Social Media Password Protection and Privacy -- The Patchwork of State Laws and How It Affects Employers

Posted on June 5, 2013 by Privacy and Data Protection Practice Group

Shortly after the Littler Report, Workplace Policy Institute: Social Media Password Protection and Privacy -- The Patchwork of State Laws and How It Affects Employers, by Phillip Gordon, Amber Spataro, and William Simmons was published last month, the legislatures of Arkansas, Colorado, Oregon, and Washington passed social media password protection bills. In addition, New Jersey's Governor conditionally vetoed the bill passed by that state's legislature. The revised Littler Report addresses these new developments. We also have revised our proposed model legislation in light of these developments.

To read the updated Littler Report, click here.

Tags: , , , , , , ,
  • Print
  • Trackbacks
  • Share Link

Patchwork of Social Media Password Protections Laws Impacts Employers

Posted on May 2, 2013 by Privacy and Data Protection Practice Group

Social media websites such as Facebook, Twitter, LinkedIn and others have become a part of daily life in the United States and abroad. The unavoidable reach of social media into our personal lives has extended into our professional lives. Facebook claims to have more than 1 billion users. As of December 31, 2012, LinkedIn boasted more than 200 million registered users in over 200 countries and territories and that LinkedIn members performed "over 5.7 billion professionally-oriented searches on the platform in 2012." It is reasonable to infer that those 5.7 billion searches were not limited to individuals seeking jobs, professional connections or merely long lost friends, but also included employer representatives searching for qualified candidates.

In the last decade, most employers, at some point, have reviewed an employee's or applicant's emails, blogs or online social media postings, either in the capacity of "employer" or perhaps as a "friend." Social media monitoring service Reppler recently surveyed over 300 hiring professionals to determine when and how job recruiters are screening job candidates on different social networks. The study found that more than 90 percent of recruiters and hiring managers have visited a potential candidate's profile on a social network as part of the screening process. Moreover, 69 percent of recruiters have rejected a candidate based on content found on his or her social networking profiles—an almost equal proportion of recruiters (68%), though, have hired a candidate based on his or her presence on those networks.

Employers' access to applicants' and employees' social media activity raises two separate but related questions. First, what social media sites can employers lawfully access to obtain information about applicants and employees? Second, to what extent can employers lawfully rely on information obtained through social media to make employment decisions? The second question raises the types of anti-discrimination concerns that employers have been confronting in the off-line world for decades. However, the first question exposes employers to a completely new legal landscape, one which just began to evolve in April 2012, when Maryland enacted the Nation's first "social media password protection law" and has expanded in the past year to include six additional states—California, Illinois, Michigan, New Jersey, New Mexico, and Utah. With password-protection legislation pending in over twenty state legislatures, this legal landscape undoubtedly will become more complex, especially for multi-state employers, over the next one to two years.

To learn more about the history and background of social media password protection legislation, the differences between the state laws, and how those differences create challenges for employer compliance, please see Littler's Report, Workplace Policy Institute: Social Media Password Protection and Privacy — The Patchwork of State Laws and How It Affects Employers, by Phillip Gordon, Amber Spataro, and William Simmons.

Tags: , , , , , , ,
  • Print
  • Trackbacks
  • Share Link

As Germany Considers Restrictions on Use of Social Media for Recruiting, Multi-National Employers Need to Start Thinking About Social Media Policy 2.0

Posted on September 10, 2010 by Privacy and Data Protection Practice Group

German Parliament and FlagA bill approved on August 25, 2010, by Germany’s cabinet for introduction to the German Parliament would restrict employers’ use of social media in the recruitment process. Many multi-national employers are still struggling to implement a policy governing the use of social media in their U.S. workplace. Before multi-national employers even complete that task, or catch their breath from doing so, they need to confront the question, as the German proposal suggests, whether the version 1.0 social media policy addressing only U.S. employees can be lawfully applied to non-U.S. employees.

The issue is far from academic. Facebook, which surpassed 500 million users earlier this summer, has hundreds of millions of non-U.S. users. In fact, according to a survey by NielsenWire, monthly time per user spent on Facebook exceeds the U.S. average of 6 hours and 43 minute in Australia (7 hours 45 minutes), and Italy (7 hours) with the United Kingdom not far behind at 6 hours 19 minutes. Latin America was Twitter’s fastest-growing market between June 2009 and 2010 with users increasing by 300%, followed by Asia Pacific with a 240% growth rate, and the Middle East and Africa where users more than doubled.

At the same time, the social media juggernaut has been so rapid that no one body of law in any country yet governs an employer’s ability to access and use social media content for hiring and disciplinary purposes. In the U.S., for example, private employers need to consider the federal Stored Communications Act and state computer trespass laws, the Fair Credit Reporting Act, the National Labor Relations Act, federal anti-discrimination laws, state laws protecting employees against adverse action based on lawful, off-duty conduct, and potential common law claims for invasion of privacy and unreasonable disclosure of private facts.

The German bill appears to be one of the first pieces of national legislation aimed specifically at regulating employers’ use of social media content for employment purposes. Under the current version of the bill, employers would be permitted to access only social media content that the applicant makes publicly available; social media content limited to “friends only” would be off limits. Ironically, a case last summer that resulted in a verdict against Houston’s Restaurants for unauthorized access to an employee’s friends-only site effectively drew the same distinction, albeit based on the federal Stored Communications Act, which was enacted in 1986, long before the Internet as we know it had evolved.

While the German law still needs to work its way through the legislative process, U.S. employers should expect that data protection authorities and privacy advocates in other countries and in the United States are watching. It likely is just a matter of time before many countries have enacted a body of “social media law” that will make drafting a global social media policy as challenging as drafting a global privacy policy. In the meantime, multi-national employers should consider surveying foreign laws in the areas of access to electronic communications, privacy and data protection, and labor rights before applying a U.S.-based social media policy to applicants or employees located in other parts of the world.

This entry was written by Philip L. Gordon.

Photo credit: anati
Tags: , , , ,
  • Print
  • Share Link