New Law Restricts New Jersey Employers From Requiring Access to Employees’ Social Media Passwords and Private SitesAugust 2013 – Alerts Labor & Employment Alert
In March 2013, the New Jersey Legislature passed A2878, colloquially referred to as the Facebook Privacy Bill, which prohibits employers from requiring that applicants or employees disclose social media passwords or account usernames. In May 2013, Governor Christie conditionally vetoed the bill and in doing so made significant changes to the Act.
As of August 19, 2013, the Assembly and the Senate have approved the Governor’s conditional veto and the law, as amended, will go into effect on the first day of the fourth month following the date the Governor signs the bill. Since the Assembly and Senate have accepted all of the Governor’s suggestions from the conditional veto, it is expected that the Governor will sign the bill into law.
The law applies to all employers, regardless of size, except for the Department of Corrections, State Parole Board, county corrections departments, or any state or local law enforcement agency.
What Does the Law Prohibit?
Employers are not permitted to require or request that an applicant or a current employee disclose any user name or password, or in any way provide the employer access to, a “personal account” through an electronic communications device. A personal account as defined by the statute means an account, service or profile on a social networking website that is used by a current or prospective employee exclusively for personal communications unrelated to any business purposes of the employer.
This means that the law does not apply to accounts that are used by the employee for business purposes and that an employer can require access to a LinkedIn or other accounts used by the applicant or employee for business networking, as those account are specifically excluded from the definition of personal account.
Important for employers to note is that the law does not restrict an employer from inquiring into whether an applicant or an employee has a social media account or from viewing any social media sites or personal accounts that are in the public domain.
Protections for Employees or Applicants
The law has three anti-retaliation provisions. An employer may not retaliate or discriminate against an employee who has or is planning to (1) refuse to provide or disclose any user name or password, or in any way provide access to a personal account; (2) file a complaint with the Commissioner of Labor and Workforce Development alleging a violation of the Act; (3) testify, assist or participate in any investigation, proceeding or action concerning a violation of this act; or (4) otherwise oppose a violation of this Act.
Penalties for Violations
The good news for employers is that Governor Christie’s conditional veto eliminated a private cause of action filed by employees or applicants. Instead, the only remedy under the Act is a civil penalty in an amount not to exceed $1,000 for the first violation and $2,500 for each subsequent violation, collectible by the Commissioner of Labor and Workforce Development in a summary proceeding.
The law recognizes that there are times when an employer must comply with the requirements of state or federal statutes, rules or regulations, case law or rules of self-regulatory organizations. The law also specifically provides that, in order to ensure compliance with those laws, an employer is permitted to request access to personal accounts as necessary to conduct investigations of the following conduct:
- Work-related misconduct based on the receipt of specific information about activity on an employee’s personal account; or
- An employee’s actions based on the employer’s receipt of specific information about the employee’s unauthorized transfer of proprietary or confidential information to the employee’s personal account.
The law also does not prevent an employer from implementing and enforcing a policy pertaining to the use of an employer-issued electronic communications device or the use of any employer-provided accounts or services or that the employee uses for business.
Employers should update electronic usage and social medial policies before January 1, 2014, to ensure compliance with the law.
For more information about this alert or if you have any questions or concerns, please contact Christina A. Stoneburner at 973.994.7551 or [email protected] or any member of Fox Rothschild’s Labor & Employment Department.