+1 (218) 451-4151

Legal and Ethical Implications of Corporate Social Networks

Legal and Ethical Implications of Corporate Social Networks

Legal and Ethical Implications of Corporate Social Networks

Gundars Kaupins & Susan Park

Published online: 2 June 2010 # Springer Science+Business Media, LLC 2010

Abstract Corporate social networking sites provide employees and employers with considerable opportunity to share information and become friends. Unfortunately, American and international laws do not directly address social networking site usage. The National Labor Relations Act, civil rights laws, and various common law doctrines such as employment at-will and defamation provide the pattern for future social networking laws. Ethical considerations such as productivity, security, goodwill, privacy, accuracy, and discipline fairness also affect future laws. Corporate policies on corporate social networking should balance the employer’s and employee’s interests. Existing laws and ethical issues associated with social networking should impact social networking policies related to configuration, communication, discipline, and evaluation of policies. Corporate social networking policies should be business-related, ensure user notification of monitoring, maintain adequate records, and provide for reliable, consistent, and impersonal evaluation of monitoring effectiveness.

Key words corporate social networking . laws . ethics . organizational policy

Social networking sites such as Facebook, MySpace, and Twitter are making it possible for an organization to share information among employees, advertise its products and services, and relate to the customer in a new way on the Web. In February 2010, Facebook had 400 million active users (Owyang 2010). Facebook jumped ahead of Google by claiming 7.07 percent of U. S. traffic compared to Google’s 7.03 percent in March 2010 (Maximumpc.com 2010). Facebook reaches 29.9% of global Internet users versus 22.4% for MySpace. MySpace continues to be the most profitable social network, having about $1 billion in revenue versus $300 million for Facebook (Ostrow 2009). Twitter, a site that allows users to post only 140 characters at a time, has stabilized to roughly 20 million users (Gross 2010).

Employ Respons Rights J (2011) 23:83–99 DOI 10.1007/s10672-010-9149-8

G. Kaupins : S. Park (*) Department of Management, Boise State University, 1910 University Dr., Boise, ID 83725, USA e-mail: spark@boisestate.edu

G. Kaupins e-mail: gkaupins@boisestate.edu



Internationally, social networks have a high percentage of reach among Western Europe’s Internet audience. There were 282.7 million Internet users in Europe as of December 2008, 200 million of whom visited a social networking site. According to ComScore, the market reach is highest in the United Kingdom, with 79.8 percent, followed by Spain with 73.7 percent, Portugal with 72.9 percent, and Denmark with 69.7 percent (ComScore 2009). Russia is the fourth largest social networking market in Europe, behind the United Kingdom, Germany, and France (FreshNetworks Blog 2009).

Not surprisingly, social networking is becoming increasingly prevalent in the workplace. A recent survey indicated that 46 percent of IT professionals believe online social networking (OSN) is a valuable business tool, and of those, thirty-one percent indicated that it was crucial to business. Moreover, 85 percent of those surveyed, even those who question the usefulness of social networking, acknowledged that employees are using social networks at work (Perez 2009). Another survey indicates that between 25 to 30 percent of companies with 500 or more employees have adopted some form of social networking (Leader-Chivee et al. 2008).

The benefits to employers of corporate social networking are many. According to Leader-Chivee et al. (2008), “[c]orporate adoption of social networking, while new, is already showing enormous benefits. By offering employees the tools and technology to reach out and connect with one another, organizations can facilitate a collaborative corporate culture, while benefiting from a wide range of improved efficiencies, in everything from sourcing and recruiting, to on-boarding and learning programs, to improved alumni, diversity, women’s and retiree communications. Many process improve- ments may be found through efficient social networking programs and organizational connectivity.“ Moreover, OSN is becoming increasingly popular because of internal brand building, finding, unlocking and engaging hidden employee intellectual capital, enhancing employees’ motivation and satisfaction, and developing products and offerings faster regardless of the organizational design (Communitelligence.com 2009). The software helps businesses find people and information, understand relationships, create a common culture, enhance friendships among customers, improve knowledge management, facilitate recruiting and retention of younger workers who actively participate on social networks, and keep former employees in the loop (CIO Insight 2009).

However, as is often the case when technology rapidly advances, the law pertaining to OSN has adapted at a less rapid pace. In the workplace particularly, where common illegal and unethical behavior, such as defamation and sexual harassment, is easily committed online, and employees spend increasing amounts of time involved in social networking, employers have found themselves scrambling to adapt policies which allow them and their employees to take advantage of the business benefits of OSN while at the same time working to stay within the law and ethical bounds.


The unique contribution of this paper is that it provides specific guidance to employers who wish to maintain OSN sites by addressing the various legal and ethical questions they may have regarding an appropriate OSN policy. Other relevant articles, many of which are referenced in this paper, focus on either the legal or the ethical implications of OSN, but few combine these two important issues as this paper has done. Moreover, fewer still make specific policy recommendations to employers. The primary focus of this paper is on American law and ethics, but it also gives consideration to international law, particularly in Europe and Russia. Given the fluid nature of social networking laws and ethics, we also

84 Employ Respons Rights J (2011) 23:83–99



provide recommendations for future research on social networking. While the use of online social networking from an employee’s perspective is relevant and of interest, this paper focuses primarily on employer-maintained OSN sites from the employer’s perspective.

Legal Issues

In this section, we provide an overview of the numerous legal issues employers who maintain OSN sites may face. This information, combined with the policy recommenda- tions we make at the end of this paper, will help employers avoid costly legal problems by crafting comprehensive social networking policies that are suitable to their workplace. Where appropriate, we suggest possible directions in which the law may evolve but that is not the primary focus of this paper. We desire to give employers guidance on the current state of the law rather than attempt to influence how the law should change.

In general, the use of OSN sites, such as FaceBook, MySpace, and LinkedIn, by either employees or employers has been subject to traditional employment law. While several commentators have suggested that Internet use, including the use of OSN sites and blogs, should be subject to new rules, this method of communication is such a recent phenomenon that few, if any, new laws have yet to emerge (Byrnside 2008). Thus, while Congress and state legislatures grapple with this and other new forms of communication technology, courts continue to apply traditional common law and existing federal and state statutes to employment issues relating to OSN sites.

