CHAPTER 305

HB 1407 FINAL VERSION

05/15/14 1745s
4Jun2014 1916CofC
4Jun2014 2014EBA
2014 SESSION
14-2039
06/01
HOUSE BILL 1407
AN ACT relative to privacy in the workplace.
SPONSORS: Rep. K. Rogers, Merr 28; Rep. P. Sullivan, Hills 10; Sen.
Soucy, Dist 18
COMMITTEE: Labor, Industrial and Rehabilitative Services
ANALYSIS
This bill prohibits an employer from requiring an employee or
prospective employee to disclose his or her social media or electronic mail
passwords.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - -
Explanation: Matter added to current law appears in bold italics.
Matter removed from current law appears [in brackets and struckthrough.]
Matter which is either (a) all new or (b) repealed and reenacted appears in
regular type.
05/15/14 1745s
4Jun2014 1916CofC
4Jun2014 2014EBA
14-2039
06/01
STATE OF NEW HAMPSHIRE
In the Year of Our Lord Two Thousand Fourteen
AN ACT relative to privacy in the workplace.
Be it Enacted by the Senate and House of Representatives in General
Court convened:
305:1 New Subdivision; Use of Social Media and Electronic Mail. Amend
RSA 275 by inserting after section 70 the following new subdivision:
Use of Social Media and Electronic Mail
275:71 Definition. In this subdivision, personal account means an
account, service, or profile on a social networking website that is used by
a current or prospective employee primarily for personal
communications unrelated to any business purposes of the employer.
This definition shall not apply to any account, service, or profile created,
maintained, used, or accessed by a current or prospective employee for
business purposes of the employer or to engage in business-related
communications.
275:72 Use of Social Media and Electronic Mail.
I. No employer shall request or require that an employee or prospective
employee disclose login information for accessing any personal account
or service through an electronic communication device.
II. No employer shall compel an employee or applicant to add anyone,
including the employer or the employers agent, to a list of contacts
associated with an electronic mail account or personal account or require
an employee or applicant to reduce the privacy settings associated with
any electronic mail or personal account that would affect a third partys
ability to view the contents of the account.
III. No employer shall take or threaten to take disciplinary action
against any employee for such employees refusal to comply with a
request or demand by the employer that violates this subdivision.
IV. Nothing in this subdivision shall limit an employers right to:
(a) Adopt and enforce lawful workplace policies governing the use of the
employers electronic equipment, including policies regarding Internet
use, social networking site use, and electronic mail use.
(b) Monitor usage of the employers electronic equipment and electronic
mail.
(c) Request or require an employee to disclose login information for
access to:
(1) An account or service provided by virtue of the employees
employment relationship with the employer; or
(2) An electronic communications device or online account paid for or
supplied by the employer.
V. If, through the use of an electronic device or program that monitors
an employers network or the use of employer provided devices, an
employer inadvertently receives an employees password, or other
authentication information, the employer is not liable for having this
information, but shall not use this information to access an employees
personal accounts.
VI. Nothing in this section shall prohibit an employer from:
(a) Obtaining information about an employee or prospective employee
that is in the public domain;
(b) Conducting an investigation:
(1) To ensure compliance with applicable laws, regulatory requirements,
or prohibitions against work-related employee misconduct based on
information about activity on an employees personal account or service
received from an employee or other source.
(2) Of an employees actions based on the receipt of specific information
about the unauthorized transfer of an employers proprietary
information, confidential information, or financial data to a personal
online account or service by an employee or other source.
VII. In any investigation conducted under paragraph VI, the employer
may require the employees cooperation to share only the content that
has been received by the employer, in order to make a factual
determination.
VIII. Nothing in this section shall be construed to prevent an employer
from complying with the requirements of state or federal statutes, rules
or regulations, case law, or rules of self-regulatory organizations.
275:73 Penalty. Any employer violating RSA 275:72 shall be subject to a
civil penalty, to be imposed by the labor commissioner in accordance
with the procedures established in RSA 273:11-a. An employer aggrieved
by the commissioners assessment of such penalty may appeal in
accordance with RSA 273:11-c.
305:2 Contingent Renumbering. If SB 390 of the 2014 regular legislative
session becomes law, RSA 275:71 through RSA 275:73, as inserted by
section 1 of this act, shall be renumbered as RSA 275:73 through RSA
275:75, respectively, and the reference to RSA 275:72 in RSA 275:73 as
inserted by section 1 of this act shall be renumbered as RSA 275:74.
305:3 Effective Date. This act shall take effect 60 days after its passage.
Approved: August 1, 2014
Effective Date: September 30, 2014