Social Media Laws: Understanding the Regulations that Govern Social Media Use

Social Media Laws

In today’s digital age, social media has become an integral part of our lives. We use it to connect with friends and family, stays informed about current events, and promote our businesses.

Social media laws are designed to ensure that social media platforms and their users to follow specific guidelines and regulations to prevent cyberbullying, harassment, hate speech, and misinformation.

In this article, we will discuss some of the laws that govern social media use, including the Utah social media law, General Data Protection Regulation, Electronic Communications Privacy Act, and Children’s Online Privacy Protection Act.

What is Social Media?

Before diving into the laws that regulate social media, let’s first define what social media is. Social media refers to online platforms that allow users to create, share, and interact with content, including text, photos, and videos. Some of the most popular social media platforms include Facebook, Twitter, Instagram, WhatsApp, and YouTube.

Utah Social Media Law

Utah was the first state in the US to pass a law regulating social media use by employers. The law, which went into effect in 2013, prohibits employers from requesting or requiring employees or job applicants to provide access to their personal social media accounts. This means that employers cannot ask for passwords, usernames, or any other login credentials for social media accounts.

The Utah social media law also prohibits employers from taking adverse actions against employees or job applicants who refuse to provide access to their social media accounts. Adverse actions can include termination, demotion, or any other type of disciplinary action.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a regulation implemented by the European Union (EU) to protect the privacy of EU citizens. The regulation applies to any organization that collects, processes, or stores the personal data of EU citizens, regardless of whether the organization is based within or outside the EU.

Under the GDPR, organizations must obtain explicit consent from individuals before collecting their personal data. They must also clearly communicate the purpose of collecting the data & how it will be used. Additionally, individuals have the right to access their personal data, request its deletion, and withdraw their consent at any time. Failure to comply with the GDPR can result in significant fines, up to 4% of an organization’s annual global revenue or €20 million, whichever is greater.

The GDPR went into effect on May 25, 2018, and applies to all companies that collect personal data from individuals within the EU and EEA, regardless of where the company is based.

Electronic Communications Privacy Act (ECPA)

The Electronic Communications Privacy Act (ECPA) is a US federal law that regulates the interception and disclosure of electronic communications. The law applies to all forms of electronic communication, including emails, text messages, and social media messages.

Under the ECPA, it is illegal to intercept or disclose electronic communications without the consent of at least one of the parties involved. The law also prohibits the unauthorized access of electronic communications stored on remote servers, such as those used by social media platforms.

The ECPA was enacted in 1986 and has been updated several times since then, including the 2001 USA PATRIOT Act.

Children’s Online Privacy Protection Act (COPPA)

Children’s Online Privacy Protection Act (COPPA) is a US federal law that governs the collection of personal information from children under the age of 13. This law applies to websites and online services that are directed at children.

Under COPPA, organizations must obtain verifiable parental consent before collecting personal information from children under 13. They must also provide parents with the option to review and delete their child’s information, and they must maintain reasonable data security measures to protect the information collected. Failure to comply with COPPA can result in significant fines, up to $43,280 per violation.

COPPA was enacted in 1998 and has been updated several times since then, including in 2013 when the Federal Trade Commission (FTC) issued new rules that expanded it’s reach to include mobile apps and other online services.


In conclusion, social media laws are crucial to protect users from potential harm and ensure that social media platforms operate responsibly. Existing laws, such as Utah social media laws, GDPR, ECPA, and COPPA, have already made significant progress in protecting users’ privacy and personal information.


Previous Articles