Six states-California, Delaware, Illinois, Maryland, Michigan, and New Jersey- have enacted laws that prevent employers from requiring or requesting that employees or job applicants provide their usernames and passwords for social media websites like Facebook, Twitter, or Instagram. The laws in California and Illinois went into effect on January 1, 2013 and are the most recent additions to the list of states making certain media-snooping illegal.

Many of the laws were prompted by stories of employees who were required to share their passwords in order to keep their jobs or were suspended after refusing to do so, and applicants who feared that they may not be considered for a job if they refuse the employer’s request for their social media passwords. As the practice gained attention in the national media, 14 states introduced legislation in 2012 on the subject of employers seeking access to social media. California and Delaware, in addition to banning employers’ attempts to require or request password information from employees, have also made it illegal for institutions of higher education to require or request that students share the passwords to their social media accounts.

Facebook has responded to the growing number of complaints from users about employers’ demands and emphasized that soliciting users’ login information is a violation of Facebook’s Statement of Rights and Responsibilities. Facebook has encouraged its users not to share their passwords or account information with employers who demand access, as well as warning employers, “We’ll take action to protect the privacy and security of our users, whether by engaging policymakers or, where appropriate, by initiating legal action, including by shutting down applications that abuse their privileges.”

While social media account information is protected from prying employers in the six states that passed laws on the subject, it remains to be seen whether more states, or the federal government, will follow suit. The “Password Protection Act of 2012” was introduced in the U.S. Senate in May of 2012, but it ultimately failed to reach a vote. However, even with the new laws banning employers from requiring or requesting employees to share their password information, public information posted on social media sites is not protected. Employers may still seek out all publicly viewable information posted on employees’ social media pages, as long as the employer does not use employees’ passwords to gain access.