Sunday, December 23, 2012

Have you even HEARD of the Password Protection Act?

By Minnie Apolis 
 
While several Newsviner pals have expressed justifiable outrage at the thought of prospective employers demanding passwords to social networking sites such as Facebook, no one has so far mentioned anything about the Password Protection Act of 2012.

What Password Protection Act, you may ask? It certainly has not dominated headlines on Newsvine or anywhere else that I lounge about on. Upon a search of the topic, I did find that it appeared on several blog sites as well as sites that monitor new legislation – apparently none of which were picked up by major news sites like HuffPo, New York Times, Washington Post, etc. The biggest name to pick up the story is The Hill.

But there is such a bill, and it has been introduced to both houses of Congress. The bill is intended to prevent employers from demanding passwords to personal online web pages. Democrats introduced legislation in both the House and Senate to prevent employers from forcing employees and job applicants into sharing information from their personal social networking accounts. The Password Protection Act of 2012 (PPA) would also prevent employers from accessing information on any computer that isn't owned or controlled by an employer, including private e-mail accounts, photo sharing sites, and smart phones.

The full text of the bill is available at GovTrack
The major and key clauses are as follows:



A BILL
To prohibit employers from compelling or coercing any person to authorize access to a protected computer, and for other purposes.
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

This Act may be cited as the ‘Password Protection Act of 2012’.

SEC. 2. PROHIBITED ACTIVITY.

          (i) for failing to authorize access described in subparagraph (A) to a protected computer that is not the employer’s protected computer; or
          (ii) who has filed any complaint or instituted or caused to be instituted any proceeding under or related to this paragraph, or has testified or is about to testify in any such proceeding;’.
        (A) for the purposes of employing, promoting, or terminating employment, compels or coerces any person to authorize access, such as by providing a password or similar information through which a computer may be accessed, to a protected computer that is not the employer’s protected computer, and thereby obtains information from such protected computer; or
        (B) discharges, disciplines, discriminates against in any manner, or threatens to take any such action against, any person--
      (1) in paragraph (7)(C), by inserting ‘or’ after the semicolon; and
      (2) by inserting after paragraph (7)(C) the following:
      (8) acting as an employer, knowingly and intentionally--
    (a) In General- Section 1030(a) of title 18, United States Code, is amended--



A petition to pass the Password Protection Act is blogged about at ZDnet. The actual petition is at Access Now. Please sign and pass it on.

More good news is that some states are not waiting for the federal government to act on this issue. Maryland has acted first. Other bills are under consideration in Washington, Illinois, Delaware, New York, New Jersey, Texas, and Massachusetts. The Massachusetts bill also prohibits prospective employers from “friending” job applicants to view Facebook profiles.



No comments: