Skip to content

PASSWORD PROTECTION ACT OF 2012

Senator Shaheen joins colleagues in proposal to stop employers from demanding passwords to Facebook and other private accounts

(Washington, D.C.) – U.S. Senator Jeanne Shaheen (D-NH) joined other senators and congressmen today in introducing legislation aimed at curbing the growing practice of employers requiring prospective or current employees to provide access to password-protected accounts as a condition for employment.

The Password Protection Act of 2012, drafted in consultation with major technology companies and legal experts, addresses this problem by enhancing current law to ensure that compelling or coercing employees into providing access to data stored in private accounts is prohibited.

Joining Shaheen in the Senate on the bill were Senators Richard Blumenthal (D-CT), Chuck Schumer (D-NY), Ron Wyden (D-OR) and Amy Klobuchar (D-MN). In the House, Reps. Martin Heinrich (D-NM) and Ron Perlmutter (D-CO) are introducing an identical companion bill.

“Employers should have no more right to online passwords than they would to a person’s lending history at the library or a diary in their home,” Shaheen said. “As Facebook and other websites become an increasingly important part of the daily lives of millions of people, we must be vigilant in protecting online privacy. This legislation provides an important safeguard for all Americans.”

Recent news reports have highlighted a disturbing increase in the number of employers asking prospective employees to hand over usernames and passwords to their personal accounts on websites like Facebook. Some job applicants are even being asked during interviews to log into these websites and allow interviewers to browse the applicant’s profile, acquaintances, and other information. Others are being asked to provide passwords on job applications.

The Password Protection Act of 2012 enhances current law to prohibit employers from compelling or coercing employees into providing access to their private accounts:

  • Prohibits an employer from forcing prospective or current employees to provide access to their own private account as a condition of employment.
  • Prohibits employers from discriminating or retaliating against a prospective or current employee because that employee refuses to provide access to a password-protected account.
  • The Password Protection Act only prohibits adverse employment related actions as a consequence of an employee’s failure to provide access to their own private accounts. It preserves the rights of employers to:
  • Permit social networking within the office on a voluntary basis.
  • Set policies for employer-operated computer systems.
  • Hold employees accountable for stealing data from their employers
  • Employers that violate the Password Protection Act may face financial penalties.