Introduction

Last December the Law Society became the first UK regulatory body to issue guidance on the use of social media. The guidance targets practising lawyers and law firms’ compliance officers and highlights the importance of adhering to professional ethics and standards online in the same way as in the workplace.  The guidance re-enforces the importance of having clear distinctions between the professional and personal aspects of one’s life. A copy of this guidance is available at: http://www.lawsociety.org.uk/productsandservices/practicenotes/socialmedia/5049.article

Social media has become an integral part of many law firms’ marketing strategies due  to a greater understanding of the potential it offers.  While social media provides opportunities to develop existing relationships, as well as developing new client contacts through the marketing opportunities, the potential pitfalls are substantial.

This article will suggest that while the guidance is welcome, it should only be one stage in establishing a firm’s comprehensive and workable strategy for their employees.  The guidance sets out the aspects that the firm must be aware of when setting their policies in order to ensure that they are compliant.

Social Media

Social media covers a number of different platforms that enable a user to interact and share information such as comments, photographs, videos and audio, publically or privately with another user online.  The most well-known social media platforms include LinkedIn, Twitter, YouTube and Facebook.  Nearly 50% of partners and employees at the top 50 law firms have a LinkedIn account, (twice the previous year’s figure), demonstrating the increased acceptance of social media platforms in the workplace.

The advent of social media has facilitated the ability to initiate and maintain connections in ways which would have been impossible during the early days of networking.  It is possible, even common, to look at the profile of a contact to understand their expertise, connections and background in a few minutes rather than relying upon word of mouth recommendations. However, with social media uncertainty remains around who owns what and what is the most successful strategy to implement.

The Guidance

The guidance runs to thirteen pages and is designed to highlight some of the important issues to be considered by firms and employees when using social media.  The SRA’s Solicitors Code of Conduct 2011 established ten key principles, which act as a base in determining whether a solicitor is meeting the standards expected of them.  The principles are to be used both when examining a legal issue as well as an ethical dilemma. Therefore when engaging with social media, solicitors are required to adhere to the key principles set out in the SRA handbook.

Three principles which the practice note specifically highlights as those most likely to be tested due to the use of social media are:

  • Requirement to act with integrity (Principle 2);
  • Not to allow one’s independence to be compromised (Principle 3); and
  • Behaviour in a manner that maintains public trust in you and the profession (Principle 6).

Additionally, the guidance identifies a number of potential areas of risk that can be presented by the use of social media e.g. confidentiality, control over information and defamation.  The guidance does not offer a single solution to the potential problems that can be created by social media, but seeks to raise understanding and awareness. In addition to the apparent danger of posting ill-conceived comments, it is possible to inadvertently fall short of the high standards expected. This guidance uses examples concerning client confidentiality such as giving advice based (at least in part) on experience for previous clients or giving your location which in turn shows you are meeting with a particular client.

Whitham v Club 24 Ltd t/a Ventura (2011) explored the potential pitfalls which may be encountered by employees. Ms Whitham posted comments on Facebook complaining about her colleagues and she was dismissed for putting the company’s reputation at risk. However, the Tribunal found that Mrs Whitham’s comments were relatively mild, were not about a major client and did not involve any confidential information. No individuals were identified in her comments and her privacy settings meant that only her friends could see her Facebook page. Moreover, it was highly unlikely that such mild comments by a junior employee could jeopardise the commercial relationship between her company and their major client. However this case raised the important question to the employer of risk management in the law firm when ensuring that client relationships are adequately protected.

A key issue raised in the guidance is the importance of keeping the professional and personal uses of social media separate.  While to many this is common sense, in practical terms this may not always be possible e.g. a number of professionals will develop friends into clients. The guidance suggests a divide between professional and personal and utilising different social media channels to achieve this. Although this may help, it is important, as discussed below, to remember that private, may not be completely private and therefore should avoid posting any content you would prefer not to be associated with. Personal use of social media should be regularly reviewed to ensure that the choice of platform and content is always suitable.

