This story was originally published on Aug. 15, 2008, and is brought to you today as part of our Best of ECT News series.
Every blogger should know the story of Heather B. Armstrong, nee Hamilton. In February 2002 she was fired from her job for blogging about her job. Blogs were relatively new at that time, and they were on few employers’ radars. Hamilton, though, crossed an invisible line — one not explicitly defined by her employer — and paid for it. She coined the term “dooce” as a label for anyone fired for blogging. Five years later, most people online know the drill: Don’t blog about work, unless your employer approves. If you do, hide all identifying details that could lead back to you.
However, even following these basic guidelines, people can still get into trouble online, especially as social networks are now moving into the workspace. Indeed, even the social networks themselves may find themselves culpable for certain illegal acts, Jordan Hudgens, CEO of VidShadow, told the E-Commerce Times.
“Social media companies are always going to have to be careful about the conversations that go on their networks,” he said. “Slander, illegal acts and copyright issues [are all potential risks] since user- generated content is by nature unpredictable.” Social networks do their best to protect themselves legally, he said, and they will have to continue to do so even more as the Web gets more and more interactive.
The social networks, of course, have their own legal resources to guide them — or help them chart — what is new territory. The law also provides businesses with some guidance about how to protect themselves against what is being said about them on these networks.
I get a call from a client at least once a week about an employee or former employee who is posting sensitive material online,” Nancy Bertrando, chair of the employment group for Greenberg Glusker, told the E-Commerce Times. She tells of one client whose former employee was posting videos of himself talking about work on YouTube. He was bound by a confidentially agreement, however, and they were able to stop him from continuing.
Users of these sites, though, are basically on their own.
Another familiar story is that of Lori Drew, a woman charged with violating the Computer Fraud and Abuse Act by using a false identity on a social networking site to bully a teenage girl who’d recently had a falling out with Drew’s daughter. The girl later killed herself.
One argument made in support of Drew is that this law’s intent is being stretched to prosecute her. Federal authorities obtained an indictment against her using the Computer Fraud and Abuse Act because Drew supposedly provided false information to MySpace as she set up the account with which she bullied the girl.
Friend of the court briefs filed on behalf of Drew point out that under that interpretation, the law could be used against anyone who lies on a social networking site.
This situation is perhaps the worst-case example of the dark side of social networking It also happens to be a perfect illustration of the vague legal lines that exist in cyberspace.
“There are a number of laws out there that can be potentially violated on a social networking site,” Andrew Serwin, partner and chair of the Privacy, Security & Information Management Practice at law firm Foley & Lardner, told the E-Commerce Times. These range from cyber stalking laws to the CAN-Spam Act to even HIPPA (Health Insurance Portability and Accountability Act) in certain circumstances.
However, the greatest legal risk people run by using social networks is still work-related, even six years after Armstrong was fired.
“People have gotten nailed and lost their jobs when it has been discovered what they said on online industry forums,” Ethan Horwitz, a partner with King and Spalding, told the E-Commerce Times.
“Especially in the business networks, the question becomes to what extent is your comment your own and to what extent does it represent the view of your employer?” he continued.
One can always explicitly say they are not representing their employer, of course. The problem is, few people do. “With electronic communications, people tend to be sloppy,” Horwitz observed. “They write things online that they would never put on real paper.”
So, besides exposing oneself to a potential libel or slander suit, a reckless commenter could also pave the way for a slander or libel suit against his or her company, he concluded.
There are also risks unrelated to work as well, he added, although “Lori Drew is definitely an exception. However, it is conceivable, if someone posts derogatory pictures or writes something that could, for example, keep someone from getting a job or getting into college, that they could be brought to court.”
Cyber Espionage a Growing Risk
Another factor to consider is that these sites are potential gold mines for competitors, Tracy L. Coenen, a fraud investigator with Sequence Forensic Accounting, told the E-Commerce Times.
A key question in most investigations is relationships — who knows who, who is transacting business with whom, she said. Connecting these dots becomes much easier when people link to their friends for all the world to see.
Twitter especially can be valuable in this way, she continued. “People aren’t using nearly as much discretion as they should — they will mention a project they are working on on Twitter. If a competitor is watching, it could pick up valuable nuggets of information.”
Social MediaSee all Social Media