Social networking (SN) sites like Facebook, LinkedIn and Twitter are extremely popular these days, butt should employees be using these sites on employer-owned computers during the work day? Some employers see the marketing benefits associated with having employees on SN sites, while others simply worry about employee productivity. But what if your employee vents about you and your company? Or leaks—intentionally or otherwise—secret corporate information? Or otherwise engages in illegal conduct? You have a right to be concerned about protecting your business, its property and its reputation, but you also need to navigate these virtual waters carefully when regulating or disciplining employee use of SN sites.
In a New Jersey case, Pietrylo v. Hillstone Restaurant Group, two employees formed an “invitation-only” MySpace group to vent about their employer. The employer heard about the group, pressured a member employee to provide access for him and, after reading the comments, fired the founding members. They sued, alleging wiretap law violations, wrongful termination, and invasion of privacy. The parties settled on the termination counts, but left the wiretap and privacy claims for the jury. The employer lost on the wiretap claims, with the jury holding that the employer violated federal and state wiretap statutes each time he accessed the site by “knowingly or intentionally or purposefully accessing [the MySpace group] without authorization from [the divulging employee].” The jury rejected the invasion of privacy claim because it found the plaintiffs did not have a reasonable expectation of privacy in the MySpace page, even though it was limited to invitation-only members.
In City of Ontario, Cal. v. Quon, the U.S. Supreme Court held in favor of the government, and against an employee, when the City of Ontario obtained transcripts of the employee’s text messages on the employee’s pager. The claim was brought by the employee, alleging a violation of the Constitution’s Fourth Amendment prohibition against unreasonable searches and seizures. A key factor in the Court’s decision turned on whether the employee had a reasonable expectation of privacy in his text messages sent and received on his employer-provided pager.
The agency discovered the text messages when it initiated a search of the employee’s text messages to determine whether Ontario had acquired a sufficient service contract with its text messaging provider. The city argued that the employee could not have a reasonable expectation of privacy because, when it acquired the pagers, it announced a computer policy that applied to all employees, reserving the “right to monitor and log all network activity including e-mail and Internet use without or without notice.”
Instead of finding no Fourth Amendment privacy protection in text messages, the Court assumed without deciding that there was a legitimate expectation of privacy in the text messages, but that the search of the text messages was reasonable under the Fourth Amendment because it was work-related. Justice Kennedy acknowledged that the court was entering a new legal frontier in the information age and would proceed with caution before making a broad ruling on the privacy rights expectations of an employee.
Employers can expect more issues to arise in this arena, as technology advances and courts face more issues like those described in the referenced cases. No employer can avoid lawsuits, but taking action in advance can reduce the potential for adverse outcomes.
First, employers must decide what level of use of these sites by employees they will tolerate. There are three options:
- Ban and block access to SN sites;
- Set limits and restrictions on their use; or
- Allow unmonitored access.
(Whatever option an employer selects, it should be sure it has up-to-date anti-virus software, a firewall, and the ability to monitor company and employee use of the internet in general.)
NOTE: Employers should have an Electronics Communications Policy. A Social Networking Policy can be incorporated into this existing policy, or can be in addition to, and in harmony with, this policy. The most important thing that employees must know about using company communication equipment is that they have no expectation of privacy when using company communications assets and systems. An employer’s Electronics Communications Policy should alert employees, in no uncertain terms, that they should not use any company electronic communications assets or systems for any matter they wish to be kept private or confidential. The Policy should also alert employees that the company reserves the right to monitor all employee use of company electronic communications assets, and to store copies of all data coming from such use.
For an example of an Electronics Communications policy, visit our website at mcrazlaw-staging.ciscgwg5-liquidwebsites.com.
COMPONENTS OF A SOCIAL NETWORKING POLICY
- The SN policy should explain that the posting of disparaging remarks about the company or its business interests on SN sites is prohibited.
- The SN policy should alert employees that they are personally responsible for everything they post on SN sites
- If employees identify themselves as an employee of the Company, they should include a disclaimer that their views do not represent the views of their employer.
- Employees should not use the company logo, motto, or photograph on their posts without company permission.
- The SN Policy should educate the employees that a remark, once posted, will remain in cyberspace indefinitely.
- Employees should be advised not to post anything about the company, its competitors, its employees, or its clients without their written permission. Respect for Company co-workers, competition, and clients is required.
- Employees should be advised that they should treat the company’s confidential information, trade secrets, and intellectual property confidentially; such communications can create liability both for the employee and for the company.
- Managers should be cautioned on the pitfalls of becoming “friends” with employees on SN sites, should not reveal anything they would not say in the break room, and should diligently use privacy controls to manage flow of information.
Acknowledgment of receipt and acceptance of the terms of updated and new employment policies should be a condition of employment. It is not enough to email the policies out to the employees or hand them out in a handbook. The Policies should be delivered to each employee in writing, and each employee should acknowledge that he or she has received and read the policies with a signature.
Employers should train employees in the content and application of the rules, and document all monitoring and enforcement of the policies. Employers should limit monitoring to on-duty conduct. Monitoring off-duty conduct, especially from non-company computers, could be seen as an invasion of privacy, or worse. Once the Electronics Communications Policy and the SN Policy are in place, it is essential that the employer monitor compliance with the policies, enforce the policies, and document compliance and monitoring consistently.
