46 comments

[ 2.8 ms ] story [ 80.6 ms ] thread
Sure, they can ask.

Do you background checks the GOOD old-fashioned way, and get some actual results. Or, waste your time in someone's facebook account they set up specifically for you to check for this job interview.

Aha! Business opportunity: create ad hoc facebook accounts, complete with "friends", games, lolcat photos, and all the rest, for a fee.

Of course it violates the Facebook terms of service. Handing over your password already broke that.

I'm uncomfortable with the idea that a government job† should demand a Facebook login, because I generally feel like they (a) should be held to a higher standard, (b) involve the people's relationship with the government, which is inherently adversarial, and (c) have an outsize impact on the standards and practices used in the private sector --- so "if it's ok at the DoC, it must be OK at Bank of America".

On the other hand, in the private sector, I don't see how this is any of our business. Should employer be "allowed" to "ask" for Facebook logins? You mean, should employers be "disallowed" from asking? Of course not. And candidates should say "no" if they don't want to give the login up. Employment in the US is at will, and outside of race, nationality, religion, gender, &c, hiring is totally at the discretion of the company.

(at least, one that doesn't require clearance)

Of course it's our business, the difference between fringe cases and common procedure is whether we're willing to put up with the practice. And don't pretend that the prospective employer has no power over the applicant.

Additional nitpick: Employment statuses are generally determined at the state level.

I don't understand what you're saying here. Are you saying that the people should generally be more prescriptive about what's allowed and not allowed for consideration during job interviews? Like, discrimination against protected classes isn't enough? We should have many more rules about what interviewers should ask?
No, they should not be allowed to even ask. The problem is that when some people are allowed to give up certain rights for a potential advantage in hiring, then it becomes the de facto standard that everyone has to give up that right in order to have a chance. In most industries the employer holds all the card, so that everyone will just go along with it because they feel they must in order to be considered.

You're naive if you think the "market" will correct itself such that these types of invasions of privacy are eliminated. When we're talking about people's livelihood you can't expect them to act in such a way that maximizes their rights. They act in a way that maximizes their livelihood, potentially giving up rights that they otherwise would not have. Government is the only thing able to keep employers from having that power.

So, given a hypothetical scenario in which two equally qualified candidates are in consideration for a job, do you also think one candidate shouldn't be allowed to offer their Facebook login to the employer to settle any concerns they might have?
(comment deleted)
(comment deleted)
(comment deleted)
(comment deleted)
(comment deleted)
My gut reaction is to say no they should not. However, if hypothetically there were some question that came up that could only be resolved by checking their facebook account, then I think it can be allowed in that instance. The difference is there being (some equivalent of) "probable cause" to even question something that could be resolved through such a check.
This reminds me a bit of Scientology's policy of collecting and archiving secret information from their members, so that threats of blackmail could be made later on if needed.

I think a good solution to this situation is to in turn request the screener/interviewer's credentials. After all, it's no big deal right?

Great points. Rather than the interviewer, the interviewer and the board of directors and the CEO. I've done that a few times when I get requests for salary history, I ask to see theirs first. When they say that it's not relevant then I respond "Well there you go." I can't say that this tactic always works, but it doesn't really matter. I've never gone long without a job. Skills has its benefits.
To answer the question: No.

... That alone isn't going to derail the Facebook juggernaut, but it might slow down people's engagement on the site as they realize maybe a private, unknown email account is a better way of sending sensitive messages.

That isn't going to happen either. It's like saying that because people are aware that smoking is a cause of cancer they'll only smoke half a cigarette.

I don't think your analogy works. Sure, half a cig doesn't make sense, but you can have a facebook account without handing over trusted information.
The analogy is actually directed more to the "slow down people's engagement on the site" part of the sentence. The part about people opening anonymous account is a fantasy that presumes that people care. We've been spammed through email for years now, yet only few people can be bothered to open a dedicated account just for the purpose of signing up to various services.
It's a shame that people are so desperate for jobs and willing to sacrifice privacy for the illusion of security; if it weren't so, things like this would never have a chance to become real problems, because everyone would just walk out of the interview at that point. The interviewers would report to their superiors, "Everyone is running full-speed in the opposite direction when we ask for their Facebook password," and the policy would be changed almost immediately.
Basically what you're saying is, you wish privacy didn't have an economic value, which it must so long as people are willing to concede it for slightly higher wages.
Exactly why government should step in to remove its economic value. This is what governments do.
"Should Employers Be Allowed to Ask for Your Facebook Login?"

