Pennsylvania and the city of Philadelphia are poised to join a growing list of states and municipalities that are enacting so-called “Facebook laws,” which prohibit employers from requiring prospective or current employees to disclose their social-media usernames and passwords. In less than two years, social media in the employment context has garnered so much national attention that it sparked the passage of Facebook laws in five states in 2012 and in six states in 2013. Thirty-six other states have proposed similar legislation. To complicate matters, these laws vary from jurisdiction to jurisdiction, which creates a tangle of inconsistent protections. For example, Pennsylvania prohibits retaliation against employees when they make “good faith” reports of alleged violations, whereas Philadelphia does not expressly contain this protection. Further, these laws can potentially do more harm than good. For example, the proposed Facebook laws in Pennsylvania and the city of Philadelphia may interfere with an employer’s legal obligations to conduct thorough workplace investigations.
Under Pennsylvania’s proposed legislation, dubbed the Social Media Privacy Protection Act, an employer would be prohibited from “shoulder surfing,” or requiring an employee to access a password-protected social-media site in the employer’s presence. The law would also prohibit an employer from asking an employee to divulge information contained on a private site. These restrictions can make it difficult for an employer to investigate improper conduct between employees that occur on social-media sites and carry over into the workplace. For instance, if an employer receives a complaint from an employee that he or she is being harassed by another employee through a social-media site, the employer could not request or require access to the site in order to further investigate the complaint. The employer would also be prohibited from asking the employee to provide evidence, such as private wall postings or emails, to substantiate his or her claim of online misconduct. The city of Philadelphia is also considering a proposed ordinance, which is very similar to the Pennsylvania legislation.
