The proliferation of apps and other sites such as eBossWatch and Glassdoor that invite employees to “anonymously” dish out dirt about their bosses and working conditions is of course a concern to companies. The biggest risks are that employees might reveal proprietary information and trade secrets, falsely malign a Company’s products, customers and employees, and a company may have limited ways to limit the potential damage done by the post or take action against a bad actor who may have violated policies, contracts or the law. The ease of use of apps in particular allow employees to easily post at any time from their phone. In this era of personal transparency when people instantly and frequently post everyday events from their phones, there is a greater danger that employees may be less mindful of employer policies when utilizing these apps.
In light of these risks, companies should review their social media policies and training to ensure that employees are on notice that:
- it is a serious violation of policy for employees to post proprietary information and trade secrets on social media sites; and
- company code of conduct rules apply to online conduct in the same way they do to offline conduct.
At the same time, companies need to be mindful that non-supervisory employees generally have the right to discuss terms and conditions of employment, even through social media, subject to some exceptions. As we have blogged about many times, the National Labor Relations Board and many ALJ rulings involving social media activity of employees have recognized that nonsupervisory employees have the right to engage in protected concerted activity online. Further, as we blogged about last month, under the recent National Labor Relations Board decision Purple Commuications, Inc., 361 NLRB No. 126 (Dec. 11 2014), employers may not prohibit employees from engaging in protected communications through the employer’s email system, subject to reasonable restrictions.
- A company’s computer system may capture all communications on a company’s network as well as information posted on external sites accessed through the company’s network
- Company electronic communications policies typically set out a company’s right to read, monitor, delete and disclose all communications captured by its computer systems
- Company BYOD policies typically require an employee to surrender personal devices so that a company can ensure the safety of its proprietary information and trade secrets, investigate misconduct, or comply with legal obligations and warn employees that person information on the device may be compromised and seen by the company as a result
- Companies such as getthememo, Glassdoor and eBossWatch may reserve the right or be required to disclose a user’s identity in some circumstances
In sum, companies need to be wary of the potential risks posed by employee use of grip apps and sites, but also can take some actions to mitigate risk by implementing appropriate policies and training.