Numerous legal issues might arise in the context of an employer-maintained OSN page. Although most employees in the U.S. are employed at-will, an employee’s interaction with the employer’s OSN page might involve legally protected activity, such as whistle-blowing or labor organizing or other concerted activity, or it might reveal information about the employee’s membership in a legally protected class. Moreover, an employee who engages in online harassment or posts defamatory or private information on the employer’s OSN page may subject the employer to vicarious liability. An employee also may disclose information to the public that the law requires the employer to keep confidential, such as certain personnel data, or otherwise invade others’ privacy by posting personal information. An employee may even post content of a criminal nature which could subject the employer to potential criminal liability. To protect against such liability, employers should update their current policies regarding Internet use to include clear and comprehensive directives to employees regarding their interaction with the employer’s OSN site. Employers should also vigilantly monitor their sites to be sure their Internet policy is being respected.

Legal issues become even more complex when considering the fact that OSN users circle the globe. Those who interact with an employer’s OSN site are not necessarily limited to the borders of the United States. Employers may encourage global access to their OSN site as a marketing and communication tool. As such, awareness of international law is also recommended.

The Employment At-Will Doctrine and Exceptions

Employment issues are usually governed by the employment-at-will doctrine, which means generally that employees can be terminated or quit for any reason or no reason at all (Grubman 2008). Thus, in general, an employee who inappropriately interacts with the employer’s OSN site, either at work or during off-hours, may legally be terminated. However, various common law and statutory exceptions to employment at-will may be applicable to legal

Employ Respons Rights J (2011) 23:83–99 85



issues that arise regarding an employer-maintained OSN site, although the likelihood that such an action will justify an actionable claim against the employer is far from clear.

The Implied Covenant of Good Faith and Fair Dealing In those relatively few states that recognize this exception to employment at-will, employers may be liable to an employee for acting in “bad faith” regarding the terms and conditions of employment (Lichtenstein and Darrow 2006; Sprague 2007). Generally, an employer acts in bad faith and breaches the implied covenant of good faith and fair dealing when it promises an employee a particular benefit, such as sick leave or retirement benefits, and then terminates or demotes the employee for taking advantage of that promised benefit (Grubman 2008; Gutman 2003). This means that an employer who implements a company policy regarding OSN should apply the policy consistently to all employees, and avoid using an employee’s previously acceptable social networking activity as grounds for discipline or as a pretext to avoid paying the employee promised benefits (Grubman 2008; Sprague 2007).

Implied or Express Contract Numerous courts have held that if the employer creates either an express or implied contract with the employee, the employment relationship is not at- will (Gely and Bierman 2006). Thus, an employer who has contractually agreed to terminate an employee only for just cause may be liable if the employee is fired for posting an item on the employer’s OSN site that is not sufficiently inappropriate to the employer’s interests and/or is unrelated to the employee’s work.

Public Policy Exception The public policy exception to employment at-will is broad enough to cover many different scenarios. Generally, it means that an employee is wrongfully discharged if terminated in a way that would violate the state’s official public policy (Grubman 2008; see also Gutman 2003). For example, an employee who is fired for reporting to jury duty may have been wrongfully discharged because the state’s public policy requires all citizens to perform this statutory duty. The public policy exception is also generally applicable when an employee exercises a constitutional right or refuses to break the law for the employer (Grubman 2008; Lichtenstein and Darrow 2006). Additionally, it encompasses state and federal statutes which provide protection from employer retaliation against an employee who “blows the whistle” on the employer’s illegal behavior (Kirkland 2006; Clineburg and Hall 2005). Some federal statutes include Section 704 of Title VII of the 1964 Civil Rights Act (1964), Sarbanes-Oxley Act (2002), Family and Medical Leave Act (1993), Occupational Safety and Health Act (1970) and the Fair Labor Standards Act (1949). Employers who encourage employees to participate on the employer’s OSN page may also be inviting employees to discuss their work activities and relationship with the employer. Quite possibly, this could involve an employee who mentions the employer’s unethical or potentially illegal activity in a comment on the employer’s OSN site. This exception could protect an employee who posts such comments or other information regarding legally protected activity on the employer’s OSN page. Employers with a firm understanding of these legal requirements and who vigilantly monitor their OSN sites are likely to avoid subsequent liability for violation of public policy.

Labor Relations

Section 7 of the National Labor Relations Act (NLRA) (1947) gives to all covered employees, in part, the right to engage in “concerted activities for the purpose of collective bargaining or other mutual aid or protection.” Employees might engage in such concerted

86 Employ Respons Rights J (2011) 23:83–99



activity in a variety of ways, including via the Internet. An employer may be obligated to allow such protected activity, even on its OSN site, as the following case illustrates.

In Konop v. Hawaiian Airlines (2001), the 9th Circuit Court of Appeals held that an online bulletin board maintained by a company pilot to discuss and criticize the employer’s negotiation with the union was protected concerted activity under the Railway Labor Act (RLA). The Konop Court relied upon NLRA precedent to reach its decision, as is typical for courts in RLA cases, which indicates that the Konop holding would likely extend to employees covered generally by the NLRA (Grubman 2008; Strege-Flora 2005). The Konop holding suggests that an employer policy which prohibits employees from accessing the employer’s OSN page to discuss work-related policies may violate Section 7 if it is overly-broad regarding confidentiality, wage-secrecy, or solicitation, or is found to be discriminatory (i.e. the policy prohibits union activity on the employer’s Facebook page but allows for other, non-business related activity) (King 2003, Strege-Flora 2005). The NLRA also protects employees who engage in non-union related concerted activity, but it does not extend to an employee’s individual action taken on his or her own behalf, nor does it allow an employee to disparage the employer, engage in insubordination, or post confidential information on the employer’s site (King 2003; Sprague 2007).

Discrimination Statutes and Employer Liability for Sexual Harassment

Federal or state statutory law may be applicable in instances in which an employer is alleged to have discriminated against an employee for revealing some type of protected status via the Internet. For instance, suppose a corporate employer allows employees to use the company Facebook page to post announcements of a personal nature, so a supervisor uses Facebook to extend an invitation to his co-workers and employees he supervises to attend services at his church. If other employees complain about the post, the employer may find itself torn between competing obligations.

