California and Illinois ban employers from requesting personal passwords
Posted on 04 January 2013.
When Marylandís Division of Correction instituted a requirement for job applicants and employees undergoing recertification to hand over login credentials of their social media accounts to interviewers, they surely believed that it was an easy way to check whether the candidates were hiding something that would make them unfit for the job.


Unfortunately for them, one of the applicants viewed this request as an invasion of his privacy, and has joined up with the American Civil Liberties Union to campaign for the elimination of such a demand.

Since then, many U.S. states have moved to make it illegal for employees and educational institutions to make this request, and in the last year and a half, six of them have accomplished that goal (or part of it).

The latest two states to joint this enviable group were California and Illinois, whose laws concerning this matter went into effect with the start of the new year.

From now on, it is illegal for employers based in California to require or request an employee or applicant for employment to disclose a username or password for the purpose of accessing personal social media, access personal social media in the presence of the employer, or divulge any personal social media, except when it comes to investigations of allegations of employee misconduct or employee violation of applicable laws and regulations.

"It shall be unlawful for any employer to request or require any employee or prospective employee to provide any password or other related account information in order to gain access to the employee's or prospective employee's account or profile on a social networking website or to demand access in any manner to an employee's or prospective employee's account or profile on a social networking website," states the newly effected law for Illinois.

The other four states are Maryland, Delaware, New Jersey and Michigan, whose Governors have already signed similar bills into law in 2012.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //