Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Michigan Makes It Illegal To Ask For Employees' Facebook Logins

timothy posted about 2 years ago | from the nyah-nyah-nyah-nyah dept.

Facebook 132

An anonymous reader writes "Michigan joins Maryland as a state where employers may not ask employees or job applicants to divulge login information for Facebook and other social media sites. From the article: 'Under the law, employers cannot discipline employees or decline to hire job applicants because they do not give them access information, including user names, passwords, login information, or "other security information that protects access to a personal internet account," according to the bill. Universities and schools cannot discipline or fail to admit students if they do not give similar information.' There is one exception, however: 'However, accounts owned by a company or educational institution, such as e-mail, can be requested.'"

cancel ×

132 comments

Sorry! There are no comments related to the filter you selected.

However.... (5, Interesting)

CodeheadUK (2717911) | about 2 years ago | (#42415133)

You can be sure that 9 times out of 10, the job will go to the guy/gal who does hand over the info.

Re:However.... (-1, Flamebait)

reboot246 (623534) | about 2 years ago | (#42415179)

I wouldn't hire anybody who admitted to having a Facebook page in the first place. It's a sign of lower intelligence.

Re:However.... (5, Funny)

Anonymous Coward | about 2 years ago | (#42415651)

Yeah, like that idiot Neil deGrasse Tyson [facebook.com] . You're clearly way smarter than he is.

Feeding the troll :-) (3, Insightful)

billstewart (78916) | about 2 years ago | (#42417861)

Alternatively, it's a sign of having relatives who use Facebook to communicate, just as having a Myspace account is a sign of having nephews who had a heavy metal garage band. And besides, Facebook was the next place to go after Orkut had become a wasteland :-)

Re:However.... (5, Informative)

blackraven14250 (902843) | about 2 years ago | (#42415211)

Except now they aren't allowed to ask at all to begin with. If they ask, it's grounds for what seems like a complaint and a fine, just as if the employer asked what religion you are a member of or how old you are.

Re:However.... (1)

Anonymous Coward | about 2 years ago | (#42415291)

Exactly. I would take such a case pro bono, or at a small contingency. It's not often I'm handed a slam-dunk win.

Re:However.... (2)

Nyder (754090) | about 2 years ago | (#42415405)

Except now they aren't allowed to ask at all to begin with. If they ask, it's grounds for what seems like a complaint and a fine, just as if the employer asked what religion you are a member of or how old you are.

Employers can NOT ask how old you are? Seems that would matter in some jobs. Porno industry would be one. Any job that serves or sells alcohol.

Plus most jobs have your fill an application, which requests your date of birth.

Re:However.... (1)

blackraven14250 (902843) | about 2 years ago | (#42415557)

Well, with age, they can ask, but if they use it to discriminate in any way, they're running into legal trouble. It's really better to just not ask age to begin with as an interviewer to avoid the potential for legal trouble. The passwords issue is more direct, and outlaws the question itself.

Re:However.... (2)

davester666 (731373) | about 2 years ago | (#42417461)

Love the 'loophole': accounts owned by a company or educational institution, such as e-mail, can be requested.

You work for companyA.
You do an interview with companyB.
companyB: Give us the username/password to your email account at companyA.
Profit!

Re:However.... (1)

geekoid (135745) | about 2 years ago | (#42415595)

They can ask if you are over an age.
And porno includes all ages.

Re:However.... (4, Funny)

EdIII (1114411) | about 2 years ago | (#42416117)

And porno includes all ages.

You might want to reword that.

Re:However.... (4, Informative)

Jane Q. Public (1010737) | about 2 years ago | (#42416555)

"They can ask if you are over an age."

No, they can't, unless being a certain age is a demonstrable job requirement. And there aren't many fields in which it's a legitimate job requirement. They can ask if you are of legal age to sign a contract. Not much more than that.

Re:However.... (1)

SydShamino (547793) | about 2 years ago | (#42417343)

The parent was replying to a post that mentioned the porn industry, or jobs serving alcohol. I think the quoted bit was meant to cover those specific situations, where yes you can be asked if you are legally able to work in those categories.

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42417715)

"The parent was replying to a post that mentioned the porn industry, or jobs serving alcohol. I think the quoted bit was meant to cover those specific situations, where yes you can be asked if you are legally able to work in those categories."

I see. But it's still mostly state-specific. You can't sign a contract if you're under 18, so you can't be in porn anyway. As for serving alcohol, where I live you don't have to be 21 to just be a server (although you do to be a bartender).

Re:However.... (1)

rossdee (243626) | about 2 years ago | (#42415867)

"Plus most jobs have your fill an application, which requests your date of birth."

The forms I hate most are those that ask for both your DOB and your age.

"be seeing you."

Vote for number 6 to be the new number 2

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42416685)

Anybody who put those on their application forms these days is just asking to be sued.

Re:However.... (1)

tompaulco (629533) | about 2 years ago | (#42416875)

Anybody who put those on their application forms these days is just asking to be sued.
I have never seen a job application that did not ask for Date of Birth.

Re:However.... (1)

tompaulco (629533) | about 2 years ago | (#42416917)

Bad form to reply to oneself, I know, but I also remembered that I wanted to point out that in all three states in which I do business, companies are REQUIRED to report new hires to the state just in case they are a deadbeat dad. This includes Date of Birth. Although, of course, there is always the possibility that the company obtained that information after hire.
Now, having obtained that information (as required by the state), the employer can now be sued for age discrimination if they ever terminate the employee.

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42417807)

I know of no law that says a company can't ask for DOB after you are hired.

However, asking for it on an application is de facto asking how old you are. No two ways about it: it's definitely against Federal law.

Re:However.... (1)

thetoadwarrior (1268702) | about 2 years ago | (#42416191)

They can ask if you're old enough but I don't believe you have to divulge your exact age.

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42416533)

"Employers can NOT ask how old you are? Seems that would matter in some jobs. Porno industry would be one. Any job that serves or sells alcohol."

This is one of the questions that are in a short list of things an employer may NOT ask when interviewing, according to Federal discrimination laws.

However, these rules don't apply when the factor at issue is a demonstrable requirement of the job. Then they aren't discriminating! So your porno example would never occur in the real world.

Another example: in order to be a firefighter, it is legitimate to require that they can carry a certain minimum amount of weight. That's not discriminating against women or small people; it's simply a requirement of the job.

That date of birth thing got me, though, too: it seems to me that it is de facto asking how old you are, so I am pretty sure they can't legally ask that on application papers or in an interview.

Re:However.... (1)

FatdogHaiku (978357) | about 2 years ago | (#42415757)

Exactly, interviewers need to stick to pertinent facts like has the applicant ever initiated sexual harassment actions, and if not, does the applicant do anal...

Re:However.... (1)

houbou (1097327) | about 2 years ago | (#42416319)

And you know.. that's how it should be.. Your social life, whether online or not, should not be any employer's business. If your social life affects your job, get fired! :)

Re:However.... (1)

Anonymous Coward | about 2 years ago | (#42415769)

If someone is willing to break a TOS and allow a third party complete, unfettered access to their account, then the employer hiring on that basis deserves what they get. Someone willing to break one set of rules has displayed the readiness to possibly break NDAs should circumstances permit.

I've walked out on interviews because of this, telling the would-be HR person that if they want my FB info, they can go and get a motion of discovery, and pay FB for a neatly packaged folder with the info. Oh, not to mention the costs of having that run through the courts especially for no civil or criminal wrongdoings. I'm not going to demonstrate that I will break the law and cause unauthorized use of someone's machines (which can be prosecuted as criminal, but generally is not) on a whim.

Posting AC, as my Christmas "present" due to an internal reorg was my ass tossed on the street, so having to play this game.

Re:However.... (1)

EdIII (1114411) | about 2 years ago | (#42416125)

Posting AC, as my Christmas "present" due to an internal reorg was my ass tossed on the street, so having to play this game.

Those fucking people deserve a place in the Special Hell.

I had two friends in the last 4 years fired the week before X-Mas. I mean, seriously, who the fuck comes up with that idea?

Re:However.... (1)

Ol Olsoc (1175323) | about 2 years ago | (#42416625)

I had two friends in the last 4 years fired the week before X-Mas. I mean, seriously, who the fuck comes up with that idea?

The Shareholders.

Re:However.... (0)

Anonymous Coward | about 2 years ago | (#42416775)

I had two friends in the last 4 years fired the week before X-Mas. I mean, seriously, who the fuck comes up with that idea?

And they wonder why ex-employees come back and shoot up the place.

Re:However.... (0)

Anonymous Coward | about 2 years ago | (#42416521)

If someone is willing to break a TOS and allow a third party complete, unfettered access to their account, then the employer hiring on that basis deserves what they get. Someone willing to break one set of rules has displayed the readiness to possibly break NDAs should circumstances permit.

I've walked out on interviews because of this, telling the would-be HR person that if they want my FB info, they can go and get a motion of discovery, and pay FB for a neatly packaged folder with the info. Oh, not to mention the costs of having that run through the courts especially for no civil or criminal wrongdoings. I'm not going to demonstrate that I will break the law and cause unauthorized use of someone's machines (which can be prosecuted as criminal, but generally is not) on a whim.

Posting AC, as my Christmas "present" due to an internal reorg was my ass tossed on the street, so having to play this game.

I never had someone ask me, but do they realize not everyone has an account there?

Re:However.... (3, Insightful)

daem0n1x (748565) | about 2 years ago | (#42415861)

This is outright illegal in my country. Don't you Americans have any basic right to privacy?

Anyway, I'd never hire anyone so stupid as to give me their passwords. Would you trust someone like that your company data? And I'd never want to work for a company so stupid to ask for that. It's a clear sign of control-freak, unfocused management.

Re:However.... (4, Insightful)

EdIII (1114411) | about 2 years ago | (#42416149)

This is outright illegal in my country. Don't you Americans have any basic right to privacy?

Welll..... what we fought so hard for, and so many of us have died for, was the idea of freedom. That includes privacy and anonymity. It was not more than a hundred years ago or so that people had real privacy and became pretty upset when somebody violated it. Was considered very rude and improper.

I would say that we have a deep tradition of privacy, that it's a basic human right, and that our Constitution supports it.

However, our current government has clearly said, "fuck all that liberty shit". Whatever information we can get, in any way we can get it, we are going to do in the name of either profit or national security. Pick an excuse.

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42416597)

"This is outright illegal in my country. Don't you Americans have any basic right to privacy? "

There is no Federal law, but many states have outlawed the practice, and I believe many more will.

