On August 29, 2013, Governor Christie signed legislation to protect employees’ privacy in social media accounts. This Fast Facts attempts to help employers understand its applications in the workplace.
P.L. 2013, c.155 was signed into law to prohibit employers from requiring that applicants or employees disclose social medial passwords or account usernames. The law took effect on December 1, 2013.
The law applies to all employers, regardless of size, except for the Department of Corrections, State Parole Board, county corrections departments, or any State or local law enforcement agency.
Employers are not permitted to require or request that an applicant or a current employee provide any user name or password, or in any way provide the employer access to a personal account through an electronic communications device. The law does not restrict an employer from inquiring into whether an applicant or an employee has a social media account or from viewing any social media sites or personal accounts that are in the public domain.
—Frequently Asked Questions—
What is a Personal Account?
A personal account, as defined by the statute, means an account, service or profile on a social networking website that is used by a current or prospective employee exclusively for personal communications unrelated to any business purposes of the employer.
Can an employer require access to a LinkedIn account used by the applicant or employee for business networking?
Yes. The definition of “personal account” specifically excludes any account, service or profile created, maintained, used or accessed by a current or prospective employee for business purposes of the employer or to engage in business related communications.
Can an employer require an applicant or employee to sign a consent form that allows the employer to demand a password or user name and waives any claims against the employer?
No. The law specifically states that no employer can require any individual to waive his or her rights under the Act.
What protections does the law provide for an employee or applicant who complains about a violation of the Act?
The law has four anti-retaliation provisions. An employer may not retaliate or discriminate against an employee who has or is planning to (1) refuse to provide or disclose any user name or password, or in any way provide access to, a personal account; (2) file a complaint with the Commissioner of Labor and Workforce Development alleging a violation of the Act; (3) testify, assist, or participate in any investigation, proceeding, or action concerning a violation of this act; or (4) otherwise oppose a violation of this Act.
—Penalties for Violations of the Act—
The law does not allow for a private cause of action filed by employees or applicants. Instead, the only remedy under the Act is a civil penalty in an amount not to exceed $1,000 for the first violation and $2,500 for each subsequent violation, collectible by the Commissioner of Labor and Workforce Development in a summary proceeding.
The law recognizes that there are times that an employer must comply with the requirements of State or federal statutes, rules or regulations, case law or rules of self-regulatory organizations. The law specifically provides that, in order to insure compliance with those laws, an employer is permitted to request access to personal accounts as necessary to conduct investigations of the following conduct:
- Work-related misconduct based on the receipt of specific information about activity on an employee’s personal account; or
- An employee’s actions based on the receipt of specific information about the unauthorized transfer of the employer’s proprietary or confidential information to the employee’s personal account.
The law also does not prevent an employer from implementing and enforcing a policy pertaining to the use of an employer issued electronic communications device or the use of any employer provided accounts or services that the employee uses for business.
— For More Information—
If you need additional information, please contact:
Ian D. Meklinsky (email@example.com) or
Christina A. Stoneburner (firstname.lastname@example.org) of Fox Rothschild LLP.
Updated: January 1, 2017
This information is not intended to constitute legal advice and should not be relied upon in lieu of consultation with an attorney who is familiar with the facts surrounding a specific situation and has accepted an engagement to serve as counsel.