Why Every Employer Should Adopt a Social Media Networking PolicyBy Kerry M. Lavelle
Article Date: 09-01-2010
Copyright(C) 2010 Associated Equipment Distributors. All Rights Reserved.
This month, the author cites case law examples to illustrate the need for an employer handbook that prohibits employees from publicly criticizing the company.
Last month, we examined the rights of employers to track and monitor employees’ on- and off-duty Internet usage and social networking. We closed with a caution to employers regarding what they say, text, post, blog or tweet concerning any information they gain and upon which they base hiring decisions.
In this Part 2 continuation, we’ll look at the potential pitfalls and the realities and causes of action brought by employers and employees regarding this conduct. I’ll close with ideas to consider when developing the company’s social networking policy to protect the interests of your business.
Legal Restrictions For Employers Monitoring Employees’ Off-Duty Internet Usage and Social Networking
Most social media and networking websites make their user content available to the general public. Generally, employees do not have a reasonable expectation of privacy for content they post to a public site. In Moreno v. Hartford Sentinel, Inc., a California Court of Appeal held that an employee MySpace user had no reasonable expectation of privacy for a post the employee made on her MySpace page, despite the fact that the employee’s MySpace page identified her by her first name only and she deleted the post after six days. However, some social networking sites allow its users to restrict access to information to a predetermined group of individuals. Under such circumstances, at least one court in the case of Pietrylo v. Hillstone Restaurant Group, suggested that an employee may have a reasonable expectation of the privacy of the communications or information. However, this does not offer an employee free reign to post defamatory statements against an employer.
All employers’ handbooks and employee policy booklets should include language that prohibits employees from making public criticism of their employer, and the employer’s policies. There are extensive limitations to this policy, with respect to collective bargaining agreements, which are beyond the scope of this article.
In the non-collective bargaining scenario, in most jurisdictions, employees are deemed “at will” employees and, therefore, employees can be terminated, absent a pre-textual termination (actually based on age, sexual orientation, religion, national origin, disability status or personal health reasons) for no reason at all. As such, terminating an employee for worker criticism of the employer, absent the aforementioned limitations, should be no problem at all. As you may know, your employee handbook should be very clear as to the limitations of on-duty use of non-work related social networking sites, Internet use, Googling, etc. As such, any on-duty use of these Internet-based sites for personal reasons, can be just reasons for termination of an employee’s employment.
However, there are federal laws regulating an employer’s act of monitoring off-duty social networking. The Federal Electronic Communications Privacy Act (“ECPA”) prohibits the interception of wire, oral, or electronic communications. Criminal penalties for a violation of the ECPA can include a fine or imprisonment of up to five years. Civil actions that can be brought under the ECPA allow for damages and penalties including equitable relief, actual damages, and statutory damages of $100 per day for each violation, or $10,000 in punitive damages, and attorneys’ fees.
The ECPA was discussed in U.S. v. Councilman, in which the defendant, who provided its customers with e-mail addresses and acted as their e-mail provider, implemented a system whereby it would intercept all e-mails being sent from customers to a competitor of the defendant in an effort to obtain a competitive advantage. The Court held that this action came within the prohibitions of the ECPA, as these e-mails constituted “electronic communications” and the defendant’s copying of the e-mails and transmission of such copies to its own personal server constituted “interception.”
There are two exceptions to the ECPA: the “consent exception,” and the “business extension exception.” The consent exception is simply where the employee, or the third party, has consented to the employer’s interception by a written authorization acknowledging the company handbook and all company policies, which state that the employer has a right to monitor on- and off-duty Internet usage. As a result, employers will probably be entitled to the benefit of the ECPA consent exception by their employees’ execution of receipt of the employee handbook.
The second exception to the ECPA, the “business extension exception,” has generally, under court cases, applied to the monitoring of customer service communication or other legitimate business communications. The exception is derived from the theory that the telephone equipment used by intercepting communications furnished by employers during the ordinary course of business is not “…mechanical, electronic, or other device,” which is ordinarily prohibited by the ECPA. If an employer uses the equipment while monitoring a phone call for business services, i.e. customer service, then there is no unlawful intercept.
Employers should be aware that some states, including New York and Colorado, have enacted legislation to protect employees’ conduct outside the workplace. Employers are advised to consult with legal counsel if they operate in a state with a similar off-duty conduct statute. Generally, the off-duty statutes limit an employer’s ability to discipline its employees for engaging in legal activities while not at work. With respect to social media networking, these off-duty statutes may limit an employer’s ability to terminate an employee who posts photographs of himself drinking alcohol and smoking tobacco.