Keep in mind that in the U.S. there is a division between what the states can legally do vs. what the Federal government can legally do.

Having said that: yes, the U.S. Supreme Court has ruled that we do in fact have a right to privacy. But you would not know that, looking at certain recent acts of Congress.

Re:However.... (1)

cdrudge (68377) | about 2 years ago | (#42417157)

There is no Federal law, but many states have outlawed the practice, and I believe many more will.

Presuming the summary is correct, by many you mean two.

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42417727)

Okay, take "many" with a grain of salt. So far, as far as I know, they are Illinois, Maryland, and now Michigan. But other states are poised to do it, too (Connecticut is just one of many), and there is currently a bill before Congress to outlaw the practice, too.

Re:However.... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42417751)

I should add that Congress stuck down one bill that would have made it illegal back in March 2012, but another such bill was introduced shortly after that.

Re:However.... (1, Interesting)

pwizard2 (920421) | about 2 years ago | (#42416881)

Don't you Americans have any basic right to privacy?

Nope. We have a bunch of fucking sociopaths running the corporate world these days. Another 10 years of this shit and we're all going to be stuck in some neo-dickensian nightmare. The only "people" who have rights anymore are the corporations. The rest of us are just cattle unless you happen to have a high-enough net worth.

Re:However.... (1)

JockTroll (996521) | about 2 years ago | (#42418265)

Why are you willing to endure 10 more years of that only for it to get worse? Shoot up the place. Really. If enough people just went and shot up the place, the message would be clear. Kill your bosses. Kill their families. Kill the shareholders and everybody related to them. By letting them live you can only lose, by eliminating them you lose nothing.

Re:However.... (2)

Jane Q. Public (1010737) | about 2 years ago | (#42416479)

"You can be sure that 9 times out of 10, the job will go to the guy/gal who does hand over the info."

Who cares? If they ask me for something like that, they're not somebody I'd work for anyway!

Re:However.... (1)

JasoninKS (1783390) | about 2 years ago | (#42417085)

They'd never admit to it anyway. They'd have some other random excuse for why they didn't hire you.

Asking for User Names vs. Passwords (1)

billstewart (78916) | about 2 years ago | (#42417845)

User names? Maybe, depending on the service. Password? No thanks, I've got no desire for somebody who claims to be offering me a job to be able to impersonate me or change my settings, and doing so would destroy the integrity of the information they'd be looking for anyway. And since I've usually done computer security as at least part of any job I've had since high school, I would expect any company I gave my real passwords to to have the sense not to hire me, and would presume that any company that did ask for my passwords not only has bleeding incompetents in their HR department, but also in their legal department (either because they failed to know that HR was asking for them or because they said yes), so it's likely that they're doomed anyway.

Email address? Sure, I'd like a prospective employer to be able to reach me by email. Company email password? $DAYJOB can access my work email account directly with their sysadmin password. If they're looking for an account name and password, Google and several other reputable companies offer free email and I'll happily set up one for them in return for my usual hourly rates.

Linked-in address? Sure, I use that for potential business contacts and keep a resume out there.

Facebook? Sorry, I don't use it for work. IRL friends and family only. I've friended a previous boss, but that's to talk about bluegrass, not work. And don't they teach their kids to periodically change Facebook names and not trust FB with genuine personal identification info?

Twitter? I'll occasionally comment about computer security or Arduinos on there, but I originally joined because that was how a friend's funeral was being organized, and most of the other people I talk with are friends from other circles.

Blogs? I'm "billstewart" here, or sometimes "Anonymous Coward". They can read through years of random comments if they really really want, and I've probably said more insightful things about technology than stupid things, but YMMV. I do comment on other topics in other fora.

SSN? (1)

Anonymous Coward | about 2 years ago | (#42415139)

'Under the law, employers cannot discipline employees or decline to hire job applicants because they do not give them access information, including user names, passwords, login information, or "other security information that protects access to a personal internet account,"

So that includes Social Security Numbers, too?

Re:SSN? (1)

gtvr (1702650) | about 2 years ago | (#42415153)

No, it's probably answers to security / password reset questions. Do you use your SSN in relation to any web accounts or social media?

Re:SSN? (1)

PPH (736903) | about 2 years ago | (#42415191)

Not my own SSN. The only people that have that are those with a legal requirement to report financial information to government entities. Everyone else gets the SSN on the card that came with my wallet.

Re:SSN? (1)

Obfuscant (592200) | about 2 years ago | (#42415337)

Not my own SSN. The only people that have that are those with a legal requirement to report financial information to government entities.

What employer doesn't have a legal requirement to report financial information about their employees to at least one government entity?

Re:SSN? (0)

Anonymous Coward | about 2 years ago | (#42415475)

And why is a social security number used for this purpose? What does the social security fund have to do with it? If the purpose is "so they can tie it to my taxes", then the govt should have some sort of OTP generated from my SSN that the govt can also know. NOT the SSN itself!

Re:SSN? (1)

geekoid (135745) | about 2 years ago | (#42415565)

With out the SSN the government doesn't know who to apply the tax number to.

And you suggestion doesn't change a damn thing, it just creates another UID.

Frankly, anyone using the ID for ANYTHING BUT tax purpose should be given a mandate to stop using it and have the number erased in 12 months.
No Entity should be able to share A persons unique ID with any other entity. So you have one for each institution.

