tag:blogger.com,1999:blog-37798047.post4495827109132522243..comments2024-01-16T05:48:33.523-05:00Comments on Errata Security: That doesn't mean your employer can use your Facebook passwordDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-37798047.post-56122209152820563942012-03-31T12:49:35.356-04:002012-03-31T12:49:35.356-04:00"I of course believe that employers are free ..."I of course believe that employers are free to ask for your Facebook password, and that you are free to refuse."<br /><br />If it didn't matter to employment, why would they ask? Therefore if they expected you to give them the password and you don't and then subsequently terminate you, how is this different from a boss asking you for your naked pictures (assuming we never had laws against this because we are too Libertarian to impose such laws)? It is not easy to quit your job when you're not in a position of power.Xylotrupeshttps://www.blogger.com/profile/07714508300662815708noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-26977887446055407682012-03-31T01:38:26.516-04:002012-03-31T01:38:26.516-04:00Actually, I think the real issue at hand is the pe...Actually, I think the real issue at hand is the personally identifiable material that is currently illegal to require in an job interview, such as martial status, race, religion, etc. These are often visible or at least attainable via Facebook/social networks. Therefore, any employer asking for the login credentials or requiring users to log in are running afoul of those laws. (At least in the US).Kanshiinoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-83515924922552532812012-03-29T10:17:22.752-04:002012-03-29T10:17:22.752-04:00Another way of looking at this - if one were to gi...Another way of looking at this - if one were to give away personal confidential information, i.e. the FB login, what else would the candidate do? <br /><br />It's an appropriate question to ask, and the right answer is to say "no" - it shows mindfulness as far as being security oriented.<br /><br />If a candidate were to give me those credentials, they would immediately go into the "do not hire" bucket and the interview would be over.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-65922157593914688972012-03-27T10:03:51.813-04:002012-03-27T10:03:51.813-04:00IANAL, but I'm not sure that using someone'...IANAL, but I'm not sure that using someone's password to login to a system with their permission would be criminal.<br /><br />The Lori Drew case showed that violating the TOS of a website doesn't mean you've violated the CFAA, which prohibits unauthorized access. So I don't think Facebook could get someone persecuted for violating a TOS stating that only one person can use the account. <br /><br />Are there any cases where someone has been successfully prosecuted for using another person's login credentials with permission? If so, are there any where there wasn't an employment relationship between the person being prosecuted and the owner of the computer? The courts often use the agency theory to govern the use of an employer's computer in which case access is unauthorized if the use goes against the employer's interests, but I don't think that model is used outside of employment relationships. <br /><br />Also, in at least one of the stories the employer doing this was a law enforcement agency. Law enforcment officers are explicitly exempted from the CFAA.Nick42noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-76780334134942211592012-03-27T07:05:49.763-04:002012-03-27T07:05:49.763-04:00Unfortunately, I think adding such a second term i...Unfortunately, I think adding such a second term is unlikely as it's not in their (Facebook's) best interest. Case-in-point: A friend of mine's wife has been updating his Facebook page for the past year while he undergoes cancer treatment. We all appreciate the updates, and we would not view it favorably if Facebook suddenly banned such a thing.Anonymousnoreply@blogger.com