This employer’s taken the concept of online background checks to a new level.

Candidates applying for jobs with the city of Bozeman, Montana, are asked to list “any and all” Web sites, chat rooms and social networking groups they use (“including but not limited to Facebook, Google, Yahoo, YouTube.com, MySpace, etc.”) — along with their usernames and passwords.

Many hiring managers Google applicants’ names or look for them on Facebook, but actually logging in to their personal profiles is something new entirely.

Why does Bozeman want that access? According to city attorney Greg Sullivan, it’s “to make sure the people that we hire have the highest moral character and are a good fit for the city,” The Consumerist reports.

Sullivan also said the city doesn’t look at “the things that the federal Constitution lists as protected things” (whatever that means).

The story drew a lot of attention and outcry from the media, potential Bozeman employees and HR pros. That’s not surprising, considering there’s a debate going on about whether hiring managers should even look at candidates’ profiles, let alone obtain log-in information.

Apparently all the press got the city rethinking that part of the application. In a recent press release, Bozeman announced it will “suspend its practice of reviewing candidates’ password protected internet information until the City conducts a more comprehensive evaluation of the practice.”

What do you think? Did the public overreact to Bozeman’s hiring practice, or was the negative response justified?

Should social networking profiles play any role in the background check process at all?

Let us know what you think in the comments section below.

If you look closely at the upper right-hand corner of the Form I-9, you’ll see it’s supposed to expire today. What should you do now?

An easy answer: nothing.

The current form lists an expiration date of 6/30/09, but last week, the U.S. Citizenship and Immigration Services (USCIS) announced the form will remain valid after today.

On June 26, USCIS asked the Office of Management and Budget (OMB) to approved continued use of the current version. While the request is pending, the form will not expire, despite the date listed at the top of the first page.

When the extension is approved — and a new expiration date is set — USCIS will update the form.

But for now, just keep using the form on the agency’s Web site, dated “Rev. 02/02/09″ at the bottom of each page and the June 30 expiration date at the top.

Note: When the form is updated, it’s unlikely USCIS will make any substantial changes, just add the new dates.

Last week, the IRS announced a proposal to start collecting taxes on employees’ personal use of work-issued cell phones. A few days later, the agency had a change of heart.

It wasn’t a new idea — the taxes are technically already required. A 1989 law classifies personal use of a business phone as a taxable benefit, meaning employees are required to track their calls, text messages, and downloads, and pay taxes on the value of anything not work-related.

But the law was passed when cell phones were bulky, calls were expensive and service was limited. So hardly any employees got phones, and those that did made few personal calls.

Once cell phones became common, the IRS stopped enforcing the law. That stance looked like it was going to change, though, when the agency unveiled a plan to collect the taxes.

To ease the administrative burden of tracking every call, the IRS came up with three other options:

1. Consider 75% of phone use to be work-related, and the other 25% to be personal, across the board. All employees would pay tax on the 25%, regardless of how they used the phone.
2. Let employees prove they have a personal cell phone they can use during work hours. Then they wouldn’t be taxed at all for the work-issued phone.
3. Have employers take a statistical sampling to determine employees’ average personal use.

The IRS announced it would take public comments on the proposals until Sept. 4. But it looks like they got enough already.

Even with the three options, the proposal generated an outcry of protest from IT and accounting staffers worried about dealing with call records; HR and benefits pros concerned about one of their perks diminishing in value; and anyone with a work-issued cell phone who doesn’t want to pay more taxes.

In response, the agency reversed its position. In a statement released last week, IRS chairman Doug Shulman asked Congress to make it clear there will be no tax consequence for employees who use work-related devices for personal reasons.

He said the purpose of the proposal was not to “crack down” on collecting the taxes, but rather to simplify the rules. However, Shulman said in the statement, “the passage of time, advances in technology, and the nature of communication in the modern workplace have rendered this law obsolete,” and keeping it on the books will “inevitably leave widespread confusion among employees and businesses.”

Bills that would repeal the old law have been introduced into both houses of Congress this year. We’ll keep you posted.

Many companies use “keylogging” software or hardware to monitor employees’ computer use. But they might be in trouble, according to this recent court case.

Keystroke logging (often called “keylogging”) is a process in which everything someone types on a keyboard is recorded, by either a piece of software or a hardware device installed between the keyboard and CPU.

Hackers often spread viruses that install keyloggers on victims’ computers to steal bank passwords, credit card numbers and other sensitive information. But they’re also regularly used by businesses to monitor what employees do on their office computers.

And that might violate the law, according to a recent court decision:

After Metteyya Brahmana was laid off, he had a dispute with his former boss about back wages he claimed he was owed. During the conversation, the supervisor allegedly made reference to an e-mail Brahmana had sent to an attorney with his personal e-mail account.

Brahmana concluded that the boss had accessed his e-mail. He also learned from a former co-worker that the company monitored all employees’ activities with keylogging devices.

He sued his former employer. His claim: The keylogging violated the federal Wiretap Act, which makes it illegal to “intentionally intercept … any wire, oral or electronic communication.”

