Wow, not often Facebook do somthing I agree with.
Does this mean if your employer, or potential employer, asks for your password you can say "No way, Dumb Fuck!"?
Facebook's Chief Privacy Officer has condemned employers who ask for the Facebook log-ins of employees or job applicants. It comes after a young man blogged that a potential employer had asked for his Facebook password during a job interview. In a note on the Privacy page added this morning, FB Privacy honcho Erin Egan also …
Does this mean if your employer, or potential employer, asks for your password you can say "No way, Dumb Fuck!"?
Careful now with hasty assumptions.
For all we know they might also consider to offer those companies a deal they can't refuse.
Wait for the test case
Sigh, so you fell for that then?
Don't forget that words are seriously cheap - it's only in actions that you learn intent. If you need any other examples, think of teh "Do no evil" Google.
Sjeez, people believe anything these days..
I agree. The words are pretty, but I still wouldn't trust them 100%. Credit to them though for their position.
If a prospective employer asked me to give them those details, I'd leave the interview. I wouldn't want to work for a company that wanted to even ask if they could pry into my own private life.
Of course if gave my own personal information away so easily you can bet your life I'll sell your company secrets for a wage too.
Quid pro quo
Basically Facebook want to protect the data on their network, the fact that it happens to be data you put into their network doesn't have much to do with it.
Way I see it, Facebook's objection is that the boss is viewing the data without having to pay them for it.
I've been thinking about what the appropriate response to such a question would be. I did consider the walk out route. But I think I came up with a better one:
No, I won't give you the password to my Facebook account. If you want to see my Facebook page, send me a friend invite and tell me the name now and I will approve you as a friend. But if I give you the password to my Facebook account, you'll never be able to trust that I won't give someone my password to your company system accounts.
I don't object to them seeing my Facebook page. I don't believe I have anything incriminating there, if I did it would be gone in a New York minute. If don't want to friend them, just use the last part and turn it around on them.
Tell them you don't have a Farceberk profile.
(Except I wouldn't be lying)
It would almost be worth setting up a facebook account so you can hand over the login and then report them for abuse.
What sort of reasonable employer cares what you do outside work anyway?
I did just that recently in a Job Interview.
Q: What are your Facebook, Twitter and LinkedIn ID's.
A: I'm awfully sorry. I don't have an account on any of those services.
Then I spent the rest of the interview defending my so called 'Luddite' attitude.
My simple explanation was that, yes I was on LinkedIn once. I linked up with some old friends. From their lax security, someone else was able to find out a lot about me and my history. They then attempted to steal an my Identity. This attack included forging a passport and other documents in my name. Then they 'sold' my car on the internet.
It took me more than a year to fix my identity.
After 30 minutes of being called a luddite, I walked out with the parting words,
'The world would be a better place if more people were concerned about their privacy. If exposing myself on the internet is a condition of employment then I'm not interested'.
"What sort of reasonable employer cares what you do outside work anyway?"
A lot of them, if recent trends are any indication. It's been quite some time since a month went by that I didn't hear about someone getting in trouble at work for something on their Facebook, and I've even been asked to investigate a case of an inappropriate post on behalf of my employer (the employee in question was a teacher who had stupidly asked his student's to friend him then posted cover art from smut novels, but still...)
Report them to whom? Facebook's policies don't apply to third party employers. Facebook can make up any rule it likes, but it's powerless to make anyone obey.
It's alright if you're applying for a job that isn't anything to do with the internet.
If you're a web dev / columnist, unfortunately, you either give it to them, or you won't get the job.
Imagine a web dev / columnist that says he hardly connects to the net.
We're stuck between a rock and a hard place.
Yeh, because I bet HR has all the login details for every hack who works on El Reg.
Personally, if I were asked, I would say
"I'm assuming you are asking this to see whether I am sufficiently Internet savvy to be aware of the issues involved in sharing a password with someone, both in terms of breaking the EULA , and the possible problems in employment law, opening a potential employer up to accusations that they made their decision based on marital status, sexual orientation etc... so the correct answer is, 'i'm afraid I have to decline'.
