As you probably know, on Thursday the U.S. House of Representatives passed the Cyber Intelligence Sharing and Protection Act, better known as CISPA. The bill, which aims to help the government react to cybersecurity threats by making it easier to share information between itself and private companies, saw bipartisan support. Opponents of CISPA have argued that the bill is a a massive invasion of privacy, and will be used to justify wholesale spying on the American public by making companies who give up private user info immune from suits or prosecution.
Although CISPA as a whole saw bipartisan support, one last-minute amendement that looked to curtail a worrisome practice by employers was shot down on party lines.
Colorado Democrat Ed Perlmutter attempted to tack on a provision to CISPA that would make it illegal for employers to require prospective employees to hand over their social media passwords as a condition of acquiring or keeping a job.
Has an employer even demanded one of your social media passwords as a condition of being hired or keeping your job? What was your reaction? Let us know in the comments.
The proposal was voted down 224-189, with Republicans in the majority.
"People have an expectation of privacy when using social media like Facebook and Twitter. They have an expectation that their right to free speech and religion will be respected when they use social media outlets. No American should have to provide their confidential personal passwords as a condition of employment. Both users of social media and those who correspond share the expectation of privacy in their personal communications. Employers essentially can act as imposters and assume the identity of an employee and continually access, monitor and even manipulate an employee's personal social activities and opinions. That's simply a step too far," said Perlmutter.
This isn't the first time that Perlmutter has introduced this sort of legislation. Last year, the same employee password protection language was rejected in the House.
Last year, the practice of employers demanding the Facebook passwords of prospective employees became a hot topic. Both state legislatures and the U.S. Congress introduced measures to counteract the rising trend. One particular bill, the Password Protection Act of 2012, was introduced in both the House and the Senate, but went nowhere.
That bill was introduced by Democratic Senator Richard Blumenthal. Before the bill was presented, back in May of 2012, he, along with Senator Chuck Schumer (D-NY) sent a letter to both the Department of Justice and the U.S. Equal Employment Opportunity Commission asking them to “launch a federal investigation into a disturbing new trend.”
Soon after that letter was sent, a motion called “Mind Your Own Business on Passwords” failed in Congress. It would have made the employee password issue one monitored by the Federal Communication Commission. They would have had the right to declare the practice illegal.
So, the Password Protection Act of 2012 moved forward. The language made it a crime that any employer "for the purposes of employing, promoting, or terminating employment, compels or coerces any person to authorize access, such as by providing a password or similar information through which a computer may be accessed."
But it died, and has been referred back to committee.
The Password Protection Act of 2012 isn't the only federal bill proposed to deal with the issue. Say hello to SNOPA, or the Social Networking Online Protection Act. It aims to do what the PPA tried to do, but with even clearer languge:
To prohibit employers and certain other entities from requiring or requesting that employees and certain other individuals provide a user name, password, or other means for accessing a personal account on any social networking website.
It's been introduced, and referred to committee. No movement yet.
On the flip side, some states have had success in passing bans on the practice. First, the state of Maryland enacted a law banning password snooping. And this year, laws in both California and Illinois went into effect.
"It's not déjà vu -- this is the same amendment I introduced twice last year, so people have had plenty of time to study and discuss it. It has bipartisan support. It wouldn't kill the underlying cyber-security bill; it wouldn't send it back to committee. It merely safeguards an individuals' personal privacy as they use their own personal social media accounts," said Perlmutter of his CISPA add-on.
It's important to note that Perlmutter did in fact vote yes on CISPA.
But despite those claims, the provision was crushed. If the past year is any indication, password protection legislation must be tackled at the state level, as it's the only place that its been able to see any sort of success.
Do you think that we need a federal law banning the practice of password snooping by employers? Do you think that it's better left to the states? Or, do you see no reason for any such legislation on any level? Let us know in the comments.