On one hand, the employer may be obligated to allow the post to remain to fulfill its responsibility to reasonably accommodate the employee’s religious beliefs or practices as required by Title VII of the 1964 Civil Rights Act. Moreover, Title VII may provide protection to employees who post comments, photos, etc. on an employer’s OSN site that reveal information about any of the employees’ protected characteristics—race, color, religion, gender, and national origin (Grubman 2008). Several other federal statutes, such as the Americans with Disabilities Act (1990) and the Age Discrimination in Employment Act (1967), as well as many state statutes, also protect employees from discrimination in the terms and conditions of employment because of a protected trait, belief, or activity. This obligation also encompasses the duty to avoid excluding employees from work-related activities based upon a protected characteristic.

On the other hand, the employer also has an obligation to prohibit online harassment of employees who participate on the corporate OSN site. While the hypothetical post inviting co-workers to a religious meeting may not rise to the level of harassment, employers should be aware of the possibility that online social networks may be used as a vehicle for religious, sexual or other harassment, potentially subjecting an employer to liability under Title VII or other anti-discrimination statutes.

In Blakey v. Continental Airlines (2000), the New Jersey Supreme Court considered whether comments made by employees on an employer-maintained online bulletin board could result in the employer’s liability for workplace sexual harassment. Applying Title VII, the court held that a work-related Website “could undoubtedly be so closely related to employment as to become an extension of the workplace.” In fact, the court held this to be

Employ Respons Rights J (2011) 23:83–99 87



true even if others outside of the workplace had access to and the ability to post comments on the site. Finding that Continental was aware of the harassment occurring on its bulletin board but did nothing to remove the comments or reprimand the pilots who posted them, the court awarded the plaintiff $1.7 million in damages.

Although limited to only Continental Airlines crew, the online bulletin board in Blakey is quite similar to an employer-maintained OSN. Both are accessible outside of the workplace and allow users to post comments. Both create, as the Blakey court described, a “virtual community” through which employees communicate and “build relationships.” Accordingly, it is quite possible that an employer may incur liability for inappropriate harassing posts and comments made on the employer’s official OSN page if the employer is aware of the posts and fails to remove them promptly (Higgins 2002; Lichtenstein and Darrow 2006). Thus, a workplace policy regarding OSN use should clearly and specifically prohibit any inappropriate posts and comments, and employers should actively monitor their OSN sites to be sure corporate policy is followed.

Vicarious Liability Issues

In general, under the theory of respondeat superior, employers will be vicariously liable for torts employees commit while acting within the course and scope of employment (Greenbaum and Zoller 2006). Employers who maintain an official company OSN site could, without proper monitoring and an adequate policy in place, assume such liability for posts made on its site in several ways. Posts made on the site might be defamatory, invade an employee’s or other person’s privacy, or, if outrageous enough, inflict emotional distress. They could even suggest criminal behavior, for which the employer might be liable in certain circumstances.

Defamation Employers should take precautions to avoid incurring liability for defamatory posts employees or others might make on the employer’s official OSN site. Certainly an employer who posts defamatory material on its own site would likely be liable for the consequences (Lex 2007). However, given the increasing use of OSN, employers are likely to question whether they may incur liability for comments employees or “friends” post on the employer’s OSN site. For instance, assume an employee posts the following false statement on the employer’s site: “Jane didn’t show up for work today because she had too many margaritas last night with her crew.” If this statement meets the general criteria for defamation (an untrue, damaging statement made to at least one other party), an employer may find itself vicariously liable to Jane, given that the employer “maintains” the site and has control over who may access it.

In the context of defamatory statements employees make on an employer’s blog, many authorities assume an employer’s general liability under the theory of respondeat superior if the employee makes the statements while acting within the course and scope of employment (Grubman 2008; Gutman 2003). This raises an interesting question about whether an employee posting comments on an employer’s OSN page is indeed acting within the course and scope of employment. Employer-maintained OSN pages are similar to workplace blogs, so arguably the answer is yes. In both instances, the employer has control over who has access to the site and the ability to post comments or other information. Most OSN sites also provide users with the ability to remove comments others post on their pages. As Gutman points out, “[t]ort liability could extend to the employer who does not exercise proper control or whose neglect made the activity possible.” The threat of such lawsuits clearly could increase the business costs of using social networks in

88 Employ Respons Rights J (2011) 23:83–99



the corporate setting, again exemplifying the need to generate policies to prevent social network abuse.

On the other hand, Lex (2007) has suggested that many posts made on a company OSN page may not be defamatory because of the casual atmosphere of OSN. According to Lex, “[c]onsidering that MySpace is primarily a site for socializing and not the place to go for hard-hitting news or research, many potentially defamatory statements may escape liability simply because MySpace viewers will not necessarily take what they read as fact.” However, Lex also suggests that “[o]n the other hand, the same casual atmosphere may lead users to believe that they can say anything they want without facing legal consequences. Despite the informal context of MySpace, any communication that meets the elements of defamation potentially faces legal liability. Given that there are over one hundred million users, even a few cases could represent a significant problem looming over the legal landscape.” Particularly in instances in which an OSN page is officially maintained by the employer, it may be reasonable for a reader to conclude that any content found on the page is at least acceptable to the employer.

A related issue concerns the liability of those who “republish” defamatory statements. Generally, a new party who repeats a defamatory statement is also liable for defamation, as if he or she were the original publisher of the false statement (Lex 2007). However, this law may not apply to an employer’s liability for defamatory posts an employee or “friend” makes on the employer’s OSN site. In 2000, Congress amended the Communications Decency Act of 1996 by adding the “Good Samaritan” provision to provide immunity for providers and users of an “interactive computer service” from liability for the posting of certain information, including potentially defamatory content (Lex 2007). Specifically, this provision provides that “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” While it appears that Congress may not have intended the Good Samaritan provision to apply to individual OSN users, Lex suggests that both the language of the Act itself and subsequent court interpretations could lead to such immunity. Whether a company is liable for an employer or friend’s defamatory post on the company’s OSN page will likely depend upon how actively involved the company is in the republication of the material. Thus, while employers might be immune from liability for defamatory statements made on an official OSN page, the best approach for an employer is to approve of “friends” with care and carefully monitor all comments and other activity on the OSN site.

