Here's What's Missing from Your Company's Social Media Policy

by JD Supra Perspectives
Contact

(...assuming your company actually has a social media policy in the first place.)

There is no social media 'one-size-fits-all' policy. Each policy should be tailor-made to the company that will be using it... - Janice Mock, partner at Nossaman LLP

For a legal perspective, we asked attorneys writing on JD Supra to tell us what, in their experience, they most often found to be missing from workplace social media policies. We knew that a roundtable of responses would make for interesting reading. Here's what we heard back:

Positive Examples of Things Your Employees Can Do

From Cynthia Larose, Chair of Mintz Levin's Privacy & Security practice: "Most social media policies are exactly that – policies. They are drafted with the 'thou shalt not' in mind and typically fail to include anything (or very little) with respect to the 'thou shall.' If your company is thinking about controlling how employees interact with social media, consider including in your policies suggestions as to how employees should interact with social media to connect with co-workers and the public. Clearly communicate the company’s expectations and offer examples of scenarios that are acceptable and include an approved description of the company’s brand. Make it clear that individuals who link online identities with the company and disclose their employment also incorporate the approved language into their online profiles. A policy that includes the positive can help to build advocates for the brand. Trust your employees to drive responsibly if you give them the rules of the road."

Carefully-crafted examples can illustrate the scope of prohibited behavior and prevent overbroad prohibitions that violate federal law...

Kate Grado of Harrang Long Gary Rudnick P.C agrees, and offers a great mantra for infusing your policy with meaningful examples: "What is most often missing is illustrative examples. Under federal law, employees have a legal right to discuss the 'terms and conditions' of their employment. This nebulous phrase protects a broad spectrum of conversations, potentially including an employee's complaints about wages, working hours, supervisors, and other aspects of an employee's daily work life—even if aired to the public through their favorite social media site. A social media policy violates federal law if a reasonable employee could interpret the policy to prohibit conversations about the terms and conditions of their employment. When crafting a social media policy, adopt this mantra: Don’t just state—illustrate. Carefully-crafted examples can illustrate the scope of prohibited behavior and prevent overbroad prohibitions that violate federal law."

Related to this notion of clear, positive illustrations is of course...

Specificity

...rather than banning any disclosure of a company’s confidential information – the employer must be specific about exactly what cannot be disclosed (such as trade secrets, customer information, business strategies and product development).

From Janice Mock, partner in Nossaman LLP's San Francisco office: "The one thing most social media policies lack is specificity. It’s such a new area of law that most employers don’t know what is enough, and what isn’t. Employers should avoid sweeping, overbroad 'bans' on everything. Be specific about what won’t be tolerated. For example, rather than banning any disclosure of a company’s confidential information – the employer must be specific about exactly what cannot be disclosed (such as trade secrets, customer information, business strategies and product development). Just banning 'confidential information' isn’t good enough. General bans on 'disparaging remarks' are likewise troublesome. Employees have the right to complain about their bosses, and banning them from posting such complaints isn’t allowed. However, you can restrict remarks that violate the company’s harassment policies, or postings of plagiarized or copyrighted material.  You can, and should, restrict an employee from posting unauthorized 'promos' that purport to represent the company without pre-approval. In short, there is no social media 'one-size-fits-all' policy. Each policy should be tailor-made to the company that will be using it."

Careful Attention to the Requirements of the NLRA

From Kenneth A. Jenero, partner at Holland & Knight LLP: "Yes, the National Labor Relations Act (NLRA) does apply to union and non-union employees alike. And employers are learning this all too frequently when their social media policies and related employment decisions are challenged through the filing of unfair labor practice charges. The nature and extent of the NLRA's impact on social media policies has been the subject of a series of significant NLRB decisions and General Counsel Reports and Advice Memoranda over the past two years. Employers would be well-served to conform their social media policies to the NLRB's legal guidance to the fullest extent possible. Discharging employees pursuant to the terms of unlawful social media policies will subject employers to liability under the NLRA, including reinstating the employee with full back pay and benefits.

The goal for employers is to ... eliminate provisions in their social media policies that the NLRB has determined to be unlawfully overbroad because of their chilling effect on employees' NLRA-protected rights...

In addition, merely maintaining an unlawful social media policy (even without enforcing it) would constitute an unfair labor practice and provides grounds for setting aside a pro-employer vote in an NLRB-conducted union election. Among the policy provisions that require particular attention are those prohibiting use of social media to disseminate confidential information, to make defamatory or derogatory comments about the company, supervisors, managers or co-workers, or to make offensive, demeaning, abusive or inappropriate remarks, or requiring prior approval from management for social media posts and communications. The goal for employers is to (1) eliminate provisions in their social media policies that the NLRB has determined to be unlawfully overbroad because of their chilling effect on employees' NLRA-protected rights, and (2) define or give illustrative examples of terms that the NLRB has identified as problematic in order to clarify that the provisions do not apply to NLRB-protected activities."

John F. Delaney, New York partner at Morrison & Foerster and editor of the firm's Socially Aware blog, reiterates the need to address NLRB/NLRA requirements and adds:

Attention to Geo-Location Issues

...there are instances where an employee’s physical location (for example, at the offices of an acquisition target) may itself constitute confidential information.

From Delaney: "If a social media policy hasn’t been updated over the past two years, the policy is likely to be out of compliance with the guidance that has been issued by the National Labor Relations Board over that period. If the policy has been recently updated to address NLRB concerns, one issue that will often not be addressed in a social media policy, and that ideally should be addressed, is the need for company personnel to exercise care in using the geo-location features of social media platforms – there are instances where an employee’s physical location (for example, at the offices of an acquisition target) may itself constitute confidential information."

And while considering technology, don't forget to include in your policy:

A Focus on BYOD

From Michele Lange at Kroll Ontrack: "The biggest problem with most corporate social media policies is that they fail to consider the Bring Your Own Device (BYOD) phenomena currently transforming corporate culture in America. Most attorneys are still thinking of social media and smartphones as distinct concepts, which couldn’t be further from the truth—Today’s phones are first and foremost hubs for social connectivity (although the last I checked most of these devices make phone calls too). From a business perspective, it’s easy to avoid the problem by looking in the short term—if the employees want to buy the iPhone X, Y or Z, and use it at work too, why not let them? It means more cost savings for us, and a happier workforce, right? Well, attorneys are starting to realize that this inaction may be associated with massive legal risk—it creates room for courts to find that the employer organization may have requisite control, and a corresponding duty to preserve seemingly non-business related information on these mixed devices. Coat on a veneer of confusing and underdeveloped employee privacy and data protection laws – along with looming ediscovery changes to the Federal Rules of Civil Procedure – and you have a glimpse of what the fight is going to be about in 2014 and beyond!"

Finally, a reminder that what's often missing from social media policies might actually be a matter of approach:

Integration With Other Company Policies

From Ingrid Fredeen, Vice President of NAVEX Global's Ethical Leadership Group: "Employers are still managing social media issues in a silo and not threading the risks presented by social media use into all relevant policies and procedures. For example, organizations may have a social media policy that talks about harassing conduct, but they don't talk about social media use in their harassment policy. Likewise, IP policies and insider trading policies often times don't effectively address how social media use can create reputation, legal, and competitive advantage risks. Policies should help employees understand how their current environment comes to bear on ethics and compliance in their organization and this can best be achieved by ensuring that social media is part of all relevant company policies."

Additional perspectives on the ever-interesting topic of social media in the workplace available here>>

 

Written by:

JD Supra Perspectives
Contact
more
less

JD Supra Perspectives on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):
hide

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.

Security

JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.