Earlier this year, following a highly-publicized case in Maryland we discussed in this post in which the Maryland Department of Corrections refused to hire an applicant after reviewing his private Facebook page, which it accessed by requiring that the applicant provide the employer with access, Maryland passed a law — currently the only law in the nation — prohibiting employers from requesting that employees provide login or password information to their private, personal social media accounts. Although Maryland is so far the only state to have passed such measures into law, yesterday the California Assembly unanimously passed A.B. 1844, which would prohibit employers from requesting user name or password information from applicants and employees. The bill now moves on to the California Senate for its review.
A number of other states are in the process of reviewing similar legislation, including a bill in New Jersey that would go even further than California, and prohibit employers from asking employees or applicants if they have social media accounts, as well impose fines as penalties for violations. Other states with similar password-protection legislation in the works include Illinois, New York, Texas, and Washington. And on May 9, Congress joined in, introducing the Password Protection Act of 2012 in the House and Senate, which would apply to more than just social media accounts, and would prohibit employers from requesting access to any private information about an employee or applicant maintained on any non-employer computer. Other pending social-media federal legislation includes the also-recently-introduced H.R. 5050, the Social Networking Online Protection Act (SNOPA). We will continue to monitor and report on developments in this area, but given the growing number of states introducing this type of legislation, employers would be well advised to avoid asking employees or applicants to provide password information to any private accounts.