City Requires Job Applicants To Hand Over All Online Usernames And Passwords
from the privacy,-much? dept
Slashdot points us to the incredible story that the city of Bozeman, Montana, as part of its hiring screening process requires applicants to not just list out what social networks and online sites they are "members" of, but to provide full login info, including passwords to all of those sites. What's even more incredible, is how the city defends it:"So, we have positions ranging from fire and police, which require people of high integrity for those positions, all the way down to the lifeguards and the folks that work in city hall here. So we do those types of investigations to make sure the people that we hire have the highest moral character and are a good fit for the City,"Apparently, having "the highest moral character" doesn't include knowing better than to violate prospective employees' privacy -- and the privacy of people they communicate with via social networks. When the newspaper reporter writing the story asked why the city didn't just create, say, a page on Facebook and ask applicants to "friend" it in order to see their profile, the city attorney seemed surprised that this was even possible, noting that he would explore that option.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: bozeman, job applicants, privacy, social networks
Reader Comments
Subscribe: RSS
View by: Time | Thread
So...
beyond privacy, there is safety and security to think about. Changing passwords regularly is a common practice for increased security, do they require resubmitting of new passwords?
What if you just didn't tell them anything and claimed no web presence? I know a few people who still have no E-footprint. Does that make them ineligible for employment?
this just brings up too many questions without even hitting on privacy rights that it's disgusting.
[ link to this | view in chronology ]
Re: So...
What if you forgot to mention a geocities site you had back in the 90s. Could they then fire you for lying on your application because you failed to include it?!
I'll just say this, the background information I provided to my state's bar to get my law license was much less invasive than the procedure to become a janitor at the city hall in Bozeman, Montana
[ link to this | view in chronology ]
It is my hope that this policy is derived from the utter ignorance of a single person. And once that person is set straight, some sanity will prevail. Of course hope and five cents will at best get you a nickel.
[ link to this | view in chronology ]
Re:
If you are applying for a position and your personal writings, beliefs and postings indicate a clearly divergent philosophy than required or expected, yes you should notify your prospective employer of your conflict of interest/beliefs.
But for the vast majority of cases, personal should equal private.
[ link to this | view in chronology ]
Re: Re:
Good thing the US Constitution allows for that as long as you're not doing anything illegal, which is what background checks are for.
[ link to this | view in chronology ]
Re: Re: Re:
The first amendment does not apply to businesses, only to relationship between citizens and the government. No business has to tolerate how you behave in your personal life if they believe that it reflects poorly on their business and your commercial relationship to them as long as they do not discriminate and follow labor laws.
[ link to this | view in chronology ]
Re: Re: Re: Re:
yes it does. moving on.
2) " only to relationship between citizens and the government"
Which is EXACTLY what's going on here. It's the CITY OF BOZEMAN that's requiring this, which is a government.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: private to a point...what point?
I think this bozon of an attorney should be asked to defend the cities discriminatory hiring practices in court, get his ass spanked big time, cost the city lots of money, and ultimately get fired. I wonder who'd hire him after that?
[ link to this | view in chronology ]
Re: Re: private to a point...what point?
Michael Vilan wrote:
What about the newly-graduated teacher who's job offer was withdrawn after some Bored of Education member found the woman's Facebook page. It showed her at a party fully clothed with a big smile on her face wearing a party hat with a red cup in her hand. She was 25 at the time of the photo. Nothing illegal or even immoral. Totally a none-of-your-beeswax situation. Yet they essentially fired her because of that page.
I think this bozon of an attorney should be asked to defend the cities discriminatory hiring practices in court, get his ass spanked big time, cost the city lots of money, and ultimately get fired. I wonder who'd hire him after that?
[ link to this | view in chronology ]
Re: Re: Re: private to a point...what point?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Here's your nickel back.
[ link to this | view in chronology ]
Terms of service
"6. You will not share your password, let anyone else access your account, or do anything else that might jeopardize the security of your account."
I am guessing there are many other sites that have something very similar.
So based on some of the more recent rulings, violating the terms of service can land you in jail or with a fine. So now the city won't hire me because I committed a crime. It looks like the city of Bozeman is not going to have any employees pretty soon. This city attorney is a dumbass and needs to get shitcanned quick
[ link to this | view in chronology ]
It's sad when the people in charge don't understand the technology they're trying to use.
[ link to this | view in chronology ]
This shouldn't even be required. Again, more examples of two steps forward, one step back, two steps forward, one step back. Until, before we know it, we have no freedom.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re: Anonymity
Should they require you post your profile info: no. But I would provide it (mind you not the username password!) so they can see what kind of person I am.
[ link to this | view in chronology ]
Re: Re: Re: Anonymity
[ link to this | view in chronology ]
A point that was missed
[ link to this | view in chronology ]
Re: A point that was missed
Why sue?? Go find a better job and move on. It's a state-employed position, which makes it VERY easy to do that.
[ link to this | view in chronology ]
TOS Violation
And now with that Lori Drew case, we have a federal precedent that violating the TOS of a computer service is a criminal offense, so... basically the city of Bozeman is asking job applicants to commit a federal crime to apply for a job. And since they’re a material party to the violation, the city is on the hook for conspiracy as well.
[ link to this | view in chronology ]
Re: TOS Violation
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Hiring Applications
The city has gone way overboard.
[ link to this | view in chronology ]
You're all missing the shocking part:
[ link to this | view in chronology ]
Re: You're all missing the shocking part:
[ link to this | view in chronology ]
Re: You're all missing the shocking part:
[ link to this | view in chronology ]
Re: Re: You're all missing the shocking part:
[ link to this | view in chronology ]
They should be fired...
This policy maker is totally unaware of what they are regulating. They should be fired.
[ link to this | view in chronology ]
Re: They should be fired...
This is exactly what I thought of, and i'm surprised more people haven't mentioned it. This isn't just an issue about privacy, this is handing over your identity. To apply for a job you're required to allow anyone who wants to to pose as you anywhere on the Internet? How is this not paralyzingly-frightening?
[ link to this | view in chronology ]
foresight
Not to mention the legal implications of asking for account passwords.
[ link to this | view in chronology ]
Idiots!
Are they going to provide me their login info because they are fine upstanding employees of the state/city and have nothing to hide?
I know, they should post it in the "blue book" or whatever the state publishes along with their annual salary. That would be awesome!
[ link to this | view in chronology ]
In a word or two: BS
You waived the right to anonymity when you posted on Facebook or any other blog/social network.
Should they require you post your profile info: no. But I would provide it (mind you not the username password!) so they can see what kind of person I am.
So Adam, are you completely illiterate, or just a dumb-ass POS? You would provide it but not provide all of it? Then you loose idiot. Besides the idiocy of such a requirement, let's see how far this can go...
Hell you know maybe the mayor of the town's video rental record should be made public so that we can see if he/she is of "good moral character"? Why not right? We have a right to know everything right? That's why there should be bounderies between "private" and "public" life. People don't have a need or a right to know what isn't available through legal means. They can ask anything they want on some questionaire, but this is beyond absurd. Also think about it, do you really want people who have no regard for personal privacy as your main law enforcement members?
I can see it now "Fourth amendment, you've been reading too many comic books dude. That's so last century.." IDIOTS!
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Lose: v. to fail to win (a prize, stake, etc.)
/grammar cop
[ link to this | view in chronology ]
*sigh
[ link to this | view in chronology ]
Re: *sigh
SHOULD it take a Supreme Court decision? F*CK NO!
Is that what this country is coming to? Buzz Lightyear's famous cry sums up the answer to that....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
@AC: TROLL, TROLL,TROLL,TROLL....TROLL.
If you're not going to point out how you think I'm wrong, you're just as much of an idiot, or the above term.
[ link to this | view in chronology ]
@AC: TROLL, TROLL,TROLL,TROLL....TROLL.
If you're not going to point out how you think I'm wrong, you're just as much of an idiot, or the above term.
[ link to this | view in chronology ]
They're gonna back down on this real quick.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Every Site I am a member of .... hmmmm....
Does this includes Banks, brokerages, e-bay, amazon, utilities?
Yeah I want some under paid city worker with access to a half a dozen bank accounts, my brokerage account, and the ability to one click his way through every item on Amazon, the ability to shut off my electricity, water, cable, and cell phone service.
Sure here is my info ....
username : U.R.An.Idiot
Password : GetAClue
What in the Hell are they thinking?
-This Violates the TOS of most sites
-This Opens the city to civil actions
-This violates computer trespass Laws in pretty much every state
-This Violates The federal computer fraud and abuse statute, 18 U.S.C. 1030
http://fpc.state.gov/documents/organization/103707.pdf
[ link to this | view in chronology ]
Re: Every Site I am a member of .... hmmmm....
- -This Violates The federal computer fraud and abuse act
and I inserted the wrong link
http://www.law.cornell.edu/uscode/18/1030.html
[ link to this | view in chronology ]
Pretty bad lawyer, isn't he?
I think he should be disbarred for gross incompetence.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
E-Mail them all as a group at: agenda@bozeman.net
[ link to this | view in chronology ]
My question is: When a city commits a criminal act, who does time?
[ link to this | view in chronology ]
a common misconception
To put it another way, is leaving your house key underneath the welcome mat ILLEGAL? NO, of course not! Is it STUPID? Yes!
