(Alexander Higgins) In the current state of the US economy it’s getting tougher and tougher to find a job. With an unemployment rate of 8.3 percent, according to the latest job numbers, saying yes to a job is a no brainer.
Now imagine in order to get the job you must disclose your Facebook password.
On Tuesday night, House Republicans stopped a measure that would have allowed the Federal Communications Commission to prevent employers from forcing potential employees to disclose their Facebook passwords.
Republicans who are against “big government,” have delivered a huge blow to the legislation that was presented by Democrats.
The purpose of the legislation was part of a bill to implement new restrictions on the FCC rules after a series of cases where employers have requested access to social media accounts.
“What this amendment does is it says you cannot demand as a condition of employment that somebody reveal a confidential password to their Facebook, to their Flickr, to their Twitter, whatever their account may be,” said Rep. Ed Perlmutter (D- Colo.).
According to a post by Facebook, the company has “seen a distressing increase in reports of employers or others seeking to gain inappropriate access to people’s Facebook profiles or private information.”
The social media giant added that the practice “undermines the privacy expectations and the security of both the user and users’ friends.”
(Bob Sullivan) If you think privacy settings on your Facebook and Twitter accounts guarantee future employers or schools can’t see your private posts, guess again.
Employers and colleges find the treasure-trove of personal information hiding behind password-protected accounts and privacy walls just too tempting, and some are demanding full access from job applicants and student athletes.
In Maryland, job seekers applying to the state’s Department of Corrections have been asked during interviews to log into their accounts and let an interviewer watch while the potential employee clicks through wall posts, friends, photos and anything else that might be found behind the privacy wall.
Previously, applicants were asked to surrender their user name and password, but a complaint from the ACLU stopped that practice last year. While submitting to a Facebook review is voluntary, virtually all applicants agree to it out of a desire to score well in the interview, according Maryland ACLU legislative director Melissa Coretz Goemann.
Student-athletes in colleges around the country also are finding out they can no longer maintain privacy in Facebook communications because schools are requiring them to “friend” a coach or compliance officer, giving that person access to their “friends-only” posts. Schools are also turning to social media monitoring companies with names like UDilligence and Varsity Monitor for software packages that automate the task. The programs offer a “reputation scoreboard” to coaches and send “threat level” warnings about individual athletes to compliance officers.
A recent revision in the handbook at the University of North Carolina is typical:
“Each team must identify at least one coach or administrator who is responsible for having access to and regularly monitoring the content of team members’ social networking sites and postings,” it reads. “The athletics department also reserves the right to have other staff members monitor athletes’ posts.”
All this scrutiny is too much for Bradley Shear, a Washington D.C.-lawyer who says both schools and employers are violating the First Amendment with demands for access to otherwise private social media content.
“I can’t believe some people think it’s OK to do this,” he said. “Maybe it’s OK if you live in a totalitarian regime, but we still have a Constitution to protect us. It’s not a far leap from reading people’s Facebook posts to reading their email. … As a society, where are we going to draw the line?”
Aside from the free speech concerns, Shear also thinks colleges take on unnecessary liability when they aggressively monitor student posts.
“What if the University of Virginia had been monitoring accounts in the Yeardley Love case and missed signals that something was going to happen?” he said, referring to a notorious campus murder. “What about the liability the school might have?”
Shear has gotten the attention of Maryland state legislators, who have proposed two separate bills aimed at banning social media access by schools and potential employers. The ACLU is aggressively supporting the bills.
“This is an invasion of privacy. People have so much personal information on their pages now. A person can treat it almost like a diary,” said Goemann, the Maryland ACLU legislative director. “And (interviewers and schools) are also invading other people’s privacy. They get access to that individual’s posts and all their friends. There is a lot of private information there.”
Maryland’s Department of Corrections policy first came to light last year, when corrections officer Robert Collins complained to the ACLU that he was forced to surrender his Facebook user name and password during an interview. The state agency suspended the policy for 45 days, and eventually settled on the “shoulder-surfing” substitute.
“My fellow officers and I should not have to allow the government to view our personal Facebook posts and those of our friends just to keep our jobs,” Collins said to the ACLU at the time.
