Authors: Carmen J. DiMaria (Morristown), Evan J. Shenkman (Morristown)
Published Date: September 18, 2013
On August 29, 2013, a more limited social media privacy bill (A2878), adopting the common sense conditions set forth in Governor Chris Christie’s previous conditional veto, was enacted. The new law, effective December 1, 2013, will bar employers from requiring or requesting that any current or prospective employee:
disclose his or her username or password to a personal social media account;
provide the employer access to his or her personal social media account;
waive the rights or protections of the bill as a condition of applying for or receiving an offer of employment.
Under the law, a protected “personal” social media account is one used by an applicant or employee exclusively for personal communications unrelated to any business purposes of the employer. It does not apply to any account or profile created, maintained, used, or accessed by a current or prospective employee for business purposes of the employer or to engage in business-related communications. Based on this definition, a social media account used by an applicant or employee for both personal and business-related purposes (such as LinkedIn) likely falls outside the protections of the bill. How an employer may navigate that distinction in a given situation, however, is not entirely clear.
Of note, the original bill also sought to bar employers from merely asking whether applicants had a social media account—information necessary for many employers to gauge the candidate’s technological skills and media savvy. That language was omitted from the revised bill signed by Governor Christie.
The enacted law provides that it should not be construed to prevent employers from complying with the requirements of state or federal law, or from implementing or enforcing policies concerning the use of employer-issued electronic communications devices or personal devices used for business purposes (BYODs). Further, the law does not infringe upon an employer’s right to conduct an investigation into certain work-related misconduct (including harassment or potential disclosure of the employer’s proprietary information) based upon the receipt of specific information about such activity on an employee’s personal account. Pursuant to Governor Christie’s suggestion, the law also permits employers to review and rely upon any social media information found in the public domain.
Finally, the law prohibits retaliation or discrimination against individuals who refuse to divulge their usernames or passwords or provide access to their personal accounts, who object to violations of the law, or who report a complaint under the Act. Employers that violate the Act are subject to a civil penalty (from $1,000 to $2,500), but not civil liability. Language in prior versions of the bill providing for a private cause of action was omitted from the legislation signed by Governor Christie.
Carmen J. DiMaria has spent his entire legal career practicing in the area of employment law and litigation, and has represented management exclusively for the past 18 years. Carmen has defended companies and individual defendants involving claims of wrongful termination, discrimination, harassment (including sexual harassment), retaliation, whistle blowing (including claims under the New Jersey Conscientious Employee Protection Act) and violations of the Family and Medical Leave Act. Carmen...
Evan J. Shenkman is a member of Ogletree Deakins’ Knowledge Management Department, serving as the firm’s Senior Knowledge Management Counsel and Research Manager. In his role, Mr. Shenkman is responsible creating processes, practices, and software to allow firm attorneys to work smarter, faster, and more in sync; creating internal and client-facing collaborative tools; and managing the firm's team of Knowledge Management Counsel and the firm's Legal Researchers. He also manages...