Are Social Media Password Privacy Statutes #necessary?

As we live more of our life online each day, the wealth of information available on social media sites like Facebook and Twitter grows endlessly. It is no surprise, then, that this information may also be useful in informing hiring and other employment practices. Though employers' actual desire for and use of this social media information is questionable, there is a growing trend towards legislating to protect the privacy of individuals participating in social media sites. Social media password privacy statutes have become prevalent, as about a dozen such statutes have been signed into effect and similar statutes have been (at least) introduced in 36 states. 

Recent surveys have shown that despite public concern, very few employers actually request private social media login information (reporting one to five percent, most of which involve requests for voluntary access or access as an alternative to other application components). Though there are undoubtedly some reported instances of employers requesting Facebook and other logins during job interviews - like Robert Collins's application to the Maryland Department of Public Safety and Correctional Services - this practice is in no way the norm and sharing this information is rarely required. Nevertheless, last year, Maryland became the first state to enact one of these acts, prohibiting employers from demanding personal account information and passwords from prospective and current employees. California, Illinois, Michigan, Washington, and more have followed suit. Although it is reassuring to hear our representatives fight for privacy rights, they are zealously fighting to pass laws that address relatively nonexistent behavior and may even be unnecessary given existing tort law and statutes. 

Privacy Tort: Intrusion Upon Seclusion

"One who intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the intrusion would be highly offensive to a reasonable person." Restatement (Second) of Torts § 652B.

The elements of this tort vary by state, but generally include:

1. The defendant's unauthorized intentional invasion of the plaintiff's affairs (physical or otherwise)
2. The plaintiff's affairs involved a private matter
3. A reasonable person would find the intrusion offensive, and
4. The plaintiff has suffered from the intrusion.  

With respect to an employer demanding access to an applicant or employee's private social media login, these elements initially seem easy to satisfy. There is no doubt, especially when you consider the media and legislature's response to this issue, that a reasonable person would find this intrusion highly offensive, and the individual is harmed as a result of the intrusion. The limitations to pursuing a claim of intrusion on seclusion lie primarily with the aspects of the remaining elements: authorization and the existing privacy of the social media material. 

As to authorization, this claim will fail when prospective employees voluntarily share their password or other information. However, the question of authorization becomes more complicated if a company demands disclosure of login information. Several senators have even called on the DOJto explore whether employer password demands are coercive. Although this situation has not yet been explored, there may be an argument for coercion in some circum