Certain corners of the press are irritated that an otherwise horrible law, CISPA, does not prevent employers from demanding that employees turn over their Facebook passwords. Two things might be said about this.
First, the main reason that employers want access to the "personal" lives of their employees is that courts have extended the liability of employers to the activities of employees. The way to kill off employer interest in such things is to clearly declare that the personal web musings of employees (such as this blog, or Facebook) cannot be admitted as evidence of an employer's wrongdoing. We note, for instance, that this blog post was cited in support of a claim that the large public company in which the blogger was an executive was racist. As long as the courts tolerate such allegations, employers will have a legitimate interest in the online activities of employees.
Second, any employer who routinely demands the Facebook passwords of its employees is a moron, and will be punished by the labor market accordingly. The remedy is online ridicule on employee kvetching sites like Glassdoor, no legislation required.