Employer Use of Social Networking Employer Use of Social Networking Sites: Sites:

Gold Mines or Land Mines?Gold Mines or Land Mines?

Joanne PearsonJoanne PearsonJune 16, 2010June 16, 2010

Social Networking Sites

Most popular social networking sites:– Facebook– Twitter– LinkedIn– MySpace

Employers are Using Social Networking Sites to Market

According to a 2010 Burson-Marsteller study, of the Fortune Global 100 companies, 65% have active Twitter accounts, 54% have Facebook fan pages, 50% have YouTube video channels, and 33% have corporate blogs

Business Benefits

• Advertise products/services• Communicate news and special events

to a wide audience with little cost• Connect with customers• Monitor customer satisfaction with

products

Risk to Companies

• Viruses and Malware• Business reputation – bad news travels

fast• Loss of control over postings –

defamation etc.• Loss of confidential information• Lack of productivity• Customer service expectations• Record retention requirements• Access through mobile devices

Employees are Using Social Networking Sites

• Facebook– More than 400 million active users– 50% of active users log onto Facebook in any

given day– People spend 500 billion minutes per month

on Facebook– There are more than 100 million active users

currently accessing Facebook through their mobile devices

• LinkedIn– The number of profiles on LinkedIn has

increased by 300 percent since 2008

Employee Use (cont)

• Twitter– Ranked in some studies as the third most

used social network– Studies report that the majority of Twitter

users visit the site while at work

Employers are Using Social Networking Sites to Screen/monitor Employees

According to a recent CareerBuilder survey:

• 45% use social networking sites to research job applicants; and

• 35% have decided not to hire based on what they learned

According to a recent Microsoft survey, the numbers of 79% and 70% respectively

What Might you Find?

• Provocative / inappropriate photos• Bad-mouthing of current or previous

employer• Discriminatory comments• Sharing of confidential employer

information• Misrepresentations about qualifications.

Example . . .

• Kimberley, 16 years old, said on Facebook that her job was boring

• Her employer responded: “Following your comments made on Facebook about your job and the company we feel it is better that, as you are not happy and do not enjoy your work we end you employment with __ with immediate effect”

• She never mentioned the name of her employer

Example . . .

• Sociology professor at public university posted on Facebook: “Does anyone know where I can find a very discrete hitman? Yes, its been that kind of day . ..”

• And the next month: “had a good day today, DIDN’T want to kill even one student :-) Now Friday was a different story.”

• The professor had 32 friends on Facebook, none of which were students

• The messages wound up in the provost’s office• She was put on leave, accompanied by a security

guard

What Else Might you Find?

“Twitter”

A job applicant with the company Cisco tweeted the following:

“Cisco just offered me a job! Now I have to weigh the utility of a fatty paycheck against the daily commute to San Jose and hating the work.”

This tweet caught the attention of Tim Levad, a channel partner advocate for Cisco. To which he responded:

“Who is the hiring manager. I’m sure they would love to know that you will hate the work. We here at Cisco are versed in the web.”

Not an Isolated IncidentThe following examples all included photos of the

“tweeter”:Youngcap @GYsoFLYY just got back form this

second interview with Jc peny... i gots the job but they gotta run my background.. soim still f*****d

sapphirefires I have a job interview tomorrow at Target. Fingers crossed. I need a job so I can stay in Bellingham and not move back in w/ my parents.

genii_79 is getting ready for a group interview today... it' s just a promo job for Lindt chocolate... can' t be that hard, can it?

Also You Could Find . . .

• What an applicant whom you’ve never seen looks like (e.g. race, age, etc.)

• Material about an employee’s religious beliefs

• Medical information (e.g. disabilities, family members with disabilities)

• Employee’s sexual orientation• Other, less obvious, protected activities

/ characteristics of employees

What if you learn . ..

Applicant posts that he was so drunk last night that he slept in his car

Applicant posts that she is recently divorced with two young children

Applicant posts that her cousin is battling cancer

Applicant posts that her husband is stationed overseas

Applicant posts that he smokes

What are the legal risks?• Discrimination claims• Whistleblower claims• Claims under the National Labor

Relations Act (NLRA)• Tort claims:

– Invasion of privacy – Defamation– Termination in violation of public policy

• Fair Credit Reporting Act

Legal Risks (cont)

• Claims under the Stored Communication Act

• Claims under the Genetic Information Nondiscrimination Act

• State privacy or lawful off-duty conduct laws

Other risks: Bad Publicity

• Waitress in a pizza restaurant in Charlotte, NC makes a facebook post after she waited on a couple for 3 hours and was left a $5 tip

• “Thanks for eating at Brixx you cheap piece of s___ camper.”

• Employer found out and terminated her employment

• Violated company policy (1) against speaking disparagingly about customers and (2) casting the restaurant in a negative light on social networks

Some Posts When the Story Broke:• “FREEDOM OF SPEECH!! IT’S THE

FIRST FREAKING AMENDMENT!”• “Satan worshippers run this place”• “Your restaurant sucks. Your employee

stayed an hour late to wait on some ignorant table who should have known the place was closing down. The fact that you invaded her privacy by firing her because of her facebook status is reprehensible. I will never eat at your restaurant and I will tell everyone I know to do the same.”

General Rule (employment at will)

• Employers can make unfair, stupid, arbitrary, and wrongheaded hiring and termination decisions

UNLESS

• The decision is based on an illegal consideration

Legal Framework: Discrimination

• Title VII – Race, color, religion, sex, or national

origin• ADA

– Disability (actual or perceived) • ADEA

– Age• ME law

– All of the above, plus sexual orientation (very broadly defined)

– Applies to ALL employers

Legal Framework: Whistleblower / retaliation

• Retaliation prohibited by most discrimination laws.

• Whistleblower protection found in many federal laws (e.g. OSH Act, False Claims Act).

• State Whistleblower Protection Acts

Legal Framework: Maine WPA

• Cannot discharge, threaten, or discriminate against employee who:

– In good faith– Reports to the employer an alleged

violation of the law / condition or practice that threatens health or safety

– Participates in an investigation, hearing or inquiry conducted by any governmental entity or court or

– Refuses to execute a directive that violates the law

Legal Framework: National Labor Relations Act

“Employees shall have the right to self-organization . . .and to engage in other concerted activities for the purpose of collective bargaining or other mutual aid or protection.”

29 U.S.C. section 157 (“NLRA”)

Protected Concerted Activity• Concerted - individual employee action if

employee has intent of initiating group action.

• Protected –some communication not protected, e.g.

Unlawful, violent, vulgar, profane tactics OR disloyal, disruptive of business

First Amendment• Does it apply to private

employers?

Employee’s Defamatory Speech• Under NLRA, employee protected

even for false or inaccurate allegations unless “deliberately or maliciously false” or made with “reckless disregard of the truth”

• So, may not be able to disciplineemployee for false speech if “protected concerted activity”

Monitoring E-mails or Social Networking Sites• Under NLRA, employer surveillance or

impression of surveillance is unlawful

• Do not enforce monitoring policy that results in surveillance or gives impression that monitoring is being used to keep tabs on concerted activity

NLRB’s Register Guard Decision

• Held: Employers may maintain a blanket policy prohibiting the use of their electronic communications systems for all non-job-related solicitations even if it allows some personal use of the system as long as the policy is not discriminatorily applied to unions.

Register Guard cont.

E-mail Solicitations• E-mails from union president urging

employees to wear green in support of local union and participate in union’s entry in local parade

• Employer consistently prohibited all non-job-related solicitations, so prohibition of these union-related solicitations was okay

Register Guard cont.

Personal E-mails• Union president had also sent an e-mail

clarifying certain facts surrounding a previous union rally – did not request any action be taken – “personal e-mail”

• Since employer had history of allowing personal e-mails, it could not prohibit this “personal e-mail” from union president about union matters

Legal Framework: Invasion of Privacy

“One who intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the intrusion would be highly offensive to a reasonable person.”

Restatement (Second) of Torts section 652B

Intrusion on Seclusion

• Does not require publication• Intrusion upon something secret or

private• No liability if no expectation of privacy,

but social networking sites may be private depending on user settings

• Method of obtaining info must be offensive (e.g. eavesdropping, use of pretext, fake identity)

City of Ontario v. Quon

• Supreme Court to consider whether police officer had expectation of privacy in personal text messages on government pager - City of Ontario v. Quon

• Government had policy prohibiting personal use of pagers and for monitoring usage

• Ninth Circuit found the employee had an expectation of privacy because the city had an informal policy of not auditing text messages as long the employee paid any overages on the cost of the messages

Defamation

Elements:• False and defamatory statement

concerning another

• Published to a third party

• Fault amounting at least to negligence (unless privileged)

• Special harm (unless defamatory“per se” – e.g. relating to profession)

Defamation cont’d

Defenses:• Truth

• Opinion – Unless opinion suggests fact

• Privilege– Absolute (e.g. statements made in court)– Qualified (e.g. intra-corporate communications)

• Lost if know statement is false / reckless disregard of truth or if act out of ill will

Invasion of Privacy -Public Disclosure of Private Facts

• Publication of private matters

• In a manner highly offensive to a reasonable person

• Not of public concern

Invasion of Privacy –“False Light”• Places another “before the public” in a

false light – “Made public, by communicating to public

at large or to so many persons that . . . certain to become public knowledge”

• False light is highly offensive to a reasonable person

• The actor had knowledge of or acted in reckless disregard as to falsity

Legal Framework: Fair Credit Reporting Act

Must comply with FCRA when use a “Consumer Reporting Agency” to perform a background check

FCRA requires advance notice and consent as well as notices if adverse action is taken based on what is learned

May want to obtain consent from all applicants as part of the hire process even if not planning to do a background check

FCRA cont.

Do you have to comply with FCRA if the employer performs a search of state criminal database or other public records?

What about if the employer searches face book or other networking sites?

