Maryland Enacts Country's First Social Media Password Law

News Updates

Gov. Martin O’Malley, on May 2, 2012, signed S.B. 433, a bill prohibiting employers from requesting the social media passwords or accessing the social media accounts of prospective and current employees, making Maryland the first state to pass such a law.

The new provision, which will take effect Oct. 1, 2012, bars employers from requesting or requiring that an employee or applicant for employment disclose any user name, password or other means to access a “personal account or service” through an electronic communications device.

“Employer” means a person engaged in a business, an industry, a profession, a trade or other enterprise in the state, or a unit of state or local government, and includes “an agent, a representative and a designee of the employer.”

The bill does not define personal account or service, but does define “electronic communications device” to mean “computers, telephones, personal digital assistants, and other similar devices.” The bill, however, allows employers to make such a password or username request to access “nonpersonal accounts or services that provide access to the employer’s internal computer or information systems.”

Covered employers also “may not discharge, discipline or otherwise penalize or threaten to discharge, discipline or otherwise penalize” an employee or applicant for refusing to disclose any information covered by the law. Further, employers “may not fail or refuse to hire” any applicant because he or she refused to disclose any covered information.

The Maryland law would prohibit an employee from making unauthorized downloads of “employer proprietary information or financial data to an employee’s personal website, an Internet website, a web-based account, or a similar account.” However, based on receipt of information of unauthorized downloading, an employer is not prevented from investigating an employee’s actions.

Finally, an employer is not prevented from conducting an investigation based on the receipt of information about an employee’s use of a personal web or similar account for business purposes to ensure compliance with applicable securities or financial law or regulatory requirements.

Similar legislation is pending in California, Illinois, New York, Michigan, Minnesota, Missouri, South Carolina and Washington. In addition, Rep. Eliot Engel, D-N.Y., has introduced federal legislation—the Social Networking Online Protection Act—which would prohibit asking for the social media passwords of employees or applicants.

Joanne Deschenaux, J.D., is SHRM’s senior legal editor.  To read the original article, please click here.