Workplace Privacy Counsel : San Francisco Employment Privacy Law Lawyer & Attorney : Littler Mendelson Law Firm : Employment Related Privacy Issues

Effective January 1, 2014, recent amendments to Minnesota law will restrict the timing of pre-employment inquiries by most private employers into a candidate’s criminal past.  Employers who are not exempted from the law may not (1) inquire into or consider or require disclosure of criminal record information until the applicant has been selected for an interview or, if there is not an interview, until a conditional job offer of employment has been extended to the applicant, and (2) use any form of employment application that seeks such criminal record information.

The new law does not outright preclude inquiries into or consideration of an applicant’s criminal past.  Representative Tim Mahoney, who sponsored the legislation, has stated that the law “does not prohibit private employers from eventually conducting background checks and fully investigating the criminal past of potential employees,” but, “is designed to get applicants past the initial application stage, so that if they qualify for the job, they get a chance to explain themselves.”  Further, the statute expressly states that it does not prohibit an employer from notifying applicants that either law or the employer’s policy will disqualify an individual with a particular criminal history background from employment for particular positions.  To learn more about the law, please see Littler's ASAP, Minnesota Enacts “Ban the Box Law" Prohibiting Employment Application Criminal History Checkmark Boxes and Restricting Criminal Record Inquiries Until After Interviews or Conditional Job Offers, by Dale Deitchler, Rod Fliegel, Susan Fitzke and Jennifer Mora.

• Print
• Trackbacks
• Share Link

 By Philip L. Gordon, Katherine (Katie) Dix, and Jordan Cornett

The number of states enacting social media password protection laws has risen once again, as such legislation continues to gain traction across the country.  On May 1, 2013, Colorado’s General Assembly became the ninth legislature to submit a bill to its governor restricting an employer’s ability to access the personal social media accounts of employees and applicants.  The other states are Arkansas, California, Illinois, Maryland, Michigan, New Jersey, New Mexico, Utah and Washington.  Compared to several of the more recent social media protection laws, such as New Jersey’s A.B. 2878, Colorado’s bill is relatively weak.

• Print
• Trackbacks
• Share Link

By Philip L. Gordon and Joanna M. Silverstein 

• Print
• Trackbacks
• Share Link

By Amber Spataro

On March 21, 2013, the New Jersey legislature overwhelmingly passed one of the most pro-employee social media password protection bills in the nation. The bill not only prohibited employers from requesting employee passwords to their personal social media accounts, but also prohibited employers from even asking employees or applicants if they possessed a personal social media account. The bill conferred on applicants and employees the right to sue for damages.

Over May 6, 2013, Governor Chris Christie issued a statement and a “conditional veto” of the measure. The conditional veto means the governor objects to parts of a bill and contains proposed amendments that would make the bill acceptable to him. If the legislature re-enacts the bill with the recommended amendments, the governor will have another opportunity to sign the bill and presumably would sign it.

• Print
• Trackbacks
• Share Link

Social media websites such as Facebook, Twitter, LinkedIn and others have become a part of daily life in the United States and abroad. The unavoidable reach of social media into our personal lives has extended into our professional lives. Facebook claims to have more than 1 billion users. As of December 31, 2012, LinkedIn boasted more than 200 million registered users in over 200 countries and territories and that LinkedIn members performed "over 5.7 billion professionally-oriented searches on the platform in 2012." It is reasonable to infer that those 5.7 billion searches were not limited to individuals seeking jobs, professional connections or merely long lost friends, but also included employer representatives searching for qualified candidates.

In the last decade, most employers, at some point, have reviewed an employee's or applicant's emails, blogs or online social media postings, either in the capacity of "employer" or perhaps as a "friend." Social media monitoring service Reppler recently surveyed over 300 hiring professionals to determine when and how job recruiters are screening job candidates on different social networks. The study found that more than 90 percent of recruiters and hiring managers have visited a potential candidate's profile on a social network as part of the screening process. Moreover, 69 percent of recruiters have rejected a candidate based on content found on his or her social networking profiles—an almost equal proportion of recruiters (68%), though, have hired a candidate based on his or her presence on those networks.

