Since early 2012, 21 states have enacted some form of “password protection” law. Although these laws vary substantially by state, their common thread is the intention to restrict employers’ ability to access content in applicants’ and employees’ restricted online accounts. These laws effectuate that intent by varying combinations of prohibitions on the following types of conduct: (a) requesting an individual’s log-in credentials; (b) asking to view restricted content when accessed by the individual, i.e., “shoulder surfing”; (c) requesting an individual to accept a “friend” or “connection” request; and (d) asking an individual to change privacy settings to permit access by an employer to an account. Yet, 99% of more than 400 senior HR executives and in-house employment counsel who responded to a survey conducted by Littler Mendelson in May 2012 and again in May 2013 stated they do not ask applicants for social media passwords.
Home > State Law Articles > Oregon > General (OR) > Trendsetter or Outlier? Oregon Adds New Twist to Password Protection Laws