The company tried to have the case dismissed. But the judge didn’t buy it.

The court ruled that accessing the e-mail didn’t break the law (because the law covers “intercepting” communication, not accessed stored messages), but that the keylogging itself may have been against the law.

The judge let the case move forward to trial, saying more information was needed to decide if the ex-employee has a case. We’ll keep you posted.

Either way, employers should be warned about the potential for keylogging and other monitoring tools to violate laws on privacy and electronic communication.

Cite: Brahmana v. Lembo

If you caught an employee breaking your Internet use policy, you’d discipline or fire him. But would you also call the police?

That’s what one Ohio employer did after it learned a worker was browsing pornographic sites and uploading nude photos of himself.

Richard Wolf worked for the Shelby City Wastewater Treatment Plant. In April 2006, the plant’s superintendent was deleting old files from the computer network when he stumbled upon a photograph of Wolf in the buff.

Wolf’s computer was searched, and more such images were found, along with more than 700 other pornographic images and several sexually suggestive e-mails.

When confronted, Wolf admitted that he’d joined an online community called “Adult Friend Finder” and used his work computer to upload the self portraits and send them to potential “friends.” He also admitted to viewing porn sites during work hours and, all in all, said he’d spent about 100 hours conducting “personal business” on his work computer.

As you’d probably guess, Wolf was fired. But here’s the twist: He was also arrested.

After the search, the plant superintendent called the police, who charged Wolf with violating a federal law prohibiting users from “exceeding the scope of their authorization to access a computer.”

He was also charged with one count of “theft in office,” in violation of an Ohio law prohibiting the waste of government money by public employees.

Wolf was convicted and sentenced to 15 months in prison, fined $5,000 and ordered to pay the city of Shelby $2,392 in restitution for wages he received while browsing porn.

Justice served?

It’s clear Wolf deserved to be fired. But do you think fining him and throwing him jail was the right outcome? Should the superintendent have even gotten the police involved?

Share your opinion in the comments section below.

Either way, one thing’s for sure: Stories like this highlight the need for employers to monitor computer use and train managers on what to do when they discover violations.

Cite: State v. Wolf

Here’s a lesson from a recent case about preventing e-mails from being used in court against the company:

A company performed a self-audit to make sure it was complying with the FLSA’s overtime regulations. After investigating, the company’s attorney concluded that several IT employees were mistakenly c lassified as exempt.

The lawyer e-mailed the HR department, recommending the company change the classifications or risk being sued. The employees were reclassified, and the attorney’s message was forwarded to some members of upper management.

Although the e-mail was only supposed to be read by managers, it was mistakenly sent from a supervisor to an employee. The message made its way around to all the affected employees. They sued the company, seeking a payout for the time they worked while classified as exempt.

The company claimed the e-mail was protected by attorney-client privilege and couldn’t be used as evidence in the case. It asked the court to make the employees destroy all copies of the e-mail.

Did the court agree?

No, the judge ruled the e-mail wasn’t protected. When the advice was forwarded to managers, HR gave no indication it originally came from a lawyer or that it should be kept confidential.

Companies waive their right to attorney-client privilege, the court noted, when they forward documents to others or take no care to keep them private. As a result, the employees’ lawyers were allowed to use the e-mail in court.

The lesson for employers: In most cases it’s best to talk about sensitive legal issues in person. E-mail creates a permanent record that can easily fall into the wrong hands.

Cite: Clarke v. J.P. Morgan Chase & Co.

A former employee writes a message online bashing the company and accusing management of condoning illegal behavior — do you have any right to protect the company’s reputation? Probably not, according to this recent court case:

The owner of a company operating several restaurant franchises in New Jersey was profiled in a local newspaper. The article was posted on the paper’s Web site.

In response to an interview question, the owner said that he treats employees “with dignity and respect.” That statement was met with some disagreement from a former employee’s father.

He was representing his daughter in a court case alleging sexual harassment by the managers at the restaurant where she worked. He left a comment under the article discussing the pending case and accusing the owner of condoning sexual harassment.

The comment also said that “the man and his rhetoric are repugnant and fly in the face of facts,” and speculated that any women currently working for the company were being harassed as well.

The company sued the commenter for defamation. Was it successful?

No, the judge threw out the case. According to a previous New Jersey Supreme Court ruling, statements of opinion are immune from defamation claims. The portions of the comment attacking the owner were merely an expression of the commenter’s opinions.

Also, the statements about the pending lawsuit were not defamatory because they were truthful and a “matter of public interest.”

Protect your reputation

The lesson for companies: Once something negative appears online, it’s tough — if not impossible — to make it go away. In this day and age, any disgruntled employee, former employee or customer can do a fair amount of damage with a few keystrokes and a click of the mouse.

The best solution, of course, is to never give anyone a reason to complain — but anyone in HR knows that’s impossible. Here are some more realistic ways to prevent serious damage:

• Work to maintain a positive Web presence (for example, by having employees contribute to blogs and discussion forums).
• Encourage managers to listen to complaints and seek out constructive criticism. Often, employees seek alternate ways to complain because they feel they have no other place to go.
• Write computer policies that prohibit employees from writing derogatory comments about the company and its employees.
• Consider having some or all employees sign confidentiality agreements that ban defamation, or include non-defamation provisions in separation agreements.

Do you need to strengthen your policy regarding employee use of cell phones? This employer decided to after getting a wake-up call in the form of a dangerous accident.

Most companies have rules against employees using cell phones while driving or performing other safety-sensitive tasks. But the Massachusetts Bay Transportation Authority (MBTA) last week began banning drivers from even bringing their phones to work. The penalty if they’re caught with a device: immediate termination.

The new policy is a response to a recent accident that hospitalized nearly 50 passengers. One trolley crashed into another, totaling both and causing $9.6 million in damage.

The trolley operator at fault, who was also hurt, admitted he was writing a text message to his girlfriend at the time of the accident. Police say he also ran a red light just before crashing, the Boston Globe reports.

Before the new zero-tolerance policy, MBTA employees were allowed to carry phones while working, but not use them. A first-time violator received a three-day suspension.

Employers’ liability

There’s no word yet on any legal action being taken against MBTA. But plenty of other companies have gotten in trouble when an employee’s cell phone causes an accident — even when employees were just driving as part of their normal commutes to the office.

In a court case last year, a company was sued after an employee rear-ended another car. She wasn’t on duty at the time. But she was making a work-related phone call on cell phone issued by her employer. So the driver of the other car sued. The final bill to the company: $5.2 million. (Cite: Ford v. McGrogan)

Courts have ruled differently in this type of case, but most agree that, if the driver is performing work for the company on a company-issued device, the company is liable for the accident.

How can HR pros limit their company’s liability? Lawyers recommend creating policies that:

• prohibit talking, texting and e-mailing while behind the wheel (whether the employee has a hands-free headset or not)
• require phones to be turned off while driving to avoid distracting incoming calls, and
• remind employees — and their bosses — that they aren’t expected to make calls and do other work while driving.

A manager finds a Web site where angry employees post vulgar insults directed at supervisors and co-workers — can the employees be fired? That’s the question raised by this recent lawsuit.

Two employees at a restaurant chain in New Jersey set up a forum on MySpace.com. It was a private group, meaning the creators had to e-mail co-workers before they were able to access it. The purpose of the forum: to let employees “vent about any BS” they had to deal with at work.

One employee who’d been invited mentioned the forum to her manager. He asked her for her password so he could read what was on the site. Afraid she’d get in trouble for refusing, she told the supervisor her log-in information.

As you can probably guess, the manager didn’t like what he found. In addition to derogatory comments about himself and other managers, employees had left sexually explicit comments, as well as references to violence and illegal drugs.

The two employees responsible for creating the group were fired. But they sued, claiming the manager’s access of the forum was illegal under the federal Stored Communications Act and a violation of their privacy under New Jersey law.

Were the comments really private

The company failed to get the suit thrown out. Now the case will go to a jury, which will decide:

• Is insulting the company online grounds for termination? Can employers create policies to limit what employees say online? (This will vary by state — some protect employees’ legal, outside-of-work activities, others don’t.)
• Did the employees have an expectation of privacy because the forum was password-protected?
• Was it illegal for the manager to get a password from his employee?

In today’s environment, with employees fearing for their jobs and working harder than ever, more situations like this are likely to crop up.

Right now, the law isn’t clear on what can be done. While it’s well-established that employees can be punished for publicly damaging the company’s reputation, this is the first case involving a private online forum that was only meant to be seen by other employees.

What do you think? Did the company do the right thing? Was the manager wrong in accessing the group in the first place? Tell us your opinion in the comments section below.

We’ll keep you posted on how the case is decided.

Cite: Pietrylo v. Hillstone Restaurant Group

As employees worry about a swine flu outbreak, companies wonder how they can help employees stay safe while keeping business running. What can HR do?

One solution experts recommend: Get as many employees as possible ready to work from home.

Companies with a  solid telecommuting plan are a step ahead in handling swine flu and other disease outbreaks, says Chuck Wilsker, president and CEO of The Telework Coalition in Washington, D.C.

The benefit is two-fold. First, the biggest key to keeping contagious diseases out of the workplace is for sick employees to stay home. But many employees are reluctant to miss work, especially in a time when jobs are disappearing.

Also, managers with short-handed staffs may pressure employees to come in as much as possible. Having telecommuting capabilities in place makes sure sick employees can work without putting others in danger.

Second, companies should consider cases where an outbreak forces offices to close, says Wilsker. Letting employees work remotely will ensure that at least some business is being done.

HR should work closely with IT to develop a plan. You may need to:

• Take a survey to find out who’s already equipped to work at home. Most importantly, ask what type of computer, software and Internet connection they have.
• Provide access to important documents and data through a password-protected Web page or a virtual private network (VPN).
• Help remote employees communicate with each other, for example by providing a directory of e-mail addresses or getting workers set up with instant messaging software.

More news and information about swine flu is available from the Center for Disease Control.