New York’s off-duty statute restricts employers’ ability to take action (including hiring, pay, workplace conditions, and termination) against employees engaged in recreational activities. The statute, however, contains some exceptions, such as restrictions based on conflicts with the employer’s business interests.
Colorado’s off-duty conduct statute is slightly narrower in its scope of protection to employees than New York’s off-duty statute, as Colorado limits its protection to employees against termination by employers.
In Marsh v. Delta Air Lines, the U.S. District Court found that an implied duty of loyalty with regard to public communications was a bona fide occupational qualification under the statute. The Court then concluded that a Delta Air Line employee’s letter to a newspaper, criticizing Delta’s customer service, breached the employee’s duty of loyalty and that Colorado’s off-duty conduct statute did not offer protection against the employee from termination by Delta.
However, in Watson v. Pub. Serv. Co., a Colorado appellate court interpreted Colorado’s off-duty conduct statute to protect an employee complaint about workplace safety made to OSHA on the employee’s personal time. Again, employers can attempt to avoid this situation by establishing a handbook policy that employees owe the company a duty of loyalty.
If you are an employer that conducts business in a state with a form of an “off-duty conduct statute,” it is recommended that the employer contact its legal counsel to make certain its social media networking policy does not conflict with applicable state law.
Next, employers should be cognizant of the Stored Communications Act (“SCA”), which makes it an offense to “…intentionally access a facility through which an electronic communications service is provided…and obtain stored information.” It is possible, therefore, for an employer to face possible liability under the SCA for accessing an employee’s external website, where that website is password protected or, similarly, e-mails of a personal nature on a personal e-mail platform. Remember, an employee handbook should make it eminently clear that using the company e-mail system provides no expectation of privacy and that the e-mails transferred through the company system is 100 percent monitored and accessible by management.
A good example of the type of access that is prohibited by the SCA is the case of Pure Power Boot Camp v. Warrior Fitness Boot Camp. In this case, the plaintiff filed suit seeking an injunction and damages, accusing the defendants, former employees of the plaintiff, of stealing confidential proprietary information. Much of the plaintiff’s evidence in the case was acquired from its accessing of defendant’s personal, password-protected e-mail accounts. The plaintiff was able to access these accounts using the defendant’s username and password, which were stored on the plaintiff’s computers.
The defendant filed a motion to prevent the use of such private e-mails as evidence, based on the restrictions contained in the SCA. The Court, holding that private e-mails, which had already been sent, and were stored on an e-mail provider’s server rather than downloaded to the memory of the employer’s computers, did in fact constitute “stored communications,” found that the plaintiff’s actions in accessing such stored communications violated the SCA. As a result, the e-mails in question could not be submitted into evidence.
Currently, in Quon v. Arch Wireless Operating Company, Inc., the Ninth Circuit affirmed the district court’s ruling that the defendant corporation violated the SCA and the defendant’s fourth amendment rights by producing the plaintiff’s text messages to the police department. This case is a problematic case where the employee claims to have had a reasonable expectation of privacy in the text messages transmitted on his employer-provided pager. The United States Supreme Court has accepted and reviewed the Ninth Circuit’s decision in Quon, but has not ruled as of the publication date of this article. Arguably, one would certainly expect employers to have the ability to review the employee’s communications on employer-provided devices. Again, this is a case of simply referring back to your employee handbook and making sure that it is clear that:
Employees are strictly prohibited from conducting personal business on employer provided equipment and through the company network system.
Employers should mandate that all company-issued electronic devices, such as iPads, laptops, Blackberrys, and iPhones, flow through the company network.
Communications using corporate technology or resources will be monitored and are not private.
Employers may request a written, prepared statement executed by the employee upon receipt of the electronic devise, specifically giving the employer authorization to review all communications through the device.
Termination of Employees Based on Social Networking Activities and Freedom of Speech
While the legal implications of social networking in and out of the workplace have yet to be fully realized, one area that has seen substantial litigation is whether employees’ “posts” on social networking sites are protected by the First Amendment, or whether employers can freely terminate employees for such posts.
Generally, the public speech of employees is protected by the First Amendment, and therefore not a valid basis for termination, if the employee in question is speaking as a citizen addressing a matter of public concern, and the interests of the employee in such matter outweigh the government’s interests in efficiency of operation. Based on existing case law from jurisdictions throughout the United States, it seems that social networking activities that result in termination and lead to litigation are very often personal in nature, and as such will rarely meet the standards of protected speech.
