Wednesday, September 16, 2009

Drafting Good Policies for Social Media Use at Work – Part One

The Risks and Reasons

Social media is not going away. It is going to explode on the work scene. New tools like Google’s Wave are coming out, which means FaceBook-type communication is becoming the norm, not the exceptional. If you think the lines between personal and work life are blurred now, just wait.

The benefits of limited social media usage at work have become more clear, especially in very dynamic industries. B2C businesses can put their fingers on the pulse of consumer frenzies as they develop and build both brand awareness and loyalty with direct connections to their prospective customers. B2B businesses can monitor industry developments and buzz about their competitors by customers while shoring up their reputations and proactively cutting off damaging rumors as they start. Advocacy groups can connect easily and see instantaneous developments that may be successful in other places while gathering supporters who are passionate about their cause. Communities of all kinds have sprung up across the social mediasphere and continue to multiply.

There are many risks hidden beneath each social media (SM) page, however. Most can occur very easily both intentionally and unintentionally:

+ Divulging trade secrets
+ Violating data privacy laws
+ Libel and defamation
+ Violating federal and state securities laws
+ Breaches of professional confidentiality obligations
+ Misrepresentation of authority
+ Brand dilution
+ Harassment

Because intentional acts are obviously a threat, I will focus on unintentional ways your staff may cause problems for themselves and your organization through their SM usage.

1. Identity & Authority
When a person speaks, the audience often looks to see what authority she has. Online, the clues can be found in the commentator’s profile: email address, employer name, job title and even business address. If your staff use their work email addresses for their personal online socializing, there is a risk of confusion by the public as to which positions, photos and postings are the employees and which ones represent the employer.

It is one thing to embarrass oneself online with pictures showing a wild time. It is another thing to put your employer in a bad light by linking your crazy cavorting to the company—or worse, posting pictures from a company event without company approval.

2. Breaches of Confidentiality
A recent case where a law firm associate publicly Tweeted as he was reviewing documents during discovery grabbed headlines in some circles. He did not reveal any names, but his opposing counsel was listening and learned through implication about the existence of a potential treasure trove of evidence that the firm had not yet even evaluated, much less disclosed during litigation. In technology, the risk of divulging trade secrets is high, as many senior managers are unaware how decipherable some comments are to those who know the programming language or engineering terms. If a tech grumbles about a particularly thorny challenge with enough detail, the cat will be out of the bag about what he is working on before anyone has a chance to prevent it.

Data privacy laws apply to the employees of an organization as well as the organization itself—even when the employees are “off the clock,” so to speak. There are serious consequences for violating various privacy and confidentiality laws, even if there is no immediate, actual harm.

3. Insider Information
Public companies always run the risk of crossing lines related to their stock. If some news leaks through a few FaceBook photos or updates, then an executive buys or sells shares even coincidentally, the company and the executive can spend dozens of hours and a lot of money defending allegations of improper trading even when they are not guilty. Likewise, in the age where your competitors “listen” with ears not to the ground, but to their Twitter space, random, disparate Tweets by different people located thousands of miles apart aggregate into a picture that can cost you your edge.

4. Harassment
Abusive language and constant messaging would not be tolerable inside the organization’s network. But some employees feel the freedom to act disrespectfully when in their own little SM worlds. They forget about the profile information that lists where they work, their work email address or even what they do, and then blast a peer or worse, a supervisor, and think no one will tie the post back to their place of employment. Cyber stalking and cyber bullying have become well-known terms, which is unfortunate.

In the next post in this series, I will survey some of the guidance available when crafting your own social media policy.

No comments: