Saturday, April 28, 2012

SNOPA - Finally, A Step In The Right Direction


The text of the bill can now be found here. More details/summary are below.

I was going to write a post a while back about why I don't think employers and schools can, constitutionally speaking, require you to give them your facebook (or other social networking or email or whatever) password before they'll hire or promote you. Unfortunately, I was distracted by that pesky work thing. But now, maybe - just maybe - that question could become irrelevant. House Representative Eliot Engel of New York has introduced a bill called the Social Networking Online Protection Act ("SNOPA" - the play on "SOPA" isn't lost on anybody, I hope) that would forbid employers and schools from demanding those passwords. Unfortunately, I can't give you the text of the bill because it's not up on the Library of Congress site, but I'll update as soon as I can. In the meantime, I'll do my best to summarize.

According to Congressman Engel's site, the law would:

  • Prohibit current or potential employers from requiring a username, password or other access to online content.  It does not permit employers to demand such access to discipline, discriminate or deny employment to individuals, nor punish them for refusing to volunteer the information.
  • Apply the same restrictions to colleges and universities, and K-12 schools as well.
So, far so good, I think you'll agree. 

The flip side of the coin, which is not being reported quite as thoroughly, is that the bill would shield employers from liability for failing to monitor password-protected content.  I don't know about you, but my hackles raise a bit whenever I hear (or read) "shield employers from liability." But, in this case, I have to make an exception, for a few reasons. 

First, and most cynically, this provision will probably reduce employer resistance to the bill, because they'll be getting something out of it too. There are quite a few reasons that employers want to monitor your password-protected online stuff - one of which, of course, is that they don't want you to embarrass them. One of the reasons they want to do it, though, is that they can be sued for "negligent hiring" if they hire an employee without checking enough first to make sure he or she isn't a bad guy. Now, if they weren't aware that their employee was a thief/violent dude/alcoholic/whatever because they didn't look at his or her password-protected facebook page, it's not their fault. Similarly, schools wouldn't be liable for stuff that happens on facebook (or any other site) if it's password-protected.  

What I like about this, beyond the obvious, is that it begins to re-draw the line between public and private life that's been increasingly blurred. Yes, it will prevent people from recovering as much in lawsuits against employers and schools (OK, I'm sure some people think that's a good thing, even if I'm not one of them), but it's worth it. This is the kind of legislation that lays the groundwork for preventing schools from expelling kids for stuff they do on their own time, and for preventing employers from asking prying questions they have no right to know. It allows for robust anti-bullying laws like the Arizona law I talked about in an earlier post, which aggressively addresses bullying in school, but specifically draws the line at activities unconnected to school hours and school equipment. It helps make sure that employers can't fire you for what you say on your own time - without your having to invoke the National Labor Relations Act.  

This bill doesn't accomplish all of that, of course. But it's a big step in the right direction.

**Updated information:

1. The bill provides for a fine of up to $10,000 for employers and an injunction by the Department of Labor.
2. The bill has - and this is particularly nice - an anti-retaliation provision. So not only could employers or schools not do this stuff, but they also couldn't punish anyone who complained about it.
3. The definition of "social networking website" is appropriately broad:

      (2) the term `social networking website' means any Internet service, platform, or website that provides a user with a distinct account--
      (A) whereby the user can access such account by way of a distinct user name, password, or other means distinct for that user; and
      (B) that is primarily intended for the user to upload, store, and manage user-generated personal content on the service, platform, or website.
Here's hoping it goes somewhere!


  1. Too early to say. An earlier bill that would've given the FCC the power to regulate this stuff failed, but that's very different (and, I think, not as good). I do think the liability immunity could get employer lobbying groups on board, which would help a lot, especially since they would otherwise be the strongest opponents.

  2. this is a great step that they have made. combining freedom to use of internet and social media as well as their right to privacy.