Employee Use of Social Media: Laws Fail to Keep Pace with Technology

News Updates
When considering workplace privacy rights in the age of Facebook and Twitter, “we are not walking on paths of concrete, we are walking on paths of shifting sand,” John Quirke, an attorney with Archer & Greiner in Haddonfield, N.J., told attendees March 14, 2011, at a session of the Society for Human Resource Management’s Employment Law and Legislative Conference. The laws impacting employee use of social media are not keeping pace with the technology, he said, and what we think are best practices today might change tomorrow. However, while “we recognize the uncertainty,” HR should go forward based on what we know now, he advised. 
“And good luck prohibiting all use of social media at work,” he added. Such an approach is unlikely to be successful, especially considering the proliferation of “smart” phones that employees can easily use to access social media sites during working hours.

Concerns About Employee Use

Social media are defined as “any web-base applications that allow people to broadcast information to an entire network.” The network can be “user-defined,” like Facebook, or open, like YouTube. Social media differ from e-mail and websites, and include LinkedIn, Facebook, Twitter, Myspace, YouTube, and various web logs or blogs. 
Employers should be concerned with what employees are posting about their companies, Quirke stressed. For example, as to employee use of LinkedIn, is the posting professional? Is it consistent with the company website? “You have to train employees how to communicate on LinkedIn,” he noted.
Similarly, as to Facebook, are employees posting negative comments about your company?  Facebook currently has about 500 million users, Quirke said, so whatever is posted may be widely read. “It makes sense as we go forward, if we can keep business and personal separate,” he noted, and it’s a good idea to train employees to keep them separate as much as possible. In addition, it’s not a good idea for supervisors to friend subordinates, he advised. There is certain information “you just don’t want to know,” he said.
On Twitter, the release of information is instantaneous. And, due to the ability to forward messages, “you lose control of the message almost instantly.” Further, the short, quick nature of the medium invites people to send “venting” messages they might regret later, Quirke pointed out. 
And, at the opposite extreme, because of the length of blogs, “you can do significant damage” with what you write, he added.

Privacy Laws Governing Social Media

The laws that may impact on workplace use of social media include the following:
  • The Stored Communications Act (SCA).
  • The Fair Credit Reporting Act (FCRA).
  • The Genetic Information Nondiscrimination Act (GINA).
  • Common law privacy principles.
If you use a third party to do background checks that include viewing employees’ social media posts, the FCRA requires that you first obtain the applicant’s consent.
As to GINA, although the law is well-intentioned, Quirke said, the regulations prohibit any questions that can get at someone’s genetic information. GINA can be implicated, therefore, if on someone’s Facebook page, he or she begins talking about health information.
The SCA protects the privacy of electronic communications while they are being transmitted. So, for example, you cannot listen in on an employee’s phone calls or access unopened e-mail, Quirke explained. However, the law allows interception of communications with the employee’s consent, either actual or implied. And, further, the SCA is not violated if someone intentionally accesses an electronic communication that is readily accessible to the general public. This means, Quirke said, if something comes up during a Google search, it is not protected by the SCA.
At common law, “privacy” is the legal right to be left alone. There are various forms of this right, but the one most implicated by use of social media is the “intrusion upon seclusion.” One who intentionally intrudes physically or otherwise upon the solitude or seclusion of another or his private affairs or concerns is subject to liability to the other for invasion of privacy if the intrusion would be highly offensive to a reasonable person.
Is use of social media a protected privacy interest? Quirke asked. “It’s only a matter of time before a court says it is not private,” he said, because of how many people can access most postings.    
“Common-law privacy is context-specific,” Quirke emphasized. “Employees have as much privacy as you let them think they have.” Privacy is a contractual right, which an employee can bargain away, he noted.

What Can HR Do?

Quirke made a number of suggestions for the HR practitioners in the audience. First, he suggested the adoption of a strong “lack of privacy” policy. Make clear to employees that they have no expectation of privacy while at work, he said. Next, clearly state to employees that the employer has the right to monitor all communications. When cell phones or computers are issued to employees, provide a “lack of privacy” policy, noting that “it is impossible to guarantee that any information sent on work equipment can remain private, he added. The privacy policy should be strict, with no exceptions, and the policy should be specifically mentioned in any employee handbooks. 
Quirke also suggested the formulation of a specific policy regarding the use of social media. This policy should first define social media. Then it should state the employer’s position on the use of social media to discuss the company. Prohibited topics should be specifically identified. Employees should be encouraged not to mix business with personal postings. “Ultimately, the ‘keep it job-related mantra’ needs to come into play,” Quirke concluded.
Joanne Deschenaux, J.D., is SHRM’s senior legal editor. Click here to read the original article.