The internet is vast, it contains more information than any traditional library and it has made the world a smaller place. A person in Leicester, England, can speak freely with a person on the other side of the world in Sydney, Australia, in an instant. Real time pictures can be streamed to friends and people can discover and express new opinions and outlooks on life at the click of a button.
Unfortunately the internet draws people into a false sense of security. There are a growing number of internet users who consider the internet to be a place where the law does not apply or where a softer punishment will befall them if they are caught in disrepute.
This is not the case. Megaupload founder, Kim Dotcom, is currently fighting extradition to the United States from his home in New Zealand for breach of the USA’s various copyright laws for his file-sharing website. Sally Bercow (the wife of the Speaker of the Commons) is being pursued by Lord McAlpine for defamation arising from comments made by her on Twitter. Numerous people found themselves in breach of the ‘super injunction’ prohibiting people talking about the affair between Imogen Thomas and a well-known footballer.
Small businesses that regularly use social media (such as Twitter, LinkedIn and Facebook) need to be aware of the potential consequences for both the owners and employees of falling foul of the law. The simple act of re-Tweeting a defamatory comment could get you and your employee in legal hot water. Make sure you have clear company policies on social media use that all employees are aware of and stick to.
The truth is that no matter where you log on to the internet there are rules and laws that you may have to comply with. While case law is still setting precedent for sentencing and consequences of actions it is still good practice to err on the side of caution and be prudent about what content you upload to the internet.
Edward Webb is a solicitor with Edward Hands and Lewis based on the Litigation team.
In a world where everyone is glued to their smartphones and addicted to Facebook and Twitter, there are still a few people (usually those over 20) who want their personal communications to remain private. That is why there has been so much controversy recently over the Government’s proposals to introduce new laws allowing it to snoop on all electronic communications of UK citizens without a warrant. But how do people feel about their employers snooping on their personal communications?
Carrying a Blackberry 24/7 means that the line between your work and private life becomes more blurred, and most of us use work email for personal use. iPads are the latest “must-have” executive accessory for work and play, and people don’t think twice about forwarding confidential company documents to their personal email accounts so that they can access them away from their desks. This helps us cram more working hours into our days, and so has an obvious upside for business. But there are downsides too.
Sensitive confidential information may be lost or stolen. As staff “tweet” about their day or post comments on Facebook about their boss’s latest antics, their right to freedom of expression and privacy comes into direct conflict with the company’s interests to protect its professional reputation. This has led to a string of employment tribunal cases hitting the news in the past couple of years.
Here are some pointers:
If it is discovered that an employee has forwarded confidential information to their personal email account, the company will want to make sure that the information has not been misused or leaked. Often, an employer’s first step is to carry out an investigation (including a forensic IT investigation and an interview with the employee concerned). Then, the company may ask the employee to give written undertakings to confirm that the information has not been misused or disclosed to any third parties.
Some employers demand possession of the employee’s personal computers and other devices as part of the disciplinary process so that they can search for (and permanently delete) the company’s information. Understandably, most employees will regard this to be a gross intrusion into their privacy. In reality, we often store a huge amount of personal information and photographs on our personal computers, belonging to us and our families. Any proposed process for inspecting an employee’s personal devices must show respect for their privacy and property.
Here are some tips on best practice:
This generation of employees has learnt how to multi-task, so much so that we’re almost constantly online. The challenge for employers now is to help staff realise when it is appropriate to “switch-off” from their work email. It seems that we are still working-out where the dividing line should be, between work and our private lives.
Anne Hughes is a Senior Associate at Fox Solicitors. She advises employers, employees, partners and firms on their full range of employment and partnership law concerns.
By law, businesses must protect the information they use about their customers, clients and employees. Home addresses, bank details, invoicing and even holiday records all have to be stored and kept safe – sometimes you even need written permission to hold personal or sensitive information, such as staff sickness records.
Under EU proposals, the data protection rules that safeguard our private information are set to get tougher. Simon Goldburn explains what the changes could mean for your business.
Data protection law – set to change under tough new EU rules
EU plans are afoot to make significant changes to the way that a business deals with information it holds about an individual, to recognise that the information belongs to the individual and not the business. As a result, the individual will have the right to access, retrieve or amend the information, or to stop the business from using it, at any time.
The business will only have limited rights to use the information, and in many cases will have to agree a detailed plan with the individual setting out how the information will be used and how long it will be stored.
A business will also have to design, build and implement a system to ensure that it only uses the information in accordance with the plan and to alert the business if the information is used in any other way. The system will have to be kept under review and any breach will have to be reported “without undue delay” to the Information Commissioner’s Office and to the individual.
The Information Commissioner could then impose a fine of up to €1,000,000 (more for a larger business) and the individual could sue for any financial loss or distress that he or she suffers because of the breach. The same rules will apply across the EU, so if the business deals with an individual in another EU member state, that individual could make a complaint to the local regulator or sue in the local courts.
Where a business has more than 250 employees, or there is an imbalance between the parties such as between an employer and an employee, higher standards will be required.
