New laws keep employers out of worker social media accounts
Employers in Illinois and California are now barred from asking for usernames and passwords for social media pages of workers, job seekers
Computerworld - Employers in Illinois and California cannot ask for usernames and passwords to the personal social media accounts of employees and job seekers under laws that took effect on Jan. 1.
Illinois Gov. Patrick Quinn in August signed legislation amending the State's 'Right to Privacy in the Workplace Act.'
California Gov. Jerry Brown signed legislation adding the prohibitions to the State's Labor Code in September.
The two states join Maryland, Michigan, New Jersey and Delaware in implementing such privacy laws.
The state laws were prompted by privacy and worker advocates concerned that some employers were asking job seekers and employees for access to their personal social media accounts as a condition of hiring and employment.
Maryland's law, for instance, was passed after a controversial incident where a sate Division of Corrections worker was asked to provide his Facebook login credentials during a recertification interview.
Similarly, Michigan's law came after an elementary school teacher's aide was fired for refusing to provide school authorities access to her Facebook profile. The request came after a parent complained about seeing what they called an inappropriate photo on the social media site.
In a report issued last year, the Council of State Governments said it had received several reports of people being asked to delete their social media accounts, 'friend' the human resources director and/or supply private login credentials to employers.
The new Illinois law explicitly bans such employer requests, even for jobs that require comprehensive background screening.
The law does, however, allow employers to review publicly available social media information and to monitor employee email and data stored on company computers.
California's law prohibits employers from asking workers for access to social media accounts containing "videos, still photographs, blogs, video blogs, podcasts, instant and text messages, email, online services or accounts, or Internet Web site profiles or locations."
The law prohibits employers from terminating employees or otherwise retaliating against them for failing to give up passwords or other information used to access personal social media accounts.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
- Snowden leaks erode trust in Internet companies, government
- NSA phone metadata collection program renewed for 90 days
- NSA isn't evil, says noted civil libertarian
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
Read more about IT Careers in Computerworld's IT Careers Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts