Technology enters the workplace in many ways and there are a number of risks and issues that employers need to consider.
- Cybersecurity and Data Protection
A number of data breaches have been making headline news. These threats do not only come from criminal hackers or other external sources. Much of the risk around data security comes from the way employees manage company data. Instituting policies, practices and training around acceptable use, storage and retention of employer data, systems and property is key.
- Employee Misuse of Social Media
Where there is a nexus between an employer and inappropriate content posted online by an employee, such conduct may provide a basis for employee discipline up to and including termination of employment. A number of recent cases demonstrate that terminating with just cause is possible, particularly when the post is harmful or potentially harmful to the employer.
- When Not to Discipline For Misuse of Social Media
While disciplining employees for misuse of social media is quite appropriate in many circumstances, on the other hand, we may find that Canada follows the U.S. trend in which some employees argue that social media posts are protected or that discipline is an unlawful reprisal under employment standards and other legislation.
- Privacy on Workplace Computers
Employees will likely have some expectation of privacy on workplace computers where personal use is permitted. This expectation of privacy can be limited by way of computer use policies that provide for employer monitoring of workplace computers, where the employer has a legitimate need to conduct monitoring and where such monitoring is reasonable in scope. Such policies should be clearly communicated to employees.
- Bring Your Own Device (BYOD) Programs
In August 2015, the Privacy Commissioner of Canada, the Alberta Information and Privacy Commissioner and the B.C. Information & Privacy Commissioner issued joint guidance for organizations considering the implementation of BYOD programs, where employees are permitted to use personal mobile devices for both business and personal purposes. BYOD programs give rise to privacy and security risks that warrant careful consideration prior to rollout.
- Social Media Background Checks
Pre-hire social media background checks may give rise to privacy concerns, including in respect of issues of consent, accuracy, over-collection of information, collection of irrelevant information and collection of the personal information of third parties. Such background checks must be reasonable in the circumstances of the employer’s operations and should be carried out in accordance with guidance from Canadian privacy commissioners.
- Educating Employees on E-Discovery
Given the growth of electronically stored information and a growing tendency for employees to email or text rather than use the telephone, it is important that employees understand that what they write may be produced in subsequent litigation.
- Protecting Your Client List from Employees’ Online Presence
Who owns the social media account? In this era of online networking, employees may leave their employment with a social media account that functions as a client list or company contact point. This may undermine contractual non-competition and non-solicitation covenants. To help manage risk in this respect, employers should establish corporate ownership of social media accounts that are used for business purposes, including by way of the employer’s social media policy.
- Updating Policies
Policies dealing with email, Internet, acceptable use, social media, electronic devices or BYOD, travel and passwords should regularly be reviewed and updated given the changing digital landscape. Education around phishing emails and other nefarious communications is also important.