Utah and New Mexico have joined the growing number of states that prohibit employers from requesting or requiring access to job applicants’ social networking accounts. In addition, a social media privacy bill has reached New Jersey Gov. Chris Christie’s desk, and as of mid-April, 2013, measures were pending in several other states, according to the National Conference of State Legislatures (NCSL).
Utah becomes fifth state to protect accounts
Joining Maryland, Illinois, California and Michigan, Utah passed employment social media privacy legislation on March 27, 2013, when Gov. Gary Herbert signed into law the Internet Employment Privacy Act (IEPA). The law bans employers from asking employees and job applicants to provide the login information for their personal Internet accounts.
Under the IEPA, private and public employers in Utah cannot:
• Ask an employee or job applicant to disclose a username and password or a password that allows access to the employee’s or applicant’s personal Internet account.
• Take adverse action in the terms and conditions of employment, fail to hire or otherwise penalize an employee or job applicant for failing to disclose his protected Internet information.
However, under the IEPA, employers may:
• Request or require an employee to disclose a username or password required to gain access only to the employer’s electronic communications device, account or service.
• Discipline or discharge an employee for transferring the employer's proprietary or confidential information or financial data to the employee’s personal Internet account without authorization.
• Investigate other employee misconduct that involved the use of the employee’s personal Internet account.
• Restrict or prohibit employees from accessing certain websites while using the employer’s electronic communications device or computer network.
• Monitor, review, access or block electronic data and communications stored on the employer's electron