Re:SSN? (2)

EdIII (1114411) | about 2 years ago | (#42416183)

What the fuck I want to know is why my Internet provider, my natural gas supplier, my power company, etc. needs my fucking SSN for "security" purposes?

My job? I get it. That's for tax reporting purposes. My bank? It's so the government can audit me and they can report as well.

The power company? Whey the fuck do you need my entire social?

It's not for security purposes. It's to have a single UID for the 3 credit reporting agencies that collect more information on US citizens than most companies combined. In fact, a lot of that information is for sale.

It's not the SSN being disclosed that is the problem at all. It's the fact that it is used to aggregate information that should be no one's fucking business in the first place.

If the SSN did not exist, it would just be your driver's license number instead.

Re:SSN? (0)

Anonymous Coward | about 2 years ago | (#42415993)

Apparently not.

Take a look at Randstad that as part of their online job profile application have SSN (optional). I'd be curious if the failure to optionally submit the SSN is an automatic electronic disqualification of the job application. Also, how long do you think it will be before it becomes SSN (required), first at Randstad, and then becoming yet another trend across temp agencies to extract even more personal data.

Additionally, I will also mention that Robert Half Technology in my local area already has candidates filling out a background check authorization form and even wants to fill out I-9 at their on-site interview before the candidate even has a job offer--keep in mind I-9 usually uses Photo ID and Social Security Card or Birth Certificate as the usual two forms of ID. At my interview, they hinted that not having a completed I-9 on file might be an HR red flag vs. another candidate that already did have an I-9 on file. (And at my interview, they basically wanted to go over my resume job by job for salary information and supervisor names as references, but I was not given a formal job offer for a position I applied for.)

Re:SSN? (2)

tompaulco (629533) | about 2 years ago | (#42417021)

Additionally, I will also mention that Robert Half Technology in my local area already has candidates filling out a background check authorization form and even wants to fill out I-9 at their on-site interview before the candidate even has a job offer--keep in mind I-9 usually uses Photo ID and Social Security Card or Birth Certificate as the usual two forms of ID. At my interview, they hinted that not having a completed I-9 on file might be an HR red flag vs. another candidate that already did have an I-9 on file. (And at my interview, they basically wanted to go over my resume job by job for salary information and supervisor names as references, but I was not given a formal job offer for a position I applied for.)
Robert Half Technology is a scam to bilk out-of-work people out of money that they need to survive. They lure you in saying that they have a job that fits you perfectly, then once you are there, they start asking what your skills are. Then they introduce you to their pricing model, where you basically pay them for the privilege of using their database to cold call people who may or may not have any jobs posted. They are basically a headhunting agency where you act as your own headhunter and pay them for the privilege. But 90% of people who use their service do get a job. Of course they do! What else are they going to do? Retire? Die? That's like the weatherman saying it is going to snow. Of course it will, eventually.
Robert Half was a brilliant man with great business ethics who knew that treating employees right was the best way to long term business success. His children were scum licking worthless leeches who sold his good name for a quick buck to unscrupulous ripoff agencies. May Robert Half rest in peace and his offspring burn in hell for their desecration of his good name.

Re:SSN? (0)

Anonymous Coward | about 2 years ago | (#42418311)

> Then they introduce you to their pricing model, where you basically pay them for the privilege of using their database to cold call people who may or may not have any jobs posted.

If you're PAYING a headhunter to look for work, you must be a complete moron. RHT has never CHARGED me to find positions (the 3 times I've used them over the last 7 years). If they did, I would insult them and walk out. Even the arcane practice of bringing copies of a resume I've uploaded to their system and emailed reps directly, has earned my loud displeasure. I don't need to do it and I don't because I'm a professional who understands they have computers and printers and people who do that as part of their day to day at their own office.

> They lure you in saying that they have a job that fits you perfectly, then once you are there, they start asking what your skills are.

That's what all headhunters do (Workbridge is particularly good). Welcome to the world.

Re:SSN? (1)

thetoadwarrior (1268702) | about 2 years ago | (#42416197)

Who gives FB their SS number? That seems kinda stupid.

Re:SSN? (0)

Anonymous Coward | about 2 years ago | (#42416871)

Most people give a SSN to their employer for the purpose of... social security! This is one of the few times when the SSN is being used properly. Unless you're Amish or in some other group that has successfully obtained some kind of exemption, you are going to participate in social security. There might be a few other cases where you don't use a SSN. In that case there are still tax issues so you use, IIRC, a tax payer ID which is actually a separate number you apply for from the IRS. Foreign workers probably use something different too; but for the vast majority of people in the US, you give your employer your SSN and there is nothing wrong with that, excepting of course if you think social security itself is wrong; but that's a separate issue.

Republicans (-1)

Anonymous Coward | about 2 years ago | (#42415217)

Just so we're clear about that.

A NO-Brainer (2)

houbou (1097327) | about 2 years ago | (#42415219)

Amazing, as if your current rights to privacy where not enough, there has to be a law to protect your social media access? Who would have thought of that? Now, hopefully, "MAY NOT ASK" means just that. Hope it doesn't become for job application forms an 'optional' section of the form.

Re:A NO-Brainer (1)

fermion (181285) | about 2 years ago | (#42416771)

One would think. Like the right to organize so that employers do not gain the power to arbitrarily reprimand or fire workers. Yet right to work laws are also passed, so these there is no way for these workers to actually complain. Employment laws are meaningless without employer consequences. Believe me, these laws are going to do nothing in a world where the masses are desperate for semi-skilled entry level jobs and labor is powerless to help them.