Best practice for the firm’s policy

To establish an effective firm-wide social media policy, in addition to certain safeguards that must be implemented, the policy must meet the aims and strategy of the firm and allow for development as the firm’s requirements change.  The firm’s compliance officer should take an active role in ensuring the firm is adequately protected against breaches of the policy (and the Solicitors Code of Conduct) and damage to its public image.

The guidance should act as a platform for the creation of a suitable social media policy (and strategy if one is not already in place).  The requirements and demands of clients change over time and an increased expectation of using social media as a viable, and practical, method of communication with the firm is now commonplace amongst many.  A “one size fits all” policy is unlikely to be as effective as one that is tailored to the specific needs (and opportunities) of the firm.  Some areas should however always be covered including:

  • Anti-harassment and bullying policies;
  • Confidentiality obligations;
  • Data protection policies;
  • Electronic information and communications systems policies;
  • Equal opportunities policies;
  • Ethics and standards of conduct policies or other policies dealing with misconduct;
  • Intellectual property aspects (concerning ‘ownership’ of content and contacts);
  • Monitoring procedures; and
  • Reporting procedures and contacts for queries.  

Best Practice in the Employment Context

A number of UK cases have considered when dismissal will be reasonable for social network-related misconduct. The contents of the firm’s social media policy are therefore likely to be vital. In Lerwill v Aston Villa Football Club Ltd (unreported ET/1304758/10) the employer was found not to have informed the employee sufficiently of what the implications would be of failure to comply with the social media policy and the dismissal was therefore found to be unfair.

In Preece v JD Wetherspoons Plc ET2104806/10. the employer was found to have acted reasonably in dismissing a manager for posting derogatory comments about a customer on Facebook during her shift. She thought only a handful of people would see them but in fact hundreds did, including the daughter of the abusive customer. Wetherspoons relied on its clear social networking policy which prohibited disparaging customers on Facebook, the availability of an employee hotline and that the remarks took place during an ongoing conversation rather than in the heat of the moment. Significantly the Tribunal held that even if the comments were made in the employee’s own time Wetherspoons may still have been able to act in the same way.

However, in Grant & Ross v Mitate Property Services Limited (unreported) employers were reminded of the need to set out clearly the parameters of the policy to avoid confusion. In Grant two sisters won their claim for unfair dismissal for excessive internet usage as the employer’s policy (which permitted access outside “core working times”), was too vague.  A policy therefore is only as good as its drafting and its consistent implementation. In the context of law firms it is suggested that the burden of protection should be higher and clients offered “ring fenced” protection to maintain the key SRA principles outlined above.

As part of a firm delivered training programme it is prudent for employees to:

  1. Familiarise themselves with the firm’s social media policy;
  2. Regularly review the content of their personal social media channels;
  3. Ensure all privacy settings are up to date;
  4. Understand where the line between professional ends and private begins;
  5. Logout of social media platforms when not at the computer; and
  6. Think before uploading content as they may not be able to control who reads it.

In addition to establishing a policy, firms should train staff on areas such as privacy settings, potential legal consequences of breaching the policy, template formats to be used etc. In Stephens v Halfords Plc ET/1700796/10, an employee who was being consulted over a workplace reorganisation put up a Facebook page entitled “Halfords workers against working 3 out of 4 weekends”. When he read the company’s social networking policy two days later and realised his page might be in breach of the policy, he immediately took it down. His dismissal was held to be unfair as he had a clean disciplinary record, had removed the page as soon as he realised it was in breach of the company’s policy and he had apologised.

Once the policy has been implemented and any teething troubles worked out the firm must ensure that the policy is adequately monitored and compliant with legislation for example the Data Protection Act 1998, the Regulation of Investigatory Powers Act 2000 and the Human Rights Act 1998.