I don't give anyone my passwords, ever.
2 accounts! If have to explain what I mean by that then well ...
Just say to them I dont have time for Losserbook, you would rather be working than being apart of creating the next episode of Jeremy Kyle.
Thank you, exactly my opinion too.
If I was prepared to give up my own privacy for a financial incentive, there is always the possibility I might do so too for corporate resources. Nope.
Besides, if they want to look they can see the public data. The rest is 100% my own (not that there is anything I do not expose business contacts or family relations via anything online).. For the rest, tough luck.
I don't do facebook because I work on the internet. I know enough about how it works to know, absolutely, that I want no part of it.
An employer coercing credentials out of a candidate and then using them against Facebook's terms of service may be committing a number of criminal offences.
Oh! So those who are clever enough to realise that FB is an unneccesary waste of time, because we can still contact our friends and colleagues without posting on a "wall" are now considered Luddites'?
What a fool! I'd have laughed at them and pointed out the errors in their thinking!
The question requires three responses
1) I don't have any social networking accounts
2) If I I did I wouldn't give you the logins
Of course FB doesn't want companies to get employee information for free. Selling information is FB main revenue stream after all.
I was thinking this, myself. I then carried it further to Facebook offering a "sneak peek" service for employers to buy into to investigate applicants.
Paris, offering a "sneak peek," but not for free, of course.
After a bad experience with an employer not honouring a perk offered verbally in an interview situation, i now tape any job interviews. I think that it is prudent to protect yourself from this nonsenese.
Any employer asking for passwords is a very bad sign. It is probably not worth taking the job.
Taping without the other party's consent is illegal in some countries (intercept law), and in the UK you may tape unannounced, but only for your own use. Even if you correct your notes using a recording you are no longer able to use them in court - but that obviously pre-supposes anyone finds out that you taped it first..
But yes, having a recording is so much easier..
WTF. Think about this. If an employer is wankish enough not to give you something they offered in the interview without a reasonable explanation then why work for them? If its not explicitly written into your contract or offer letter you shouldn't expect it - that's your point of maximum negotiating strength.
And as for recording the interview. If an interviewee asked me to record our conversation they would be out of there so fast their head one spin. I would't employ anyone whose unwilling to start on a basis of a shared professional trust.
"And as for recording the interview. If an interviewee asked me to record our conversation they would be out of there so fast their head one spin. I would't employ anyone whose unwilling to start on a basis of a shared professional trust."
Every company I know of insists on recording every time I call them - where is the mutual professional trust there?
Yet you (and others) insist that it's some sort of breach of trust if a current or prospective employee asks to record a conversation with you? Are you really that scared you'll get caught out in a lie?!?
Given that recording a conversation can protect both sides, if one side is extremely anti recording, it makes me doubt their trustworthiness.
Protecting yourself there is simple: At the start of the interview you explain you are taping to protect your legal interests, and if they object you walk out of the interview.
A pushy employer can *look* at my profile on my mobile, while I am present, but no way in hell I'd let anybody have my password just because they ask.
That said, even *with* my password, it would be no good. Logins from unknown devices need a code sequence entered before anything happens.
Employer wants password *and* authorisation? Fine. You hand me the legal warrant and I'll hand you the info, else piss off. What is to stop them, then, posting as you? Or anybody if they are lazy with how this information is stored. What next, copies of my house keys so the boss can rummage around one rainy weekend?
Your pin number and debit card - I'd just like to have a quick look at your account to verify you aren't in debt (yet).
Here is what FB can do to prove it is sincere:
Prior to interviews, an applicant would pre-set the authorization code to one of two options:
a = the name of the employer and the name of the interviewing officer, information which will be known in advance in most cases
b = the abort code
c= the continue logging in with pre-interview code, preserving the *a* code in case said interviewer attempts to log in even after hiring or declining the applicant
Then, if asked, the applicant can choose to be serious or play games. If serious, the applicant can reply in the negative, but if pressed for it and if desperate for the job, the applicant can hand over the *a* code and wait for a facebook notification. Even if the applicant ultimately does not land the job, the applicant AND facebook can still determine WHICH COMPANY attempted to log in.