Employers' access to applicants' and employees' social media activity raises two separate but related questions. First, what social media sites can employers lawfully access to obtain information about applicants and employees? Second, to what extent can employers lawfully rely on information obtained through social media to make employment decisions? The second question raises the types of anti-discrimination concerns that employers have been confronting in the off-line world for decades. However, the first question exposes employers to a completely new legal landscape, one which just began to evolve in April 2012, when Maryland enacted the Nation's first "social media password protection law" and has expanded in the past year to include six additional states—California, Illinois, Michigan, New Jersey, New Mexico, and Utah. With password-protection legislation pending in over twenty state legislatures, this legal landscape undoubtedly will become more complex, especially for multi-state employers, over the next one to two years.

To learn more about the history and background of social media password protection legislation, the differences between the state laws, and how those differences create challenges for employer compliance, please see Littler's Report, Workplace Policy Institute: Social Media Password Protection and Privacy — The Patchwork of State Laws and How It Affects Employers, by Phillip Gordon, Amber Spataro, and William Simmons.

• Print
• Trackbacks
• Share Link

On April 19, 2013, Colorado Governor John W. Hickenlooper signed into law Senate Bill 13-018 (the "Employment Opportunity Act"), which will significantly restrict the ability of Colorado employers to use “consumer credit information” for hiring and other employment purposes unless use of the information is limited to the narrow category of positions set forth in the statute. With this law, Colorado becomes the ninth state to regulate the use of credit-related information for employment purposes, following laws enacted in California, Connecticut, Hawaii, Illinois, Maryland, Oregon, Vermont and Washington. Colorado’s law goes into effect July 1, 2013. To learn more about the law, please see Littler’s ASAP, Colorado is the Latest and Ninth State to Enact Legislation Restricting the Use of Credit Reports for Employment Purposes, by Rod Fliegel, Philip Gordon, and Jennifer Mora.

• Print
• Trackbacks
• Share Link

On April 17, 2013, Mexico's new Privacy Notice Guidelines will go into effect. The Guidelines impose extensive requirements for furnishing adequate data privacy notices and obtaining consent before personal data is collected directly from a person or electronically via "cookies," "web beacons" or other automated means. The Guidelines are mandatory and particularly important to employers that regularly collect, process, and/or transfer personal data about employees or job applicants, and to companies operating or advertising in Mexico that use media technology that automatically collects personal data online. To learn more about the Guidelines, please see Littler's ASAP, Mexico's New Privacy Notice Guidelines Require Immediate Action, by Javiera Medina Reza and Eduardo Osornio Garcia.

• Print
• Trackbacks
• Share Link

By Philip Gordon

New Jersey is expected to shortly join California, Illinois, Maryland, Michigan, and Utah in prohibiting employers from seeking employee or applicant passwords to social media accounts or services. New Jersey’s General Assembly passed its bill on March 21, 2013, and that bill now awaits signature by Governor Christie. Although there is no indication from the governor whether he intends to sign the bill, ignore it, or veto it, any action other than signature would simply be symbolic and almost certainly overruled (the General Assembly passed the bill 75-2). New Jersey’s law is more pro-employee/applicant than any such law enacted to date, providing the broadest protections, the narrowest exceptions, and the most generous remedies.

Specifically, the New Jersey bill would prohibit an employer from requesting or requiring, as a condition of employment, that a current or prospective employee “provide or disclose any user name or password, or in any way provide the employer access to,” any personal social networking account, service or profile. The italicized language appears to prohibit New Jersey employers not only from “shoulder surfing,” i.e., reviewing social media content by observing the individual’s access without requesting login credentials, but also goes one step further. The bill apparently would prohibit an employer from asking an employee who complains about the social media activity of a coworker, such as online sexual harassment, for access to the complaining employee’s personal social media account to observe what the alleged harasser posted. Moreover, unlike similar laws in California, Michigan, and Utah, the New Jersey bill contains no exception for workplace investigation into suspected unlawful conduct or violations of employer policies. Notably, the New Jersey bill does not contain a narrower exception, such as the one in Maryland’s law, which includes a carve-out for investigations into suspected violations of securities laws or regulations or into suspected misappropriation of trade secrets.

• Print
• Trackbacks
• Share Link

A recent study by independent data privacy research firm Ponemon Institute of 3,317 individuals in six industrialized countries found that employees are moving intellectual property, including trade secrets, outside their companies in all directions. 

Over half of those surveyed admitted they had emailed business documents to their personal email accounts; 41% said they do this at least once a week. The same percentage of respondents confessed they downloaded company IP to personally-owned tablets or smartphones. A majority of those surveyed did not believe this was “wrong.”

To learn more about the survey results, and what employers can do to minimize data theft, please read more at Littler's Unfair Competition & Trade Secrets Counsel.

• Print
• Trackbacks
• Share Link