Nearly one in four people around the world use social media today, according to a 2013 report by eMarketer. Social media’s surge in popularity has caused a sea change in how people act and behave, as well as the image they portray, whether intentionally or not.
It didn’t take long for employers to recognize social media as a useful tool to learn more about potential new hires.
Controversy and debate erupted when employers started asking potential job candidates for passwords to their social media accounts. Presumably, these requests were intended to allow employers to learn more about a candidate by accessing their password-protected content. Unsurprisingly, the outrage and indignation surrounding this practice were so strong that it was only a matter of time before legislatures took aim at this practice.
Indeed, several states swiftly began passing laws aimed at prohibiting this practice. The National Conference of State Legislatures reports that 28 states have passed or are considering passing laws aimed at prohibiting employers from requiring employers and job applicants to disclose social media passwords and other password-protected social media information.
On June 30, 2014, Rhode Island joined those growing ranks by enacting a social media privacy law that impacts all employers.
Under Rhode Island’s new social media privacy law, employers cannot:
• Require employees or job applicants to disclose their social media account passwords.
• Require employees or job applicants to show or disclose to an employer the content of any social media account.
• Require employees to add the employer to an employee’s list of social media contacts (e.g., Facebook friends, Twitter followers, Instagram followers, LinkedIn connections, etc.)
• Require or ask employees to change their security settings on their social media accounts.
The law broadly defines “employers” to include anyone acting “in the interest” of an employer. This means that the law covers owners, managers and supervisors. Therefore, unless employers properly advise their managers and supervisors on this law, they are running a substantial risk that one of their members of upper management will misstep in violation of this law. This concern is not far-fetched: just think of the last two to three years, and note how many employee disputes or discipline situations involved social media. The frequency of those situations will only increase as social media continues to be many employees’ preferred forms of interaction with their peers and co-workers.
The law has three exceptions. First, it does not apply to publicly available information, so it would not restrict employers from looking at social media content that is found on Google, not password-protected, or otherwise publicly available. However, the law does not define what “publicly available” means. For example, if an employee’s Facebook account only shows content to the employee’s “friends” or “friends of friends,” would an employer violate this law by asking one of the employee’s Facebook friends to share the employee’s content? The law is unclear on this point, leaving the interpretation to a judge if an employer is sued under this provision.
The law also doesn’t apply to situations where an employer is conducting an investigation into employee misconduct or looking into a workplace violation of law. Nor does it apply to those employers who are required to conduct certain pre-hiring screening of employees or where the employer must preserve information and communications under securities regulations.
There are several best practices for employers to follow in light of this new law. First, employers should familiarize themselves with the law and the types of social media interaction that the law permits and restricts. Second, they should gain an understanding of whether – and how – their managers and supervisors are engaging with their subordinates on social media platforms. Third, they should train their managers and supervisors how to comply with this law.
Finally, they should remain vigilant and keep an eye out for emerging technologies and social media platforms that might not fit squarely under this law.
On balance, this law reflects a thoughtful and carefully crafted compromise between privacy interests and employers’ needs to control their workplace environment. Its proponents should be commended for their forward-thinking approach to solving a rapidly evolving problem. Nonetheless, this law will only be effective if it remains current and does not become obsolete as technologies and behavior change. In the meantime, employers should consider adopting a social media policy and tread cautiously in the workplace. •
Brian Lamoureux is a partner at Pannone Lopes Devereaux & West LLC in Providence. He is also an adjunct assistant professor of business law at Providence College.
