Between summer 2011 and spring 2012, the National Labor Relations Board’s (NLRB) Acting General Counsel drew substantial attention in his direction by publishing three lengthy Advice Memos, which expressed his views on the application of the National Labor Relations Act (NLRA) to social media policy provisions and employers’ discipline based on employees’ personal social media content. These memoranda, however, revealed only the litigation positions that the NLRB’s cadre of enforcement attorneys would take in this new and evolving area of the law. The views expressed in the memos did not, and do not, bind the Board. Last week, however, the Board issued an opinion, which, albeit not analyzing the employer’s social media policy per se, revealed the Board’s thinking on several employment policies commonly found in employers’ social media policies. Costco Wholesale Corporation, 358 N.L.R.B. No. 106 (Sept. 7, 2012).

Policy Prohibiting Damaging Statements about About the Company or Its Employees

No employer likes to see its own employees publicly post content damaging to the employer or any member of its workforce. The Board, however, ruled that employers generally cannot prohibit such speech because the prohibition would violate Section 7 of the NLRA by chilling employees from publicly commenting about the terms or conditions of employment. More specifically, the Board held that the following policy language violates the NLRA: “Employees should be aware that statements posted electronically (such as [to] online message boards or discussion groups) that damage the Company, defame any individual or damage any person’s reputation . . . may be subject to discipline . . . .”

Significantly, in disapproving this policy language, the Board suggested policy language that would be permissible. The Board cited to prior decisions that approved prohibitions on speech that is: (a) “malicious, abusive or unlawful;” (b) “profane language” and “harassment;” (c) “injurious, offensive, threatening, intimidating, coercing, or interfering with” other employees; and (d) “slanderous or detrimental to the company” when “among a list of 19 rules which prohibited egregious conduct such as ‘sabotage or sexual or racial harassment’.” (Emphasis supplied)

The critical take away for employers is that social media policy provisions that prohibit damaging or defamatory speech must be contained within a list of categories of speech that unequivocally are not protected under the NLRA. The Board would presumably then read the language prohibiting defamation in its context and conclude that no reasonable employee would understand the policy to prohibit true, or inadvertently false, statements about the terms or conditions of employment, which the NLRA protects.

Policy Prohibiting Employees from Discussing a Co-Worker’s Health Condition

Even though the Health Insurance Portability and Accountability Act of 1996 (HIPAA) applies only to a relatively small portion of all health information collected by employers, i.e., health benefits information, the law’s substantial civil penalties and stiff criminal sanctions have instilled fear in the hearts of many HR professionals of any public communication of employee health information. The potential for mass disclosure through social media has stoked that concern, leading some employers to try to shut “loose lips” with a policy like the one in this case: “[E]mployees are prohibited from discussing private matters of members and other employees . . . includ[ing] topics such as, but not limited to, sick calls, leaves of absence, FMLA call-outs, ADA accommodations, workers’ compensation injuries, personal health information, etc.” The Board held that this policy violates the NLRA because all of the listed “private matters” relate to the terms and conditions of employment.

The Board’s holding does not mean, however, that employers can never discipline employees who use social media to gossip about a co-worker’s or supervisor’s health condition. The Board explained that employers are not required to sit on their hands when employees come into possession of health information “through access to company records in the course of their job duties.” In other words, an employer can promulgate a policy that prohibits employees whose job duties entail access to employees’ health information from disclosing that information in any manner, including publication in social media. 

Policy Prohibiting Employees from Discussing Their Compensation

Protecting information about employees’ compensation poses another vexing problem for employers. Competitors can gain significant advantage from learning how much an employer pays its employees, and many employees do not want their co-workers to know how much they earn. Yet, the Board struck down the employer’s policy admonishing employees that “payroll” information “may not be shared, transmitted or stored for personal or public use without prior management approval.” The Board reasoned that a reasonable employee would understand this policy to prohibit an employee, in violation of Section 7 of the NLRA, from discussing his or her own pay, which clearly is a term of employment, with co-workers.

The employer tried to save this policy by arguing that the reference to “payroll” information was intended to encompass only “the confidential business information component of payroll, such as budgeted payroll and expenses.” The Board rejected this argument not because a policy with that limited scope and intention would violate the NLRA, but rather because other company policies compelled the conclusion that the word “payroll” was intended to encompass an employee’s own compensation. The Board’s reasoning, by negative implication, suggests that an employer could promulgate a policy that prohibits employees from disclosing compilations of payroll data when properly characterized as confidential business information.

Policy Prohibiting Disclosure of Employees’ Contact Information

Employers often are concerned about protecting not only employees’ health and compensation information but also their personal contact information, which could be misused by a stalker, an abusive boyfriend or girlfriend, or an identity thief. Nonetheless, the Board rejected as violating the NLRA a policy that required employees to maintain the confidentiality of co-workers’ names, addresses, phone numbers, and e-mail addresses. The Board reasoned that employees have a protected right to use and disclose such information for “organizational purposes,” as long as the information is not obtained from the employer’s files. In other words, as with its holding regarding the employer’s prohibition on the disclosure of employee health information, the Board draws a distinction between information that employees learn “in the normal course of their work activity,” i.e., through discussions with co-workers, and information that employees learn from “their employer’s confidential or private records.” 

Notably, the Board did not take issue with the employer’s policy requiring employees to maintain the confidentiality of co-workers’ and customers’ Social Security numbers, customer account numbers, or credit card numbers. This information generally would not be used for “organizational purposes” and, therefore, an employer can require employees to keep that information confidential without running afoul of the NLRA. 

Policy Requiring Employees to Use “Appropriate Business Decorum” in Communications

The employer was able to save one challenged policy provision, and that victory could prove to be significant. The Acting General Counsel contended that the employer’s policy requiring employees to use “appropriate business decorum” in communications, including conversations, violates the NLRA because an employee “could” understand the policy to prohibit discussions regarding the terms and conditions of employment. Therefore, according to the Acting General Counsel, the employer had a duty “to define permissible conduct and clarify for employees that the rule does not prohibit employees from engaging in Section 7 activities.” The Acting General Counsel has taken a similar position in his Advice Memos with respect to policy provisions that urge employees to “be professional” or to “be respectful” when posting in social media. 

The Board rejected the Acting General Counsel’s argument. The Board reasoned that employers are allowed to establish rules intended to promote a “civil and decent workplace.” Consequently, as long as a reasonable employee would understand the rule, such as the employer’s rule requiring appropriate business decorum in communications, to be aimed at achieving that purpose, the fact that the rule might restrict protected activities in some circumstances is irrelevant. Under the Board’s reasoning and based on other cases cited in support of its decision, employers should be able to promulgate, without providing clarifying examples, policies that prohibit social media content that: (a) constitutes “insubordination . . . or other disrespectful conduct” to a supervisor; (b) is “disloyal, disruptive, competitive, or damaging;” or (c) “tends to bring discredit to, or reflects adversely on,” the employee, co-workers, or the company.