On September 27, 2012, Governor Brown signed AB 1844 to will protect employees’ social media usernames and passwords. This law will make California the third state in the country, after Maryland and Illinois, to protect employees in this way. Once the law goes into effect, it will be illegal for an employer to request an employee’s online account information, be it email, Facebook, or otherwise.
For the employers who decide to ignore the law and still ask for passwords, the new bill will make it illegal for the employer to take any action against an employee who refuses to give access to social networking accounts.
The California law does include some special rules for when an employer may legally demand social media information. The first is for investigations. If an employee is accused of a crime or other misconduct, the employer can demand access to email or social media content if it is relevant to the investigation. The second is for electronic devices the employer provides.
If an employer gives you a computer or phone for work use, they can demand your passwords for access to those devices.
This appears to be sparking a wave of workers’ rights legislation. The New Jersey legislature has already passed a similar law, and it waits for Governor Christie’s approval. A bill currently called the Password Protection Act of 2012 is also gaining traction in Congress, so we may soon have a national standard for internet privacy rights in the workplace.