Feeds

back to article Facebook: Your boss asks for your password, we'll sue him! Maybe

Facebook's Chief Privacy Officer has condemned employers who ask for the Facebook log-ins of employees or job applicants. It comes after a young man blogged that a potential employer had asked for his Facebook password during a job interview. In a note on the Privacy page added this morning, FB Privacy honcho Erin Egan also …

COMMENTS

This topic is closed for new posts.

Page:

Wow, not often Facebook do somthing I agree with.

Does this mean if your employer, or potential employer, asks for your password you can say "No way, Dumb Fuck!"?

19
1
Silver badge

@Cameron

Careful now with hasty assumptions.

For all we know they might also consider to offer those companies a deal they can't refuse.

1
1
Anonymous Coward

can't

Wait for the test case

3
1
Anonymous Coward

Re: Wow, not often Facebook do somthing I agree with.

Sigh, so you fell for that then?

Don't forget that words are seriously cheap - it's only in actions that you learn intent. If you need any other examples, think of teh "Do no evil" Google.

Sjeez, people believe anything these days..

2
2
Bronze badge

Re: Wow, not often Facebook do somthing I agree with.

I agree. The words are pretty, but I still wouldn't trust them 100%. Credit to them though for their position.

If a prospective employer asked me to give them those details, I'd leave the interview. I wouldn't want to work for a company that wanted to even ask if they could pry into my own private life.

8
1

Re: Wow, not often Facebook do somthing I agree with.

Of course if gave my own personal information away so easily you can bet your life I'll sell your company secrets for a wage too.

Quid pro quo

3
0
Bronze badge

Re: Wow, not often Facebook do somthing I agree with.

Basically Facebook want to protect the data on their network, the fact that it happens to be data you put into their network doesn't have much to do with it.

0
0
Silver badge

Re: Wow, not often Facebook do somthing I agree with.

Way I see it, Facebook's objection is that the boss is viewing the data without having to pay them for it.

0
0
Silver badge

Re: If a prospective employer asked me to give them those details,

I've been thinking about what the appropriate response to such a question would be. I did consider the walk out route. But I think I came up with a better one:

No, I won't give you the password to my Facebook account. If you want to see my Facebook page, send me a friend invite and tell me the name now and I will approve you as a friend. But if I give you the password to my Facebook account, you'll never be able to trust that I won't give someone my password to your company system accounts.

I don't object to them seeing my Facebook page. I don't believe I have anything incriminating there, if I did it would be gone in a New York minute. If don't want to friend them, just use the last part and turn it around on them.

0
1
Bronze badge
Trollface

Do what I'd do...

Tell them you don't have a Farceberk profile.

(Except I wouldn't be lying)

16
0
Anonymous Coward

Re: Do what I'd do...

It would almost be worth setting up a facebook account so you can hand over the login and then report them for abuse.

What sort of reasonable employer cares what you do outside work anyway?

9
0
Anonymous Coward

Re: Do what I'd do...

I did just that recently in a Job Interview.

Q: What are your Facebook, Twitter and LinkedIn ID's.

A: I'm awfully sorry. I don't have an account on any of those services.

Then I spent the rest of the interview defending my so called 'Luddite' attitude.

My simple explanation was that, yes I was on LinkedIn once. I linked up with some old friends. From their lax security, someone else was able to find out a lot about me and my history. They then attempted to steal an my Identity. This attack included forging a passport and other documents in my name. Then they 'sold' my car on the internet.

It took me more than a year to fix my identity.

After 30 minutes of being called a luddite, I walked out with the parting words,

'The world would be a better place if more people were concerned about their privacy. If exposing myself on the internet is a condition of employment then I'm not interested'.

Anon naturally.

37
1
Anonymous Coward

Re: Do what I'd do...

"What sort of reasonable employer cares what you do outside work anyway?"

A lot of them, if recent trends are any indication. It's been quite some time since a month went by that I didn't hear about someone getting in trouble at work for something on their Facebook, and I've even been asked to investigate a case of an inappropriate post on behalf of my employer (the employee in question was a teacher who had stupidly asked his student's to friend him then posted cover art from smut novels, but still...)

0
0

Re: Do what I'd do...

Report them to whom? Facebook's policies don't apply to third party employers. Facebook can make up any rule it likes, but it's powerless to make anyone obey.

2
0
Anonymous Coward

Re: Do what I'd do...

It's alright if you're applying for a job that isn't anything to do with the internet.

If you're a web dev / columnist, unfortunately, you either give it to them, or you won't get the job.

Imagine a web dev / columnist that says he hardly connects to the net.

We're stuck between a rock and a hard place.

1
6

Re: Do what I'd do...

Yeh, because I bet HR has all the login details for every hack who works on El Reg.

Personally, if I were asked, I would say

"I'm assuming you are asking this to see whether I am sufficiently Internet savvy to be aware of the issues involved in sharing a password with someone, both in terms of breaking the EULA , and the possible problems in employment law, opening a potential employer up to accusations that they made their decision based on marital status, sexual orientation etc... so the correct answer is, 'i'm afraid I have to decline'.

