NJ Bill A2878 (the “Bill”) has passed both the New Jersey Assembly and Senate and if signed by the Governor, would prohibit an employer from requesting that current or prospective employees disclose the user name and password of a personal social media account. Employers would also be prohibited from requiring the disclosure of the existence of such a personal account. Any waiver of these rights would be unenforceable as contrary to public policy.

Remedies for prospective, current and former employees under the proposed law include injunctions, compensatory and consequential damages, and attorney fees and court costs. Employers that violate the proposed new law would also be subject to civil penalties of up to $1,000 for the first violation and $2,500 for each subsequent violation.

During 2012, a total of 14 states introduced legislation to bar employers from gaining access to their employees’ social media accounts. If A2878 is signed into law, New Jersey would join a number of other states, Maryland, Michigan, Illinois, Delaware and California among them, that prohibit requests for user names and passwords to personal accounts like Facebook and Twitter. Delaware and California have also made it illegal for institutions of higher education to require or request that students divulge passwords to their social media accounts. Even with these new laws, however, employers are still permitted to access publicly viewable information on personal sites.