Let me get this right... (4, Interesting)

Nyder (754090) | about 2 years ago | (#42415235)

It's against the law to ask employees or prospective employees for login info for social media sites, unless those accounts are owned by a company or an educational institution.

So I guess the question is, do you own your facebook account? Do you own your gmail account? How about your iTunes account?

I would guess that those companies would say No.

Re:Let me get this right... (1)

anagama (611277) | about 2 years ago | (#42415257)

I wondered about that too but chalked it up to being a slashdot summary. I'm guessing the law is going to be a little clearer on what entities are subject to request. I'm thinking it means that an employer could ask a former employer which ran its own email service, if it could have a copy of any emails it still has on file. I'd guess a bit of reluctance on the part of the former employer, but you can always ask. Same thing for a school.

Re:Let me get this right... (2)

icebike (68054) | about 2 years ago | (#42415339)

Unfortunatly, TFA was not any clearer on this issue. It used the same sentence:

There is one exception, however: 'However, accounts owned by a company or educational institution, such as e-mail, can be requested.'"

Without digging up the legislation itself, I suspect it meant asking for the login information to a Corporate Facebook account by the owning corporation would be permitted, In effect to prevent an employee from holding the account hostage.

Similarly, a university or high school might demand a student surrender their password. (Although you would have to be a pretty clueless sys admin to need such authority.

I'm pretty sure it didn't mean that when being hired at company B, they would be authorized to demand your account credentials at company A, your former employer.

Re:Let me get this right... (5, Informative)

icebike (68054) | about 2 years ago | (#42415433)

The law [mi.gov] states:

Sec. 5. (1) This act does not prohibit an employer from doing any of the following:

(a) Requesting or requiring an employee to disclose access information to the employer to gain access to or operate any of the following:

(i) An electronic communications device paid for in whole or in part by the employer.

(ii) An account or service provided by the employer, obtained by virtue of the employee’s employment relationship with the employer, or used for the employer’s business purposes.

(b) Disciplining or discharging an employee for transferring the employer’s proprietary or confidential information or financial data to an employee’s personal internet account without the employer’s authorization.

(c) Conducting an investigation or requiring an employee to cooperate in an investigation in any of the following circumstances:

(i) If there is specific information about activity on the employee’s personal internet account, for the purpose of ensuring compliance with applicable laws, regulatory requirements, or prohibitions against work-related employee misconduct.

(ii) If the employer has specific information about an unauthorized transfer of the employer’s proprietary information, confidential information, or financial data to an employee’s personal internet account.

(d) Restricting or prohibiting an employee’s access to certain websites while using an electronic communications device paid for in whole or in part by the employer or while using an employer’s network or resources, in accordance with state and federal law.

(e) Monitoring, reviewing, or accessing electronic data stored on an electronic communications device paid for in whole or in part by the employer, or traveling through or stored on an employer’s network, in accordance with state and federal law.

(2) This act does not prohibit or restrict an employer from complying with a duty to screen employees or applicants prior to hiring or to monitor or retain employee communications that is established under federal law or by a self-regulatory organization, as defined in section 3(a)(26) of the securities and exchange act of 1934, 15 USC 78c(a)(26).

(3) This act does not prohibit or restrict an employer from viewing, accessing, or utilizing information about an employee or applicant that can be obtained without any required access information or that is available in the public domain.

Sec. 6. (1) This act does not prohibit an educational institution from requesting or requiring a student to disclose access information to the educational institution to gain access to or operate any of the following:

(a) An electronic communications device paid for in whole or in part by the educational institution.

(b) An account or service provided by the educational institution that is either obtained by virtue of the student’s admission to the educational institution or used by the student for educational purposes.

Re:Let me get this right... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42416653)

This seems pretty reasonable to me. In a nutshell, it prohibits asking for credentials to private accounts that are not (A) provided by the employer or institution, or (B) paid for by the institution. With the exception of legitimate investigations into employee misconduct (e.g., publishing confidential company information) via said private account.

I don't see much that is objectionable.

Re:Let me get this right... (1)

icebike (68054) | about 2 years ago | (#42416727)

The only loophole I see is this so called "Legitimate investigation" which appears to allow them to demand your Gmail account login, or what ever. So, want access, simply start an "investigation". Its a small loop hole, just barely big enough to drive a battle ship and an aircraft carrier through, side by side.

Who gets to decide "Legitimate investigation"?

Re:Let me get this right... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42417765)

I agree that it does seem a bit ambiguous, but it does say that the employer must be acting on "specific information" that the employee has committed a breach of trust.

I would presume that if the company could not provide that "specific information", the employee could either (A) fail to cooperate, or (B) file a grievance or lawsuit.

Re:Let me get this right... (2)

icebike (68054) | about 2 years ago | (#42417801)

If they have specific info let them show it to a judge.

This is too wide open for a state government to grant authority to a private company to search your private Internet accounts on nothing more than that same company's say so.

Re:Let me get this right... (1)

dbIII (701233) | about 2 years ago | (#42417491)

Similarly, a university or high school might demand a student surrender their password. (Although you would have to be a pretty clueless sys admin to need such authority.

