North Carolina
North Carolina Employee Monitoring Laws: Workplace Surveillance and Social Media (2026)

North Carolina employers can monitor work email, phone lines, and company computer systems under the federal wiretap law's business-use exception, and the state's rules on employee privacy are thinner than many online compliance checklists claim. A 2013 bill would have barred North Carolina employers from demanding an employee's social media password, but it died in the state Senate and never became law, so North Carolina has no social-media-password statute today. This guide separates what North Carolina actually regulates, GPS and fleet-vehicle tracking, hidden cameras, and biometric time clocks, from what a proposed law almost did but didn't.
This article provides general legal information about North Carolina employee monitoring law as of July 9, 2026. It is not legal advice and does not create an attorney-client relationship. Consult a North Carolina-licensed attorney about your specific situation.
Scope: This article covers North Carolina law on an employer's authority to monitor employees, access personal social media, and conduct video, GPS, and biometric monitoring. It does not re-derive North Carolina's one-party consent rules (see our North Carolina recording laws guide) or GPS law outside employment (see our North Carolina GPS tracking laws guide).
The Federal Baseline: the "Ordinary Course of Business" Exception
North Carolina's starting point for any workplace monitoring question is federal, not state, law. Title I of the Electronic Communications Privacy Act makes it unlawful to intentionally intercept wire, oral, or electronic communications without consent, 18 U.S.C. sections 2510-2523, but it carves out a broad exception for the owner of a communications system. Under 18 U.S.C. section 2511(2)(a)(i), a provider of a wire or electronic communication service, a category courts extend to employers who own the phone, email, and computer systems staff use, may intercept communications on that system in the ordinary course of business.
The leading case applying this exception is Watkins v. L.M. Berry & Co., 704 F.2d 577 (11th Cir. 1983), where an employer monitored a sales line as part of a standing training program. The court held that once a call is determined personal rather than business-related, the ordinary-course exception generally ends, and continued listening can create liability. North Carolina has no state monitoring statute that narrows or expands this federal baseline for phone or email review; state law fills the gap only in the specific areas below.
Does North Carolina Require Notice Before Electronic Monitoring?
No. A small group of states, Connecticut, Delaware, New York, and (starting in 2026) Maine, require employers to give employees written or posted notice before monitoring phone, email, or internet use on the job. North Carolina has not enacted a comparable statute, so an employer can generally monitor company email, internet use, and phone lines on employer-owned systems under the federal ordinary-course exception, without a state-mandated notice step. A written monitoring policy is still good practice: it documents that surveillance occurred in the ordinary course of business rather than as a targeted intrusion, and it matters if an employee later brings a common-law invasion-of-privacy claim.
Does North Carolina Have a Social Media Password Law? (No, Despite What Some Compliance Lists Claim)
Several 50-state compliance checklists list North Carolina among the states that bar employers from demanding a social media password. That is incorrect. Roughly half the states, including neighbors Virginia and Tennessee, have enacted a law along those lines. North Carolina is not one of them, and it never has been.

The confusion traces to a specific bill. In 2013, the NC House considered House Bill 846, the Job and Education Privacy Act. As drafted, it would have barred an employer from requiring an employee or applicant to disclose a social media or personal email password, or to log in in the employer's presence, and would have protected anyone disciplined for refusing. The House passed a committee substitute in May 2013, but after crossing over, the Senate referred it to the Rules and Operations of the Senate Committee on May 20, 2013, and it never got a floor vote. The bill died there when the 2013-2014 session ended. Because it was never enacted, there is no Chapter 99F in the North Carolina General Statutes; the chapter sequence runs directly from Chapter 99E to Chapter 100.
That gap has practical consequences. A North Carolina employer that asks for a personal social media password is not violating a specific state statute by asking. What changes the analysis is acting on the answer: logging into the account without the employee's genuine authorization can trigger the federal Stored Communications Act, 18 U.S.C. section 2701, which criminalizes intentionally accessing a stored electronic communications facility without authorization. A coerced disclosure followed by the employer reviewing genuinely private content may also support a common-law invasion-of-privacy claim. Neither theory reaches as far as the statute HB 846 would have created.
Video and Audio Surveillance in North Carolina Workplaces
North Carolina has no employment-specific video-surveillance statute, but general law limits where a camera, employer-owned or not, can point. North Carolina's hidden-camera and voyeurism statute, N.C. Gen. Stat. section 14-202, makes it a graduated offense, up to a Class I felony for installing a device to capture images for sexual gratification and a Class H felony for disseminating those images, to secretly record someone in a place with a reasonable expectation of privacy, such as a restroom, locker room, or changing area. An employer that installs a camera in those spaces faces both criminal liability and a civil invasion-of-privacy claim, regardless of a posted policy.
