top of page
  • Haleigh Shedd

Privacy In Pennsylvania

Updated: Mar 5, 2019

Note from the author:

This article was written for Winthrop University’s PLSC 202 class with Dr. John Holder. I am sharing it on my blog as a way to compile and showcase my writing.

Over the past few years, the internet has certainly flourished, shaping the United States into the tech-savvy country it is today. One major aspect of the technological advancements that were made is the prominence of social media. With the rise of social media, there has also been an increased interest by employers in how their workers are behaving online. But what kind of protection do employees have from their companies on the interweb?

It is common knowledge that whenever applying for a job, a person should expect to have their social media accounts ferociously stalked by potential employers. This is because companies seek to gain a better understanding of who their possible workers are and how they live their lives.

Anything a person posts online is fair game because he or she chooses to share that information with the world. But what about the information they choose to keep private in their accounts, such as messages or saved posts?

Some employers have requested both current and potential employees to share their personal login information, so that they may explore the hidden parts of their accounts.

To most, this may seem like a fierce invasion of privacy, but others see things a little differently. According to the National Conference of State Legislatures, some employers argue that having access to personal accounts helps protect private company information or trade secrets from being released, allows better compliance with federal financial regulations, or it can prevent the employer from being exposed to legal liabilities. (Access to Social Media)

In 2012, state lawmakers introduced legislation that would prevent employers from requesting personal login information of current or potential employees who are seeking to obtain or maintain a position with the company. (Access to Social Media) Maryland was the first state to ban the practice in 2012. Shortly after this, many other states followed suit, banning it as well. Some of these states include Arkansas, California, Illinois, Michigan, New Mexico, and Utah. (J. White) As of now, 25 states and Guam have statutes against this practice. (M. White)

In Pennsylvania, the Social Media Privacy Protection Act was introduced in June of 2012 by state representative, Jesse White, and an array of other sponsors. (Legislative Data Processing Center)

The act defines social media as including, but not limited to,

“Social networking Internet websites and any other forms of media that involve any means of creating, sharing and viewing user-generated information through an account, service, or Internet website.”

It states that an employer does not have the right to request personal login information from current or prospective employees. The login information includes user names, passwords, and any other means, such as opening sites through phone applications, for accessing a personal social media account, service, or internet website. (The General Assembly of Pennsylvania)

Employers are prohibited from discharging, disciplining, or otherwise penalizing employees who refuse to disclose personal login information. Also, they may not refuse to hire someone as a result of the potential employee’s rebuff. (The General Assembly of Pennsylvania)

However, employers cannot be restricted or limited by the following:

  1. The employer's right to promulgate and maintain workplace policies governing the use of an employer's electronic communication device. This includes policies regarding the employee's use of the Internet, social media accounts, services or Internet websites and e-mail use pertaining to the employer.

  2. The employer's right to monitor the usage of the employer's electronic communication devices so long as the employer is in compliance with the statutes previously mentioned.

  3. The employer's right to obtain or view any information concerning an employee or prospective employee that exists within the public domain. (The General Assembly of Pennsylvania)

This all simply means that employers can enforce policies that regulate employee’s internet use while at work. They have the right to obtain any information that is accessed through company communication devices, such as emails that are sent, websites (including social media sites) that are visited, and any other situations where the internet and a device are used. Also, as mentioned before, employers have the right to access any information that is made available in the public domain by the employee.

Any employer who violates this act can face a civil penalty of up to $5,000, plus attorney reimbursement fees. (The General Assembly of Pennsylvania)

The act applies to all employers in the state of Pennsylvania. More specifically, it defines an employer as

“a person engaged in a business, an industry, a profession, a trade or other enterprise in this Commonwealth or a unit of State or local government. The term includes an agent, a representative or a designee of the employer.”

The act was intended to take effect 60 days after it was passed. (The General Assembly of Pennsylvania) A series of amendments were made to it shortly after it was introduced.

However, the Social Media Privacy Protection Act was laid on the table in June 11, 2013, so no action has taken place since then. (Legislative Data Processing Center)

With all this being said, it raises the question of why employers are so keen to access employees’ private information.

Aleecia McDonald, a privacy researcher and resident Fellow at the Stanford Center for Internet and Society, says high unemployment makes it hard to stamp out this practice.

“When you have a job market where there are more job seekers than hirers, you’re going to see things like demanding to see your Facebook wall because if you say no, someone else is waiting for that interview.”

Paul Stephens, director of policy and advocacy at the Privacy Rights Clearinghouse said, “The fact of the matter is, in a tight job market, if you’re looking for a job, you’re going to do anything you can to get that job.” (M. White)

Desperation is a key player in an employee’s willingness to disclose personal information. If a person doesn’t want to comply with the employer’s requests, the company will move right on to the next potential worker until they find someone willing to do so.

As of right now, it is legal in all states for a prospective employer during a job interview to insist that a person logs into their Facebook page to click through their “friends only” posts, photos, and messages. The American Civil Liberties Union took a stand against the practice, which was dubbed “shoulder surfing.”

McDonald discussed this saying, “Things employers legally cannot ask are available for them to discover on Facebook.”