Privacy Workplace privacy violation claims may generally take one of three forms: intrusion upon solitude or seclusion, public disclosure of private facts, or publicly placing an individual in a false light (Gabel and Mansfield 2003). Of the three, public disclosure of private facts is the likeliest cause of action that may arise when a post on the employer’s OSN divulges private information. The essence of such a claim of invasion of privacy is whether the employee has a reasonable expectation of privacy regarding the information (Brandenburg 2008). With regard to other forms of online communication, such as computer Internet access and work email systems, courts have almost uniformly held that employees do not have a reasonable expectation of privacy in these areas (Milligan 2009), yet those cases generally concern employees who act affirmatively to transmit their own private information.

Certainly an employer who knowingly posts private information about an employee on its public FaceBook or MySpace page could subject itself to direct liability for invading the employee’s privacy. Whether such holdings would extend to posts others make on a

Employ Respons Rights J (2011) 23:83–99 89



corporately maintained OSN site is as yet unresolved. However, in light of Blakey, it is quite possible that an employer’s liability could extend to situations in which a friend or employee posts the offending information, perhaps even confidential information, on the employer’s site. It seems reasonable to assume that if the employer’s OSN is sufficiently work-related, and the employer knows of the offending post and fails to remove it within a reasonable amount of time, the employer may be vicariously liable for any resulting damage caused by the privacy invasion.

Intentional Infliction of Emotional Distress Causes of action based upon intentional infliction of emotional distress require proof of intentional, outrageous behavior (Gabel and Mansfield 2003; Sprague 2007). In this situation, such a claim would require the employee claimant to show that the employer’s conduct in either posting a comment directly or allowing another user’s post to remain public on the employer’s OSN was outrageous and that it caused the employee severe emotional distress.

Criminal Liability Consider the following scenarios. An employee posts a link to pornographic material on the employer’s OSN site. A recently-fired, disgruntled employee posts a death threat against his supervisor on the employer’s OSN site. In addition to the potential civil liability discussed in the previous sections, these particular situations may expose an employer to criminal liability as well. Generally, an employer may be liable even for the criminal acts of its employees if the criminal act in question originates “in activities so closely associated with the employment relationship as to fall within its scope” (AmJur 2d 2009). Moreover, if the employer’s property or resources are used in the commission of the crime, the employer could be subject to criminal action (Gutman 2003).

Select International Legal Issues

Online social networking is also growing at a rapid pace internationally, especially in Europe, which has far more social network users than in most Asian countries. (ComScore 2009; Wardman 2009). European Union directives and Internet safety are two of the leading international legal issues found in a literature review of the relevant international journal articles relating to social networking. As in the United States, both the EU directives and the international literature on Internet safety make clear that the right to privacy is a major concern. American employers who intend to rely upon social networking to help expand their reach into international markets should be aware of the implications of applicable international law. Because social networking is increasing most rapidly outside of the United States in Europe and Russia (ComScore 2009; FreshNetworks Blog 2009), this section will focus on international law in those areas.

European Union Directives European Union directives lay down certain end results that must be achieved in every Member State. Countries must adapt their laws to meet these goals, but are free to specify the details. Directives may affect one or more European Union members. Each directive specifies deadlines for directive adoption and accounts for differing national situations (European Commission 2010). Directive 95/46/EC is intended to protect individuals regarding processing personal data and the free movement of the data. The directive affirms the right of privacy and the need for data controllers to protect data (Eur-lex 1995). Data controllers can be organizations such as Facebook, MySpace, and any other corporation. Before uploading data, data controllers must inform people about what personal data is available to others in their network site profile (Meller 2009).

90 Employ Respons Rights J (2011) 23:83–99



Internet Safety in Western Europe The European Commission supports self-regulation systems that enable flexible and workable safety solutions among major social networks and users. The INSAFE Network seeks to raise public awareness and run help lines through a network of safe Internet centers in 26 European countries. Though it mostly applies to parents, teachers, and children, much of its concepts can be applied to corporations and their employees. The European Social Networking task force established a set of guidelines for social networks by youngsters (European Commission 2009).

Internet Safety in Russia In spite of its market size, Russian social websites offer more challenging security issues. For example, Odnoklassniki.r offers $5 monthly fees to become “invisible” to see other user profiles and $4 monthly fees to delete ratings of your photos made by other users (Quintura 2008). In response to social networking sites which have shown the deployment of Russian navy fleets, a newly enacted law may require Facebook and MySpace to provide information about users doing business in Russia who the Russians deem to be a threat to Russian security. This may have a negative impact on the security of company data (IntelFusion 2009).

In summary, the legal issues an employer might face as it tries to navigate this new world of OSN can be complex. Since no new legal principles have yet emerged to provide guidance, traditional law is applicable, although how it may yet apply remains uncertain. Additionally, employers should also be aware of the various ethical issues that accompany workplace OSN. While there is some intersection between the law and ethics, the differences are many, as is discussed below.

Ethical Issues

Legal principles and ethical principles are often closely aligned, but they have different objectives. Laws involve a system of rules that stabilize social institutions. Their function is to decide when to bring social sanction on individual citizens and their specific acts. Ethics involve why and how one ought to act. They are more concerned than laws in promoting social ideals. Ethical principles also may be viewed as the standard of conduct that individuals have constructed for themselves (Candilis 2002).

Ethical concerns provide another important way to analyze appropriate use of social networking sites. Relying on the law to resolve an ethical dilemma will fail to take into account many of the obligations and duties that our society expects of its members (Sims 2003). This is especially true in light of the relative uncertainty of the law as it applies to OSN. Employers will find that they must rely upon ethical guidelines as well as legal requirements when drafting company policy regarding the company’s OSN site.

Though many social networking issues such as security, privacy, and accuracy are directly linked with the fair collection of information, we go beyond fair collection of information issues by also focusing on rejection, exclusion, and international concerns.

