NJ Employers Now Barred from Seeking Social Media Passwords

Effective December 1, 2013, New Jersey employers will be prohibited from requiring both job candidates and current employees to disclose the user names and passwords to their personal social media accounts.  Last Thursday, Governor Christie signed into law a revised version of Assembly Bill 2878 making it a violation of NJ law to do so.  An earlier version of the same bill had previously provided for a private right of action allowing individuals to sue for violations of the law.  As of now, only civil penalties (up to $2,500) can be imposed and are to be collected by the Commissioner of the New Jersey Department of Labor and Workforce Development.

Under the new law, employers can still monitor social media accounts that are open to the public, are provided by the company for use by the employee, or in the case of suspected wrongdoing, to conduct an investigation of a current employee’s social media account if the account is used for business purposes of the employer or if used to engage in business-related communications, but only if the employer independently received information about the suspected wrongful conduct (i.e. in a lawful manner from a third party).

Key Practice Points:

  1. Employers should review their application and background check forms and conform them to the new law.
  2. Social media policies should be updated to warn employees that the use of personal social media accounts for business purposes may entitle the company to examine them for compliance with company policies regarding marketing, advertising, data transfer, regulatory affairs, and other business rules.
  3. Managers should be made aware of how they may conduct examinations of social media sites to enforce the issues raised in Point 2 above.  The NJ federal court case of Ehling v Monmouth Ocean Hospital Service Corp  (decided August 20, 2103) and the NJ state court case of Pietrylo v. Hillstone Restaurant Group (decided July 24, 2008) both provide real world examples of how these issues may play out when an employer begins to peek under the gurney/table.
  4. Litigants must be wary of using usernames/passwords found on company computers to access these social media sites.  Properly crafted computer use policies may enable an employer to use information found on company equipment even if it is from a password protected account.  Moreover, employees who configure their social media sites to automatically boot at start-up should be made aware that the employer may have instant access to those sites in the event the employer takes possession of or simply uses the computer for legitimate business purposes.

For additional information, please give us a call or email us at