I don't give anyone my passwords, ever.

13
1
Anonymous Coward

Re: Do what I'd do...

2 accounts! If have to explain what I mean by that then well ...

Just say to them I dont have time for Losserbook, you would rather be working than being apart of creating the next episode of Jeremy Kyle.

0
1
Gold badge
Stop

Thank you, exactly my opinion too.

If I was prepared to give up my own privacy for a financial incentive, there is always the possibility I might do so too for corporate resources. Nope.

Besides, if they want to look they can see the public data. The rest is 100% my own (not that there is anything I do not expose business contacts or family relations via anything online).. For the rest, tough luck.

1
1
Silver badge

Re: Do what I'd do...

I don't do facebook because I work on the internet. I know enough about how it works to know, absolutely, that I want no part of it.

6
1
Stop

Re: Do what I'd do...

An employer coercing credentials out of a candidate and then using them against Facebook's terms of service may be committing a number of criminal offences.

1
0
Anonymous Coward

'Luddite' attitude

Oh! So those who are clever enough to realise that FB is an unneccesary waste of time, because we can still contact our friends and colleagues without posting on a "wall" are now considered Luddites'?

What a fool! I'd have laughed at them and pointed out the errors in their thinking!

0
0
Silver badge

Ludd was a liberal

The question requires three responses

1) I don't have any social networking accounts

2) If I I did I wouldn't give you the logins

3) Goodbye

0
0
Silver badge
FAIL

Translation: dont muscle in on our racket

Of course FB doesn't want companies to get employee information for free. Selling information is FB main revenue stream after all.

6
0
Paris Hilton

Re: Translation: dont muscle in on our racket

I was thinking this, myself. I then carried it further to Facebook offering a "sneak peek" service for employers to buy into to investigate applicants.

Paris, offering a "sneak peek," but not for free, of course.

0
0
WTF?

protect yourself

After a bad experience with an employer not honouring a perk offered verbally in an interview situation, i now tape any job interviews. I think that it is prudent to protect yourself from this nonsenese.

Any employer asking for passwords is a very bad sign. It is probably not worth taking the job.

13
0
Anonymous Coward

Re: protect yourself

Be careful.

Taping without the other party's consent is illegal in some countries (intercept law), and in the UK you may tape unannounced, but only for your own use. Even if you correct your notes using a recording you are no longer able to use them in court - but that obviously pre-supposes anyone finds out that you taped it first..

But yes, having a recording is so much easier..

0
1
Silver badge

Re: protect yourself

WTF. Think about this. If an employer is wankish enough not to give you something they offered in the interview without a reasonable explanation then why work for them? If its not explicitly written into your contract or offer letter you shouldn't expect it - that's your point of maximum negotiating strength.

And as for recording the interview. If an interviewee asked me to record our conversation they would be out of there so fast their head one spin. I would't employ anyone whose unwilling to start on a basis of a shared professional trust.

0
2
Anonymous Coward

Re: protect yourself

"And as for recording the interview. If an interviewee asked me to record our conversation they would be out of there so fast their head one spin. I would't employ anyone whose unwilling to start on a basis of a shared professional trust."

Every company I know of insists on recording every time I call them - where is the mutual professional trust there?

Yet you (and others) insist that it's some sort of breach of trust if a current or prospective employee asks to record a conversation with you? Are you really that scared you'll get caught out in a lie?!?

Given that recording a conversation can protect both sides, if one side is extremely anti recording, it makes me doubt their trustworthiness.

2
0
Silver badge

Re: Taping without the other party's consent is illegal

Protecting yourself there is simple: At the start of the interview you explain you are taping to protect your legal interests, and if they object you walk out of the interview.

0
0
Silver badge

Flat NO.

A pushy employer can *look* at my profile on my mobile, while I am present, but no way in hell I'd let anybody have my password just because they ask.

That said, even *with* my password, it would be no good. Logins from unknown devices need a code sequence entered before anything happens.

Employer wants password *and* authorisation? Fine. You hand me the legal warrant and I'll hand you the info, else piss off. What is to stop them, then, posting as you? Or anybody if they are lazy with how this information is stored. What next, copies of my house keys so the boss can rummage around one rainy weekend?

9
1
Silver badge

Sir

"What next?"

Your pin number and debit card - I'd just like to have a quick look at your account to verify you aren't in debt (yet).

2
0
Bronze badge

Re: Flat NO.

Here is what FB can do to prove it is sincere:

Prior to interviews, an applicant would pre-set the authorization code to one of two options:

a = the name of the employer and the name of the interviewing officer, information which will be known in advance in most cases

b = the abort code

c= the continue logging in with pre-interview code, preserving the *a* code in case said interviewer attempts to log in even after hiring or declining the applicant

Then, if asked, the applicant can choose to be serious or play games. If serious, the applicant can reply in the negative, but if pressed for it and if desperate for the job, the applicant can hand over the *a* code and wait for a facebook notification. Even if the applicant ultimately does not land the job, the applicant AND facebook can still determine WHICH COMPANY attempted to log in.