Cameras in common work areas, sales floors, and entrances are generally permissible without a state-specific notice requirement. Audio recording of employees falls separately under the one-party consent rule, section 15A-287: an employer recording a conversation, rather than reviewing stored communications, needs at least one participant's consent, which the employer itself can supply if it's a party to the call. See our North Carolina workplace recording laws guide for depth.
GPS and Vehicle Tracking of North Carolina Employees
North Carolina has no dedicated employer vehicle-tracking notice statute comparable to New Jersey's N.J. Stat. section 34:6B-22. Instead, it folds tracking-device rules into its cyberstalking statute, N.C.G.S. 14-196.3(b)(5), which makes it unlawful to knowingly install, place, or use an electronic tracking device, GPS unit, OBD-II plugin, or AirTag-style tracker to track a person without consent.
The statute lists eleven exceptions, and two apply squarely to the workplace: owners of fleet vehicles, including businesses that provide vehicles for employees to operate, and employers providing a work communications device. Tracking a company van or a location-enabled work phone is lawful under these exceptions, with no statutory duty to give advance notice.
Neither the fleet-vehicle exception nor the employer-communications-device exception carries a domestic-violence-protective-order limit. That carve-out lives elsewhere in the statute, attached to the general vehicle-owner exception and the parent-or-guardian-of-a-minor exception, both aimed at personal relationships rather than commercial fleet ownership. What the fleet and employer-device exceptions do not cover is a personally owned vehicle; hiding a tracker there without consent risks a Class 2 misdemeanor. See our North Carolina GPS tracking laws guide for the full exception list.
Biometric Monitoring: Time Clocks and North Carolina's Breach Notification Law
Employers increasingly use fingerprint or facial-recognition time clocks, and in trucking, driver-facing cameras that capture biometric identifiers. Illinois' Biometric Information Privacy Act is the strongest law of this kind nationally, requiring written consent before collection and creating a private right of action, but it does not apply outside Illinois. North Carolina has no comparable statute, and no state law requires consent before enrolling employees in a biometric time clock.

What North Carolina does have is indirect protection through its breach-notification framework. The Identity Theft Protection Act's definitions section, N.C. Gen. Stat. section 75-61, defines protected "personal information" by reference to section 14-113.20(b), which lists biometric data and fingerprints among the covered categories. If a breach exposes biometric time-clock data alongside an employee's name, the Act's notice-of-breach-duty section, N.C. Gen. Stat. section 75-65, requires notifying affected individuals and the Attorney General. Because a breach-notification violation is automatically a UDTPA violation, an injured employee can recover treble damages and attorney fees, sharper than most no-biometric-statute states offer, though it applies only after a breach, not at collection.
House Bill 462, the proposed NC Personal Data Privacy Act, would classify biometric data used for identification as sensitive data requiring opt-in consent. As of July 2026 it remains pending in committee, alongside companion Senate Bill 757, and is not current law.
What North Carolina Employees Can Do About Monitoring Concerns
An employee who believes an employer crossed a legal line has a few concrete options. A bare demand for a social media password does not by itself support a state-law claim, since North Carolina has none, but unauthorized access to the account afterward can support a federal Stored Communications Act claim. A camera in a restroom or locker room can support both a police report and a civil invasion-of-privacy claim. A hidden tracker on a personal vehicle, or tracking under the vehicle-owner or parent-guardian exception after a protective order takes effect, can support a report under N.C.G.S. 14-196.3. Monitoring tied to a protected characteristic or workers' compensation retaliation may instead fall under the NC Department of Labor or the NLRB. Because these rules span several distinct sources, an employee should keep records and consult a North Carolina-licensed employment attorney rather than assume a single statute covers the situation. See our Employee Monitoring Laws by State hub and US Recording Laws by State.
