Apply to Work for City of Bozeman: Social Networking & Passwords

[dlgoff]

Would you give out your PF password to work for the city of Bozeman Montana?

Please list any and all, current personal or business Web sites, Web pages or memberships on any Internet-based chat rooms, social clubs or forums

http://bozemandailychronicle.com/articles/2009/06/19/news/10socialnetworking.txt"

 

[maverick_starstrider]

Wow. that's some 1984 bull crap. Why do they need your passwords? Are they going to send some messages as you? It sounds like the entire town is a russian mafia scam.

 

[feely]

Wow, that's is insane!

So much for a private life, eh?

Also ...on a technical point, that could be one hell of a long list of sites, passwords etc

 

[maverick_starstrider]

What are they hoping for?:

Interviewer: Which social networking sites and forums to you use?

You: Well let's see there's Facebook, and Hotmail, and PhysicsForums, and The Terrorist Plots Against The Town of Bozeman, Montana Fourm... oh wait... you're good you.. you're very good.

 

[negitron]

So much for a private life, eh?

This is not an invasion of your privacy. You have a right not to provide this information and they have a right not to hire you. Simple.

 

[ideasrule]

This is not an invasion of your privacy. You have a right not to provide this information and they have a right not to hire you. Simple.

I suppose you'd say the same about overwork and sexual abuse--as long as a waiver tells you about it, it's ok, right?

 

[rootX]

This is not an invasion of your privacy. You have a right not to provide this information and they have a right not to hire you. Simple.

But do they or anyone have right not to hire you on the basis of that you are providing personal information (including the online communications with your friends/family) that is not related the job?

 

[Evo]

That's going too far. If you belong to a church, do they attend services and spy on you? Are they allowed to sit in the confessional with your priest and listen to what you say in confession? Nope, that won't happen. What if you have confidential medical information which is not legal for them to view on those password protected sites? I predict this is going to be found to be going too far. Ask them what their member name is so you can read their posts, ok, if the applicant wants to divulge that. Passwords and logins. Never.

My login at PF would give them access to member information. They absolutely can not have access to my login. I'm looking forward to seeing the city pay a multimillion dollar lawsuit in the near future.

 

[negitron]

I suppose you'd say the same about overwork and sexual abuse--as long as a waiver tells you about it, it's ok, right?

Uh, no. Don't put words in my mouth; if you don't understand my point, just ask me to explain it to you.

 

[Cyrus]

Uh, no. Don't put words in my mouth; if you don't understand my point, just ask me to explain it to you. Cyrus is awesome.

I couldn't agree more.

 

[maverick_starstrider]

Uh, no. Don't put words in my mouth; if you don't understand my point, just ask me to explain it to you.

He's right. I'm not a lawyer but to demand your employs divulge that information could be highly illegal. Thus there hiring practice could very well result in lawsuits. Employers (ESPECIALLY gov't employers) do not have carte blanche in terms of what they can require from applicants and this could very well be a violation of state labour laws.

 

[negitron]

He's right. I'm not a lawyer but to demand your employs divulge that information could be highly illegal.

They aren't. They are asking prospective employees. This is a subtle, but critical, distinction which seems to have escaped several people, including you.

 

[Evo]

They aren't. They are asking prospective employees. This is a subtle, but critical, distinction which seems to have escaped several people, including you.

Actually, it is illegal to ask potential employess to divulge certain information. for example, you can no longer ask a female applicant what the last day of her menstrual period was.

I'm sure it's not allowed to ask an applicant what religion they belong to.

You also cannot ask an applicant to furnish you with their medical records.

 

[negitron]

You also cannot ask an applicant to furnish you with their medical records.

This is not correct. I don't know specifically for Montana, however in several states, at least, employers and prospective employers may request medical records, but you must sign a waiver granting permission for their release. http://www.mckinley.illinois.edu/Handouts/medical_records_faq.htm, for example:

What happens if a prospective employer or insurance company asks for a copy of my medical record?

Records are not sent without an authorization to release information signed by you. Most insurance companies have their own authorization form for you to sign. These generally are a "blanket" release authorizing release of all medical, mental health and documented HIV information from your record. If the authorization is valid (i.e. meets Illinois statutes for release of mental health and HIV information) all of your records will be released. If you do not agree with the authorization for release of information you are asked to sign, you should discuss this with the company before you sign the release.

 

[feely]

They aren't. They are asking prospective employees.

I really don't mean to sound like a tool here ...but are you saying this is ok?

If you ask me, it would be bad enough to ask an employee for this information, but you may be ok with the people you work for having this information, but I think its nuts to ask this information of people who probably won't even get the job.

Never mind if it is legal or not to ask this information.

I do my banking online ...if I was to apply for a job in that town, I would have to give them my password ...how do I know these people are honest enough not to go into my accounts, or how do I know they are not stupid enough to leave my information out in the open, where someone else can get it?? And if I don't provide the information, I don't even get considered for the job!

