By: Bryan Bienias
The paradox of America’s fascination with social networking has always existed at the crossroads where shameless exhibitionism collides with the fundamental need for personal privacy. People yearn to share the details of their “private” lives with the world . . . well, maybe only with some of the world, and only on their terms. Relatively elaborate privacy settings are designed, tweaked and re-tweaked to ensure that no “undesirables” see or read that which is only meant for the eyes of hundreds (or thousands) of others. Our usernames and passwords are seen as the keys to our online personas and, so long as that information is held sacred and secure, what others don’t know can’t hurt us. Many employers, however, take a different view.
In the vein of one bad apple ruining it for the rest of the bunch, apparently some overly curious employers began requiring potential and current employees to divulge their personal usernames and passwords to sites such as Facebook and Twitter in order to get, or keep, a job. These employers argue that access to employees’ social media accounts is necessary to protect the company’s proprietary information or trade secrets, to comply with federal regulations, or to prevent company’s exposure to legal liabilities. It’s also viewed as a necessary component of due diligence in the recruitment process (i.e., hiring people of good character or who are a “good fit” to the organization).
Employees, however, view these “hand over your password” requirements as a gross invasion of their privacy. The media got word of these practices and the rest – as they say – is history; legislative history!
State and federal lawmakers are now weighing in. Since last year, 36 states have introduced legislation that would prevent employers from requiring employees to divulge passwords to personal social media and other internet accounts as a condition of attaining or keeping a job. The laws vary slightly from state to state, with each containing certain exceptions for things such as internal investigations into misconduct or illegal behavior.
Thus far, twelve states — Arkansas, California, Colorado, Illinois, Maryland, Michigan, New Hampshire, New Mexico, Oregon, Utah, Vermont, and, the latest addition, Washington — have enacted password protection laws, with more states certain to follow suit. In just the last two weeks, the Rhode Island House of Representatives unanimously approved a similar measure which has been sent to the state senate for a vote. Although some password protection laws appear to be stalled in a handful of states, we can expect to see far more states enacting these prohibitions, in one form or another, in the near future. For example, earlier this year, and what resulted in a huge amount of media hype, New Jersey Governor Chris Christie vetoed that state’s social media bill. A modified bill was quickly passed through the State Assembly but now remains stalled. For a more detailed analysis of that legislation, please click through to read a recent Seyfarth One Minute Memo on that ongoing debate.
On the federal level, last month, Democratic House members Reps. Ed Perlmutter (D-CO) and Peter Welch (D-VT) introduced The Password Protection Act of 2013 (H.R. 2077) (“PPA”), which would similarly bar employers from demanding access to current and prospective employees’ password-protected social networking accounts. Like some of its state counterparts, the PPA contains exceptions for, among other things, the protection of an employer’s intellectual property, trade secrets, or confidential business information.
“Both users of social media and those who correspond with the user share an expectation of privacy in their personal communications,” Rep. Perlmutter said in a press release. “Without this protection, employers essentially can act as imposters and assume the identity of an employee and continually access, monitor and even manipulate an employee’s personal social activities and opinions. That’s simply a step too far.”
Just how far the PPA will proceed in Congress, however, remains to be seen. Two similar pieces of legislation were introduced during the last congressional session, but failed to make it out of committee. But, with a bipartisan group of more than 30 co-sponsors supporting the PPA, past performance is no indication of future results.
We will be sure to keep you up-to-date on both the state and federal legislative efforts as they develop.