The Maryland General Assembly passed a law on Tuesday to make it illegal for employers to ask employees for Facebook passwords, and now other states are considering similar legislation, including California, [Michigan](http://www.legislature.mi.gov/(S(ycrfwceq3yisyk55ylvmg3jb))/mileg.aspx?page=BillStatus&objectname=2012-HB-5523%0A), Minnesota and Illinois.

In California, State Bill 1349 would prevent schools and employers from demanding access to social media accounts. The bill is backed by Sen. Leland Yee, a Democrat from San Francisco.

Yee says that trying to snoop through someone's Facebook account is just plain wrong. "This is no different than an employer asking an employee for a date," says Yee. "My general sense is that the business community is going to continually want personal information and we've got to be vigilant."

The topic has gained a lot of attention following recent reports of hiring managers or employers demanding Facebook passwords. But it's not actually clear how widespread the practice really is. Most of the publicly reported cases have involved government and law enforcement jobs.

A spokesman for Sen. Yee's office admits that the California bill is "preventative," rather than a response to a barrage of constituent complaints. Melissa Goeman, the legislative director at the ACLU's Maryland chapter, says that other than two cases with the Maryland department of corrections, they haven't had any other direct reports of employers or government agencies asking for the information. "I think it's hard for people to come forward because those who are affected really need the job so they're not willing to make waves," she says.

The Maryland bill had some opposition. The Maryland Chamber of Commerce was against it, saying, "legitimate business-related interests outweigh what would be an unrealistic expectation of a 'zone of privacy' in social media information." In addition, Goeman said that the Maryland Retailers Association and investment house T. Rowe Price, whose headquarters are in Baltimore, had also joined the fight against the bill, saying that such information was needed since they manage such high-value securities.

One of the challenges that these laws will face is the fuzzy line between "personal" and "work" accounts. For instance, an employee may use a personal Twitter account to tweet as a subject matter expert who works for a well-reputed consultancy. Whether that consultant is tweeting from a work or personal account could be challenged in a court.

"One thing we have made clear: If you're on a company computer and doing something personal, you're fair game," says Sen. Ronald Young, a Democrat from Frederick, Maryland, who co-sponsored his state's bill, noting it doesn't place any restrictions on employers who want to install monitoring or filtering tools on an employee's computer.

The Maryland bill was actually introduced last year, after Young read reports of a man being asked for his Facebook login credentials while re-applying for his job with the Maryland department of corrections. Then last month Erin Egan, Facebook chief privacy officer, wrote a lengthy blog post condemning the practice which injected new life in the discussion and the bill passed the Legislature. It now awaits governor Martin O'Malley's signature to become law.