Agency spokesman Rick Binetti confirmed the new policy, but wouldn’t comment on it or the proposed law which may ban it.
It’s easy to see why an agency that hires prison guards would want to sneak a peek at potential employees’ private online lives. Goemann said that prisons are trying to avoid hiring guards with potential gang ties — the agency told the ACLU it had reviewed 2,689 applicants via social media, and denied employment to seven because of items found on their pages.
“All seven of these individuals’ social media applications contained pictures of them showing verified gang signs (signs commonly known to law enforcement which are utilized by gangs),” the Department of Corrections told the ACLU in response to questions it asked about the program. It stressed the voluntary nature of social media inspection, noting that five of the 80 employees hired in the last three hiring cycles didn’t provide access.
For student athletes, though, the access isn’t voluntary. No access, no sports.
“They’re saying to students if you want to play, you have to friend a coach. That’s very troubling,” said Shear, the D.C. lawyer. “A good analogy for this, in the offline world, would it be acceptable for schools to require athletes to bug their off-campus apartments? Does a school have a right to know who all your friends are?”
There have been many high-profile embarrassing moments born of the toxic combination of student-athletes and Twitter. North Carolina defensive lineman Marvin Austin tweeted about expensive purchases on his account two years ago, then became subject of an NCAA investigation about improper conduct with a player agent. The incident led, in part, to the school’s aforementioned aggressive social media policy.
So it’s not surprising that many schools want to keep a careful eye on what students are posting online.
But avoiding an uncomfortable moment is not a good enough reason to squash free speech, Spear says. Plenty of settled case law in the U.S. sides with students’ rights to express themselves publicly, he said, including numerous cases involving student newspapers. Public displays of protest are also protected: A landmark 1969 Supreme Court decisions known as Tinker vs. the Des Moines School District said school officials couldn’t prevent students from wearing armbands protesting the Vietnam War as long as they weren’t inciting violence.
Colleges have legitimate concerns about the things students post on social media accounts, but they should “deal with that issue the way they deal with everything else. They should educate,” Shear said.
“Schools are in the business of educating, not spying,” he added. “We don’t hire private investigators to follow students wherever they go. If students say stupid things online, they should educate them … not engage in prior restraint.”
Goemann also noted that the rush to social media monitoring raises an often overlooked legal concern: It’s against Facebook’s Terms of Service.
“You will not share your password … let anyone else access your account or do anything else that might jeopardize the security of your account,” the site says in its policies.
Frederic Wolens, a Facebook spokesman, wouldn’t comment on the Maryland legislative proposals, but he said many of these school and employer policies appear to violate the site’s terms.
“Under our terms, only the holder of the email address and password is considered the Facebook account owner. We also prohibit anyone from soliciting the login information or accessing an account belonging to someone else,” he said in a statement to msnbc.com. Wolens said Facebook has yet to take a position on collegiate social media monitoring.
Social media monitoring on colleges, while spreading quickly among athletic departments, seems to be limited to athletes at the moment. There’s nothing stopping schools from applying the same policies to other students, however. And Shear says he’s heard from college applicants that interviewers have requested Facebook or Twitter login information during in-person screenings.
The practice seems less common among employers, but scattered incidents are gaining attention from state lawmakers. The blog Tecca.com last year showed what it said was an image of an application for a clerical job with a North Carolina police department that included the following question:
“Do you have any web page accounts such as Facebook, Myspace, etc.? If so, list your username and password.”
And the state of Illinois has followed Maryland’s lead and is considering similar legislation to ban social media password demands by employers.
But Shear says a patchwork of state laws isn’t good enough when the stakes are this high.
“We need a federal law dealing with this,” he said. “After 9/11, we have a culture where some people think it’s OK for the government to be this involved in our lives, that it’s OK to turn everything over to the government. But it’s not. We still have privacy rights in this country, and we still have a Constitution.”
(YAHOO NEWS) If you thought your old (embarrassing, awkward and regrettable) posts on social networking site Twitter had vanished or were out of reach for anyone, think again.
Twitter has opened up its archive of tweets for sale that will allow businesses access to every single update by a user over the last two years.
