got privacy?  Musings on the state of Privacy in a connected world.
 
Does someone's right to privacy end once they are dead?  In the US, we do not have a constitutional right to privacy in the same way that Europeans do (yet!), but explicit provisions in HIPAA (Health Insurance Portability and Accountabilty Act) maintain that information about an indivudual should be maintained as private after their death, but other regulations such as the Freedom of Information Act may conflict in certain situations, in addition to free speech rights guaranteed under the First Amendment.

In the EU, the right to personal privacy explicitly survives death

Some interesting links around this subject can be found at:

Is there privacy after death?
Privacy after death debated.

Some more thoughts on this topic from Rebecca Herold (@privacyprof) who had written a couple of thought pieces around this topic here and here
 
 
Interesting article this week in the IAPPs Privacy Advisor which talks about the ethics of Googling someone, which got me to thinking.

Even a couple of years ago - before social networks really caught on - this question wouldn't really have been asked.  Unless you were a celebrity or information about you was available through other channels such as magazines - Google wouldn't have had a great deal of additional information to add.  That has certainly changed over a relatively short period of time, particularly since Social Networks like Facebook started exposing more of the data that they had collected about people outside of their own network so that search engines could see it.  Anyone who has tried to manage their Facebook privacy settings will know that these are far from being easy to use and it is easy to see how people unintentionally expose information to the world that they intended to keep just within a network of a few friends.
 
Which brings us back to the Ethics of Googling someone.  While this blog thinks that things that are posted onto the public Internet, such as this blog, are fair game for anyone to stumble upon or find, there are some types of information that people have an expectation to be kept private, which unfortunately is not always met.  And then, there are to our mind the practices that are completely unreasonable invasions of privacy. 

The worst example that I've seen of this to date (although I'm sure there are others) was brought to our attention viaTwitter (thanks @ChristianVW for the heads-up).  The City of Bozeman, Montana has decided that just doing a Google search on a potential employee is not enough.  They have been asking for usernames and passwords to prospective employee's Facebook and other social networking accounts.

The quote that I thought best summed up this sorry affair was prompted by a local radio station.  "One thing that's important for folks to understand about what we look for is none of the things that the federal constitution lists as protected things, we don't use those," said attorney Greg Sullivan.  Basically - give us access to everything and trust us to use it properly.

Sorry - that doesn't cut it with us, and I suspect with a lot of readers of this Blog feel the same way.  At a minimum, Bozeman should engage someone who actually does understand Internet and Privacy law and rethink how they run their background check process.  Beyond that - anyone who has handed over any passwords should change them immediately.

We'd be interested to hear of any other employers who are trying similar tactics.  Please comment and let us know.