I say yes, they should be allowed, and you should be allowed to refuse, and they should be allowed to not hire, and you should be allowed to find a better place to work and breath a sigh of relief since you just dodged a bullet.

What recourse do you think that leaves for people whose Facebook friends do not refuse? If one of my Facebook friends allows this, they are, unbeknownst to me, sharing information that I consider private with that employer. I choose to put certain information on Facebook, trusting Facebook, its partners, and my friends with that information. I do not choose to trust random employees of random prospective places of employment with that same information, so this is a violation of my privacy expectations as a user of Facebook, and as a friend.

"You shouldn't put information into Facebook if you are afraid of that information getting out." I don't.

But people (including you, by your response) do not fully understand the risks they are taking.

What stops your friend from copying your facebook data and publishing it on the web?
nothing "stops" them... it's called trust. why would a friend do that
Right, but if that trust was valid then you could likewise count on them not allowing an employer, or any third party.
Not if they overlook the problem, as many of the first posters in this discussion did.
Courtesy.

More importantly, if I don't want to have someone as my Facebook friend, I have that choice. But I don't have a choice about what policies might be in place at employers my Facebook friends might consider. If you think it through, you begin to see why we have laws related to protecting privacy.

What risks? I said clearly that they should ask, people should refuse, and then walk away. Let them find anyone competent.

This is within the people's ability to control. Just say no. You can do this as a person. Say no. Explain why. Mock them too.

Should that also be the case for age, sex, orientation, religion, etc? If not, what makes those so special?
No, they should not be allowed to even ask. The problem is that when some people are allowed to give up certain rights for a potential advantage in hiring, then it becomes the de facto standard that everyone has to give up that right in order to have a chance. In most industries the employer holds all the card, so that everyone will just go along with it because they feel they must in order to be considered.

You're naive if you think the "market" will correct itself such that these types of invasions of privacy are eliminated. When we're talking about people's livelihood you can't expect them to act in such a way that maximizes their rights. They act in a way that maximizes their livelihood, potentially giving up rights that they otherwise would not have. Government is the only thing able to keep employers from having that power.

How about login information to your email account(s)? Do you think they should be able to ask for that and refuse to hire if you refuse to capitulate? After all, your correspondence will give them lots of useful character information about you that would be useful for an employer.

How about your online banking login information?

Where do you draw the line? Is there any aspect of your private life that they should not be able to ask about and refuse to hire if you do not provide access?

Should they be allowed to enter your house and search your room for family albums, traces of pot, porn, love letters, naked pictures of your gf, etc?

Where do we draw the line between a real or virtual invasion of privacy?

Should they be allowed to ask to search your house? I'd guess this is an irrelevant question, because nobody would say "yes" to that except for the least qualified, least employable people in the market, and the kinds of businesses that hire the least qualified people don't so much care about what's in your house.
Ah, but you just shifted from asking to just doing it.

No, they should not be allowed to just do it. But should they be allowed to ask if they can search your house and private things (which is indeed comparable to requesting to be friended)? I say, yes, they should be allowed to ask, and all intelligent people that value their privacy should be allowed to say no, laugh, mock, walk out of the interview, and then post their feelings about that company on their Facebook page, or on HN, or reddit, or their personal blog so that others may be warned from wasting time applying at such a place.

They shouldn't be allowed to ask, because some people will say yes.

And those people will be putting their friends' privacy at risk, not just their own.

This feels somehow wrong.

When one decides he wants to publish some information privately he should decide:

1. Whenever he trusts the delivery and storage mediums (on all layers) not to leak and/or tamper with this information, and deliver it in time.

2. Whenever he trusts the recepients to handle this information properly.

3. What are the risks in event the leakage happens (even if all parties are highly trusted), and what measures should be taken in such case.

This is not paranoid thinking (although it sounds so), it's security ABC.

