Bill would ban employers from seeking Facebook passwords from workers, job-seekers
Maryland lawmakers pass bill that would also prohibit employers from retaliating against those who refuse access
Computerworld - The Maryland General Assembly on Monday passed legislation that bars employers in that state from asking workers and job-seekers for access to their personal social media accounts as a condition of employment.
The bill now has to be signed into law by Gov. Martin O'Malley, whose plans are unclear, according to a report in the Baltimore Sun.
The law would give workers and job-seekers the right to refuse employer requests for the usernames and passwords needed to access personal pages on Facebook and other social media sites.
It would also prohibit employers from either refusing to hire or taking disciplinary action against job applicants or employees who refuse to provide access to personal social media accounts.
If signed by the governor, the bill would be become the first social media privacy protection law in the U.S. Its passage by the general assembly comes amid growing concerns about employers seeking access to the social media pages of employees and job-seekers.
Two federal lawmakers -- Sens. Richard Blumenthal (D-Conn.) and Charles Schumer (D-N.Y.) -- recently called on the U.S. Department of Justice and the U.S. Equal Employment Opportunity Commission to investigate what they called a "new disturbing trend" of employers seeking access to social network pages of job applicants.
In an open letter to U.S. Attorney General Eric Holder last month, the two senators sought an ruling on whether the practice violates the Stored Communication Act or the Computer Fraud and Abuse Act.
"Requiring applicants to provide log-in credentials to secure social media websites and then using those credentials to access private information stored on those sites may be unduly coercive and therefore constitute unauthorized access under both SCA and the CFAA," the two lawmakers noted.
Meanwhile, Facebook itself expressed concern about employers seeking access to the pages of its users.
In a blog post late last month, Facebook said it has seen a "distressing increase" in reports of employers seeking such access to the social media accounts of job applicants.
The company called on its users to resist employer requests for usernames or passwords, and noted that providing such access is a violation of Facebook rules.
The move by Maryland lawmakers to approve the bill was prompted by reports that a state Division of Corrections (DOC) worker was required to provide his Facebook log-in credentials during a recertification interview.
According to a description of the incident by the Maryland chapter of the American Civil Liberties Union, DOC officer Robert Collins was employed with the Maryland Department of Public Safety when he took a voluntary leave of absence to deal with a personal situation.
When he returned from leave, his position had been filled so he applied for a comparable position.
During a required recertification review, Collins was asked by the interviewer to provide the password to his Facebook account. Anxious to get the job, Collins provided the information and watched as the interviewer rifled through his wall posts, photos and messages, according to the ACLU.
Melissa Goemann, legislative director of ACLU of Maryland, today lauded lawmakers for passing the bill.
"We think it promises to ensure that job applicants will not have to give up their First Amendment rights" to get a job, Goemann said. "We think [the Maryland statute] would be a good model for other states to follow."
Currently, Illinois, California and Michigan are considering similar bills, she added.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is firstname.lastname@example.org.
Read more about Web Apps in Computerworld's Web Apps Topic Center.
- How Network Connections Drive Web Application Performance Users around the globe, on all sorts of devices, expect Web applications to function as seamlessly as desktop applications. This paper discusses the...
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Web Apps White Papers | Webcasts