Demanding involvement from the password holder gets around some ethics problems and makes things legally muddy instead of more obviously illegal. No matter what terms of service you have there are often laws to stop people trawling through private emails even if they are on a commercial or school owned server.

Re:Let me get this right... (2)

Nyder (754090) | about 2 years ago | (#42415605)

I wondered about that too but chalked it up to being a slashdot summary. I'm guessing the law is going to be a little clearer on what entities are subject to request. I'm thinking it means that an employer could ask a former employer which ran its own email service, if it could have a copy of any emails it still has on file. I'd guess a bit of reluctance on the part of the former employer, but you can always ask. Same thing for a school.

ya, slashdot summary of a website that did a bad job. Here is the bill:

http://www.legislature.mi.gov/documents/2011-2012/billenrolled/House/htm/2012-HNB-5523.htm [mi.gov]

And it says different.

Roughly, it says that Employers, prospective employers and educational institutes can NOT ask for login info from employees, prospective employees and students. If it does, you can take them to civil court for a max of $1000 in damages.

This is the exemptions:

Sec. 5. (1) This act does not prohibit an employer from doing any of the following:

(a) Requesting or requiring an employee to disclose access information to the employer to gain access to or operate any of the following:

(i) An electronic communications device paid for in whole or in part by the employer.

(ii) An account or service provided by the employer, obtained by virtue of the employee’s employment relationship with the employer, or used for the employer’s business purposes.

(b) Disciplining or discharging an employee for transferring the employer’s proprietary or confidential information or financial data to an employee’s personal internet account without the employer’s authorization.

(c) Conducting an investigation or requiring an employee to cooperate in an investigation in any of the following circumstances:

(i) If there is specific information about activity on the employee’s personal internet account, for the purpose of ensuring compliance with applicable laws, regulatory requirements, or prohibitions against work-related employee misconduct.

(ii) If the employer has specific information about an unauthorized transfer of the employer’s proprietary information, confidential information, or financial data to an employee’s personal internet account.

(d) Restricting or prohibiting an employee’s access to certain websites while using an electronic communications device paid for in whole or in part by the employer or while using an employer’s network or resources, in accordance with state and federal law.

(e) Monitoring, reviewing, or accessing electronic data stored on an electronic communications device paid for in whole or in part by the employer, or traveling through or stored on an employer’s network, in accordance with state and federal law.

So basically they are saying if you get hardware from them, ie tablet, phone, computer, they can go thru it and do what they want. They can also make it so you can NOT access social network sites if they want. And if they suspect that you are spilling secrets (and probably talking shit) on a social network, then they can request your login info.

There isn't a loophole and the article this was linked to is a fail summary of this bill.

Re:Let me get this right... (-1)

Anonymous Coward | about 2 years ago | (#42415331)

You don't own any of these accounts. Facebook OWNS your FB account, Google OWNS your gmail account and Apple OWNS your iTunes account. They can take them from you without your consent. You are merely a tenant for as long as they choose.

Re:Let me get this right... (1)

Obfuscant (592200) | about 2 years ago | (#42415387)

So I guess the question is, do you own your facebook account? Do you own your gmail account?

No, the question would be, does "Bob's Meat Market" own the facebook or gmail account of someone who applies for a job there, and I think the answer to that is a pretty solid "no".

But Michigan State University DOES own the domain "msu.edu", and email addresses at that domain do belong to them. So, they have the right to ask about email accounts at msu.edu when someone applies for a job there.

Re:Let me get this right... (1)

geekoid (135745) | about 2 years ago | (#42415537)

" So, they have the right to ask about email accounts at msu.edu when someone applies for a job there."
no they don't.
The fact that they own the domain doesn't mean I have to divulge I have an account there.

Re:Let me get this right... (0)

Anonymous Coward | about 2 years ago | (#42416153)

If providing accurate identifying information is a condition of having an account with them, then you certainly do. Otherwise you're committing fraud and theft of services.

Re:Let me get this right... (1)

gnasher719 (869701) | about 2 years ago | (#42415995)

No, the question would be, does "Bob's Meat Market" own the facebook or gmail account of someone who applies for a job there, and I think the answer to that is a pretty solid "no".

Even stronger, if you apply for a job at Facebook, or you work at Facebook, they cannot ask you about Facebook accounts, except those that you have as a Facebook employee.

Re:Let me get this right... (1)

Jane Q. Public (1010737) | about 2 years ago | (#42416609)

"... unless those accounts are owned by a company or an educational institution."

I believe by "owned" is meant "he account holder". Let's hope the actual language of the law is not that ambiguous.

Re:Let me get this right... (0)

Anonymous Coward | about 2 years ago | (#42416841)

I will gladly miss a job opportunity or spend time in jail if it means my private login information stays private. I've already put my money, or the lacktherof where my mouth is. A couple interviews recently I got dumbfounded looks when I said something along the lines of "that's none of your business" when asked about any online accounts or aliases I use regularly, pretty sure it's why I didn't get the job. I worded it much more elegantly than that, but you get the point.

Re:Let me get this right... (1)

Ronin Developer (67677) | about 2 years ago | (#42417167)

If the account was set up for use by a business for business purposs but you administer the account, they can ask you for the login info. So, if you worked for xxx and had you set up an account linking to your email account or used the account to represent xxx, you can alsi be asked for the login info. You personal account is off-limits.