Fair Collection of Information

Inappropriate Networking “Social networking is often frowned on by employers because content employees publish may be unprofessional and inappropriate to publish in the corporate public domain” (Leader-Chivee et al. 2008). Consider, for instance, a supervisor who types personal and private notes on the corporate social networking site, or reads such notes posted by employees. This type of overlap between personal life and professional life

Employ Respons Rights J (2011) 23:83–99 91



could create potential sexual harassment problems and provide too much information to the boss (Greenbaum 2008; Schultz 2008). Moreover, social networking among employees within corporate social networking sites can lead to considerable waste of time when employees are chatting with their friends or fellow employees on non-business related topics. Kirkpatrick (2008) cited a study that found that corporate social networks can be a waste of money and time. About thirty five percent of corporate social network activity has less than 100 users. Less than 25 percent have more than 1000 users, though over half of those companies have spent over a million dollars on the sites. Corporate networking sites can be overpriced, include fancy but relatively useless features, andmay bemanaged by inexperienced monitors who are unable to assess the quality of information coming from the sites.

A monitor might be unable to distinguish between what is personal and work-related, or may disseminate information about an employee who has done something personally inappropriate. Even if it is work-related, a monitor could inappropriately accuse an employee of wrongdoing without doing a proper investigation. A monitor might investigate a non-random sample of employees who post on the employer’s OSN site specifically to try to hurt one individual or a group, or monitor at inconsistent times. Thus, to control inappropriate networking, monitoring content on a corporate social network site might take considerable time and resources (CIO Insight 2009).

Security Employees might share secret aspects of their company on a corporate network page, such as passwords, new products, and new services. Social networkers may intentionally or unintentionally reveal organization secrets such as corporate finances, marketing intentions, business strategies, or new products and services. Warnock (2007) cited a study of 300 IT decision makers that indicated 10 percent of organizations investigated the unauthorized disclosure of financial information through blogs or message boards. Confidentiality violations can reveal organizational secrets to the whole world. Company secrets can leave the company open to hacking (Kaupins and Minch 2006).

Privacy In addition to the legal privacy concerns discussed above, the privacy of each employee may be breached in many unethical ways on an OSN site. Inappropriate pictures of binge drinking or illegal drug use can be posted. Nasty comments about ex-boy or girlfriends can lead to jealousy and insults. Constant posting of comments on people’s walls can irritate them and block other people’s comments. Insensitive topics can be discussed, including religion, politics, and racism/sexism (Urban Dictionary 2008). Moreover, employee privacy may be reduced when the terms of the social network site can be changed at any time. Phrases such as “We reserve the right, at our sole discretion, to change, modify, add, or delete portions of the terms of use at any time without further notice” can drastically affect the organization’s privacy policies.

Accuracy A manager may not know if information on a corporate social networking site is accurate. An employee can post false financial information on a social networking site for a few minutes and then erase it after damage has been done. In addition to subjecting the employer to potential legal liability for defamatory statements, such posts may also damage the employer in other ways. Determining whether that employee posted such damaging information can be difficult to prove if the information has been erased. People might intentionally post false information on such sites as a prank (Ethics Scoreboard 2009). Factual information can be taken out of context because only short snippets are seen on the screen at once. Other communications can be hidden by the “click here for more posts” button (Schultz 2008).

92 Employ Respons Rights J (2011) 23:83–99



Other Ethical Issues

Rejection Most OSN sites allow users to reject requests to become “friends” on the site. “Staff members that decline friend invitations from volunteers or even other staff members via corporate OSN platforms may end up hurting the feelings of those they work with. Encourage staff and volunteers to respect that some people may want to keep their OSN activities separate from their work or volunteering relationships” (Coyote Communications 2008). The employer should also clearly outline the purposes of the OSN communications and the profile of the type of friends it seeks. Rejections should occur because only select members are invited or the person does not fit the profile to communicate effectively.

Exclusion Employers should take special care to avoid excluding employees for illegal or unethical reasons, even unintentionally. “Many OSN platforms are blocked from being used by employees at various businesses and government organizations. Many of these platforms are also not accessible for people using assistive technologies, for people with certain disabilities, or for those using older software and hardware. This means an organization should not switch any of its outreach activities, such as blogging, instant messaging or photo sharing, entirely over to OSN platforms, as many people are prevented from accessing such. In other words, your OSN outreach activities should not replace your other online outreach activities, as they will exclude many people.” (Coyote Communications 2008). If OSN communications directly affect any employment decisions such as hiring, selection, compensation, training, and security, the communications would probably be subject to civil rights laws. The need for equal access to such communications is therefore enhanced with the threat of discrimination law suits.

International Ethical Issues To add further complexity to this topic, it must be acknowledged that many cultures of the world have significantly different ethical values and may use social networks for different purposes than in the U.S. For example, Chapman and Lahav (2008) report that Americans tend to reveal very personal information such as pictures, emotions, and sexual preferences. In France, users tend to share non-sensitive information such as general interests. South Koreans tend to share photos with friends. Chinese tend to focus more on interest groups and playing on-line games. Again, employers who expand into international markets by communicating through OSN should carefully monitor all activity on their OSN sites to ensure that material posted there is appropriate for the international audience the employer hopes to reach.

Policy Recommendations for Organizations

The legal and ethical issues discussed above can have major implications on corporate social networking policies for organizations. The employer’s business interests must be balanced with an employee’s privacy interests. Employers who do business internationally must learn the legal requirements in those countries in which they do business, as well as become familiar with the ethical expectations of that particular culture.

Legal monitoring policies tend to be associated with several dimensions—how monitoring is configured, how monitoring is communicated, how discipline is applied, and how the impact of monitoring is evaluated. Each dimension can range from no activity to significant action. These four dimensions are modeled off the location monitoring work of Kaupins and Minch (2006). Figure 1 provides a summary of policy recommendations

Employ Respons Rights J (2011) 23:83–99 93



based on these four dimensions. Figure 2 provides several sample networking policies. Solutions are based on recommendations from employee handbook experts, ethics code developers, legal researchers, international organizations, and government directives and laws. In cases such as “monitoring individuals,” several choices are provided to organizations.

“Configuration” is the operational shell around OSNs. It refers to who shall be monitored, by what means are people monitored, and when and where monitoring take will place. “Communication” refers to communication of the OSN policies with employees. Employees should be informed of the timing, means, location, and security associated with policy communication.

