Social media is continuously expanding. Recent reports suggest Facebook at 1 billion, LinkedIn at 187 million and Twitter at 75 million users worldwide. This undoubtedly creates a wealth of opportunities for both individuals and organisations, but also a wide range of dangers.
What are employers’ main concerns?
Employers are increasingly concerned with the issues arising from these influential, accessible and highly publicised platforms. They find themselves between a rock and a hard place as, whilst mindful of the privacy rights of their employees, they are no longer able to ignore the potential implications of their personal use of social media.
Recent reports suggest that a significant number of employees have posted about work, customers or work colleagues on social networking sites. Unsurprisingly, employers have had to resort to disciplinary action.
How can an employer mitigate the risks of social media misuse?
Misuse can lead to reputational damage, breaches of confidentiality, libel and harassment. Employers can be liable due to the doctrine of vicarious liability if this is done in the course of employment, even if it is unauthorised, or even forbidden, by the employer.
Smith v. Trafford Housing Trust [2012] EWCH 3221 (Ch) considered whether an employee’s religiously motivated Facebook post to the effect that gay marriages in church were “an equality too far” which he made outside of the workplace constituted a breach of its employer’s equal opportunities policy. The High Court found that the post did not breach the policy despite the Facebook page associating the individual with the employer and the views he expressed causing offence to some colleagues.
Smith demonstrates the Court’s reluctance to extend the remit of employers’ work policies to employees’ private activities and moderately expressed personal views. In order to try to overcome this, policies where appropriate should explicitly cover conduct outside of the workplace. Enforceability against employees requires clear communication of the policy. Even then, provisions may be unenforceable if they extend so far that they interfere with employees’ human rights, such as right to privacy or freedom of expression.
Social Media Policies
Some organisations may impose a blanket ban on all use of social media in the workplace. This is often backed up by a prohibition on employees from making any reference to anything related to their employment, colleagues or customers outside of the workplace, or making any comments which may cause offence. However, due to the increasing role of social media in marketing, advertising and recruitment, this may be counter-productive and unrealistic. Furthermore, it’s likely to be unpopular and may tip over into infringement of civil liberties.
Preferable may be the implementation of a social media policy which balances an individual’s rights with the need to protect an organisation’s reputation, its staff and any relationships with relevant third parties.
Each employer will need to elaborate a policy which reflects the particularities of its industry, sector and specific circumstances.
A basic policy might usefully include the following:
- A requirement that employees are not to post comments about anything related to the organisation, its employees or its customers without prior consent from a designated person made responsible for social media management.
- A provision specifying that employees are liable for all personal social media communication and that no abusive, threatening or defamatory comments will be posted and that the social media account makes it clear that views expressed are those of the employee personally and not those of the employer.
- Guidance on the line of demarcation between personal and business related social media postings.
- Guidance on when the employer’s approvals is required for postings.
- Rules on who owns the account and connections made through it: this can be very important when the employee moves to a new employer.
Furthermore, the policy should emphasise that disciplinary action will follow social media misuse, clearly outlining what that disciplinary action might entail. This action should be implemented fairly and consistently in order to avoid employment claims.
What about reputational damage caused through social media misuse?
Twitter now heavily influences the way in which information is accessed and reported – within seconds, anyone can produce a fanciful ‘tweet’ which can be viewed by thousands of ‘followers’. This may even end up in mainstream news, regardless of the validity of the statement. This has led the Guardian to claim that ‘social networks are, first and foremost, a new outlet for the old human habit of amoral gossip’.
Many people still believe themselves anonymous when tweeting or posting under a pseudonym. However, this is not the case. If the issue is sufficiently serious, the target might apply for a Norwich Pharmacal order, requiring the Internet Service Provider (ISP) or web host to reveal the information it holds on the particular user in order to identify the perpetrator. Many people also seem to think that the normal rules on defamation do not apply on twitter; Lord McAlpine has amply demonstrated that this is not the case.
Alternatively, target might issue a notice to take down the content to the web host under the Electronic Commerce (EC Directive) Regulations 2002. Under these regulations, the ISP will be afforded protection against proceedings only so long as it acts ‘expeditiously to remove or disable access to the information’.
In light of recent events, the Metropolitan Police is meeting interested parties in order to assess whether criminal prosecutions can be brought under the Malicious Communications Act. The invocation of the criminal law as a means of attempting to control the threat of dangerous and harmful internet communication must be weighed against basic civil liberties.
What about ownership of data collected through social media in the course of employment?
LinkedIn’s mission is ‘to connect the world’s professionals’ and is thus predominantly a business networking site. Its terms of use state that a user is ‘individually bound’ by a ‘legally binding agreement’, and that it owns the information it provides to LinkedIn. Consequently, an employer is not party to that agreement, and it seems that the employee is in control.
However, whilst a LinkedIn account is usually personal in the sense that it is in the name of the employee, it’s very likely that an employee will have populated its account with contacts made through the course of its employment and may even have used the facility that automatically scans its work address book in order to invite colleagues and clients to become contacts. Despite this, often employment contracts do not address the key issues.
In the case of Hays Specialist Recruitment Holdings Ltd & anor v. Ions & anor [2008] AII ER 216, the High Court considered that Hays had reasonable grounds to believe it might have a claim arising from the se of a LinkedIn account to “harvest” contact details of contacts acquired in the course of his employment Mr Ions was ordered to disclose give pre-action disclosure of all his LinkedIn business contacts, all emails sent to or received by his LinkedIn account from Hays’ computer network as well as other documents that showed any use by him of LinkedIn contacts and business obtained from them. Whilst this suggests that the LinkedIn connections belong to the employer upon termination of employment the decision needs to be treated with caution as it was only a preliminary one and the case did not go on to trial.
Employment contracts should include provisions regarding ownership of business contacts stored on social media sites both during and post-termination of employment and ownership of the social media accounts themselves.