The “European element” has introduced potentially useful guidelines for the employer when seeking to define the line between the public and the private. The impact of the ECHR and specifically Article 8 in the social media context was considered in Crisp v Apple Retail UK Limited (unreported ET/1500258/2011), where an Apple employee was dismissed as a result of posting derogatory statements on Facebook about his employer and their products. The employee his Facebook posts were only visible to his “friends”, as a result of the privacy settings he had set up, and were therefore private. However, the tribunal held that the employee could have no reasonable expectation that the posts would always remain private and as such Article 8 was not engaged. The tribunal observed: “The nature of Facebook, and the internet generally, is that comments by one person can very easily be copied and passed on.” Indeed, the posts had initially come to light because one of the claimant’s Facebook “friends” had passed copies to Apple, their mutual employer.

Further, the tribunal considered that, even if the employee had had a reasonable expectation of privacy, the use of the information by the employer was justified in the circumstances to protect its own rights, i.e. its reputation, in accordance with Art 8(2) of ECHR.

When formulating the policy employers should be minded that monitoring should be proportionate and involve employees in the process where possible. Prior to the implementation the firm’s compliance officer, in conjunction with IT, HR and marketing, should undertake an “impact assessment” to ensure that all legislative requirements are adhered to.  The assessment should be regularly repeated to take account of changes in technology and the law. 

Who owns the benefit?

Social media also raises the issue of who owns the benefits derived from it. In the business relationship context it will be harder to see a justification for an employee having any reasonable expectation of privacy as against his employer. This would particularly be the case where the employee has linked to his employer on his profile. In Flexman v BG Group (unreported), Flexman, an HR executive for BG Group resigned in June 2011 after putting his CV online and advertising his interest in other "career opportunities" through his LinkedIn profile. Flexman was ordered to remove his CV from the profile after a ‘complaint’ about his profile and was called to a disciplinary hearing for “inappropriate use of social media.”

Employees should be encouraged to raise questions when uncertain over the policy, its implementation and monitoring.  The Solicitor’s Code of Conduct specifically draws the employee’s attention to their requirement to know and adhere to the rules and policies of the regulator and the firm.

By adopting a social media policy which interacts with the different requirements and challenges facing the departments within the firm, there will be a practicable, flexible and dynamic policy which complements the firm’s strategy and business development. The firm must be able to show, and market, itself as being willing to develop and embrace new opportunities.

Conclusion

Social media is now established as part of everyday life both professionally and personally.  It is therefore prudent for firms to establish clear policies and strategy for its implementation.  While many may see its implementation as a threat, particularly in light of unwitting potential breaches of the Solicitors Code of Conduct as raised in the guidance, its opportunities far outweigh these threats.

Firms should see social media as an opportunity to embrace the potential of new technology to develop themselves in terms of communication with their clients.  By setting out, monitoring and enforcing a well-designed and drafted social media policy the firm can ensure that they are complying with all necessary regulations and expected standards of conduct.

It is crucial to involve the employees at all stages of such a policy from its creation through to its enforcement.  Many potential areas of concern can be eliminated through training and education e.g. danger of blurring the lines between professional and personal.  Each employee should recognise their own importance in ensuring that both they and the firm are complying with their obligations and where necessary seek additional training.    The social media guidance is helpful and provides firms with a useful map from which they can begin to establish a strategy and policy to achieve their medium term goals. Disappointingly it fails to draw out the point at which the employee may be in breach of their professional obligations to the extent that many had wished. However Crisp may offer a level of guidance. To many social media is not yet a central part of their business (or marketing),  and it will take time and effort for it to be fully integrated as part of day to day business, as was the case with email.  Each firm has its own personality and culture and these should be incorporated into a social media policy as the aim of such a policy is not to curtail the freedoms of the firm but to enable it to flourish. 

People buy People. Would the client want to buy you and the services you provide?

Summary

  • Establish a clear Social Media policy
  • Involve employees in its creation
  • Have an Implementation Strategy
  • Effectively deliver the policy at a firm wide level
  • Undertake regular “impact assessments”
  • Remember that compliance is a “two way street” between employer and employee