminal organization.
We sounded the same alarm when employers started drug testing, and the majority of people defended the practice. "It's not a civil liberty issue, it's about employers protecting themselves. Only drug addicts oppose drug testing."
How is this any different than drug testing employees?
I've noticed a lot of people on Facebook who use nicknames or "first name plus some other word" instead of their real names. I imagine this is intended to keep anyone from searching their real name with Google or Facebook and finding that profile. But it's a short step from that, to having two or more Facebook accounts, one to be the person's "public face" and the rest for the actual things people do on Facebook.
I really enjoy seeing these social media articles. I got in trouble with my employer for a post on a friends social media page that my employer found out about (a coworker was trying to get me fired, it turns out) and threatened me with firing. The post was unrelated to work, but they deemed it as reflecting poorly on the company.
learn the hard way I suppose? in any case, I still feel that social media sites are plagued by abuse by third parties.
So does law enforcement. Apply to be a cop, as my son is doing as I type this, be prepared to hand over your passwords so they can check your Facebook page out.
But to give perspective here: this is for college athletes. Nothing new.
Those people, usually, agree to several freedom limitations, such as ridicule curfews and sex life control before games and such.
I doubt one more freedom limitation is any concern.
About the fears of it leaking to other jobs, well they are doing that for decades and you still have to hear your manager saying the curfew today will be 3pm cuz he do not want you making sex before the launch tomorrow.
I understand that msn articles can contain sensationalism and may not contain the most accurate facts, however let's not make a hasty generalization. Freedom limitations such a curfew and sex life control, are by design there to limit the person's physical behavior, where being forced to provide your password to your social media account, an area where you feel that you can speak freely as a person, has nothing to do with trying to increase one's physical performance. To me, this just seem's to be a way to protect their institution. For example, It get's leaked that their QB believes in the Communism movement, which could reflect poorly on the school. This goes against progress as we are judging athletes based on their believes and not their athletic abilities. I find that the issue is more complicated than it just being something athletes should adapt to since they agree to give up certain freedoms when they join a team.
First, I consider this the equivalent of asking to record conversations I have with my friends. If you as an employer think that it’s part of your business to eavesdrop on my friendships and romances, then we know where we stand and I will be over here working with someone else.
Second, I can’t give you my FB credentials even if I wanted to. The reason is that by doing so, I am violating the privacy expectations of other people, who do not expect that the things they share with me in private messages or on their wall or photos will be shared with my employer.
I have a similar arrangement with the person I date. She is welcome to ask me about my FB and email, however she is not allowed to rifle through it at will because other people may have an expectation of privacy in things they have emailed me.