More North Carolina Laws
- North Carolina AI Meeting Recording Laws
- North Carolina Alimony Laws
- North Carolina At-Will Employment Laws
- North Carolina Car Accident Laws
- North Carolina Car Seat Laws
- North Carolina Child Custody Laws
- North Carolina Child Support Laws
- North Carolina Common Law Marriage Laws
- North Carolina Dashcam Laws
- North Carolina Data Privacy Laws
- North Carolina Deepfake Laws
- North Carolina Divorce Laws
- North Carolina Dog Bite Laws
- North Carolina Drone Laws
- North Carolina Emancipation Laws
- North Carolina Expungement Laws
Disclaimer
This article provides general legal information about North Carolina employee monitoring law as of July 9, 2026. It is not a substitute for individualized legal advice. Employment monitoring disputes often involve overlapping statutes, employer policy, and federal law, and outcomes depend on specific facts. Readers should consult an attorney licensed in North Carolina for advice about a particular situation.
Related articles
- Employee Monitoring Laws by State
- North Carolina Recording Laws
- North Carolina Workplace Recording Laws
- North Carolina GPS Tracking Laws
- North Carolina Data Privacy Laws
- US Recording Laws by State

Last updated: July 9, 2026. Statutes cited reflect their in-force version as of that date.
Frequently Asked Questions
Can my employer ask for my Facebook or Instagram password in North Carolina?
Legally, yes. North Carolina has no statute banning the request; a 2013 bill, House Bill 846, would have prohibited it but died in the Senate and was never enacted, so there is no Chapter 99F. You can still decline, and an employer that logs into your account without authorization, rather than merely asking, can violate the federal Stored Communications Act.
Can my [employer GPS](/us-laws/gps-tracking-laws) track a company vehicle I drive in North Carolina?
Yes. N.C.G.S. 14-196.3(b)(5) exempts fleet-vehicle owners and employers tracking work-issued communications devices. Unlike the statute's vehicle-owner and parent-guardian exceptions, the fleet and employer-device exceptions carry no domestic-violence-protective-order limit.
Can my employer track my personal car in North Carolina?
Not without your consent. The statutory exceptions cover employer-owned fleet vehicles and employer-issued communications devices, not a personally owned car. Hiding a tracker there without consent can be charged as a Class 2 misdemeanor.
Can my employer put a camera in a North Carolina workplace restroom or locker room?
No. North Carolina's voyeurism statute, N.C. Gen. Stat. section 14-202, prohibits [recording someone without consent](/us-laws/is-it-illegal-to-record-someone) in a place with a reasonable expectation of privacy, and this applies to employer-installed cameras like anyone else.
Can my North Carolina employer require a fingerprint scan for the time clock?
Under current state law, yes. North Carolina has no biometric consent statute, so employers can generally require biometric time clocks without specific consent. If that data is later breached, the employer must notify affected employees, and an injury claim can carry treble damages under the Unfair and Deceptive Trade Practices Act.
Is North Carolina one of the states with a social media privacy law for employees?
No. About half of US states, including neighbors Virginia and Tennessee, restrict employers from demanding social media passwords, but North Carolina is not one of them despite a 2013 attempt, House Bill 846, that died in the Senate. If an employer accesses your account without authorization rather than just asking for the password, consult an attorney about a claim under the federal Stored Communications Act or North Carolina's invasion-of-privacy tort.
Sources and References
- North Carolina House Bill 846 (2013), Job and Education Privacy Act, bill lookup and legislative history (passed House, referred to Senate Rules and Operations of the Senate Committee 5/20/2013, no further action taken, never enacted)(ncleg.gov).gov
- NCSL, Privacy of Employee and Student Social Media Accounts (50-state tracker; North Carolina not listed among states with a social media password law)(ncsl.org)
- 18 U.S.C. section 2701, Stored Communications Act (unauthorized access to stored electronic communications)(law.cornell.edu).gov
- 18 U.S.C. section 2511(2)(a)(i), exception for interception of communications in the ordinary course of business(law.cornell.edu).gov
- Watkins v. L.M. Berry & Co., 704 F.2d 577 (11th Cir. 1983)(law.resource.org)
- N.C.G.S. 14-196.3, Cyberstalking (electronic tracking device offense and exceptions)(ncleg.gov).gov
- N.C. Gen. Stat. section 15A-287, Electronic surveillance (one-party consent)(ncleg.gov).gov
- N.C. Gen. Stat. section 14-202, Secretly peeping/voyeurism and hidden camera offenses(ncleg.gov).gov
- N.C. Gen. Stat. section 75-65, Identity Theft Protection Act (notice-of-breach duty)(ncleg.gov).gov
- N.C. Gen. Stat. section 75-61, Identity Theft Protection Act definitions (personal information defined by reference to G.S. 14-113.20(b))(ncleg.gov).gov
- N.C. Gen. Stat. section 14-113.20(b), identifying information definitions (biometric data, fingerprints)(ncleg.gov).gov