
Should Employers Be Allowed to Ask for Your Facebook Login? - profitbaron
http://www.theatlantic.com/technology/archive/2011/02/should-employers-be-allowed-to-ask-for-your-facebook-login/71480/
======
btilly
And what of people like me who have chosen to never create a Facebook account?
How do you think that would go over??

As the corrections officer in question points out in the video, this is very
dangerous ground. When you ask for someone's Facebook account as a condition
of employment you are getting access to a tremendous amount of information
about that person. Very likely including information such as marital status,
religion, sexual orientation and the existence of children - all things which,
as a matter of law, prospective employers are _not_ allowed to ask employees
in the hiring process.

If you're not allowed to ask it directly, you shouldn't be allowed to ask it
indirectly either.

~~~
natch
You say they are getting access to information about that person.

Actually, it is much worse than that. They are getting access to information
about all the person's friends, including some very private information.

I might trust my friends with ages, photos, and school locations of my
children, but I shouldn't have to worry about whether that same information is
being given to some creepy bureaucrat working in a department of corrections
office.

And to be clear, I'm not at all talking about the risk faced by a job
applicant. I'm talking about the risk incurred by a friend of the person.

------
bugsy
"Should Employers Be Allowed to Ask for Your Facebook Login?"

I say yes, they should be allowed, and you should be allowed to refuse, and
they should be allowed to not hire, and you should be allowed to find a better
place to work and breath a sigh of relief since you just dodged a bullet.

~~~
natch
What recourse do you think that leaves for people whose Facebook friends do
not refuse? If one of my Facebook friends allows this, they are, unbeknownst
to me, sharing information that I consider private with that employer. I
choose to put certain information on Facebook, trusting Facebook, its
partners, and my friends with that information. I do not choose to trust
random employees of random prospective places of employment with that same
information, so this is a violation of my privacy expectations as a user of
Facebook, and as a friend.

"You shouldn't put information into Facebook if you are afraid of that
information getting out." I don't.

But people (including you, by your response) do not fully understand the risks
they are taking.

~~~
dantheman
What stops your friend from copying your facebook data and publishing it on
the web?

~~~
mikeg8
nothing "stops" them... it's called trust. why would a friend do that

~~~
jterce
Right, but if that trust was valid then you could likewise count on them not
allowing an employer, or any third party.

~~~
natch
Not if they overlook the problem, as many of the first posters in this
discussion did.

------
bayareaguy
I would think that this should be obvious, but sharing your password in such a
circumstance appears prohibited by the Facebook terms of service[1]. More
specifically:

    
    
      You will not share your password, (or in the case of developers, 
      your secret key), let anyone else access your account, or do anything 
      else that might jeopardize the security of your account.
    

1- <http://www.facebook.com/terms.php?_fb_noscript=1>

~~~
bugsy
And there is a fantastic answer to such a question: "As a responsible worker,
I take my contractual obligations seriously. The Facebook terms of service
which I agreed to legally prohibit me from giving that information to anyone.
I [have the terms here|can get them for you] if you would like to read them."
If they reply, "Well we want it anyway." then the next reply is "I don't
understand why you are asking me to break a contract. That is unethical. Do
you routinely ask employees here to perform unethical or illegal acts?"

------
mcantor
It's a shame that people are so desperate for jobs and willing to sacrifice
privacy for the illusion of security; if it weren't so, things like this would
never have a chance to become real problems, because everyone would just walk
out of the interview at that point. The interviewers would report to their
superiors, "Everyone is running full-speed in the opposite direction when we
ask for their Facebook password," and the policy would be changed almost
immediately.

~~~
tptacek
Basically what you're saying is, you wish privacy didn't have an economic
value, which it must so long as people are willing to concede it for slightly
higher wages.

~~~
hackinthebochs
Exactly why government should step in to remove its economic value. This is
what governments do.

------
beoba
This reminds me a bit of Scientology's policy of collecting and archiving
secret information from their members, so that threats of blackmail could be
made later on if needed.

I think a good solution to this situation is to in turn request the
screener/interviewer's credentials. After all, it's no big deal right?

~~~
bugsy
Great points. Rather than the interviewer, the interviewer and the board of
directors and the CEO. I've done that a few times when I get requests for
salary history, I ask to see theirs first. When they say that it's not
relevant then I respond "Well there you go." I can't say that this tactic
always works, but it doesn't really matter. I've never gone long without a
job. Skills has its benefits.

------
cheald
Would you give a potential employer your GMail password? Hell no. Your
Facebook login is not only a trove of information that employers aren't
supposed to ask about, it's a login gateway to _many_ other sites. Facebook is
probably the largest delegated authentication provider on the internet, and
you expect me to hand that info over?

The only person that has my Facebook login info is my wife, and she's also the
only person that has my email login info. I don't care if you're the Pope,
you're not getting access to any information that gives you the keys to the
kingdom.

------
tptacek
I'm uncomfortable with the idea that a government job† should demand a
Facebook login, because I generally feel like they (a) should be held to a
higher standard, (b) involve the people's relationship with the government,
which is inherently adversarial, and (c) have an outsize impact on the
standards and practices used in the private sector --- so "if it's ok at the
DoC, it must be OK at Bank of America".

On the other hand, in the private sector, I don't see how this is any of our
business. Should employer be "allowed" to "ask" for Facebook logins? You mean,
should employers be "disallowed" from asking? Of course not. And candidates
should say "no" if they don't want to give the login up. Employment in the US
is at will, and outside of race, nationality, religion, gender, &c, hiring is
totally at the discretion of the company.