The rules could be finalised in 2012, with a two-year transitional period. The Ministry of Justice has asked for comments on the proposals by 6th March 2012. Find more information in the Ministry of Justice’s paper “Call for Evidence on EU Data Protection Proposals - Regulation COM(2012)11 and Directive COM(2012)10”
Simon Goldburn is Director at Ascent Consultants.
You might think your main problem with Facebook is the sheer boredom. Oh, the relentless fun of those endless updates of daily lives – how did we survive before we knew Jade Green in Payroll had dodgy tuna for lunch?
But if you’re the boss, watch it: your staff could be sharing more than their daily diet of banality with the rest of the planet. Sneaked into that gripping account might be the killer comment about clients, customers or, heaven forbid, the management, which could empty your order book faster than the tuna’s cheeky 3pm revenge on Ms Green.
Most pitifully, you can’t rely on anyone you know to be too bored to read it – or forward it. Especially not in work time or if it’s properly rude/funny. As lawyers are fond of quoting, “A good name, like good will, is got by many actions and lost by one” – from Victorian judge Francis Jeffrey, who knew the value of a Tweet-length message to business about Facebook, Twitter and LinkedIn before his time.
Your staff probably use these forums to communicate, if not to work. This has blurred the distinction between personal and work life and created much legal strife. The latest case in this area ended up at the Press Complaints Commission (PCC), who ruled a civil servant’s grumbles to her mates on Twitter about Dept of Transport cuts and a punishingly late night in the pub were “public”. Like many of us, the bleary Miss Baskerville didn’t realise we live in a public age but the Daily Mail did and she and the Dept of Transport ended up with more than a hangover.
While it might seem mean to haul a whingeing worker into court, not to mention a bit unnerving for anyone employed who isn’t on Prozac, the fact remains this employee embarrassed and discredited her employer. As social media users grow ever faster in the UK, so does the risk of this happening to your business. Like it or not, you need to take action – but what can you sensibly do without impinging employees’ privacy?
There’s no need to monitor every communication. Apart from the agonizing tedium, it’s intrusive and probably illegal. If you must, monitor it in a way that is compliant with data protection and privacy laws; for instance, you must tell everyone you are tapping their channels. Instead, create a wide-ranging social media policy from your organisation for employees and freelancers. Make sure they read it; if you don’t communicate with them they may be able to waltz off with your most valuable clients contacts, if not worse.
Explain what business information is confidential. That probably includes mailing lists, finances and new products as well as client details and computer passwords. Don’t put temptation in anyone’s way; limit access to anything juicy to those who need it and set up your IT to block exits of confidential information from your server. Remind staff that once confidential material is gone, it’s gone forever.
Tell the staff, where you can, that contact lists are yours. That covers client and mailing lists as well as your employee’s LinkedIn account. State your ownership clearly where you can – wherever they originated from. If your most useful lists contain contacts employees have introduced to the firm or brought with them, case law suggests that the whole list belongs to your firm – make this clear to staff who may, not unreasonably, believe lists containing old friends or trusted freelancers are ‘theirs’. Include this clause in employment contracts too.
Keep work phones, blackberries and ipads for professional communications only. Yes, it’s joyless – no, you don’t need to be held liable for an employee’s rudeness, harassment or bullying. Unlawful treatment of others also applies to online communication. Add this clause to your equality policy too.
Don’t let staff be rude about your business online, ever. Think about whether you can cope with identifiable staff commenting on their working life in a forum. If you can, be very clear that you won’t tolerate criticism about customers, clients or products. Include examples, such as the Facebook addicts at British Airways who were fired for declaring happy holidaymakers “fat and smelly”.
Once you’ve established a policy, employees will be clear about what they can and can’t say and be more likely to do it; they will also know they can face disciplinary action for breaching it, which should improve the safety of your business reputation and information. End of status update.
Georgina Harris, Law Donut editor
The heart of the term social media is the word 'social', suggesting that the online world is for interacting, communicating and sharing knowledge. The aim of having social media guidelines for your business is that they should mirror this mindset with the idea that employees should behave as they would do in the offline world — with inhibitions, decorum and common courtesy. This is especially so as it is still common for people to alter their online and offline personas. Many still use the internet as an outlet for airing their thoughts with little consideration of the severity and long term effects of their actions. This is not to say that employees cannot be trusted, instead they can be positively guided to utilise their talent and act in a way which protects their own and the company’s online reputation. Some do's and don’ts for setting up social media guidelines for your employees are listed below:
1. Do choose trust and empowerment.
Social media use can instill fear and angst in the minds of businesses. Most instantly assume employees cannot be trusted or will not act in the company's best interest. Nevertheless, they must learn that the paradigm shift is here to stay. Rather than fretting about the potential negatives they must realise its benefits. It is never a good idea to set stringent controls on social media in the workplace or via guidelines. Banning social media in the workplace or heavily restricting use could result in a backlash. Employees are potential social media representatives and to make social media work properly across the enterprise they must be empowered to leverage social media in support of the brand and its products. Therefore guidelines should protect and advise on social media, not control or restrict.
2. Don’t forget to cater for all platforms.
This includes blogs, forums, message boards, social networks (Facebook, Twitter, LinkedIn etc), user generated content (ie YouTube, Flickr etc) and any other relevant channels. Create an individual framework for participation in various online communities. Covering all platforms avoids any confusion or loopholes, increases social media presence and identifies how social media channels overlap (ie status updates, uploading photos and friend/connection requests). Social media guidelines could include how to use each platform for business and personal use, how to utilise each platform’s functionality and suggestions on the most appropriate behaviour for each platform.
3. Do stress the importance of privacy and confidentiality.
It is essential to outline what information is regarded as private, confidential and sensitive, and which should never be disclosed in any circumstance. The next step is outlining how to behave when something is a grey area ie tweeting about a new client project — does the client want to be mentioned and is the project 100 per cent finished? Hold a team meeting at the beginning of each week to identify tweetable topics or assign a person as point of contact to give consent on disclosing potentially sensitive information. Privacy should also extend to client information, geolocation check-ins, other brands and competitors.
4. Don’t diminish personal responsibility.
It needs to be stressed that posting content online becomes permanently available thus you are accountable for your own reputation and digital footprint. Your online relationship changes and becomes even more essential as soon as you identify that you’re an employee of a firm or speak in any kind of professional capacity. Therefore, disclaimers should be encouraged to make it clear that you are an employee of a firm, but are interacting on behalf of yourself and not the company. It should be made clear that this doesn’t give a person a reason to be dishonest, rude or inappropriate. If someone would like to represent the company on a deeper, professional level there should be a point of contact or training offered to do so.
5. Do persuade employees to add value.
This leads onto thought leadership. Social media is about people, not logos. If employees want to communicate in a professional capacity then put suitable guidelines in place to cater for this. Guidelines for acting on behalf of the organisation should include:
By encouraging employees to demonstrate the depth and breadth of their expertise with information tailored to your clients’ needs, it can help position your company as a leader and trusted resource.
Overall, the ideal guidelines should protect the reputation of the company on all platforms, be in line with the company's vision and act as a best practice engagement strategy.
After a lot of hard work, more than a few donuts consumed, and assistance from a whole bunch of helpful experts, we're really pleased to announce that the IT Donut has launched.
What do you think?
To use a bit of IT jargon, the IT Donut is currently version 1.0. We're pleased with it, but we're still looking for feedback and help so we can make it even better.
If you have any comments on the information the site contains, or how it looks and functions, send a quick email to email@example.com. Alternatively, leave a comment on the website to tell us what you think.
Be one of our experts
We're also working hard to expand the information on the IT Donut. To do this, we're recruiting IT experts to help us.
If you're knowledgeable about any area of IT, we'd love to hear from you. Again, just send an email to firstname.lastname@example.org and we'll see how we can get you involved. In return you'll get exposure on the site, plus the warm feeling that comes from knowing you've helped out lots of small businesses.
John McGarvey, IT Donut editor
I read recently that Portsmouth FC manager Avram Grant expects to have his first-choice team available in the FA Cup final after his key players indicated a willingness to waive the lucrative bonuses in their contracts.
To stunned audiences nationwide, Portsmouth thrashed Spurs recently and will play the Wembley final on May 15. The players’ bonuses were contracted to kick in if/when the Club reached the final.
But Portsmouth is in financial turmoil – it went into administration in February with, apparently, debts of £70 million. This leads me to wonder why the club would even offer players contracts that offer cash payments ranging from £50,000 to £100,000 in the first place.
Perhaps the club felt they needed to offer bonuses to lure top class-players away from the glittery clubs and expensive shops in London. Or maybe Portsmouth didn’t really expect to get so far in the FA Cup and were confident that the bonus clauses were good window-dressing that they’d never have to pay out. Whatever the Club’s reasoning, it’s a strategy that has backfired, and put them under even more money pressure.
This should be a warning to small businesses suffering their own money troubles. Employee perks and bonuses can be an effective way of attracting and retaining employees, eventually improving business results. But cash payouts, as well as the most common incentives, such as company cars, season-ticket loans and gym membership, can prove costly.
If you’re struggling, remember that before offering remuneration packages you should take into account how appealing any bonuses will be to potential employees – and also much it costs to provide, then administer them.
If your firm still has incentives to fulfill under your employment contracts, you may have to rethink. Negotiating discounts with local suppliers is a clever way for businesses to continue to provide great employee benefits – for example, you could negotiate a group-rate gym membership with a local firm. Small firms should also consider offering low- or no-cost opportunities such as flexible working, which employees may value more than a pricy perk.
However, don’t be too mean - it’s essential for small businesses to balance an exciting remuneration package that attracts the best candidates with the long-term financial considerations of the business. Otherwise when your big day comes round, you may find your best players are missing.