Full Text of SB0202 100th General Assembly
SB0202 100TH GENERAL ASSEMBLY |
| | 100TH GENERAL ASSEMBLY
State of Illinois
2017 and 2018 SB0202 Introduced 1/24/2017, by Sen. John J. Cullerton SYNOPSIS AS INTRODUCED: | | 820 ILCS 55/10 | from Ch. 48, par. 2860 |
|
Amends the Right to Privacy in the Workplace Act. Makes a technical change
in
a Section concerning prohibited inquiries.
|
| |
| | A BILL FOR |
|
| | | SB0202 | | LRB100 04913 JLS 14923 b |
|
| 1 | | AN ACT concerning employment.
| 2 | | Be it enacted by the People of the State of Illinois, | 3 | | represented in the General Assembly:
| 4 | | Section 5. The Right to Privacy in the Workplace Act is | 5 | | amended by changing Section 10 as follows:
| 6 | | (820 ILCS 55/10) (from Ch. 48, par. 2860)
| 7 | | Sec. 10. Prohibited inquiries; online activities. | 8 | | (a) It shall be unlawful for any employer
to inquire, in a | 9 | | written application or in any other manner, of any
prospective | 10 | | employee or of the the prospective employee's previous | 11 | | employers,
whether that prospective employee has ever filed a | 12 | | claim for benefits under
the Workers' Compensation Act or | 13 | | Workers' Occupational Diseases Act or
received benefits under | 14 | | these Acts.
| 15 | | (b)(1) Except as provided in this subsection, it shall be | 16 | | unlawful for any employer or prospective employer to: | 17 | | (A) request, require, or coerce any employee or | 18 | | prospective employee to provide a user name and password or | 19 | | any password or other related account information in order | 20 | | to gain access to the employee's or prospective employee's | 21 | | personal online account or to demand access in any manner | 22 | | to an employee's or prospective employee's personal online | 23 | | account; |
| | | SB0202 | - 2 - | LRB100 04913 JLS 14923 b |
|
| 1 | | (B) request, require, or coerce an employee or | 2 | | applicant to authenticate or access a personal online | 3 | | account in the presence of the employer; | 4 | | (C) require or coerce an employee or applicant to | 5 | | invite the employer to join a group affiliated with any | 6 | | personal online account of the employee or applicant; | 7 | | (D) require or coerce an employee or applicant to join | 8 | | an online account established by the employer or add the | 9 | | employer or an employment agency to the employee's or | 10 | | applicant's list of contacts that enable the contacts to | 11 | | access the employee or applicant's personal online | 12 | | account; | 13 | | (E) discharge, discipline, discriminate against, | 14 | | retaliate against, or otherwise penalize an employee for | 15 | | (i) refusing or declining to provide the employer with a | 16 | | user name and password, password, or any other | 17 | | authentication means for accessing his or her personal | 18 | | online account, (ii) refusing or declining to authenticate | 19 | | or access a personal online account in the presence of the | 20 | | employer, (iii) refusing to invite the employer to join a | 21 | | group affiliated with any personal online account of the | 22 | | employee, (iv) refusing to join an online account | 23 | | established by the employer, or (v) filing or causing to be | 24 | | filed any complaint, whether orally or in writing, with a | 25 | | public or private body or court concerning the employer's | 26 | | violation of this subsection; or |
| | | SB0202 | - 3 - | LRB100 04913 JLS 14923 b |
|
| 1 | | (F) fail or refuse to hire an applicant as a result of | 2 | | his or her refusal to (i) provide the employer with a user | 3 | | name and password, password, or any other authentication | 4 | | means for accessing a personal online account, (ii) | 5 | | authenticate or access a personal online account in the | 6 | | presence of the employer, or (iii) invite the employer to | 7 | | join a group affiliated with a personal online account of | 8 | | the applicant. | 9 | | (2) Nothing in this subsection shall limit an employer's | 10 | | right to: | 11 | | (A) promulgate and maintain lawful workplace policies | 12 | | governing the use of the employer's electronic equipment, | 13 | | including policies regarding Internet use, social | 14 | | networking site use, and electronic mail use; or | 15 | | (B) monitor usage of the employer's electronic | 16 | | equipment and the employer's electronic mail without | 17 | | requesting or using any employee or prospective employee to | 18 | | provide any password or other related account information | 19 | | in order to gain access to the employee's or prospective | 20 | | employee's personal online account. | 21 | | (3) Nothing in this subsection shall prohibit an employer | 22 | | from: | 23 | | (A) obtaining about a prospective employee or an | 24 | | employee information that is in the public domain or that | 25 | | is otherwise obtained in compliance with this amendatory | 26 | | Act of the 97th General Assembly; |
| | | SB0202 | - 4 - | LRB100 04913 JLS 14923 b |
|
| 1 | | (B) complying with State and federal laws, rules, and | 2 | | regulations and the rules of self-regulatory organizations | 3 | | created pursuant to federal or State law when applicable; | 4 | | (C) requesting or requiring an employee or applicant to | 5 | | share specific content that has been reported to the | 6 | | employer, without requesting or requiring an employee or | 7 | | applicant to provide a user name and password, password, or | 8 | | other means of authentication that provides access to an | 9 | | employee's or applicant's personal online account, for the | 10 | | purpose of: | 11 | | (i) ensuring compliance with applicable laws or | 12 | | regulatory requirements; | 13 | | (ii) investigating an allegation, based on receipt | 14 | | of specific information, of the unauthorized transfer | 15 | | of an employer's proprietary or confidential | 16 | | information or financial data to an employee or | 17 | | applicant's personal account; | 18 | | (iii) investigating an allegation, based on | 19 | | receipt of specific information, of a violation of | 20 | | applicable laws, regulatory requirements, or | 21 | | prohibitions against work-related employee misconduct; | 22 | | (iv) prohibiting an employee from using a personal | 23 | | online account for business purposes; or | 24 | | (v) prohibiting an employee or applicant from | 25 | | accessing or operating a personal online account | 26 | | during business hours, while on business property, |
| | | SB0202 | - 5 - | LRB100 04913 JLS 14923 b |
|
| 1 | | while using an electronic communication device | 2 | | supplied by, or paid for by, the employer, or while | 3 | | using the employer's network or resources, to the | 4 | | extent permissible under applicable laws. | 5 | | (4) If an employer inadvertently receives the username, | 6 | | password, or any other information that would enable the | 7 | | employer to gain access to the employee's or potential | 8 | | employee's personal online account through the use of an | 9 | | otherwise lawful technology that monitors the employer's | 10 | | network or employer-provided devices for network security or | 11 | | data confidentiality purposes, then the employer is not liable | 12 | | for having that information, unless the employer: | 13 | | (A) uses that information, or enables a third party to | 14 | | use that information, to access the employee or potential | 15 | | employee's personal online account; or | 16 | | (B) after the employer becomes aware that such | 17 | | information was received, does not delete the information | 18 | | as soon as is reasonably practicable, unless that | 19 | | information is being retained by the employer in connection | 20 | | with an ongoing investigation of an actual or suspected | 21 | | breach of computer, network, or data security. Where an | 22 | | employer knows or, through reasonable efforts, should be | 23 | | aware that its network monitoring technology is likely to | 24 | | inadvertently to receive such information, the employer | 25 | | shall make reasonable efforts to secure that information. | 26 | | (5) Nothing in this subsection shall prohibit or restrict |
| | | SB0202 | - 6 - | LRB100 04913 JLS 14923 b |
|
| 1 | | an employer from complying with a duty to screen employees or | 2 | | applicants prior to hiring or to monitor or retain employee | 3 | | communications as required under Illinois insurance laws or | 4 | | federal law or by a self-regulatory organization as defined in | 5 | | Section 3(A)(26) of the Securities Exchange Act of 1934, 15 | 6 | | U.S.C. 78(A)(26) provided that the password, account | 7 | | information, or access sought by the employer only relates to | 8 | | an online account that: | 9 | | (A) an employer supplies or pays; or | 10 | | (B) an employee creates or maintains on behalf of or | 11 | | under direction of an employer in connection with that | 12 | | employee's employment. | 13 | | (6) For the purposes of this subsection: | 14 | | (A) "Social networking website" means an | 15 | | Internet-based service that allows individuals to: | 16 | | (i) construct a public or semi-public profile | 17 | | within a bounded system, created by the service; | 18 | | (ii) create a list of other users with whom they | 19 | | share a connection within the system; and | 20 | | (iii) view and navigate their list of connections | 21 | | and those made by others within the system. | 22 | | "Social networking website" does not include | 23 | | electronic mail. | 24 | | (B) "Personal online account" means an online account, | 25 | | that is used by a person primarily for personal purposes. | 26 | | "Personal online account" does not include an account |
| | | SB0202 | - 7 - | LRB100 04913 JLS 14923 b |
|
| 1 | | created, maintained, used, or accessed by a person for a | 2 | | business purpose of the person's employer or prospective | 3 | | employer. | 4 | | (Source: P.A. 98-501, eff. 1-1-14; 99-610, eff. 1-1-17 .)
|
|