There are plenty of other things employers aren't allowed to ask (even if some would have given it up willingly). I'm not sure why this would be different. Under most circumstances you can't ask about religion, most everything about family, nationality, native language, age, etc. There are usually ways around these things, but some are just areas employers can't go. They are free to ask, but then set themselves up for a pretty open and shut lawsuit.
The question before us is not are they doing it or are they allowed, it is should they be allowed. This is going to be a matter of opinion.

I say "they" should be allowed to ask anything at all. Marriage, religion, sexual preferences, political party, etc etc etc.

And when they do ask questions that are none of their business, people should have the good sense to refuse to answer, and if they pursue it at all, stand up and walk out and go to another job that respects them as humans.

The problem is not with the law or the companies, it is with the people who put up with abuse and condone and encourage it and refuse to push back to say "No, I am not going to answer that and frankly you are an ass for asking because it is none of your damn business." Because of the internet, everyone with a bad experience can blog about it and warn others which companies to avoid. The result here is that MORE people will have accurate information about which companies are staffed by assholes who can't mind their own business, and these companies can starve for want of talented responsible workers. And that's a good thing.

Right now we have ridiculous laws like restaurants are not allowed to discriminate by color of skin. I am not white myself. I would LOVE to know which restaurants are staffed by racists and bigots that don't want me to eat there, because then I would know not to give them my business, and I would know to preach word of that far and wide, and keep an eye on who does eat there and have nothing to do with those folks either. That would be great. As it is we have all these people with latent hidden racism. It's there, but it's not in the open, so I can't see it. Sometimes it sneaks up on me from behind. That's not good. Let it be in the open instead.

And what of people like me who have chosen to never create a Facebook account? How do you think that would go over??

As the corrections officer in question points out in the video, this is very dangerous ground. When you ask for someone's Facebook account as a condition of employment you are getting access to a tremendous amount of information about that person. Very likely including information such as marital status, religion, sexual orientation and the existence of children - all things which, as a matter of law, prospective employers are not allowed to ask employees in the hiring process.

If you're not allowed to ask it directly, you shouldn't be allowed to ask it indirectly either.

You say they are getting access to information about that person.

Actually, it is much worse than that. They are getting access to information about all the person's friends, including some very private information.

I might trust my friends with ages, photos, and school locations of my children, but I shouldn't have to worry about whether that same information is being given to some creepy bureaucrat working in a department of corrections office.

And to be clear, I'm not at all talking about the risk faced by a job applicant. I'm talking about the risk incurred by a friend of the person.

It's equivalent to in the pre-internet era asking a job applicant to hand over all their private snail mail so that a prospective employer can read them and approve or disapprove of their private life and personal or political opinions.
I like what he said in the video, and he's right. Asking for this kind of information is just like asking a woman, "Are you pregnant?" Or, asking people to take "IQ tests" that favor whites. In fact you could write a law that simply said:

"An employer may not compel an applicant for any access to private information that may indirectly lead to a violation of existing Equal Opportunity Employment laws."

Ideally this law would amount to:

"Paying someone to do a job does not make them your fucking lifetime slave asshole."

I would think that this should be obvious, but sharing your password in such a circumstance appears prohibited by the Facebook terms of service[1]. More specifically:

  You will not share your password, (or in the case of developers, 
  your secret key), let anyone else access your account, or do anything 
  else that might jeopardize the security of your account.
1- http://www.facebook.com/terms.php?_fb_noscript=1
And there is a fantastic answer to such a question: "As a responsible worker, I take my contractual obligations seriously. The Facebook terms of service which I agreed to legally prohibit me from giving that information to anyone. I [have the terms here|can get them for you] if you would like to read them." If they reply, "Well we want it anyway." then the next reply is "I don't understand why you are asking me to break a contract. That is unethical. Do you routinely ask employees here to perform unethical or illegal acts?"
Would you give a potential employer your GMail password? Hell no. Your Facebook login is not only a trove of information that employers aren't supposed to ask about, it's a login gateway to many other sites. Facebook is probably the largest delegated authentication provider on the internet, and you expect me to hand that info over?

The only person that has my Facebook login info is my wife, and she's also the only person that has my email login info. I don't care if you're the Pope, you're not getting access to any information that gives you the keys to the kingdom.