And they want this information to know if I am a good honest person ...right? Well, would I get the passwords etc of my bosses, so I can know if I am work for good and honest people? I doubt it.

 

[maverick_starstrider]

They aren't. They are asking prospective employees. This is a subtle, but critical, distinction which seems to have escaped several people, including you.

Uh. Those laws ARE for prospective employees. There is a laundry list of information that it is simply ILLEGAL to ask a PROSPECTIVE employee for.

 

[maverick_starstrider]

This is not correct. I don't know specifically for Montana, however in several states, at least, employers and prospective employers may request medical records, but you must sign a waiver granting permission for their release. http://www.mckinley.illinois.edu/Handouts/medical_records_faq.htm, for example:

Yes, but the question is do you have the right to REFUSE without it effecting your hiring.

 

[negitron]

Uh. Those laws ARE for prospective employees. There is a laundry list of information that it is simply ILLEGAL to ask a PROSPECTIVE employee for.

Yes, I am aware of this. Although, it's not a very long list, actually. There are many things you can't be required to answer, but employers may still be permitted to ask. And as far as I can tell, none of those lists include internet passwords.

 

[negitron]

Yes, but the question is do you have the right to REFUSE without it effecting your hiring.

That would depend. If the reason for not hiring you would place you in a federally- or state-protected class (age, race, religion, etc.) then generally you do have that right. Otherwise, perhaps, perhaps not, depending on the specifics.

 

[maverick_starstrider]

Yes, I am aware of this. Although, it's not a very long list, actually. There are many things you can't be required to answer, but employers may still be permitted to ask. And as far as I can tell, none of those lists include internet passwords.

Right. Which is an artifact of the laws being behind the times. However, one could very easily find a legal defense. For example, as Evo mentioned, you can't ask about religion. So you could always claim that you discuss you religious views online and thus asking for this information is tantamount to asking your religion.

 

[Evo]

This is not correct. I don't know specifically for Montana, however in several states, at least, employers and prospective employers may request medical records, but you must sign a waiver granting permission for their release. http://www.mckinley.illinois.edu/Handouts/medical_records_faq.htm, for example:

Nope. If you are requesting handicapped status or special accomodations for a medical issue, yes, the employer can ask to see medical proof of such claims. That's what your link is answering. An employer can not ask for your medical records otherwise.

Medical testing. Generally, an employer can require a medical exam to ensure you are physically able to do the job, but only if the exam is required for all employees entering the same position, and only after you've been offered the job. (The employment offer can be made contingent upon your passing the medical exam.)

An employer can require a current employee to submit to a medical exam if the employee has shown he or she is physically or mentally unfit to perform essential job duties, or if there's a concern for workplace health or safety.

Federal law prohibits medical testing to screen out applicants with HIV or AIDS.

An employer cannot request your medical records. However, if you have an illness or injury that requires a work-related accommodation (longer breaks or a special desk, for example), you may need to provide documentation from your doctor. The Americans with Disabilities Act (ADA) requires employee medical information to be kept separate from other personnel files, accessible only to supervisors, emergency medical personnel and government ADA compliance inspectors.

http://www.consumer-action.org/english/articles/workplace_privacy/

 

[maverick_starstrider]

P.S. Apparently Bozeman dropped this policy mere days after implementing it. Considering the town is only 50,000 people it was likely a case of some inexperienced public servant having no clue what they were doing and the second it got national attention and the ACLU started looking into it they immediately repealed it.

http://blogs.wsj.com/digits/2009/06/23/montana-town-stops-asking-applicants-for-facebook-logins/

 

[Evo]

P.S. Apparently Bozeman dropped this policy mere days after implementing it. Considering the town is only 50,000 people it was likely a case of some inexperienced public servant having no clue what they were doing and the second it got national attention and the ACLU started looking into it they immediately repealed it.

Thanks for that maverick. Do you have a link?

 

[Sorry!]

My dad works for the city of Mississauga ontario. I remember someone was talking badly about the bus system here nd was bragging about abusing a driver. A city employee then started talking to this person and an argument broke out over the internet. City employee lost job.

 

[maverick_starstrider]

Thanks for that maverick. Do you have a link?

Ya. I added it after an edit to my post. You most have posted before I finished my edit :)

 

[mgb_phys]

Thanks for that maverick. Do you have a link?

http://news.cnet.com/8301-13578_3-10269770-38.html
Theres a pdf of their press release on the same page.

Usual story, some admin minion overstepped their authority. The city apologised, rather than just declare it a matter of national security.
They had a semi-reasonable point, they wanted to check facebook associations to certain groups, it would be a bit bad hiring a sherif who was in the KKK for instance.

Don't know how legal this is in the US. In the UK police and army are banned from belonging to certain legal* extreme right-wing political groups. Partly because of public image, but also because it would be an automatic get-out for any black suspect arrested by a policeman when it came out in court that they were a member.
There was a bit of a scandal when their site was hacked and a list of 10,000s of members published.

