By Jessica Mendelson and Grace Chuchla
On September 12, 2012, California Assembly Bill 1844 was enrolled and presented to Governor Brown. This bill is the counterpart to the Social Media Privacy Act (SB 1349), which was approved by the California State Senate in August 2012. AB 1844 is the work of Assemblywoman Nora Campos (D-San Jose), and seeks to prohibit employers from requiring employees to divulge their social media passwords during either the course of their employment or the hiring process. If Governor Brown signs AB 1844 into law, this would make California only the third state in the nation, after Maryland and Illinois, to limit an employer’s ability to request an employee’s social media passwords. We previously wrote about the new social media laws in Maryland and Illinois.
Assemblywoman Campos first proposed AB 1844 in February 2012. After many rounds of revision in both the Assembly and the Senate, the Assembly voted unanimously to accept the Senate’s revisions to the bill and pass it to Governor Brown. Notably, this bill has a nearly perfect unanimous record; aside from one reading in the Senate where the vote was 29-5 in favor, it has passed with zero “nay” votes at every other reading. Governor Brown has until September 30 to either sign or veto the bill.
The core of AB 1844 “prohibit[s] an employer from requiring or requesting an employee or applicant for employment to disclose a username or password for the purpose of accessing personal social media, to access personal social media in the presence of the employer, or to divulge any personal social media.” In other words, an employer may neither request nor require an employee or an applicant to divulge his or her social media passwords. However, employers are still permitted to require employees to divulge social media passwords when the information is used solely to investigate allegations of employee misconduct. Similarly, employer-issued electronic devices do not fall under the umbrella of AB 1844; the bill specifically states that it shall not be construed to preclude an employer from requiring an employee to disclose passwords or usernames for such devices.
The reaction to this bill has been strong and varied among the business and legal community. Some people believe the legislation will benefit the business community. Bradley Shear, a leading social media attorney in Washington D.C. was quoted in a Wall Street Journal legal blog, as saying that this bill is “a huge win for the business community because it may provide California businesses with a legal liability shield from plaintiffs who may allege that businesses have a legal duty to monitor their employees’ personal password protected digital content.” According to the article, Mr. Shear believes this legislation could potentially save businesses millions of dollars by reducing costs related to monitoring social media accounts and cyber liability insurance premiums. Recently, both the California Chamber of Commerce and organized labor have made statements in support of the bill.
Others, however, take a different perspective. Margaret DiBianca, a Delaware attorney specializing in employment law, wrote on a Lexis Nexis blog that the new law will not benefit employers, and in fact, may hurt them. According to Ms. DiBianca, the law “limits an employer’s ability to regulate its workplace, investigate wrongdoing, and, in some instances, to protect employees.” She also wrote that “there has never been a successful lawsuit based on an employer’s failure to monitor [its] employees’ personal password protected digital content.” California State Senator Ted Gaines was quoted in the Huffington Post as saying that the bill may make it more difficult for companies to identify workplace harassment. Although Gaines is concerned with “protecting people’s privacy” he fears the bill will not allow employers to “address early harassment issues.”
A number of business organizations and companies have come out against the bill in recent days. The Securities Industry and Financial Markets Association (“SIFMA”) recently asked Governor Jerry Brown to veto this legislation. According to a recent BNA social media blog post, SIFMA recently wrote to Governor Brown, saying that while the bill may have been well-intended, it “conflicts with the duty of security firms to supervise, record, and maintain business-related communications.” The Financial Industry Regulatory Authority (“FINRA”) also opposes the bill. In a letter to Governor Brown , FINRA suggested California should exempt financial institutions, noting that other states, including Maryland, had discussed this type of exemption in similar bills.
We will continue to keep you apprised of future developments related to this legislation and other social media legislation across the nation.