Maryland recently became the first in the nation to ban employers from asking job applicants and employees for their Facebook and other social media passwords. The law was signed into legislation by Maryland’s Governor approximately one year after the ACLU took on the case of Robert Collins who claimed he was forced to turn over his Facebook password to the Maryland Department of Corrections during a job interview. Collins claims he was required to give his password to the interviewer who then proceeded to log onto his account and look through his personal messages, wall postings and photographs while Collins sat there.
The new Maryland law, which goes into effect in October, specifically prohibits employers from asking or requiring a job applicant or employee to disclose any user name, password or other means for accessing a personal account on a social media site through a computer, telephone, PDA or other similar device. The law also makes it illegal for employers to refuse to hire an applicant or take any adverse employment action against an employee for refusing to provide their personal login information.
Supporters of internet privacy are applauding Maryland’s adoption of the nation’s first so-called “social media password law.” Supporters say such legislation is important because it not only protects individual privacy but it also prevents employers from accessing information that they cannot ask about during the hiring process such as ethnicity, sexual orientation and religion.
Since Maryland’s passage of a social media password law, several states including California and the federal government are proposing similar legislation. For example, there are currently two bills pending before Congress. The Password Protection Act of 2012 was recently introduced in the Senate and House. The PPA proposes to prohibit employers from forcing prospective or current employees to provide access to their own private account on social media sites as a condition of employment. The PPA would also prohibit employers from discriminating or retaliating against a prospective or current employee because that employee refuses to provide his or her password. In addition, the Social Networking Online Protection Act, which provides similar protections as the PPA, has been introduced in the House. However, SNOPA goes further in that it would also protect students from being forced to disclose their login information to schools from kindergarten through the university level.
The California Legislature is expected to vote this year on AB 1844. This bill would ban employers from requiring a job applicant or employee to provide usernames and passwords to their personal social media accounts. The proposed law defines social media as “an electronic medium where users may create and view user-generated content, including uploading or downloading videos or still photographs, blogs, video blogs, podcasts, or instant messages.” In addition, because the proposed law bans employers from asking for login information, the law also prohibits employers from checking social media sites before hiring an employee. Therefore, an employer could not later be held liable for negligent hiring if it did not search a prospective employee’s social media site. The proposed law states that “an employer does not fail to exercise reasonable care to discover whether a potential employee is unfit or incompetent by the employer’s failure to search or monitor social media” before hiring.
SB 1349, known as the Social Media Privacy Act, is also pending in the California Legislature. This bill is similar to AB 1844 except that it goes further by banning public and private postsecondary educational institutions from requiring or requesting a current or prospective student from disclosing their usernames and passwords for a personal social media account or to provide the institution with access to that account.
It remains to be seen whether the California legislature or Congress will adopt social media password laws. Governor Brown has not taken a position on AB 1844 or SB 1349. However, given the current trend favoring social media password protection laws, California employers may want to consider refraining from asking for social media login information from current and prospective employees unless there is a strong legitimate business reason for doing so. Even then, employers should carefully weigh the potential risks associated with asking for such information.
Please contact our Los Angeles, San Francisco, Fresno, or San Diego office for any assistance in reviewing social media policies.