Stephens suggests that job seekers delete people and pages that they think might be objectionable to a potential employer prior to an interview. This does not protect people from their potential employer reading their messages, but it’s a start. (M. White)

In an interview on Fox news, senior judicial analyst, Andrew Napolitano discussed the issue. He stated that government agencies, such as the board of education, the police department, or the local government, are not authorized to request access to an employee’s login information due to the fourth amendment which states,

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

He also says that a government agency can only obtain that information if they possess a search warrant for a criminal investigation, rather than a simple background investigation. The boundaries begin to blur when a person is applying at an entity other than the government. (LeakSource2012)

Facebook seems to be the most popular website employers wish to access because of one’s ability to send private messages, save posts, and control who can see what a user posts. Erin Egan, Chief Privacy Officer for Facebook, commented on the issue saying,

“As a user, you shouldn’t be forced to share your private information and communications just to get a job.”

He continued, focusing on how employers can violate other citizen’s rights as well by accessing an employee’s social media. “As the friend of a user, you shouldn’t have to worry that your private information or communications will be revealed to someone you don’t know and didn’t intend to share with just because that user is looking for a job.  That’s why we’ve made it a violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.” (Egan)

Egan also discussed how employers can easily open themselves up to serious legal issues. He gave the example that if they see that the employee is a member of a protected group, they could cause themselves to receive claims of discrimination if they do not hire that person. (Egan)

Additionally, because of the Americans with Disabilities Act, if an employer discovers the existence of a disability while perusing an employee’s social media, then any actions that they take against the employee may violate disability discrimination laws. (Ballman)

Pennsylvania representative White believes that employers are taking advantage of people by requesting this information. He said,

“This is the online equivalent of forcing someone to give up their house key so an employer can go and dig around through their underwear drawer, and this invasion of fundamental privacy rights should be stopped.”

However, there are some acts already in place that favor employees when it comes to social media and the workplace.

If a company's social media policy says that employees are not permitted to discuss or criticize the organization online, that may violate your right to condemn working conditions with peers. The National Labor Relations Act protects this right. (Ballman)

The National Labor Relations Board has addressed multiple cases of illegal dismissals due to social media posts that were critical of their respective companies. However, policies that prohibit offensive, demeaning, or inappropriate comments may be considered too broad. (Ballman)

Another enactment, the Stored Communications Act, offers some limited protection if an employer accesses a worker’s private messages through social media. This law is tricky though because if an employee accesses their email or social media on a company device and forgets to log out, he or she has no protection. (Ballman)

With all this gray area between employers and employees, it is not surprising that there have been so many issues regarding social media. It is expected that the United States will eventually have regulations regarding social media and online activity in all states over the next few years.

Pennsylvania is one of the few states in the US that is a commonwealth. This means that they place a strong emphasis on the role of the people in the state’s government. (Christi) Representative White has been pursuing policy change in the state to benefit the people for many years now with very little success due to the Social Media Privacy Protection Act being tabled almost four years ago.

This raises the question of how much value the federal government places on its people and their protection. It’s only a matter of time before Pennsylvania catches up with the other 25 states who have policies in place to protect their employees’ online privacy.


"Access to Social Media Usernames and Passwords." National Conference of State Legislatures. LexisNexis, 27 Feb. 2017. Web. 19 Apr. 2017. <>. (E)

Ballman, Donna. "Can Your Employer Demand Your Social Media Passwords?" AOL, 14 July 2016. Web. 19 Apr. 2017. <>. (J)

Legislative Data Processing Center. "Bill Information - House Bill 1130; Regular Session 2013-2014." The Official Website for the Pennsylvania General Assembly. Pennsylvania General Assembly, n.d. Web. 19 Apr. 2017. <>.  (G)

Christi. "Here Are 20 Things You Probably Didn't Know About Pennsylvania." OnlyInYourState. N.p., 05 Apr. 2015. Web. 20 Apr. 2017. <>. (I)

Egan, Erin. "Facebook." Protecting Your Passwords and Your Privacy. Facebook, 23 Mar. 2012. Web. 19 Apr. 2017. <>. (M)

The General Assembly of Pennsylvania. House. Labor and Industry. Social Media Privacy Protection Act of 2012. Session of 2012. Legis. Pennsylvania. 2012. Web. 19 April 2017. (F)

LeakSource2012. "Some Employers Asking Job Seekers for Facebook Passwords." YouTube. YouTube, 20 Mar. 2012. Web. 19 Apr. 2017. <>. (N)

Meyer, Eric B. "PA Bill Will Protect Privacy of Employee Social Media Passwords." The Employer Handbook Blog. The Employer Handbook, 08 Nov. 2016. Web. 19 Apr. 2017. <>. (K)

Miles, Philip. "Social Media Privacy Protection Act Pending in Pennsylvania." Social Media Privacy Protection Act Pending in Pennsylvania. LexisNexis, 09 July 2012. Web. 19 Apr. 2017. <>. (A)

White, Martha C. "Can Interviewers Insist on ‘Shoulder Surfing’ Your Facebook Page?" Time. Time, 09 Mar. 2012. Web. 19 Apr. 2017. <>. (L)

White, Jesse. "Social Media Privacy Protection Act Moving Forward in State House." Canon-Mcmillan, PA Patch. Patch, 07 May 2013. Web. 19 Apr. 2017. <>. (D)

7 views0 comments
bottom of page