Last week I participated in several presentations that discussed the use of social media by corporate employees. Social media usage is exploding. Recent data indicates that Facebook has over 200,000,000 users, while Twitter has over 7,000,000 users. According to Technorati data as reported on Wikipedia, at the end of 2007 more than 112,000,000 blogs existed.
Blogs, Facebook and Twitter accounts, texting, and the use of other social media by employees can create many risks for employers. Unlike conversations, social media postings leave a data trail — and that data trail can quickly be tracked, copied, and distributed to an unlimited number of readers. The news headlines are filled with stories of poor judgment by employees on social media sites. Microsoft fired an employee who published photos of Apple computers being loaded into a Microsoft research facility. Delta airlines fired a flight attendant who posted photos of herself in a corporate uniform. Google fired an employee who blogged about, among other things, Google’s compensation.
The risks that employers may face from situations like those described above include:
- publication of trade secrets;
- dissemination of confidential information relating other employees, customers, or business partners;
- copyright and trademark infringement;
- libel; and
- loss of control of business reputation.
To manage these risks, corporations should ensure that all employees are educated about the responsible use of social media. Several corporations have very clear guidelines governing employees’ use of social media. Examples include those of IBM. Others, like that of Cisco, evolve as corporations discover new issues. (In Cisco’s case, Cisco amended its policy after discovering that an employee anonymously authored a blog that discussed issues relating to his job position, and that other employees were forwarding links to the blog.) In all cases, corporate social media policies should ensure that employees:
- think before posting: no use of any social media — blogs, Facebook accounts, text messaging, etc. — even if done on the employee’s own time, may include confidential business information about the company, its customers, its business partners, or its employees;
- disclaim corporate affiliation: any blog or other posting that could be read as presenting a viewpoint of the employer should disclaim all such affiliation;
- be respectful: all electronic communications must not disparage the company, its employees, its customers, its business partners, or its competitors.
Of course, no policy can prevent stupidity. And with nearly 240 million websites in existence, no employer can be expected to monitor — or even find — all online activity by its employees. However, a carefully crafted social media policy can notify employees of the risks of blogging, and hopefully help employees to be more considerate before quickly creating a post that would be harmful to their employer.