NJ passes a business-friendly workplace social media privacy law

It takes two to make a thing go right.
It takes two to make it out of sight, palatable enough for bipartisan support.

Thumbnail image for nj1.jpg

It took some doing, but the State of New Jersey finally has itself a workplace social media privacy law, becoming the 12th state to restrict company access to prospective and current employee social media.

Back in the Spring, I reported here that the NJ legislature sent a version of the bill to Governor Christie. However, to protect NJ businesses, Mr. Christie conditionally vetoed the proposed legislation and sent is back to both the NJ House and Senate with some proposed changes.

Both the House and Senate accepted these changes and sent the amended legislation back to Mr. Christie, which he formally signed on August 29.

Like similar laws in other states, this new law prohibits employers from requiring prospective and current employees from disclosing online usernames and passwords. And while I do not advocate social-media-credential requests from employers, it’s worth noting that there are severable notable differences in the new NJ law, which loosen the restraints on local companies:

  • Many public employers which deal in public safety are exempted;
  • Any employer may require that the login/password of any account maintained for business purposes of the employer — even if created by a current or prospective employee — be disclosed;
  • Employers can also demand login/password as part of several categories of workplace investigations;
  • Employers can ask a current or prospective employee if he/she has a social media account; and
  • Any aggrieved current or prospective employee may report an alleged violation to the Commissioner of Labor and Workforce Development, but cannot bring a private action against the employer.

The new law goes into effect on December 1.

Updated:
  • Eric, can you clarify the second bullet? I’ve seen that referenced elsewhere, and I find it confusing. I understand that if I work for Co. X and tweet on their behalf the company has a right to my login credentials, but how would this rule apply to me if I were a prospective employee? It’s hard to imagine anyone creating an employer-focused account for a company they’re not yet employed by. And does that mean that if I’m interviewing for a job with Co. Y they can ask for my login credentials for Co. X? I’m assuming not…

    Thanks!

    • I agree with your assumption, Courtney. I imagine that the intention here is to limit social media credential requests to Company Y-related social media sites.

    • Crystal Spraggins

      Maybe they’re thinking of contractors who potentially could be employees down the road? That’s the only thing I can think of.