380 likes | 499 Views
The Tangled Web The Nightmare of Internet Use In (and Out) of the Workplace Erin E. Byrnes Berke Law Firm 1601 N. 7 th Street, Suite 360, Phoenix, AZ 85006 602.254.8800 erin@berkelawfirm.com. How can your company ’ s and your employees ’ use of the internet subject you to liability?.
E N D
The Tangled Web The Nightmare of Internet Use In (and Out) of the Workplace Erin E. Byrnes Berke Law Firm 1601 N. 7th Street, Suite 360, Phoenix, AZ 85006 602.254.8800 erin@berkelawfirm.com
How can your company’s and your employees’ use of the internet subject you to liability?
Social Networking is changing the landscape of web use Social networking is the practice of expanding the number of one’s business and/or social contacts by making connections through individuals. While social networking has gone on almost as long as societies themselves have existed, the unparalleled potential of the Internet to promote such connections is only now being fully recognized and exploited, through Web-based groups established for that purpose. - www.whatis.com
Social Media 101 • Common Web 2.0 tools? • Facebook, LinkedIn, MySpace • YouTube, Flickr • Blogs • Micro-blogs (i.e. Twitter) • Lesser known forms? • Wikis • Forums and Messageboards • Virtual communities
Pros: • Communicating internally • Disseminating information • Connecting employees • Gaining insight • Marketing and communicating externally • Promoting products and services • Reaching existing and prospective customers • Hiring!
Use of the Web in Hiring • More and more companies doing it • 45% of employers use it to screen • 35% found content that caused them NOT to hire a candidate • Not all bad • 18% of employers found content on a social media site that caused them to hire
Be careful what you wish for… • TMI • Protected categories • Substance abuse • Protected activity • Other risks • Inaccuracies • Mistaken ID • Inconsistency • FCRA • Improperly accessing secure sites
To search, or not to search? • WHEN? – After the interview, but before conditional offer of employment • WHO? – Neutral person, preferably HR qualified, not involved in hiring process
Best Practices • Make a list of sites to be searched – stick to it • Be mindful of info other than what’s on your “red flag” list – i.e. how frequently updating page, etc. – which provides other info
Cons: • Confidential information/trade secrets • Intellectual property concerns • Disloyalty/insubordination • Misleading advertising or endorsements • FTC Guidelines Concerning Use of Endorsements and Testimonials in Advertising (revised 2009)
Truthful “Advertising” • Employer exposed to liability for employee’s posting re: company on web • FTC Guidelines say consumers have to be protected from misleading endorsements and advertising
FTC Guidelines • Guidelines say employer can face liability for employee’s endorsement of products/services, even where company didn’t authorize • Employee has duty to disclose “relationship” with employer • FTC calls this a material connection – it affects the weight or credibility of endorsement if not disclosed when commenting on goods/services in social media
Other Potential Exposure • Harassment • Discrimination • Defamation • Protected Speech • First Amendment (public employers) • Retaliation/whistleblower • Other – i.e. improperly accessing restricted/personal data
Electronic Communications Privacy Act of 1986 Prohibits: • Unauthorized and intentional interception of wire, oral, or electronic communications while being transmitted (Title I) • Unauthorized and intentional access and disclosure of electronically stored communications (Title II – the Stored Communications Act)
When can you monitor?? • Exceptions to ECP allow employer monitoring of communications: • Business Extension – business communications using employer-provided equipment • Service Provider – question is whether includes employers that provide IT systems for employee use? • Authorization of “user” of service regarding a communication of, or intended for, that user • Express or implied consent?
What is a “valid” authorization? • Konop v. Hawaiian Airlines, Inc., 302 F.3d 868 (9th Cir. 2002) • Whether co-workers who granted access were “users” of restricted website • Pietrylo v. Hillstone Restaurant Group, 2009 WL 3128420 (D. N.J. Sept. 25, 2009) • Whether co-worker granted access under duress from her manager
“PRIVACY” Rights • Fourth Amendment • Public employers • Whether search was reasonable • Degree of intrusion • Degree necessary to promote legitimate governmental interests • Whether employee had reasonable expectation of privacy • Operational realities of workplace • “Policy plus” • State laws • State constitution (California) • Tort claims (e.g., intrusion on seclusion/solitude)
The User Name and Password Privacy Protection Act (SB 433/HB 964) • An employer may not request or require that an employee or applicant disclose any user name, password, or other means for accessing a personal account or service through an electronic communications device. • An employer may not: • Discharge, discipline, or otherwise penalize or threaten to discharge, discipline, or otherwise penalize an employee for an employee’s refusal to disclose any information specified above; or • Fail or refuse to hire any applicant as a result of the applicant’s refusal to disclose any of the above information.
