Colorado law now prohibits employers from requiring access to personal information through electronic communication devices. More specifically, effective May 11, 2013, employers are barred from suggesting, requesting, or requiring employees or applicants to disclose usernames, passwords, or other means for accessing their personal accounts or services through their personal electronic communications devices.
Employers also cannot compel employees or applicants to add anyone, including the employer or an employer’s agent, to their list of contacts associated with social media accounts. They cannot require, request, suggest, or cause employees or applicants to change privacy settings associated with social networking accounts.
Additionally, employers are barred from:
- Discharging, disciplining, or otherwise penalizing employees (or threatening to do so) for refusing to disclose such information discussed above, add the employer to their contacts, or change the privacy settings associated with a social media account; or
- Failing or refusing to hire applicants because they refuse to disclose such information discussed above, add the employer to their contacts, or change the privacy settings associated with a social media account.
The internet privacy law does make clear that there are certain actions it does not bar employers from taking. For example, employers are not prohibited from requiring employees to disclose any usernames, passwords, or other means for accessing nonpersonal accounts or services that provide access to the employer’s internal computer or information systems.
The law also makes clear that it does not permit an employee to disclose information that is confidential under federal or state law or pursuant to a contract agreement between the employer and the employee.
An individual who has been injured by a violation of this law may file a complaint with the Colorado Department of Labor and Employment. Employers could face fines of up to $1,000 for the first offense and a fine of up to $5,000 for each subsequent offense.
Jessica Webb-Ayer, J.D., is an attorney editor for BLR’s human resources and employment law publications. She has written and edited countless publications on labor and employment law and is the editor of the Benefits Compliance Advisor online newsletter and the benefits manual, Benefits Compliance: Strategies for Plans, Programs & Policies. Ms. Webb-Ayer has also worked on various Americans with Disabilities Act (ADA) and workers’ compensation/safety products. She graduated summa cum laude with a B.A. in Psychology from Lipscomb University in Nashville, Tennessee, and graduated cum laude with a law degree from the University of Tennessee College of Law in Knoxville, Tennessee. Ms. Webb-Ayer is licensed to practice law in Tennessee.
Follow Jessica Webb-Ayer on Google+