Partnering with Dataswift, a UK-based company, Twitter will offer the firm’s business partners the chance to sift through 24 months of people’s Tweets.
Twitter users are only able to access their own tweets from seven days ago.
Datasift’s marketing manager Tim Barker told The Telegraph that the service, which costs A$938 (£635) a month for an entry level package, will help businesses “understand their customers better”.
However this deal with Dataswift is not exclusive.
The Daily Mail reports more than 1,000 companies have joined a waiting list to use the marketing goldmine.
Datasift also offers additional information such as where users are when they Tweet, located via the GPS in their phones.
However, there are concerns that this deal is intrusive and poses a potential danger to the users’ privacy.
“Marketers will stop at nothing to get hold of your data. This move shows that all those throwaway tweets have suddenly become a rich new revenue stream for twitter, much in the same way that Facebook has monetised its offering,” Justin Basini, CEO of Allow, a data privacy company told The Daily Mail.
“And the worst thing is, you never knew it was going to happen. It just goes to show that online privacy is a rare thing indeed,” Basini reckons.
The contract calls for the development of “Persona Management Software” which would help the user create and manage a variety of distinct fake profiles online. The job listing was discussed in recently leaked emails from the private security firm HBGary after an attack by internet activist last week.
According to the contract, the software would “protect the identity of government agencies” by employing a number of false signals to convince users that the poster is in fact a real person. A single user could manage unique background information and status updates for up to 10 fake people from a single computer.
The software enables the government to shield its identity through a number of different methods including the ability to assign unique IP addresses to each persona and the ability to make it appear as though the user is posting from other locations around the world.
Included in HBGary’s leaked emails was a government proposal for the government contract. The document describes how they would ‘friend’ real people on Facebook as a way to convey government messages. The document reads:
- “Those names can be cross-referenced across Facebook, twitter, MySpace, and other social media services to collect information on each individual. Once enough information is collected this information can be used to gain access to these individuals social circles.
- Even the most restrictive and security conscious of persons can be exploited. Through the targeting and information reconnaissance phase, a person’s hometown and high school will be revealed. An adversary can create a classmates.com account at the same high school and year and find out people you went to high school with that do not have Facebook accounts, then create the account and send a friend request. Under the mutual friend decision, which is where most people can be exploited, an adversary can look at a targets friend list if it is exposed and find a targets most socially promiscuous friends, the ones that have over 300-500 friends, friend them to develop mutual friends before sending a friend request to the target. To that end friend’s accounts can be compromised and used to post malicious material to a targets wall. When choosing to participate in social media an individual is only as protected as his/her weakest friend.”
Other documents in the leaked emails include quotes from HBGary CEO Aaron Barr saying, “There are a variety of social media tricks we can use to add a level of realness to all fictitious personas… Using hashtags and gaming some location based check-in services we can make it appear as if a persona was actually at a conference and introduce himself/herself to key individuals as part of the exercise, as one example.”
Additional emails between HBGary employees, usually originating from Barr, discuss the vulnerability social networking causes.
One employee wrote, “and now social networks are closing the gap between attacker and victim, to the point I just found (via linked-in) 112 females, wives of service men, all stationed at Hurlbert Field FL – in case you don’t know this is where the CIA flies all their “private” airlines out of. What a damn joke – the U.S. is no longer the super power in cyber, and probably won’t be in other areas soon.”
Barr also predicted a steady rise in clandestine or secret government operations to stem the flow of sensitive information. “I would say there is going to be a resurgence of black ops in the coming year as decision makers settle with our inadequacies… Critical infrastructure, finance, defense industrial base, and government have rivers of unauthorized communications flowing from them and there are no real efforts to stop it.”
The creation of internet propoganda software is only one of HBGary’s controversial activities. According to Wikileaks competetor and occasional collaborator Cryptome.org, several other progressive organizations were intended to be targeted including anti-war activist, anti-torture organizations and groups opposed to the US Chamber of Commerce.
The emails also include a number of other embarrasing entries including the purchase of the book “The Multi-Orgasmic Man: Sexual Secrets Every Man Should Know” from Amazon for $6.76.