If Facebook is serious about setting an example with prodding employers, they should take it a step further and expose which employers have asked for this information and make it public. I am sure Glassdoor.com would love to add this information to their database of reviews and having this viewable by those looking at prospective employers could be good metric to see how the company or management actually values their employees. It would be a deciding factor to me to work somewhere if a company I was interviewing for was trying to gain access to employee accounts and they were flagged publicly.
I can't wait until Facebook issues a press release instructing people to not log in as their parents when said parents are unable to change their profile picture or other basic tasks. That is such a bother.
Facebook's statement doesn't actually say they'll sue employers as employers. It says they'll initiate legal action "where appropriate", "including by shutting down applications that abuse their privileges." That sounds more like shutting down an app publisher that was collecting employee logins in order to gain access to social graph data, for instance. Grounds to sue an employer who wasn't a Facebook API user would be pretty tenuous at best.
It's certainly great that Facebook is taking a stand for privacy. But this is clearly more of a PR move than anything else. I mean, will Facebook really sue someone for demanding an applicant's password during an interview?
They have grounds to sue someone that logs into / uses their service using someone else's password even if that person gave them the password. It's also a felony, but the feds rarely take up such cases.
It's probably OK for your boss to tell you to log in and then tell you where to click over your shoulder, but IANAL.
Facebook may sue under 18 USC § 1030(g) for unauthorized access to its computer systems if the employer obtains another person's password and then accesses that person's account using said password.
It may also sue under state law for tortious interference for inducing users to breach their contract with Facebook. (It is against Facebook's TOS to share one's password.)
"Tortious interference with contract rights can occur where the tortfeasor convinces a party to breach the contract against the plaintiff" (http://en.wikipedia.org/wiki/Tortious_interference). In this case, the employer would be the tortfeasor, who convinces the employee ("a party") to breach their contract (the employee's agreement to abide by Facebook's acceptable use policy in exchange for access to Facebook), and Facebook would be the plaintiff.
jleader's tortious interference is a good candidate but given the fact that many "hackers" have been strung up on very flimsy charges I'm sure Facebook lawyers could find something.
"Computer hacking" laws are so bad and vague that touching any computer any way that someone somewhere doesn't like is basically illegal.
Other have mentioned that Facebook could sue under hacking or tortious interference, but I bet if the employer or the employee giving the interview has a Facebook page, then Facebook could sue them directly for breaching the terms of service that they agreed to when they created a Facebook account.
I wonder if Facebook might partially be doing this so people don't hesitate to use their service.
On the other hand, it's nice to see happening if a result actually comes from it. Too often announcements are like activity -- confused with lasting results.
> I wonder if Facebook might partially be doing this so people don't hesitate to use their service.
Of course that's part of the reason, don't act like Facebook wanting to have happy users who aren't afraid about their information being misused is bad because it is essential for them to make money.