“Discipline” focuses on major facets of discipline such as progressive discipline, corrective discipline, and the hot stove rule. Progressive discipline deals with providing

Suggestions for Social Network Monitoring Policies

Configuration Issues: 1. Authentication Systems: Passwords/keys/cards (Owyang 2009) 2. Monitoring Individuals: Management, IT director (Bureau of National Affairs 2009) 3. Equipment Used: Network of corporate computers (Bersin 2007) 4. Individuals Monitored: On an equal basis across all individuals for business purposes only

(American Civil Liberties Union 2008; Nolan 2004); Use covert monitoring only when there is evidence that a crime has been committed (Goodwin 2003)

5. Time of Monitoring: On company time (AllBusiness 2001) 6. Approval of OSN Participants: Approve of “friends” with care (Lex 2007) 7. Behavior Allowed: Be clear about the purposes of the social networking communication such as

recording useful contacts (Warnock 2007) 8. Behavior Not Allowed: Confidential corporate matters, harassment, defamatory statements

(Warnock 2007; Urban Dictionary 2008) 9. Policies Coordinated: Integrate all electronic communications policies (Warnock 2007)

Communication Issues: 1. Means By Which Warnings Are Announced: Employee handbooks, letters of understanding, e-

mails (Boehl 2000), social networking 2. Timing of Warnings: A reasonable time before monitoring begins (Organization for Economic

Cooperation and Development 2000) 3. Individuals Warned: All those involved (Kaupins & Minch 2006)

Discipline Issues: 1. Individuals Administering Discipline: Supervisor (Bureau of National Affairs 2009) 2. Types of Discipline: Progressive/corrective discipline (Bureau of National Affairs 2009) 3. Appeals: Give employees the right to dispute electronic monitoring data (American Civil

Liberties Union 2008) 4. Retaliation: Provide a non-retaliation policy (Coyote Communications 2008)

Evaluation Issues: 1. Individuals Monitoring Monitors: Top management or data collection experts (Organization for

Economic Cooperation and Development 2000) 2. Methods of Monitoring Monitors: Analyze the impact of monitoring (Goodwin 2003); Develop a

comprehensive records retention policy (Nolan 2004) 3. Frequency of Monitor Monitoring: Periodical but negotiated evaluation of policies in general are

recommended (Dessler 2009) 4. Isolation: Check if any group or groups are isolated from the rest of the organization due to lack

of access to the social network (Coyote Communications 2008) 5. Evaluation Topics: Monitor reaction of employees and managers to the policy, what management

has learned about employee behavior, how employee and management behavior has changed, how policies affect the bottom line and other organizational measures (Kirkpatrick & Kirkpatrick 2006)

Fig. 1 Suggestions for social network monitoring policies.

94 Employ Respons Rights J (2011) 23:83–99



employees increased discipline for greater infractions. Companies may start with an oral warning, then proceed with a written warning if the inappropriate behavior continues. Further discipline could be a suspension and discharge. Corrective discipline involves providing the employee with appropriate counseling to help correct inappropriate behavior on a social networking site. The counseling could be followed with appropriate monitoring of future networking behavior. The hot stove rule states that all discipline should be with a warning, impersonal, consistent, and immediate. Of course, all discipline should be appropriate for the business and the specific incident(s) involved.

Concerning “evaluation,” all monitoring policies should be evaluated for their reliability, validity, and adverse impact on employees. Data about social networking activities should be produced. All monitoring policies should periodically be reviewed and revised.

Employers who choose to follow these recommendations should establish clear corporate social networking policies that can be published in their corporate employee

Sample Corporate Social Network Policy

Employees shall use the corporate social network for business purposes only. Business purposes may include productivity, safety, and security issues related to the mission and objectives of the company. Sample productivity issues include generation of new ideas and getting opinions of products and services. Sample safety and security issues include generation of ideas of how to enhance safety and security and monitor possible breaches.

Employees shall not use personal social networking sites on company time. They shall not create personal blogs, disclose confidential information, include defamatory or racially and sexually offensive materials, disparage the company or its competitors, or use the company logo.

Any violation of the policy could lead to discipline following the company’s discipline policy.

Sample Social Network Monitoring Policies1


Sample Policy

The company reserves the right to monitor the social networking activities of employees for business purposes only. Business purposes may include productivity, safety, and security issues related to the mission and objectives of the company. Employees will be notified by their supervisor (or human resources, top management) that their social networking activities will be monitored.

Supervisors (or human resources, top management) are responsible for the storage and dissemination of social networking data. Employees have a right to dispute social networking data and discipline related to that data by contacting their supervisor (or human resources, top management) and following the standard discipline appeal procedures of the company. Sample Monitoring Evaluation Policy Top management will periodically review its social networking policies and procedures as needed to respond to internal company strengths and weaknesses and external threats and opportunities. The review process includes monitoring the reaction of employees and managers to the policy, what management has learned about employee’s behavior, how employee and management behaviors have changed, and how policies affect the bottom line and other organizational measures. _________________________ 1As an alternative to the policies shown, social network monitoring may be subject to negotiation between employees and employers. All social network monitoring could be banned unless managers and employees mutually agree to specific monitoring. Top management and employee representatives could periodically review its social networking policies and procedures as needed.

Fig. 2 Sample corporate social network policies.

Employ Respons Rights J (2011) 23:83–99 95



handbooks, disseminated on the Intranet and Internet, or distributed via letter or e-mail to employees. Employees should acknowledge that they have read the social network monitoring policy by signing an acknowledgment form. Unfortunately, employees tend not to read employee handbooks and letters even though they sign acknowledgment forms. Management may have to remind employees with additional e-mails of the policies and be familiar with the policies themselves in case of policy disputes (Dessler 2009).

Customers might need to be made aware that the business’s social network is monitored to protect their privacy. They might not want to be discovered being with an employee who is a competitor, illicit lover, or any other person who can cause embarrassment.

Suggestions for Future Research

Corporate social networking research is still very young due to the newness of the industry. Several future research avenues can be created.

More detailed case analyses can be made concerning any new developments in the use of social network monitoring by companies and the use of corporate social networks. Researchers may also study the impact of any new laws on social networking policies.