To make things dicey, facebook needs a log in app that requires the eye shot of the person entering the code. That means an employer needs to surrender to the eye shot at the interview before getting the code. If THEY refuse, then you DO NOT want to work there. But, later, in case they try to log in anyway, they might have already surrendered an eye shot from their own phones for logins, in which case FB can link up fraudulent log in attempts directly to a person, so long as the fraudulent log on is not done with a 3rd party under duress to do an eye-supply and take the fall.

Has anyone yet heard of a fingerprint reader-capable LCD? It would be interesting if phones had two-factor logins base on those: key in or swipe in AND press one's thumb on the LCD for a scan.

Anyway, action *c* from above would hopefully help to deter disgruntled applicants from abusing the abuse-deserving fools who insist on having the applicant's password. Punishment and protection would have to work both ways, in case it really is being asked just to weed out stupid applicants, who probably do NOT deserve the job if handing over his or her password at an interview.

0
2
Gold badge

Re: Flat NO.

Not that I'm a fan of Farcebook but I don't see why they would have to implement such a system to collaborate with something that is flat out unacceptable. By implementing this they would indicate some kind of acceptance of this practice, which in itself is quite a risk for them.

4
0

Re: Flat NO.

Why would FB want to do this? The applicant is not a useful source of revenue to FB. The hiring company could be easily such, if FB adds features quite different to your suggestions.

1
0
Anonymous Coward

Re: Sir

My employer does credit checks on some staff (e.g. ones handling large amounts of money).

Seems reasonable enough to me.

0
2
Anonymous Coward

Re: ones handling large amounts of money

I'll find that acceptable employer behavior right after your company agrees that employees handling large amounts of money can work alone in the vault with all that money.

And yes, I expect I HAVE handled more cash money as a treasurer for an organization than any of the people you run credit checks on. At the time, I would probably would have failed your credit check.

Anon, because of the large cash handling.

0
0

This post has been deleted by its author

Anonymous Coward

Re: They can have it...

I've always wanted to visit Ulaanbaatar. If I finally make the trip, would you mind if I pop in for a pint of kumis?

1
0
Silver badge

Re: They can have it...

"I've always wanted to visit Ulaanbaatar. If I finally make the trip, would you mind if I pop in for a pint of kumis?"

An El Reg reader is always welcome in his ger!

0
0

Re: They can have it...

So by idling and yet having account on facebook with friends saves you from that gigantic scheme? It doesn't.

Especially in IT , giving a password to any third party, even if it is yours is a horrifying sign showing lack of responsibility and basic security practices.

perhaps companies are baiting..

1
1
Silver badge

I still think this is a stupidity/trustworthiness test

Anyone I interviewed who DID had over his password would quickly find his application in the round file as a security risk. Plus it would be interesting how they would phrase the "no, I don't think so" because that would show how well they deal with conflict.

13
0
Bronze badge

Re: I still think this is a stupidity/trustworthiness test

You are absolutely right., They are looking people to dumb/to desperate to assert their rights. Bob we are going need you complete those reports by 9am Monday or you are fired.They tell you at 5pm Friday Oh by the way you worked 2 hours of over time this week. Would be cool if we just erase those 2 hours so I don't have to write you up. That would be swell Bob.

1
1
Silver badge

Re: I still think this is a stupidity/trustworthiness test

"Are you asking me this to determine whether you can trust me with secrets, or to see how I handle telling the boss 'no!'?"

8
0

Re: I still think this is a stupidity/trustworthiness test

Reminds me of the old story about how Thomas Edison would go to lunch with a prospective employee, and then NOT hire them if they salted their meal BEFORE tasting it (something about not wanting to have people who pre-judge situations before getting all their facts, or whatever).

1
0

Re: I still think this is a stupidity/trustworthiness test

"I'm sorry, but the standing rule in any place I've ever worked was that login credentials were NEVER to be shared. I hope you'll understand if I continue that policy here."

2
0

Basic answer

You can say "the information you want from me isn't just risking privacy of me but risking other people such as my friends and family"

I said it to idiotic Mac service asking for my administrator password on phone.

0
0
Silver badge

Re: I still think this is a stupidity/trustworthiness test

The examples I've read about were all McJobs. They are just looking for people who will take a crappy job where they have you on camera because they don't trust you already.

Not the type of jobs were you have the domain admin password, or the key to the front door.

0
1
Silver badge
Flame

They want me to betray my friends?

If you hand over your passwords you are giving them access not only to your personal private information but to that of any of your friends who have given your account access to their postings.

If they are deliberately selecting for employment the kind of people who would betray their friends like that then stay *well* away from them.

4
0
Silver badge
Trollface

Re: They want me to betray my friends?

"If they are deliberately selecting for employment the kind of people who would betray their friends like that then" ...

you are being interviewed for a middle-management position.

13
0
Anonymous Coward

Re: They want me to betray my friends?

I'd consider the 'middle' superfluous.

2
0

Page:

This topic is closed for new posts.