† _(at least, one that doesn't require clearance)_

~~~
hackinthebochs
No, they should not be allowed to even _ask_. The problem is that when some
people are allowed to give up certain rights for a potential advantage in
hiring, then it becomes the de facto standard that everyone has to give up
that right in order to have a chance. In most industries the employer holds
all the card, so that everyone will just go along with it because they feel
they must in order to be considered.

You're naive if you think the "market" will correct itself such that these
types of invasions of privacy are eliminated. When we're talking about
people's livelihood you can't expect them to act in such a way that maximizes
their rights. They act in a way that maximizes their livelihood, potentially
giving up rights that they otherwise would not have. Government is the only
thing able to keep employers from having that power.

~~~
tptacek
So, given a hypothetical scenario in which two equally qualified candidates
are in consideration for a job, do you also think one candidate shouldn't be
allowed to _offer_ their Facebook login to the employer to settle any concerns
they might have?

~~~
hackinthebochs
My gut reaction is to say no they should not. However, if hypothetically there
were some question that came up that could only be resolved by checking their
facebook account, then I think it can be allowed in that instance. The
difference is there being (some equivalent of) "probable cause" to even
question something that could be resolved through such a check.

------
motters
It's equivalent to in the pre-internet era asking a job applicant to hand over
all their private snail mail so that a prospective employer can read them and
approve or disapprove of their private life and personal or political
opinions.

------
Kilimanjaro
Should they be allowed to enter your house and search your room for family
albums, traces of pot, porn, love letters, naked pictures of your gf, etc?

Where do we draw the line between a real or virtual invasion of privacy?

~~~
bugsy
Ah, but you just shifted from asking to just doing it.

No, they should not be allowed to just do it. But should they be allowed to
_ask_ if they can search your house and private things (which is indeed
comparable to requesting to be friended)? I say, yes, they should be allowed
to ask, and all intelligent people that value their privacy should be allowed
to say no, laugh, mock, walk out of the interview, and then post their
feelings about that company on their Facebook page, or on HN, or reddit, or
their personal blog so that others may be warned from wasting time applying at
such a place.

~~~
jonknee
There are plenty of other things employers aren't allowed to ask (even if some
would have given it up willingly). I'm not sure why this would be different.
Under most circumstances you can't ask about religion, most everything about
family, nationality, native language, age, etc. There are usually ways around
these things, but some are just areas employers can't go. They are free to
ask, but then set themselves up for a pretty open and shut lawsuit.

~~~
bugsy
The question before us is not are they doing it or are they allowed, it is
should they be allowed. This is going to be a matter of opinion.

I say "they" should be allowed to ask anything at all. Marriage, religion,
sexual preferences, political party, etc etc etc.

And when they do ask questions that are none of their business, people should
have the good sense to refuse to answer, and if they pursue it at all, stand
up and walk out and go to another job that respects them as humans.

The problem is not with the law or the companies, it is with the people who
put up with abuse and condone and encourage it and refuse to push back to say
"No, I am not going to answer that and frankly you are an ass for asking
because it is none of your damn business." Because of the internet, everyone
with a bad experience can blog about it and warn others which companies to
avoid. The result here is that MORE people will have accurate information
about which companies are staffed by assholes who can't mind their own
business, and these companies can starve for want of talented responsible
workers. And that's a good thing.

Right now we have ridiculous laws like restaurants are not allowed to
discriminate by color of skin. I am not white myself. I would LOVE to know
which restaurants are staffed by racists and bigots that don't want me to eat
there, because then I would know not to give them my business, and I would
know to preach word of that far and wide, and keep an eye on who does eat
there and have nothing to do with those folks either. That would be great. As
it is we have all these people with latent hidden racism. It's there, but it's
not in the open, so I can't see it. Sometimes it sneaks up on me from behind.
That's not good. Let it be in the open instead.

------
verysimple
To answer the question: No.

 _... That alone isn't going to derail the Facebook juggernaut, but it might
slow down people's engagement on the site as they realize maybe a private,
unknown email account is a better way of sending sensitive messages._

That isn't going to happen either. It's like saying that because people are
aware that smoking is a cause of cancer they'll only smoke half a cigarette.

~~~
beoba
I don't think your analogy works. Sure, half a cig doesn't make sense, but you
can have a facebook account without handing over trusted information.

~~~
verysimple
The analogy is actually directed more to the _"slow down people's engagement
on the site"_ part of the sentence. The part about people opening anonymous
account is a fantasy that presumes that people care. We've been spammed
through email for years now, yet only few people can be bothered to open a
dedicated account just for the purpose of signing up to various services.

------
zedshaw
I like what he said in the video, and he's right. Asking for this kind of
information is just like asking a woman, "Are you pregnant?" Or, asking people
to take "IQ tests" that favor whites. In fact you could write a law that
simply said:

"An employer may not compel an applicant for any access to private information
that may indirectly lead to a violation of existing Equal Opportunity
Employment laws."

Ideally this law would amount to:

"Paying someone to do a job does not make them your fucking lifetime slave
asshole."

------
beej71
Sure, they can _ask_.

Do you background checks the GOOD old-fashioned way, and get some actual
results. Or, waste your time in someone's facebook account they set up
specifically for you to check for this job interview.

~~~
thyrsus
Aha! Business opportunity: create ad hoc facebook accounts, complete with
"friends", games, lolcat photos, and all the rest, for a fee.

Of course it violates the Facebook terms of service. Handing over your
password already broke that.

