34-48 - Internet Employment Privacy Act
Title 34 > 34-48
Sections (6)
General Provisions
34-48-101 - Title.
This chapter is known as the “Internet Employment Privacy Act.”
Enacted by Chapter 94, 2013 General Session
34-48-102 - Definitions.
As used in this chapter:
(1) “Adverse action” means to discharge, threaten, or otherwise discriminate against an employee in any manner that affects the employee’s employment, including compensation, terms, conditions, location, rights, immunities, promotions, or privileges.
(2) “Employer” means a person, including the state or a political subdivision of the state, that has one or more workers or operators employed in the same business, or in or about the same establishment, under any contract of hire, express or implied, oral or written.
(3) “Law enforcement agency” is as defined in Section 53-1-102.
(4) “Personal Internet account” means an online account that is used by an employee or applicant exclusively for personal communications unrelated to any business purpose of the employer.”Personal Internet account” does not include an account created, maintained, used, or accessed by an employee or applicant for business related communications or for a business purpose of the employer.
Enacted by Chapter 94, 2013 General Session
Prohibited and Permitted Activities
34-48-201 - Employer may not request disclosure of information related to personal Internet account.
An employer may not do any of the following:
(1) request an employee or an applicant for employment to disclose a username and password, or a password that allows access to the employee’s or applicant’s personal Internet account; or
(2) take adverse action, fail to hire, or otherwise penalize an employee or applicant for employment for failure to disclose information described in Subsection (1).
Enacted by Chapter 94, 2013 General Session
34-48-202 - Permitted actions by an employer.
(1) This chapter does not prohibit an employer from doing any of the following: requesting or requiring an employee to disclose a username or password required only to gain access to the following:an electronic communications device supplied by or paid for in whole or in part by the employer; oran account or service provided by the employer, obtained by virtue of the employee’s employment relationship with the employer, and used for the employer’s business purposes;disciplining or discharging an employee for transferring the employer’s proprietary or confidential information or financial data to an employee’s personal Internet account without the employer’s authorization;conducting an investigation or requiring an employee to cooperate in an investigation in any of the following:if there is specific information about activity on the employee’s personal Internet account, for the purpose of ensuring compliance with applicable laws, regulatory requirements, or prohibitions against work-related employee misconduct; orif the employer has specific information about an unauthorized transfer of the employer’s proprietary information, confidential information, or financial data to an employee’s personal Internet account;restricting or prohibiting an employee’s access to certain websites while using an electronic communications device supplied by, or paid for in whole or in part by, the employer or while using an employer’s network or resources, in accordance with state and federal law; ormonitoring, reviewing, accessing, or blocking electronic data stored on an electronic communications device supplied by, or paid for in whole or in part by, the employer, or stored on an employer’s network, in accordance with state and federal law.
(2) Conducting an investigation or requiring an employee to cooperate in an investigation as specified in Subsection (1)(c) includes requiring the employee to share the content that has been reported in order to make a factual determination.
(3) This chapter does not prohibit or restrict an employer from complying with a duty to screen employees or applicants before hiring or to monitor or retain employee communications that is established under federal law, by a self-regulatory organization under the Securities and Exchange Act of 1934, 15 U.S.C. Sec. 78c(a)(26), or in the course of a law enforcement employment application or law enforcement officer conduct investigation performed by a law enforcement agency.
(4) This chapter does not prohibit or restrict an employer from viewing, accessing, or using information about an employee or applicant that can be obtained without the information described in Subsection 34-48-201(1) or that is available in the public domain.
Amended by Chapter 258, 2015 General Session
34-48-203 - Chapter does not create duties.
(1) This chapter does not create a duty for an employer to search or monitor the activity of a personal Internet account.
(2) An employer is not liable under this chapter for failure to request or require that an employee or applicant for employment grant access to, allow observation of, or disclose information that allows access to or observation of the employee’s or applicant for employment’s personal Internet account.
Enacted by Chapter 94, 2013 General Session
Remedy
34-48-301 - Private right of action.
(1) A person aggrieved by a violation of this chapter may bring a civil cause of action against an employer in a court of competent jurisdiction.
(2) In an action brought under Subsection (1), if the court finds a violation of this chapter, the court shall award the aggrieved person not more than $500.
Enacted by Chapter 94, 2013 General Session