Has your company been putting off preparing a social media plan for fear of running afoul of the numerous National Labor Relations Board (NLRB) high-profile charges against employers for retaliating against employees who posted negative online comments about them?  Your company is not the only one.  But, in light of the NLRB decisions and because social media is here to stay—with its great opportunities and risks—your company should delay no further.

It is an especially crucial time to kick start this program due to the recent trend among federal and state legislatures (i.e., New York, New Jersey, California, South Carolina, Washington, Ohio, Minnesota, Michigan, Missouri, Massachusetts, etc.) to pass legislation dealing with social media privacy and password protection.  In fact, Maryland, California, and Illinois have passed laws already in effect to prohibit employers from requesting or requiring that employees or applicants provide user names, passwords and other ways of accessing personal information on online websites.

On the federal level, two similar bills are currently pending in the US Congress. The Social Networking Online Protection Act (SNOPA), introduced in the House in April 2012 and the Password Protection Act of 2012 (PPA), introduced both in the House and Senate in May 2012.

So…how does your company get started?  To assist you, here is a 5-step program to put your company on the right path:

Step 1: Recognize the Benefits and Provide Justification and Parameters

Employees are less prone to damage a business if they are aware that their employer is monitoring activities, and they will be held accountable for their actions.  On the flip side, employees are more likely to abide by policies if they understand the benefits, reasons, and parameters.  Based on this mentality, you should explain the benefits and reasons for the policy to incentivize the appropriate behavior from your employees.  The benefits may include:

  • Creating a more productive workplace;
  • Protecting the company’s reputation and workforce;
  • Maintaining the company’s confidential information; and
  • Reducing liability of improper third party conduct and legal actions.

If your company promotes the use of social media to advance the business, then explaining the justifications and parameters of proper social media usage to employees will likely help to deter unwanted conduct and encourage team unity and purpose.  Depending on the nature of your business, the justifications and parameters may include to:

  • Build awareness
  • Strengthen relationships with clients, prospects, and influencers
  • Better understand your buyers
  • Improve customer service
  • Identify new product ideas
  • Increase web site traffic
  • Improve search engine rankings
  • Drive traffic to your company events or programs
  • Generate leads and sales

Step 2:  Draft a Comprehensive Policy and Update It Regularly

To comply with state and federal regulations and laws, all social media policies should have provisions addressing the following:

  • Employees have no reasonable expectation of privacy at work or when using employer-provided equipment.
  • Company will engage in regular, routine and/or random monitoring of employee use of social media and other websites while at work or when using employer-provided equipment and networks.
  • Define social media as user-generated content on the internet.
  • Clearly define acceptable and unacceptable conduct.  Provide examples of unacceptable discrimination or harassment or use of confidential information.
  • Expressly carve out an exception for NLRA activity.  The policy should make clear that it does not prohibit employees from engaging in concerted activity under the National Labor Relations Act (NLRA).  The policy should not prohibit complaints about management, co-workers, policies, or the company, especially regarding wages, hours, and working conditions.  Again, provide examples of acceptable conduct.
  • Prohibit disclosure of confidential company information and advise your employees to think carefully before posting online, as the information is public.
  • Require employees to obtain permission before speaking through social media on behalf of the company or making representations purportedly attributed to the company.

Step 3:  Distribute and Communicate the Policy to All Employees and Train Them

Be sure to train and distribute the policy to all employees, as the company does with its orientation policies and handbook policies.  The policy should be contained in the handbook and available online, if possible.

Step 4:  Obtain Employee Acknowledgement and Consent BUT DO NOT ASK FOR CONFIDENTIAL PASSWORDS

Obtain a signed employee acknowledgement and consent form indicating the employee’s understanding that the company will monitor social media use at work or on company networks and devices.  Obtain a new acknowledgement and consent form each time the company updates the policy.  To comply with state and soon-to-be federal laws, do not ask employees for their confidential passwords to social media sites.

Step 5: Enforce the Policy Consistently and Discipline Employees for Violations

Consistent enforcement and discipline of employees for misuse of social media and policy violations is critical to protecting the company from liability and related risks.  In situations resulting in discipline, the company should do its best to obtain a copy of the violative posting.  Be sure you are doing so from a lawful source (usually the complaining party) to avoid violating federal wiretapping statutes, other federal regulations, and to show that you obtained the information lawfully.  Again, be cautious if an employee’s conduct appears to implicate concerted activity under the NLRA, because employees cannot be disciplined for engaging in this behavior.  Also, be on guard if the posting implicates harassment, discrimination, or whistleblower protections before disciplining.  If it does, properly investigate the allegations as if the statements were made through any other medium.