Empirical and survey research is needed to help analyze management and employee attitudes toward the need for limits on social network monitoring and corporate social networking. Legal liability might be a primary motivation to monitor employee social networking. Survey research also can help analyze what type of organizations will be most likely to use social networking and what social networking policies will tend to be the most important and most commonly used in practice. Data should be collected concerning corporate age group usage, purposes of social network sites within companies, and discipline for inappropriate behavior.


Existing laws and ethical considerations affect social networking policy recommendations related to configuration, communication, discipline, and evaluation issues. Business-related monitoring should be clearly defined and disseminated to all employees through a wide variety of communication methods. Employees should receive warnings for inappropriate social networking activities. Consistent evaluations of monitoring effectiveness should occur. Future research should analyze what type of social networking monitoring and corporate social networks are involved in organizations.


Age Discrimination in Employment Act, 29 U.S.C. §§ 621 et seq (1967). American Civil Liberties Union (2008, February 8). Online privacy statement. Retrieved August 7, 2009

from http://www.aclu.org/infor/18864res20050401.html. Americans with Disabilities Act (1990). 42 U.S.C. §§ 12101 et seq. AmJur 2d (2009). Employment relationship, 27, § 381. Bersin, J. (2007, November 16). Social networking: Meet corporate America. Retrieved February 9, 2009

from http://joshbersin.com/2007/11/16/social-networking-meets-corporate-america/. Blakey v. Continental Airlines, Inc. (N.J. 2000). 751 A.2d 538. Boehle, S. (2000). They’re watching you: Workplace privacy is going, going.. Training, 37, 50–60.

96 Employ Respons Rights J (2011) 23:83–99



Brandenburg, C. (2008). The newest way to screen job applicants: a social networker’s nightmare. Federal Communications Law Journal, 60, 597.

Bureau of National Affairs. (2009). BNA employment guide. Washington: Bureau of National Affairs. Byrnside, I. (2008). Six clicks of separation: the legal ramifications of employers’ using social networking

sites to research applicants. Vanderbilt Journal of Entertainment and Technology Law, 10, 445. Candilis, P. J. (2002). Distinguishing law and ethics: a challenge for the modern practitioner. Psychiatric

Times, 19(12). Retrieved September 8, 2005 from http://www.psychiatrictimes.com/display/article/ 10168/48616?pageNumber=1.

Chapman, C. N., & Lahav, M. (2008). International ethnographic observation of social networking sites. Retrieved March 10, 2010 from http://portal.acm.org/citation.cfm?id=1358628.1358818.

CIO Insight (2009). Five reasons to deploy a corporate social network. Retrieved February 9, 2009 from http://www.cioinsight.com/c/a/past-news/5-Reasons-to-Deploy-a-Corporate-Social-Network/.

Clineburg, Jr., W. A., & Hall, P. N. (2005). Addressing blogging by employees. The National Law Journal. Communications Decency Act (2000). 47 U.S.C. §§ 652 et seq. Communitelligence.com (2009). Building employee branding and engagement with internal social networks.

Retrieved March 3, 2009 from http://www.communitelligence.com/content/ahpg.cfm?spgid=361&full=1. ComScore (2009). ComScore: The growing appeal of social networks in Europe. Retrieved November 30,

2009 from http://www.nevillehobson.com/2009/02/17/comscore-the-growing-appeal-of-social-networks- in-europe/.

Coyote Communications (2008, November 27). Nonprofit organizations and online social networking: Advice and commentary. Retrieved August 7, 2009 from http://www.coyotecommunications.com/ outreach/osn.html.

Dessler, G. (2009). Fundamentals of human resource management. Upper Saddle River: Pearson. Ethics Scoreboard (2009, March 4). Science and technology. Retrieved March 20, 2009 from http://www.

ethicsscoreboard.com/list/facebook.html. Eur-lex (1995). Directive 95/46/EC of the European Parliament and of the Council. Retrieved November 30,

2009 from http://eur-lex.europa.eu/LEXURIServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HRML. European Commission (2009). What is the EU doing? Raising awareness & empowering children. Retrieved

November 30, 2009 from http://ec.europa.eu/information_society/activities/social_networking/eu_ action/index_en.htm.

European Commission (2010). What are EU directives? Retrieved March 10, 2010 from http://ec.europa.eu/ community_law/introduction/what_directive_en.htm.

Fair Labor Standards Act (1949). 29 U.S.C. §§ 215 et seq. Family and Medical Leave Act (1993). 29 U.S.C. §§ 2601 et seq. FreshNetworks Blog (2009, March 2). Russia: The fourth largest social networking market in Europe.

Retrieved December 3, 2009 from http://blog.freshnetworks.com/2009/03/russia-the-fourth-largest- social-networking-market-in-europe/.

Gabel, J. T. A., & Mansfield, N. R. (2003). The information revolution and its impact on the employment relationship: an analysis of the cyberspace workplace. American Business Law Journal, 40, 301.

Gely, R., & Bierman, L. (2006). Workplace blogs and workers’ privacy. Louisiana Law Review, 66, 1079. Goodwin, B. (2003). Tell staff about e-mail snooping or face court, new code warns. Computer Weekly, 38, 5. Greenbaum, K. (2008, October 6). Ethics of Facebook friendship: Can it really be a conflict? Retrieved

March 20, 2009 from http://www.igreenbaum.com/20089/10/ethics-of-facebook-friendship-can-it-really- be-a-conflict/.

Greenbaum, W., & Zoller, B. (2006, July/August). Court decisions impact workplace internet and e-mail policies. HR Advisor.

Gross, D. (2010, January). Has Twitter peaked? Retrieved March 19, 2010 from http://www.cnn.com/2010/ TECH/01/26/has.twitter.peaked/index.html.

Grubman, S. R. (2008). Think twice before you type: blogging your way to unemployment. Georgia Law Review, 42, 615.

Gutman, P. S. (2003). Say what?: blogging and employment law in conflict. Columbia Journal of Law and the Arts, 27, 145.

Higgins, M. A. (2002). Blakey v. Continental Airlines, Inc.: sexual harassment in the new millennium. Women’s Rights Law Reporter, 23, 155.

IntelFusion (2009). DoD and IC employees on Facebook and MySpace. This new Russian law may impact you. Retrieved December 3, 2009 from http://intelfusion.net/wordpress/?p=656.