Moot for me (2, Insightful)

Anonymous Coward | about 2 years ago | (#42415241)

The law is moot for me.

I would never EVER tolerate being asked this question. If asked, the interview would be over. If they were half-sane enough to retract the question and apologize, the apology would not be accepted.

If any employers want my advice (and admittedly, they usually don't), they would fire anyone who thought this was part of something they should know.

On the plus side, I don't have a facebook account - but I'd still walk out of any interview where it came up. Anyone who thinks this is at all possible to ask is not someone I'd be willing to work for.

Re:Moot for me (0)

Anonymous Coward | about 2 years ago | (#42415375)

I didn't realise being asked for passwords to personal accounts was even thing.

Re:Moot for me (0)

Anonymous Coward | about 2 years ago | (#42415883)

It isn't, at least not to the extent that these stories would have you believe. Mind you, it's good that measures are being put in place to prevent it now, before it *does* become a common occurrence.

Re:Moot for me (1)

wonkey_monkey (2592601) | about 2 years ago | (#42415893)

How nice to be in a position to storm out of job interviews. Some people have it a little tougher than that these days.

Re:Moot for me (1)

gnasher719 (869701) | about 2 years ago | (#42416009)

How nice to be in a position to storm out of job interviews. Some people have it a little tougher than that these days.

I wonder what happens _if_ you are asked. You could refuse to answer and/or sue for $1000 in damages, but that would probably mean no job. Are you allowed to lie to such questions?

Re:Moot for me (1)

tompaulco (629533) | about 2 years ago | (#42417065)

I wonder what happens _if_ you are asked. You could refuse to answer and/or sue for $1000 in damages, but that would probably mean no job. Are you allowed to lie to such questions?
If I could line up 10 such interviews a month, I'd probably be content with that.

Re:Moot for me (1)

Jane Q. Public (1010737) | about 2 years ago | (#42416675)

"How nice to be in a position to storm out of job interviews. Some people have it a little tougher than that these days."

I've done it, even when I was pretty desperate for work, during the recession started in 2001. For different reasons than this, but that still had to do with personal privacy.

I'd do it for this reason, too.

Re:Moot for me (0)

Anonymous Coward | about 2 years ago | (#42417565)

OP here. First, I don't know if I'd 'storm' out, though I'm sure the thought would cross my mind. Second, I might not be in any better position than you (or 'some people') to give up on a job opportunity. Still, I wouldn't lose a minute of sleep over it (with the possible exception of crying a bit over the wasted time). It's the principal - more than that, it's the whole mode of thought indicated by asking this type of question. If I sucked it up, impressed them with my skills, and got the job, it wouldn't last - by the nature of their thought processes, they'd pile stupid upon stupid until I had to leave for that reason. So, really, it wasn't the opportunity it appeared to be in the first place.

Ok, so it's not guaranteed to work out that way, but I still feel extremely strongly about the subject, and wouldn't change my answer.

Cheers.

Tell Your Password and Be Banned (1)

Anonymous Coward | about 2 years ago | (#42415261)

It's already against the terms of service of every online account to hand out your log on info to anyone, let alone allow someone to use your account. If I ever interviewed anyone, I might ask and then wouldn't hire anyone who was willing to give me the info.

For companies, how are they justifying the legal risks? If I gave someone my password, I can claim any future post can from them.

redundent redundent redundent redundent redundent (1)

slashmydots (2189826) | about 2 years ago | (#42415429)

There's a federal law against storing customer or employee passwords in a reversible manner in digital form under certain conditions. So, most of them are already violating that law by keeping your login credentials in some excel spreadsheet or something.
All this did was give employers who did it in the past ex post facto immunity against most lawsuits.

Stupid Law (0)

Anonymous Coward | about 2 years ago | (#42415471)

There is no constitutional right to privacy, nor to work. Therefore employers, including the government, have a right to know what you post on Facebook.

Re:Stupid Law (1)

Anonymous Coward | about 2 years ago | (#42416161)

There is no constitutional right to privacy, nor to work. Therefore employers, including the government, have a right to know what you post on Facebook.

Posted by an Anonymous Coward. How ironic.

This can't be right (1)

geekoid (135745) | about 2 years ago | (#42415517)

the government is in corporate pockets! people on slashdot say so.

You've got to be shitting me (1)

l0ungeb0y (442022) | about 2 years ago | (#42415571)

Is it April 1st already? Since when does the Court ever defer to common sense -- especially when computers or the Internet is involved?
I'd better go read the article myself, the submitter probably dun goofed.

Re:You've got to be shitting me (0)

Anonymous Coward | about 2 years ago | (#42416257)

The curious is that in Spain the 28 of December is the equivalent of April Fools day.

Hooray Michigan!!! (1)

Heebie (1163973) | about 2 years ago | (#42415573)

Employee's private lives aren't the business of an employer!

Re:Hooray Michigan!!! (1)

PolygamousRanchKid (1290638) | about 2 years ago | (#42415797)

Employee's private lives aren't the business of an employer!

Unless your job requires a US Federal Government security clearance. Then your private life is their business. You know, like, if you are getting it on with your biographer and Florida socialite. Federal laws probably trump this Michigan law.

Re:Hooray Michigan!!! (0)

Anonymous Coward | about 2 years ago | (#42416061)

Yes they do. The DOD and associates are a big employer here. They believe everything is their business.

