Legislatures to Employers – Stop Asking for Social Media Login

Employers that require or are contemplating requiring applicants and/or employees to give them access to the employee’s private social media site should take note of the latest developments related to social media and the workplace. Maryland recently became the first state to pass legislation prohibiting employers from either requesting or requiring that an applicant or employee disclose a user name or password to the employer. If signed into law, as expected, the legislation also prevents employers from taking action against applicants or employees who refuse to disclose such information. Exceptions to the legislation are limited to employers conducting investigations regarding securities or financial law and regulations and unauthorized downloading of the employer’s proprietary information or financial data.

Michigan, along with at least four other states, is currently considering legislation that would place similar limits upon an employer’s ability to gain access to applicant and employee social media sites. HB 5523, the bill currently pending before the Michigan House, is broader in some aspects than Maryland’s bill. As written, it would prohibit both employers and educational institutions from requesting access to the social networking accounts of applicants, employees, students, and prospective students. HB 5523 also does not include any exceptions, including those for investigatory purposes.

Employers who require login and password disclosure have also attracted the attention of several US Senators and Congressmen. For example, Senators Charles Schumer and Richard Blumenthal recently requested that both the Equal Employment Opportunity Commission and the U.S. Department of Justice investigate whether this practice violates the Stored Communications Act, the Computer Fraud and Abuse Act, and applicable federal anti-discrimination laws. To date, neither the EEOC nor the DOJ have issued any formal guidance on this issue.

Facebook has recently published its official position, stating its belief that requiring the login and password disclosure could not only “potentially expose the employer who seeks . . . access to unanticipated legal liability,” it also is “a violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.”

Developments regarding this issue are moving quickly and it is unclear how or if it will be resolved. For now, employers should proceed with caution before continuing or implementing a policy that requires applicants or employees to provide access to their personal social media sites as a term and condition of employment. Action, if any, should only be taken after carefully considering all of the business and legal issues and in consultation with legal counsel well versed in this area.