Social networks and the workplace

Social websites, such as Facebook, Twitter and personal blogs have presented new workplace challenges for employers. Aside from productivity issues during business hours, irresponsible or malicious comments posted on these sites by an employee about their employer, fellow employees or others can be damaging to an employer in many ways.

Disclosure of Confidential Information

Social networking sites typically encourage users to disclose personal information about themselves, the identity of their employer and their work. There have been countless cases of employee disclosure of confidential information about an employer, its customers/clients and other employees. An employee who makes improper disclosure of things like customer identities or buying habits, patient identities or diagnoses, price lists, marketing/business strategies, passwords to workplace systems or networks, or financial information can seriously prejudice the employer by violating the express or implied expectations of privacy of those with whom the employer does business.

Disparaging and Defamatory Comments

An employee who uses social networks to distribute defamatory, discriminatory or otherwise inappropriate comments also exposes the employer to legal liability. There have been recent cases where employees have communicated disparaging information about the employer’s managerial personnel, and/or about the employer generally on both blogs and social networking websites. The dissemination of such information has the potential to adversely affect the employer’s reputation and the ability of its management to properly manage operations. Depending on the content of a post, the communication  of such information can constitute insubordination even though it occurs outside of an employee’s regular hours of work. If the employer can demonstrate a connection between the conduct in question and the employee’s place of work, the employee can be disciplined if not terminated.

Recently, the British Columbia Labour Relations Board found that an employer had just cause to terminate two employees who posted comments on Facebook that were critical of the employer and of fellow employees. The employees argued that they believed their communications to have been “private,” but the Board rejected this assertion because of the large number of Facebook friends, including other employees, the two people had on their Facebook pages.

Employers Should be Proactive

Employers should develop workplace policies governing the use by employees of all Internet communications to third parties. It’s important to educate employees that postings on blogs, e-mails, and social networks are not “private” and have the potential to be redistributed to third parties over which the employee has no control.

Employers should also develop workplace policies that give the employer the ability to monitor employees’ use of computers in the workplace. Such policies are becoming increasingly important in assisting employers with the detection of theft or disclosure of confidential information, the prevention of criminal or tortious activity, and in the reduction of inefficiency.

While employers generally have the right to monitor what employees do, send, receive and store on their computers at work, it is important to recognize that this is not an “unlimited” right. A recent decision of the Ontario Court of Appeal squarely addresses the issue of employee privacy rights and the employer’s right to search.

In R. v. Cole, a teacher was charged criminally after his school’s information-technology department uncovered what it considered to be his possession of child pornography. The images and evidence of website visits were stored on his school-provided laptop and were discovered during routine maintenance of the device.

At his criminal trial, the teacher objected to the introduction of the evidence on the basis that the school and police had obtained it in violation of his right to be free from unlawful search and seizure.

The Court found the teacher had a reasonable expectation of privacy for various reasons, including that he was given exclusive possession of the laptop, was permitted to limit access through passwords, was allowed personal use of the device and to take it home. The Court also noted that policies prohibiting sexually explicit material failed to warn that computers were subject to “search” and that school policy warning of “no expectation to privacy” referred to e-mails and not to data stored on the computer.

However, while Cole had a reasonable expectation of privacy, the Court found his privacy rights were limited by the school’s right to ensure the integrity of its computer system. Because the evidence was uncovered by a technician during maintenance, rather than in the context of a “free range search,” the evidence was admitted.

The decision serves as an instructive reminder that an employer’s right to search its computer systems is not without limits. Employers who wish to monitor their employee’s use of workplace computer networks are wise to have clear policies:

• Describing uses that are permitted and those that are forbidden
• Explaining that employees should not expect any privacy in relation to the use of employer computers for any purpose
• Reminding employees that the employer has the right to conduct random searches of the computer and network, including any personal information that may be stored there
• Stating that a breach of computer usage policies may result in discipline up to and including termination and/or prosecution in appropriate circumstances.

Employers who carefully craft and consistently enforce such policies will make great strides toward the detection and prevention of the types of harm that can result from misuse of computer social networks.