Thus the best policy to stay marketable is to remain a humble Anonymous Coward.

Re:Hooray Michigan!!! (1)

tompaulco (629533) | about 2 years ago | (#42417075)

Unless your job requires a US Federal Government security clearance.
Or unless you like to bring your private live to work with you, or just no show up for work because your private life got the better of you.

Security Clearances vs. Employer (1)

billstewart (78916) | about 2 years ago | (#42417905)

It's been decades since I had a security clearance, but while I had to fill out reams of information for the Feds themselves, I don't think most of it was actually visible to my company. That doesn't mean they didn't know about some issues, e.g. one coworker had recently gotten out of college, and had admitted on the form that he had used marijuana (gasp!), and that led to a six-month delay in getting the clearance approved, but that was back before Nancy Reagan had bullied Corporate America into doing drug-testing as a condition of employment, so it wasn't a big deal.

Re:Hooray Michigan!!! (0)

Anonymous Coward | about 2 years ago | (#42417793)

Yes and no. We instigated this little change because we prefer for you to feel comfortable using facebook and other social media. However employers will get access through background check products sold by facebook and others and that will be entirely without your knowledge. -6

This can't be true! (1)

IllForgetMyNickSoonA (748496) | about 2 years ago | (#42416213)

Companies asking for FB (or whatever) credentials? As a part of job interview? I surely hope this is NOT standard behavior but rather something blown out of proportion. If somebody would ask me for my personal access data to ANYTHING, I'd consider it a bad joke and lough politely. Man, at some times it sucks to be European, but articles like this are a nice wake-up call, showing fellow humans in other parts of the world have to fight even larger idiocy. :-(

tortious interference with a contract (0)

Anonymous Coward | about 2 years ago | (#42416345)

I'm not a lawyer, of course, but:

Does not individual acceptance of Facebook terms and conditions establish a contract between the individual and Facebook?

IIRC, the Facebook TaC prohibit divulging one's password, giving others access to one's account.

See http://en.wikipedia.org/wiki/Tortious_interference [wikipedia.org]

Now, it might be difficult for the individual whose account is requested, because he can always refuse to comply with the pressure. However, if he accedes, suddenly his friends' materials become open to the requester. Any of those friends could sue the requester for big bucks (violation of privacy, mental anquish) under Tortious Interference.

I don't know if this theory would work in practice, but it would be real easy for some group of interested individuals to set up a sting...

Medical Marijuana Still Discriminated Against (0)

Jonah Hex (651948) | about 2 years ago | (#42416587)

Medical marijuana law no protection for fired Battle Creek Walmart worker, appeals court says [mlive.com]

GRAND RAPIDS, MI – The firing of a former Battle Creek Walmart worker, who was dismissed for failing a drug test but claimed he should be exempt because of Michigan's medical marijuana law, has been upheld by a federal appeals court that ruled the provision doesn't cover private business decisions.

The medical marijuana law “does not regulate private employment,” the Sixth Circuit Court of Appeals panel said in a ruling issued Wednesday.

Joseph Casias, who has an inoperable brain tumor, was fired by the Walmart store in Battle Creek after he failed the drug test. He sued, but the case was dismissed by U.S. District Judge Robert Jonker.

Jonker earlier ruled that the fundamental problem with (Casias') case is that the (medical marijuana law) does not regulate private employment.

“Rather, the Act provides a potential defense to criminal prosecution or other adverse action by the state. All the (law) does is give some people limited protection from prosecution by the state, or from other adverse state action in carefully limited medical marijuana situations.”

Casias worked for Walmart from November 2004 until November 2009. He was fired for testing positive for marijuana despite the fact that he said he never used the substance at work.

The man's oncologist recommended he try marijuana after the law took effect in 2008. Casias found that it reduced pain as well as side effects of other medication.

The appeals panel, however, agreed with Jonker’s previous ruling.

“The district court held that the (medical marijuana law) did not regulate private employment but that the statute could potentially provide a defense to criminal prosecution .

“The district court concluded, therefore, that private employees are not protected from disciplinary action as a result of their use of medical marijuana, nor are private employers required to accommodate the use of medical marijuana in the workplace. In rendering its decision, the district court explained that Michigan voters could not have intended such consequences and that accepting plaintiff’s argument would create a new category of protected workers which would ‘mark a radical departure from the general rule of at-will employment in Michigan.’”

Casias’ attorneys insisted his firing undermined the medical marijuana law.

If you got this far, let me know if you need a Remote Windows admin/packager/etc Contractor who has a Medical Marijuana card here in MI. I'm looking for interesting new contracts especially migrations and server/client rollouts and I don't want to deal with this kind of bullshit discrimination against a medicine that allows me to NOT take addictive and physically dangerous opioids. - HEX

And if they don't believe you have no FB account? (0)

Anonymous Coward | about 2 years ago | (#42417211)

How could you proved you the negative?

Re:And if they don't believe you have no FB accoun (1)

Impy the Impiuos Imp (442658) | about 2 years ago | (#42417841)

I have a Facebook account, haven't logged on to it in a year, and was hoping a future employer would ask me so I could say no.

Oh well.

But why... (2)

Darkness404 (1287218) | about 2 years ago | (#42417643)

But why would you even WANT to work for someone who wants your Facebook login? A business which even thinks about asking for that sort of information would be a big red flag to not work at that company.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?