Courts have held that the following actions were unprotected, and consequently found that the employee in question was not wrongfully terminated:
The creation of a private MySpace group where employees vented about their workplace and superiors
A probationary firefighter’s posting to MySpace of unauthorized fire department photographs as well as personal modeling photographs
A student-teacher’s MySpace posting referring to students and supervisors, and containing a picture of the student-teacher drinking alcohol (the student-teacher conceded that such posting raised only personal matters.
Again, private employees, on the other hand, are generally at-will employees, and therefore can be terminated at anytime, with or without cause. Consequently, presumably most, if not all social networking activities by private employees are deemed unprotected speech, and can form a valid basis for termination. However, courts in at least one state, New Jersey, have held that at-will employees cannot be terminated for reasons that implicate a “clear mandate of public policy.” This requires that the termination of the employee must implicate more than just the private interests of the parties. New Jersey courts, though, have yet to address whether a private employee may base a claim for wrongful termination on an interference with constitutionally protected speech.
One interesting case is that of Griffin Scott, a Louisiana news anchor. Scott was terminated after posting the following message to his private Facebook account: “[Griffin Scott] knows what the Enola Gay was and that makes me the only person under 40 who knew that in our newsroom. Not sure whether to be proud or not…” While Scott’s civil lawsuit for wrongful termination against his former employer is still pending, a Louisiana Administrative Law Judge awarded Scott unemployment benefits on appeal, stating that Scott’s actions did not rise to the level of misconduct.
Can I Hold Twitter and Facebook Liable for the Disparaging Remarks Against My Company?
While these sites set forth a “…statement of rights and responsibilities” and requires users not to post content or take any action that infringes or violates someone else’s rights or otherwise violates the law, these are contractual rights and obligations protecting Twitter and Facebook – not the user. These contracts do allow Facebook to remove any content or information if Facebook or such site believes it violates a provision of the statement, but there is no separate cause of action against these sites unless they blatantly contribute to the disparaging comments and no obligation of the site to so act.
For example, Facebook’s terms and conditions for use states that its site can be used for only “…personal and non-commercial” reasons. If a court were to determine that background checking, for example, was a commercial use, an inference might be made that a contract cause of action would accrue. It is unlikely that the owners of the networking sites would be held liable. The Community Decency Act of 1996 (“CDA”) provides immunity to operators of websites under many situation involving communications made by third parties. In Doe v. MySpace, Inc. the court held that the immunity provisions of the CDA protected the operators of MySpace from liability for negligence alleged by an individual who is a victim of sexual abuse by an online predator.
Developing a Social Network Policy
As with any employee policy, the particular needs of an employer must be taken into consideration when drafting a social networking policy. There is no “one size fits all” when it comes to adopting a social networking media policy. It is recommended that all employee handbooks and posted policies include a social networking media policy. Employers should consult with their legal counsel to determine whether their policy conflicts with or considers applicable “off duty” statutes adopted by state law, and to ensure that the policy conforms with federal law.
The following list, which is not necessarily comprehensive due to the unknown nature of your business or how you operate your business and the electronic devices provided to your employees, contains factors and considerations that an employer should consider incorporating into its policy:
1.)Make it clear that employees cannot identify themselves as representatives of the company on their personal profiles or in their personal blogs. If you allow them to identify themselves on the work-related social networking sites, they should be limited in what they can say about the company and how they say it.
2.)Blogging or posts should not contain foul or offensive language, or be disrespectful to the employee’s co-workers, the company, customers, competitors, or management.
3.)Employees should not use company images or logos without prior consent of company management. All information published on a blog or other Internet postings must comply with the company’s confidentiality and non-disclosure policies.
4.)A strict policy on the use and misuse of proprietary information and the customer lists should be made clear in an employer’s policy handbook, and such policy should apply to all social networking blogs, posts, and tweets.
5.)A violation of the policy will result in disciplinary actions up to and including termination of a violating employee’s employment.
6.)No personal information, scheduling, correspondence, or opinions should be posted or exchanged on company issued cell phones, iPads, laptops, computers, Blackberrys, etc.
The author recommends that employers make it a regular practice to review their social networking policy on an annual basis. Since technology is constantly evolving and developing, so too should an employer’s social networking and media policy to keep current with new legal and employment considerations. If an employer adopts and implements the considerations set forth in this article, an employer should be better equipped to prevent, limit, and handle issues relating to an employee’s use or misuse of social networking websites.
[ TOP ]