Wednesday, March 21, 2012

Invasions of privacy, writ large

I'm not much of a social media kind of guy. It's too easy to say something stupid, put up a stupid picture, and have it shared with millions of people. I also believe that my personal life is none of the business of most of my readers. Most of my readers don't care, and shouldn't care. I'm not that important. If my businesses expand to the point where I'm hiring a bunch of people, I sure won't be following in these footsteps. I wouldn't ask for this, and I wouldn't hire somebody who either asked or gave out that information either in an interview. I deal with confidential information. If I'm going to hand out confidential information about myself, like my logins, how the hell can I be trusted with someone else's confidential information? That's how I look at it.

From Annarbor.com:

SEATTLE — When Justin Bassett interviewed for a new job, he expected the usual questions about experience and references. So he was astonished when the interviewer asked for something else: his Facebook username and password.

Bassett, a New York City statistician, had just finished answering a few character questions when the interviewer turned to her computer to search for his Facebook page. But she couldn't see his private profile. She turned back and asked him to hand over his login information.

Bassett refused and withdrew his application, saying he didn't want to work for a company that would seek such personal information. But as the job market steadily improves, other job candidates are confronting the same question from prospective employers, and some of them cannot afford to say no.

In their efforts to vet applicants, some companies and government agencies are going beyond merely glancing at a person's social networking profiles and instead asking to log in as the user to have a look around.

Why stop at facebook, and go with email accounts and everything.

"It's akin to requiring someone's house keys," said Orin Kerr, a George Washington University law professor and former federal prosecutor who calls it "an egregious privacy violation."

Questions have been raised about the legality of the practice, which is also the focus of proposed legislation in Illinois and Maryland that would forbid public agencies from asking for access to social networks.

Kerr (who writes at The Volokh Conspiracy) is dead on here.

Here's the part that really gets crazy and sets me off. It can also cover this edition of ridiculous laws of the week. This belongs in tort law, not criminal law.

Giving out Facebook login information violates the social network's terms of service. But those terms have no real legal weight, and experts say the legality of asking for such information remains murky.

The Department of Justice regards it as a federal crime to enter a social networking site in violation of the terms of service, but during recent congressional testimony, the agency said such violations would not be prosecuted.

Federal crime? A felony? I remember reading about this a long time ago. I believe it's under a fraud provision, but I need to double check. Still, you got to be kidding me. "Such violations would not be prosecuted?" So what. It's on the books. It CAN be enforced. It's STILL a crime. What we have here is people being told to commit a crime in job interviews. If it isn't worth prosecuting, get it the hell off the books.

Now, as I said earlier, if I'm expanded to the point I'm hiring a lot of people, I'd never ask for login information, and would be supplying company computers and emails with the full understanding that business stays only business, and personal stays personal unless it directly affects business (things that can be found on public records). That protects everybody. The irony about this is that from my perspective I have a bigger problem if you give login information away to HR, because I now wonder if I can count on you to keep things that need to be kept in-house, in-house if there's pressure by some bureaucrat.

Due to discrimination laws, I can not generally (in most cases) discriminate against somebody in employment on the basis of race, sex, pregnancy, religion, national origin, disability, age, military service, bankruptcy, genetic information, or citizenship status. In Michigan that includes marital status as well. In a lot of states it includes sexual orientation, although even in states not specifically listed, that's likely a lawsuit waiting to happen in a lot of areas. The easiest way to avoid any lawsuit or tort case is to simply not ask about those sort of things at all. Why would I anyway? None of those affect my area of business. I'm not going to ask, and it isn't my business.

Now, if some of these social network thing-a-my-bobs carry that information, is listed privately, and someone gets that information due to possible coercion (is it really volunteering the info?) by HR, does that amount to a case if someone isn't hired?

That's in addition to that federal law described above violated (it's on the books, and who knows when it will be enforced) and violation of terms of service contracts (tortuous interference claims by the social networks if they prove damages).

I hope this gets taken to court.

No comments: