VPN Articles and News

Tennessee’s New Social Media Law Protects Employees’ Online Privacy

By
Monday, January 26th, 2015


The U.S. state of Tennessee has implemented a new law that forbids employers from asking usernames and passwords of their employees’ social media accounts. With the introduction of “Employee Online Privacy Act of 2014” in January, 2015; Tennessee has joined states like Oklahoma, Wisconsin, New Hampshire, Rhode Island and Louisiana which have enacted similar legislations in the past.

What Is Employee Online Privacy Act of 2014?

The Employee Online Privacy Act of 2014 is aimed at safeguarding the privacy and civil liberties of employees and job applicants. As you might be aware, employers are now increasingly relying on social media to verify the credentials of their employees. Many companies, including multinational corporations, now ask prospective employees to divulge usernames and passwords of their social media accounts as a part of the interview process. However, these measures also lead to massive violation of privacy and could even be considered unconstitutional. This could be the reason why many states have started to ban such practices and more states are likely to do so in the near future.

The new Tennessee law has issued clear guidelines regarding the kind of activities that would be allowed and prohibited from now onwards. Here is the list of prohibited activities defined by the law:

1) Employers can no longer request employees/job applicants to divulge passwords for their email or social networking accounts (including Facebook and Twitter accounts).
2) Employers can no longer force an existing employee or an applicant to add the employer to their contact lists or as a Friend on social sites.
3) Employers can no longer compel an applicant/employee to access personal internet accounts (including email and social networking accounts) in their presence.

Employers are even prohibited from taking any adverse action if their requests for doing one of the above things are not accepted by the existing employees or prospective job applicants.

And here is the list of permitted activities that the employers are still allowed to do:

1) Employers can request employees to disclose usernames/passwords for electronic communication devices that have been supplied or paid for by the company.
2) Employers can request employees to disclose usernames/passwords for services and accounts that the employee uses for business or which the employee obtained due to his/her employment.
3) Investigate unauthorized transfers of proprietary or confidential information.
4) Discipline or fire an employee in case he/she has transferred employer’s financial, confidential or proprietary information to his/her personal accounts without proper authorization.
5) Restrict/block access to certain sites when the employee is using the company’s network/resources or a device that has been supplied or paid for by the company.
6) Access, review, monitor or block data stored on an electronic device that was supplied or paid for by the company. In addition, employers can access and use information about employees that is in public domain.

While the law has issued guidelines regarding permissible and prohibited activities, it does not specify penalties for non-compliance. Nevertheless, the introduction of the law is a step in the right direction since it defines a clear framework for employers, employees and job applicants.


January 26, 2015
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


8 + 3 =