In an effort to create stronger privacy protections for consumers, several states passed laws in 2012 regarding the collection and use of Personally Identifiable Information (PII) of applicants and employees by employers during background checks, or had important privacy regulations passed in previous years take effect. In addition, the Federal Trade Commission (FTC) is requiring nine data broker companies that collect and sell personal information of consumers to reveal their privacy practices or lack thereof. The increased regulations for greater privacy protections for data collected during background checks is Trend Number 4 of the 6th Annual ‘ESR Top Ten Background Check Trends for 2013’ available at http://www.esrcheck.com/Top-Ten-Background-Check-Trends-for-2013.php. Three states – Maryland, Illinois, and California – passed laws in 2012 prohibiting employers for asking for social media usernames and passwords of applicants and current employees for background checks:
- Maryland passed the first law in the nation to prohibit employers from requesting the social media passwords or accessing the social media accounts of prospective and current employees in 2012. Both Houses of the Maryland General Assembly approved identical versions of a social media privacy protection bill – Senate Bill 433 (SB 433)/House Bill 964 (HB 964) – that prohibits employers from requesting or requiring employees or job applicants to disclose their user names or passwords to social media websites and other personal Internet sites and Web-based accounts as a condition of employment. On May 2, 2012, the Governor of Maryland signed SB 433. The full text of the law is available here: Maryland SB 433. See: http://www.esrcheck.com/wordpress/2012/04/10/maryland-passes-first-law-prohibiting-employers-from-asking-employees-and-job-applicants-for-social-media-passwords/.
- Illinois became the second state to prevent employers from demanding social network passwords in 2012. Governor Pat Quinn signed legislation – House Bill 3782 (HB 3782) – that amended ‘The Right to Privacy in the Workplace Act’ and protects the right to privacy of current employees and job applicants by making it illegal for employers to request social network account information such as usernames or passwords to gain access to their accounts or profiles. The full text of the law, which takes effect January 1, 2013, is available here: Illinois House Bill 3782 (HB 3782). See: http://www.esrcheck.com/wordpress/2012/08/07/illinois-law-prevents-employers-from-demanding-social-network-passwords-from-employees-and-job-candidates/.
- California became the third state to stop employers from demanding social network passwords in 2012. On September 27, 2012, California Governor Jerry Brown signed Assembly Bill 1844 (AB 1844) to increase privacy protections for social media users in the state by prohibiting employers from demanding usernames, passwords, and information related to social media accounts from employees and job applicants. The new law also banned employers from firing or disciplining employees who refuse to divulge the information. AB 1844 covers “social media” that includes videos, photographs, blogs, podcasts, text messages, e-mail, online accounts, and web profiles. The full text of the law is available here: California Assembly Bill 1844 (AB 1844). See: http://www.esrcheck.com/wordpress/2012/10/02/california-social-media-privacy-law-ab-1844-prohibits-employers-from-demanding-usernames-and-passwords-from-applicants-and-employees/.