User Name and Password Protection Act (con’t) • An employer may require an employee to disclose any user name, password, or other means for accessing non-personal accounts or services that provide access to the employer’s internal computer or information services. • An employee may not download unauthorized employer proprietary information or financial data to an employee’s personal website, an internet web site, a web-based account, or a similar account.
Maryland Act (con’t) • An employer may: • Based on the receipt of information about the use of a personal web site, internet web site, web-based account, or similar account by an employee for business purposes, conduct an investigation for the purpose of ensuring compliance with applicable securities or financial law, or regulatory requirements; or • Based on the receipt of information about the unauthorized downloading of an employer’s proprietary information or financial data to a personal web site, internet web site, web-based account, or similar account by an employee, investigate an employee’s actions.
Potential Impact • Impact applicant screening process • Affect investigations of reported conduct • Prohibit managers from making “friend requests” of employees/applicants • Additional protection for trade secrets and other confidential proprietary information
National Labor Relations Act • Protected concerted activity: “[C]oncerted activities for the purpose of collective bargaining or other mutual aid or protection” • Terms and conditions of employment • With or on the authority of other employees • Group activities (not in the formal agency sense) • Preparing for group action • Logical outgrowth of collective concerns • Not individual griping
Section 7 – Protection for Concerted Activity • Concerted Activity … is anything having to do with the terms and conditions of employment. • Supposed to involve activity among several employees • BUT NLRB not applying that way of late • Includes right to (1) discuss terms/conditions of employment and (2) criticize employers
NLRA • Sufficiently opprobrious as to lose NLRA protection • Disloyal, reckless or maliciously untrue • Disrupt workplace or undermine shop discipline
NLRA and Policies • Cannot be so sweeping that they prohibit or chill the kinds of activities protected by NLRA • Recent guidance – Employers may NOT broadly prohibit making disparaging remarks re: supervisors, engaging in rude/discourteous conduct, using social media for “inappropriate” discussions, posting photos that depict employee with company logo.
Employers may, however, maintain a policy requiring employees to direct all media inquiries to designated employees Per NLRB, general savings clause not good enough Don’t hang yourself!
More on the NLRA • Work rules that reasonably chill employees’ exercise of right to engage in protected concerted activity • Explicitly restrict (or applied to) Section 7 rights • Employees would reasonably construe as restricting Section 7 activity • Promulgated in response to union activity • Examples: • Disparaging remarks about company or supervisors • Inappropriate discussions • Posting photographs that depict company logos • Identifying themselves as company employees
Practical Considerations • Company objectives • Employer policies • Standards of conduct/anti-harassment • Computer usage/electronic communications • Equipment provided for business purposes • Diminish reasonable expectation of privacy • Address provision of passwords for internal systems
More on policies • Social media • Confidential proprietary information • Commenting on employer’s products or services • “Friend” requests and other means of accessing personal posts • “Saving” clause not always enough • General media policies
Computer Use/Email Policies • Business use ONLY, including laptops • Try to diminish or remove an employee’s reasonable expectation of privacy with regard to technology – i.e. state subject to monitoring/inspection, any time • Clearly communicate that the security of e-mail and other internet communications (including instant messaging) is not guaranteed • Address how passwords should be used and access to various programs are managed. Require employees to disclose their passwords to the HR to facilitate access
Cell Phone Policy • BlackBerries, etc. promote productivity, but can be a problem if confidential or proprietary information are stored in the device or the device is used while driving on company business. • Consider a comprehensive policy addressing issues of cell phone or handheld device use as it pertains to (1) confidential and proprietary information; (2) driving on company business while using such devices; and (3) the company’s ability to monitor use • Policy should also strictly prohibit the use of such a device for harassing or other abusive purposes
Social Networking Policy • Prohibiting employees from discussing or disclosing any the employer’s confidential information (including information concerning its clients or customers). Must define “confidential” in specific terms! • Prohibiting employees from using trademarks, logos, or other proprietary identifying marks of the employer. • Cautioning employees against presenting their views as that of the company employing them. • Informing employees that they should not disclose personal or contact information, or post photographs, of coworkers or supervisors without their prior permission.
Social Media Policy (con’t) • Warning employees against defaming or otherwise discrediting the company’s products or services, or the products or services of its vendors or competitors • Discouraging or prohibiting managers from sending “friend” requests to subordinates while on or off duty • Informing employees that they may reject a friend request from any other employee without repercussion
Other Considerations • Monitoring and access • Applicant screening • Investigating misconduct • Manager “friending” • Employer-sponsored forums • Training!!!
Questions? erin@berkelawfirm.com 602.254.8800