*Ironically members of illegal groups (like the IRA) can be MPs

 

[TheStatutoryApe]

That would depend. If the reason for not hiring you would place you in a federally- or state-protected class (age, race, religion, etc.) then generally you do have that right. Otherwise, perhaps, perhaps not, depending on the specifics.

Just because there is not a law against something specifically does not mean it is legal. While it may take a judge to determine the legality I believe it is expected that people will in general attempt to avoid doing things that may be illegal.

While employers may getaway with asking certain questions that they would likely not be allowed to ask this is most often because there is no means of proving that the prospective employee was turned down due to refusal to answer said question.

Asking for personal passwords to websites is quite obviously illegal regardless of the lack of a law specifically addressing internet passwords.

 

[negitron]

Asking for personal passwords to websites is quite obviously illegal regardless of the lack of a law specifically addressing internet passwords.

I'm going to have to ask you to cite that. I think you're wrong if for no other reason than the fact that nothing is "obviously" illegal in the absence of codified law.

 

[TheStatutoryApe]

I'm going to have to ask you to cite that. I think you're wrong if for no other reason than the fact that nothing is "obviously" illegal in the absence of codified law.

Ever heard of illegal search and seizure? Illegal wiretapping? Not even the police can do such a thing without a warrant. Why should employers be allowed to do it?

 

[negitron]

Those are not the same thing. At all. Not even close.

At this point, I should point out that I do think it was a stupid idea, certainly not effective in any real sense and I'm glad they changed their minds. However, I still contend that it was neither illegal nor meriting of a lawsuit (don't get me started on tort law reform).

 

[Evo]

Those are not the same thing. At all. Not even close.

At this point, I should point out that I do think it was a stupid idea, certainly not effective in any real sense and I'm glad they changed their minds. However, I still contend that it was neither illegal nor meriting of a lawsuit (don't get me started on tort law reform).

There is no law against asking for passwords at this time, so no, it's not illegal. I think a lawsuit is needed to make a ruling on the legality though.

Surely finding the user name and reading posts is sufficient, anything else is an invasion of privacy and could be horrible abused.

Do we give over our bank account information so they can check on purchases and donations? Maybe I want to work for Ford, but they discover I bought a Toyota?

 

[negitron]

On what grounds would you file such a lawsuit?

 

[Evo]

On what grounds would you file such a lawsuit?

If that was to me, I'm not a lawyer, but under the current right to privacy laws I'm sure it would be a lawsuit that would be considered. My boss couldn't even ask me why I was going out on disability. I was going out on full pay for 8 weeks, and I was not required to tell him the reason. That was between me and human resources. Only my case manager can know. It's that private and sensitive. I'm only required to tell him I have been approved to go out on full pay and will be back on such date. He can't ask me anything.

 

[mgb_phys]

Surely finding the user name and reading posts is sufficient, anything else is an invasion of privacy and could be horrible abused.

That was their reasoning, they can ask you your name and check criminal and credit records. Their logic was that a username is something like an alias and you are required to give 'other names' in an application. The password was because details on things liked linkedin are only available when logged on.

Technicaly it would have been better to have you make the HR dept a contact/friend and I'm sure that sort of thing will be added to professional
networking sites in the future. This was just unfortunate that a small town admin peon became the test case.

Would it have been acceptable as part of a background check for a security clearance for instance?

 

[TheStatutoryApe]

Those are not the same thing. At all. Not even close.

At this point, I should point out that I do think it was a stupid idea, certainly not effective in any real sense and I'm glad they changed their minds. However, I still contend that it was neither illegal nor meriting of a lawsuit (don't get me started on tort law reform).

To give someone a key to your home or a password for an account is to give them permission to access these things as they see fit. Due to your right to privacy no one can require these things unless they have a legal and legitimate reason to have access (ie, your landlord having a key to your apartment, a police officer with a warrant or probable cause). You might say that an employer is only making a request and that if you refuse then they do not have to give you a job. This is called coercion. Not even a law enforcement officer is allowed to coerce a person into giving up their right to privacy. It is illegal.

There is no law against asking for passwords at this time, so no, it's not illegal. I think a lawsuit is needed to make a ruling on the legality though.

Surely finding the user name and reading posts is sufficient, anything else is an invasion of privacy and could be horrible abused.

Do we give over our bank account information so they can check on purchases and donations? Maybe I want to work for Ford, but they discover I bought a Toyota?

Again, lack of a specific law means nothing. If it mattered then the courts would not be able to decide in your favour because they only have the power to enforce and interpret existing law. If lack of a specific law means that it is not illegal then the only remedy is legislation to enact a law, the courts couldn't help you.


Edit: When I worked at the college NO ONE was allowed to ask me for my logon information even though it was for a network privately owned by my employers. They still had admin privledges that allowed them to access my account anyway but they could not at all ask for my password. The only instance was when IT set up or reset my account at which point I would be asked to change my password immediately.