To make things dicey, facebook needs a log in app that requires the eye shot of the person entering the code. That means an employer needs to surrender to the eye shot at the interview before getting the code. If THEY refuse, then you DO NOT want to work there. But, later, in case they try to log in anyway, they might have already surrendered an eye shot from their own phones for logins, in which case FB can link up fraudulent log in attempts directly to a person, so long as the fraudulent log on is not done with a 3rd party under duress to do an eye-supply and take the fall.
Has anyone yet heard of a fingerprint reader-capable LCD? It would be interesting if phones had two-factor logins base on those: key in or swipe in AND press one's thumb on the LCD for a scan.
Anyway, action *c* from above would hopefully help to deter disgruntled applicants from abusing the abuse-deserving fools who insist on having the applicant's password. Punishment and protection would have to work both ways, in case it really is being asked just to weed out stupid applicants, who probably do NOT deserve the job if handing over his or her password at an interview.
Not that I'm a fan of Farcebook but I don't see why they would have to implement such a system to collaborate with something that is flat out unacceptable. By implementing this they would indicate some kind of acceptance of this practice, which in itself is quite a risk for them.
Why would FB want to do this? The applicant is not a useful source of revenue to FB. The hiring company could be easily such, if FB adds features quite different to your suggestions.
My employer does credit checks on some staff (e.g. ones handling large amounts of money).
Seems reasonable enough to me.
I'll find that acceptable employer behavior right after your company agrees that employees handling large amounts of money can work alone in the vault with all that money.
And yes, I expect I HAVE handled more cash money as a treasurer for an organization than any of the people you run credit checks on. At the time, I would probably would have failed your credit check.
Anon, because of the large cash handling.
I've always wanted to visit Ulaanbaatar. If I finally make the trip, would you mind if I pop in for a pint of kumis?
"I've always wanted to visit Ulaanbaatar. If I finally make the trip, would you mind if I pop in for a pint of kumis?"
An El Reg reader is always welcome in his ger!
So by idling and yet having account on facebook with friends saves you from that gigantic scheme? It doesn't.
Especially in IT , giving a password to any third party, even if it is yours is a horrifying sign showing lack of responsibility and basic security practices.
perhaps companies are baiting..
Anyone I interviewed who DID had over his password would quickly find his application in the round file as a security risk. Plus it would be interesting how they would phrase the "no, I don't think so" because that would show how well they deal with conflict.
You are absolutely right., They are looking people to dumb/to desperate to assert their rights. Bob we are going need you complete those reports by 9am Monday or you are fired.They tell you at 5pm Friday Oh by the way you worked 2 hours of over time this week. Would be cool if we just erase those 2 hours so I don't have to write you up. That would be swell Bob.
"Are you asking me this to determine whether you can trust me with secrets, or to see how I handle telling the boss 'no!'?"
Reminds me of the old story about how Thomas Edison would go to lunch with a prospective employee, and then NOT hire them if they salted their meal BEFORE tasting it (something about not wanting to have people who pre-judge situations before getting all their facts, or whatever).
"I'm sorry, but the standing rule in any place I've ever worked was that login credentials were NEVER to be shared. I hope you'll understand if I continue that policy here."
You can say "the information you want from me isn't just risking privacy of me but risking other people such as my friends and family"
I said it to idiotic Mac service asking for my administrator password on phone.
The examples I've read about were all McJobs. They are just looking for people who will take a crappy job where they have you on camera because they don't trust you already.
Not the type of jobs were you have the domain admin password, or the key to the front door.
If you hand over your passwords you are giving them access not only to your personal private information but to that of any of your friends who have given your account access to their postings.
If they are deliberately selecting for employment the kind of people who would betray their friends like that then stay *well* away from them.
"If they are deliberately selecting for employment the kind of people who would betray their friends like that then" ...
you are being interviewed for a middle-management position.
I'd consider the 'middle' superfluous.