Until this week, it was perfectly legal for a company or university in California or Illinois to request the Facebook password of a prospective employee.
Now, thanks to state legislation that went into effect at the start of 2013, California and Illinois have joined four other U.S. states, including Delaware, Maryland, Michigan and New Jersey, to make the practice illegal, reported Wired.
The law doesn't prevent employers from looking at what potential hires or employees publicly post to social-media accounts. And if you happen to live in the other 44 states, it's up to you to risk losing out on a job by refusing the request.
This isn't a case of creating laws to stop a non-existent issue. There have been reports of employers across the U.S. demanding access to potential employees' personal data on social media sites like Facebook and Twitter.
The password requests haven't become a mainstay in human resource departments nationwide yet. However, enough reports surfaced to spur Facebook into action. Last March, the company's chief privacy officer for policy issued a statement warning employers these types of requests exposes them to "unanticipated legal liability," reported CNET at the time.
Facebook's response prompted lawmakers in the U.S. as well as regulators in the U.K. to take action. The U.K.'s Information Commissioner's Office issued a warning last year to employers to not request passwords from prospective or existing employees. Some U.S. state legislatures passed laws prohibiting the practice.
The federal government is another story. Last May, several U.S. senators introduced the Password Protection Act of 2012. It has languished in committee ever since.
Photo: Screenshot of Facebook login