However, if someone were to come along and gain access to your house by using that key, and steal your belongings...THAT is what's illegal.
[ link to this | view in chronology ]
Re: a common misconception
[ link to this | view in chronology ]
Re: Re: a common misconception
[ link to this | view in chronology ]
Re: Re: a common misconception
Funny then that Lori Drew was convicted of a federal crime for violating the TOS of MySpace. I'm sure she could have used your brilliant legal advice at the time.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: Illegal
Not to mention, if the TOS says not to share your password or account information, they are asking you to commit a crime to work for them.
WONDERFUL!
And we WONDER why the terrorists call us the Great Satan?!
[ link to this | view in chronology ]
Re: Re: Illegal
[ link to this | view in chronology ]
Re: Re: Re: Illegal
>are GIVING THEM AUTHORIZATION TO ACCESS YOUR ACCOUNT.
Unless the TOS specifically says you may not give your password to someone. Then, according to the Drew case, both you AND (in this case) the person accessing the site would be guilty of violating the ToS and therefore guilty of accessing a computer system illegally.
I didn't say I agreed with it, that was the ruling.
[ link to this | view in chronology ]
Re: Re: Illegal
Way to end a relatively good point with stupidity. They call us the Great Satan for the same reason we refer to every armed fighter we don't agree with as terrorists: because hyperbole is a fantastic motivator.
Nor, by the way, is hyperbole relegated only to the "bad guys". We do it too. Arguably more often.
[ link to this | view in chronology ]
TOS violations
They are Terms of SERVICE!!!!!!!
Which means if you violate them, the site can terminate the service they are providing to you. TOS protect the site FROM legal action BY USERS.
That's it.
They CANNOT DO ANYTHING ELSE.
[ link to this | view in chronology ]
Re: TOS violations
[ link to this | view in chronology ]
Re: TOS violations
Sadly, you are wrong. We all believed that as well. If I break the TOS of X site, the X has the right to terminate my usage (ie. account) but it wasn't thought of as illegal.
But Lori Drews was convicted because she used another name to create an account, which broke the TOS of the site. The court ruled that she was guilty of (basically) computer fraud.
Again, I do not agree with it. I'm telling you the precedent has been set.
[ link to this | view in chronology ]
Re: Re: TOS violations
The thing is, as long as the TOS doesn't specify otherwise, "X site" can't take legal action. That doesn't mean they won't try, though; and if you and/or your attorney don't know how to READ they'll win.
[ link to this | view in chronology ]
Re: Re: Re: TOS violations
So, while I do retract my vehemence, based on your argument and my subsequent education, I do not retract my statements.
[ link to this | view in chronology ]
Mailing Address: City Commission, P.O. Box 1230, Bozeman, MT 59771-1230
Fax: 582-2344
City Clerk's Office: 582-2321, 582-2320
[ link to this | view in chronology ]
Pattie Berg, SPHR Human Resources Director pberg@bozeman.net
[ link to this | view in chronology ]
OMG
[ link to this | view in chronology ]
ILLEGAL as well
Not only is Bozeman being shortsighted and ignorant about the technology involved, but they may well be asking their own current employees or representatives to BREAK THE LAW of the State of Montana (and probably federal as well, does the DMCA have anything about using another's login info for the purposes of retreiving information?)
[ link to this | view in chronology ]
Re: ILLEGAL as well
[ link to this | view in chronology ]
Social engineering test...
If not they will hire exactly the people they deserve.
[ link to this | view in chronology ]
You're right, and that's a completely seperate legal/ethical issue than the one being discussed here.
Kudos for being irrelevant.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Heres a thought...
Discrimination.
I would like the state officials to provide me a detailed explanation on the vague terms "of good moral character".
The City takes privacy rights very seriously, but this request balances those rights with the City's need to ensure employees will protect the public trust, according to city attorney Greg Sullivan.
Which will never be the same again. You want the public to trust their officials? How can they when the officials can't trust each other.
Wonder what happened to a simple police/crim-check and previous work references providing enough information to read between the lines? Incidently, you can have my access codes when you pry them from my cold dead hands :)
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Actually, no. I didn't. I specifically have modified my privacy settings so only a few can see my social networking profiles. If I've got my profile set to the point where you can't even find my name in a search, much less see any content on my profile, and if even 99% of my friends can't see everything on my profile, it's very clear that I have done my best to protect my privacy, the privacy of my friends who choose to post on my site, and the privacy of those I work with/for.
And asking me to hand you my usernames/password is not only a TOS violation, but an utter violation of my privacy. I wouldn't even consider working for someone who had so little respect for my privacy or so little trust in me as a person.
[ link to this | view in chronology ]