Kaupins, G. E., & Minch, R. (2006). Legal and ethical implications of employee location monitoring. International Journal of Technology and Human Interaction, 2, 16–35.

King, N. J. (2003). Labor law for managers of non-union employees in traditional and cyber workplaces. American Business Law Journal, 40, 827.

Employ Respons Rights J (2011) 23:83–99 97



Kirkland, A. (2006). “You got fired? On your day off?!”: challenging termination of employees for personal blogging practices. University of Missouri-Kansas City Law Review, 75, 545.

Kirkpatrick, M. (2008, July 17). Corporate social networks are a waste of money, study finds. Retrieved February 9, 2009 from http://www.readwriteweb.com/archives/corporate_social_networks_are.php.

Kirkpatrick, D. L., & Kirkpatrick, J. D. (2006). Evaluating training programs: The four levels (3rd ed.). San Francisco: Berrett-Koehler.

Konop v. Hawaiian Airlines, Inc., 302 F.3d 868 (9th Cir. 2001). Leader-Chivee, L., Hamilton, B. L., & Cowan, E. (2008, Dec.). Networking the way to success: online social

networks for workplace and competitive advantage. Retrieved January 2, 2010 from http://www. entrepreneur.com/tradejournals/article/print/200784523.html.

Lex, R. (2007). Can MySpace turn into my lawsuit?: the application of defamation law to online social networks. Loyola of Los Angeles Entertainment Law Review, 28, 47.

Lichtenstein, S. D., & Darrow, J. J. (2006). Employment termination for employee blogging: number one tech trend for 2005 and beyond, or a recipe for getting Dooced? UCLA Journal of Law & Technology, 2006, 4.

Maximumpc.com (2010). Facebook leapfrogs Google in popularity contest. Retrieved March 18, 2010 from http://www.maximumpc.com/article/news/facebook_leapfrogs_google_popularity_contest.

Meller, P. (2009, June 23). Regulators: EU data protection laws apply to social networks. Retrieved November 30, 2009 from http://www.networkworld.com/news/2009/062309-regulators-eu-data-protection- laws.html.

Milligan, T. E. (2009). Virtual performance: employment issues in the electronic age. Colorado Lawyer, 38, 29.

National Labor Relations Act (1947). 29 U.S.C. §§ 151 et seq. Nolan, D. R. (2004). Privacy and profitability in the technological workplace. Journal of Labor Research,

24, 207–232. Occupational Safety and Health Act (1970). 29 U.S.C. §§ 651 et seq. Organisation for Economic Cooperation and Development, (2000). OECD guidelines on the protection of

privacy and transborder flows of personal data. Paris: OECD Publication Service. Retrieved January 6, 2010 from http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html.

Ostrow, A. (2009, March 9). Social networking more popular than email. Retrieved April 10, 2009 from http://mashable.com/2009/03/09/social-networking-more-popular-than-email/.

Owyang, J. (2009). What Facebook Connect means for corporate websites. Retrieved February 9, 2009 from http://www.web-strategist.com/blog/2008/07/23/what-facebook-connect-means-for-corporations/.

Owyang, J. (2010). A collection of social network stats for 2010. Retrieved March 19, 2010 from http://www. web-strategist.com/blog/2010/01/19/a-collection-of-social-network-stats-for-2010.

Perez, S. (2009, July 2). A growing acceptance of social networking in the workplace. Retrieved January 2, 2010 from http://www.readwriteweb.com/archives/a_growing_aceptance_of_social_networking_in_ the_w.php.

Porter, W. G., & Griffaton, M. C. (2003). Between the devil and the deep blue sea: monitoring the electronic workplace. Defense Counsel Journal, 65–77.

Quintura (2008, October 31). Odnoklassniki.ru shows new ways to monetize social networks. Retrieved December 3, 2009 from http://blog.quintura.com/2008/10/31/odnoklassnikiru-shows-new-ways-to- monetize-social-networks/.

Raphael, J. R. (2009). People search engines: They know your dark secrets…and tell anyone. Retrieved March 30, 2009 from http://tech.msn.com/products/articlepcw.aspx?cp-documentid=18632762& GT1=40000.

Sarbanes-Oxley Act (2002). 18 U.S.C. §§ 2510 et seq. Schultz, J. (2008, November 25). Facebook creeping! The ethics involved with employers usage of

Facebook. Retrieved August 7, 2009 from http://www.jaytaylorschultz.com/PDFs/Research-Facebook- Creeping.pdf.

Sims, R. R. (2003). Ethics and corporate social responsibility: Why giants fall. Westport: Praeger. Sprague, R. (2007). Fired for blogging: are there legal protections for employees who blog? University of

Pennsylvania Journal of Labor and Employment Law, 9, 355. Strege-Flora, C. (2005). Wait! Don’t fire that blogger! What limits does labor law impose on employer

regulation of employee blogs? Shidler Journal of Law, Commerce & Technology, 2, 11.

98 Employ Respons Rights J (2011) 23:83–99



Title VII of the 1964 Civil Rights Act (1964). 42 U.S.C. §§ 2000d et seq. Urban Dictionary (2008, September 18). Facebook ethics. Retrieved August 7, 2009 from http://www.

urbandictionary.com/define.php?term-facebook%20Ethics. Wardman, M. (2009, February 23). Social media penetration in European and Asian countries. The Wardman

Wire. Retrieved March 13, 2010 from http://www.mattwardman.com/blog/2009/02/23/social-media- penetration-in-european-and-asian-countries/.

Warnock, O. (2007). Networking or not working? Contract Journal, 440, 31–32.

Employ Respons Rights J (2011) 23:83–99 99



Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.


  • c.10672_2010_Article_9149.pdf
    • Legal and Ethical Implications of Corporate Social Networks
      • Abstract
      • Purpose
      • Legal Issues
        • The Employment At-Will Doctrine and Exceptions
        • Labor Relations
        • Discrimination Statutes and Employer Liability for Sexual Harassment
        • Vicarious Liability Issues
        • Select International Legal Issues
      • Ethical Issues
        • Fair Collection of Information
        • Other Ethical Issues
      • Policy Recommendations for Organizations
      • Suggestions for Future Research
      • Conclusion
      • References