By Christopher Leh
In a recent Business Insider article, business reporter Lou Dubois of Inc. magazine observed that few cases based on social media had yet gone to court and wondered why. From lawyer and blogger Bradley Shear, he received an insightful answer, “Nobody wants to be made an example of.” Social media technology and practices change week to week and month. How does an employer avoid becoming an example and popping up in trade magazines, showing up in business school case studies, or getting “flamed” on the Internet?
As Dubois points out, one part of the answer lies in creating, implementing and enforcing a strong social media policy. Such a policy can help inoculate the employer against litigation by others based on a wide variety of legal theories, a sampling of which includes:
- Equal Employment Law, including Title VII, the Americans with Disabilities Act, the Age Discrimination in Employment Act, and the Genetic Information Nondiscrimination Act, as well as similar state laws, which protect against unlawful employment practices. For example, an employer that knows its employees are being sexually harassed through the use of social media, but takes no action, violates the law.
- The Fair Credit Reporting Act, which prohibits an employer’s obtaining from a third party and using some types of background information without first obtaining authorization from the employee or prospective employee. As we previously posted, a company supervisor who uses a mobile phone application to check an applicant’s credit record and then refuses to hire him based on what he learns may subject the company to liability if authorization has not been provided or if the proper notices have not been given.
- The National Labor Relations Act, which protects employees engaged in certain concerted activities concerning terms and conditions of employment. As we have said (here and here), the National Labor Relations Board, which enforces the NLRA, has been active in pursuing charges against employers arising out of the use of social media or their response to employees’ use of it.
- The Health Insurance Portability and Accountability Act, which protects against the unauthorized disclosure of personal health information. For example, hospital employees who post details of their patients’ medical care could subject their employer to HIPAA liability.
- Copyright Law, which protects “original works of authorship fixed in a tangible medium of expression.” One of the most common copyright violations in social media is the reposting of photographs, videos or news stories without the owners’ permission.
- Trademark Law, which, among other things, protects a company against another person’s use of a symbol that is “likely . . . to deceive as to the affiliation” of the user as to the “sponsorship or approval” of that person’s goods, services or commercial activities. An example of this would be the use of a trademark to suggest that a blog is approved by the company that owns the trademark.
- The Uniform Trade Secrets Act, which has been adopted in some form by the vast majority of the states and protects against the disclosure, misappropriation and use of a company’s information, where the economic value derives from the fact that is not generally known to and not readily ascertainable by proper means and the owner takes reasonable steps to protect its secrecy. An employee who discloses his former employer’s trade secrets on his new employer’s website or in its blog could subject the new employer to liability.
- The Federal Trade Commission Act, which protects against certain kinds of deceptive trade practices. Recently, the Federal Trade Commission refined its guidance concerning testimonials and endorsements. As we have discussed elsewhere, the FTC is likely to consider it unlawful to tout an employer’s products or services on Twitter without disclosing the relationship between the person tweeting and her employer.
Of course, this list is only a partial one and does not include various state common law theories of liability such as defamation.
Dubois’ article correctly points to the importance of a company creating, implementing, and enforcing a social media policy as a way to help reduce the chances of being sued. A strong social media policy should:
- Integrate with the strategic vision of how the employer uses electronic media in its business;
- Dovetail with the employer's policies on: discrimination, harassment, retaliation, ethical practices, intellectual property, trade secrets, information technology, and technology/electronic resources use policies;
- Clarify to whom the policy applies and enumerate the media to which it refers, including social networks, blogs, YouTube, Twitter, text messages, bulletin boards and chat rooms;
- Contain clear statements about limitations on expectations of privacy, including the employer’s ownership of the computer, the employer’s right to monitor and access social media during and after employment, and the existence of an “audit trail” as to activity conducted on a company computer;
- With respect to employer-sponsored social media:
- Require employees to: take responsibility for what they post, create excitement and add value; be respectful and use good judgment; complain to human resources about any misuse of social media;
- Prohibit employees from: disclosing company confidential and trade secret information; posting personal and privileged information like attorney-client and doctor-patient communications; soliciting for non-company activities; slacking; “friending” subordinates on Facebook or similar sites; posting anonymously or pseudonymously; and violating other company policies through the use of social media;
- With respect to non-employer-sponsored social media:
- Require employees to: comply with all company policies; post a disclaimer for any comments relating to the company; be truthful and respectful; resolve human resources complaints internally; contact HR or a manager for needed clarification;
- Prohibit employees from: disparaging the company, its employees, and the competition; using the company’s graphics or photos of the company; posting anonymously or pseudonymously about the company; violating company-mandated blackouts (e.g., for securities purposes;
- Establish clear consequences for violations of the policy
Dubois correctly encourages employers to craft social media policies. But those policies will be dead letters unless managers, information technology staff, and other employees are trained to understand and follow them. Further, the employer will have to monitor, enforce and re-evaluate the policy as necessary. Taken together, these steps can help an employer from becoming the litigation example no one wants to be.
.jpg)
Philip Gordon will be speaking on a range of privacy and data protection issues at the following upcoming events:
The Guide to Telework in the Federal Government informs and provides guidance on the Telework Enhancement Act of 2010, which was signed into law on December 9, 2010. The Act establishes baseline expectations for the federal telework program and is a key factor in the federal government’s ability to achieve greater flexibility in managing its workforce. The Telework Guide is an understandable roadmap for other employers to the future of a remote and plugged-in workforce, while complying with the myriad of laws that govern the traditional workplace. To learn more about the guide, please 
Ever since revelations in May that smartphones track the location of their users, location privacy has been a red hot issue in virtually every forum — except the U.S. workplace. Just last week, for example, the U.S. Supreme Court 
The National Labor Relations Board 
A recent article in the Wall Street Journal aptly identified several challenges that employers face when they allow employees to use their personal smartphones and tablets for work. The article, entitled “
A 