Legal Framework: Stored Communications Act

It is a violation to “intentionally access without authorization a facility through which an electronic communication service is provided”There is an exception for conduct that is authorized “by a user of that service with respect to a communication intended for that user”There is another exception if you qualify as a “system provider” and monitor in the ordinary course of business

Pietrylo v. Hillstone Restaurant Group, Inc.

• Employee created a group on MySpace called “Spec-Tator”

• Purpose of the group was to “vent about any BS we deal with at work without any outside eyes spying in on us. This group is entirely private, and can only be joined by invitation”

• Karen, a greeter at the restaurant, was invited to join the group.

• Karen accepted and became an authorized member of the group

Pietrylo - Management Access

• While dining at her manager’s home, Karen accessed the group through her MySpace profile on her manager’s computer and showed the group to the manager

• Karen then gave her password to other members of management

• She said she gave out her password because she thought she “would have gotten in some sort of trouble” if she had refused

Pietrylo - Termination of Employment

• The posts included:– Sexual remarks about management and

customers– Jokes about some of the customer

specifications established by the restaurant

– References to violence and illegal drug use

• The restaurant terminated the employment of the two creators of the group

Pietrylo - Employee Claims

• The employees sued, bringing claims under the federal (and state) Wiretap Act, federal (and state) Stored Communications Act, wrongful termination in violation of public policy, and invasion of privacy

• Termination in violation of public policy (based on free speech) – dismissed before trial because the “speech” did not involve an issue of public concern

Pietrylo - Jury Verdict

• Stored Communications Act – issue whether or not Karen authorized the access by management

• Jury found in favor of employees—that Karen provided the password under pressure and thus was not authorized

• $3400 in lost pay• Punitive – stipulated to 4 times

compensatory damages• Attorneys’ fees - $120,000

Pietrylo - Jury Verdict

• Invasion of privacy and termination in violation of public policy (based on invasion of privacy) – jury found in favor of employer

Van Alsyne v. Electronic Scriptorium, Ltd.

• Employer accessed employee’s personal AOL account on at least 258 different occasions

• Not clear what policies the employer had in place

• Did not appear to be any business reason to access the account

• Employee used AOL account on occasion for business purpose

• Jury verdict in favor of employee

Pure Power Boot Camp v. Warrier Fitness Boot Camp

• Former employer accessed personal e-mail of former employee directly from the third party provider (Hotmail, Gmail)

• The user name and password information was stored on the company computer (when the Hotmail website was accessed, the user name and password fields were automatically populated)

• Also accessed a Gmail account because the information was stored in the Hotmail account

Pure Power Boot Camp (cont)

Company policy was limited to the Company’s system:

“e-mail users have no right of personal privacy in any matter stored in, created on . . . or sent through on or over this system. This includes the use of personal e-mail accounts on Company equipment . . .”

Pure Power Boot Camp (cont)

Court found there was no authorization by the employee to view the e-mails:

This is not a situation in which an employer is attempting to use e-mails obtained from the employer’s own computers or systems. Rather, the e-mails at issue here were stored and accessed directly form the accounts maintained by outside electronic communication service providers.

Genetic Information Nondiscrimination Act

• Cannot request or disclose “genetic information” and

• Any information obtain must keep the information confidential (and in separate file)

• Genetic information is defined broadly to include not only information about a person’s genetic tests, but any manifestation of a disease or disorder in a family member of the person (up to and including fourth-degree relatives).

• Thus, information about an employee’s family medical history would constitute protected genetic information under GINA.

Off-duty Conduct Statues

• Maine law protects tobacco use• Other states protect lawful recreational

conduct

Case Study 1:Allison Applicant

• She seems qualified

• Interview went well

• Wonder what’s “out there”

Case Study 2:Connor Complainer

• Overhear employees talking in the break room about Connor’s blog;

• Connor often the type to stir up trouble;

• Wonder what he’s saying about you and/or the company?

Case Study 3Damian Disgruntled

• Co-workers are complaining that Damian has been “off” lately;

• Damian shared with an HR rep that he might need stress-related leave of absence

Best Practices – Applicant Screening

• Adopt a screening policy: screen everybody, nobody, or something in between?

• Be clear about why you are looking: business-related or curiosity?

• If using as a screening tool, consider using non-decision-maker

• Document each search and what you are basing your decision on

• Be prepared to learn things you wish you didn’t know (and prepared to react or ignore as required by law).

Best practices – Applicant Screening / Employee Monitoring

• Never use fake identities to gain access to online profiles.

• Remember that information on the internet may not be factual or reliable.

• Obtain employee / applicant consent.• Make sure you do not go beyond the

consent.

Policy Considerations

1. Determine Company view of social media

2. Review other policies and procedures in place (use of computer systems, intellectual property etc.) for consistency

3. Personal v. business use and off-duty conduct

Policies Limiting Employees’Personal Use

4. If personal use is permitted, give examples and be specific

– May prohibit harassing / discriminatory content;

– May prohibit employees from attributing views to employer;

– May prohibit disclosure of confidential or proprietary information;

– May prohibit employees from posting false statements of fact about employer / co-workers.

Policy Considerations

5. Privacy issues6. Identity as company employees,

company logo