Address workplace risks from technology and social media with a code of conduct for employees
It goes without saying that all employees have private lives. It was probably not much more than thirty years ago that the only rules for the whole of the workforce were arriving on time, not spending too much time on the phone to the husband or wife, and not taking the company ballpoint pens home.
However, the world of work is now completely different. Everyone has a mobile phone, so the ability of an employer to use the office telephone system to restrict phone usage is now gone. The proliferation of laptops and tablets, coupled with the propensity of firewalls designed to limit personal use to impact on the business as well, has also completely changed the dynamics of businesses.
Evolution of technology and decline of employer’s control
In pretty much every case, the development of technology has driven workplace change. The introduction of switchboards allowing a phone on every desk forced employers to permit reasonable usage of work phones for private purposes.
The development of the PC then led to a PC on every desk, and when email systems were introduced, employers asserted rights to prevent employees from using emails for private purposes. Further, employers claimed the right to interrogate systems to find private emails, on the basis that the email system, and thus all the email traffic hosted, were the property of the employer.
It didn’t take all that many years for courts to decide that the ownership of the system by the employer did not invest the employer with an unfettered right to access employees’ private email traffic. (And by that stage the availability of ballpoint pens at $5 for a box of 100 meant that employers had also ceased caring about stolen pens.)
In its existence of a little over twenty years, the internet has had similar effects, especially since it evolved from being an interesting diversion to an integral part of day-to-day business. And now, over a very short time, social media has also become embedded in daily activity.
Social media’s evolution from distraction to business tool
In much the same way that the internet started out as a cross between a huge encyclopedia and an entertainment medium before becoming a business tool, social media has morphed from its US college roots (Facebook was named after the ubiquitous books with pictures and bios of graduating students) into a marketing and communications tool for large numbers of businesses.
So, as with most technology changes, it would not be possible to put the genie back into the bottle, even if someone wanted to try. However, in a way which arguably exceeds the impact of emails and the internet, social media has blurred the workplace lines between the public and the private, and in so doing has presented some unique challenges.
Dissemination of emails far beyond the sender’s control
The old advice cautioning youth against getting a tattoo made the simple point that once inked, the mark was pretty much there for life.
To an extent this is also true of emails: once “send” is pressed, the sender completely loses control of the email and its content. An email sent to an employee on the other side of the office about the substandard quality of the boss’s new hairpiece could, at least in theory, end up in Brazil or the Aleutian Islands.
Of course those destinations would not be of much concern: no-one there would have any idea of the identity of those involved, and the email would be of no interest to anyone reading it. The real problem is that the email might end up being sent to the boss. And in that sense an email is indestructible, at least by the sender.
While this sort of risk posed by emails is still far from trivial (ask Julian Assange, Edward Snowden and Hillary Clinton), the risks attending social media are far greater.
Social media posts present greater risks than emails
There are a number of differences between social media posts and emails. First, while pictures and videos can be attached to emails as well, most emails contain far less information about the sender than do social media posts about the person posting it (for convenience, “the poster”).
It’s possible to insert the standard disclaimer to the effect that the email is meant only for the named addressees, and should be ignored and then destroyed by an unintended recipient. It is to be suspected that this injunction is rarely obeyed, but it still could prove useful in some situations to establish that the sender’s intention was to preserve some degree of confidentiality.
With social media posts, however, even with the architecture of platforms providing for open or restricted posts, including block and mute functions, and subject to the platform operator’s policy and preparedness to close or shut down accounts, the ability of the poster to control access to the post is, obviously, markedly less than even that of the email sender.
Inappropriate photos and abundance of personal information on social media
Second, the adage “a picture is worth 1000 words” applies. Attachments aside, emails say what their author intends them to say, and no more. By contrast, social media pages tend to have a range of personal information never appearing in emails, such as birthplace, schooling, place of residence, relationship status, and, importantly for these purposes, the employer. And that’s just the social media home page.
Very frequently a post will involve a picture. Frequently a picture will show the poster “having fun”. Now and then the picture of the poster “having fun” will feature other people also “having fun”, some of whom may be completely unaware that they have been publicised in this way. And occasionally, the “fun” activity will not paint a flattering picture of those enjoying themselves.
Hardware and software used for social media posts not owned by employers
Third, the ability of employers to exercise control over private use of the office email system, limited as it may have been, is more tenuous where neither the software nor the hardware used to make social media posts may be the property of the employer, although the content may still somehow affect the business.
There may be two main workplace consequences of social media posts made by an employee.
One is for the employer. Is the reputation of the business enhanced by the depictions in the post? Perhaps more pointedly, does the post leave the business’s reputation unscathed?
The other is for the employee who is the poster. To the extent that the post is accessible to the public, the poster risks that information being accessed by a potential employer when the employee is seeking career advancement. More immediately, what if the poster’s current employer is less than impressed?
Employer’s right to expect employees to do what they have been employed to do
Whether we are looking at computers, mobile phones, or the social media aspects of these things, the law recognises that employees are not deprived of rights to personal activities simply because they are at work. Thus an employer seeking to manage by restricting or regulating specific aspects of these things is not going about it in the best way.
The best way relies on the employer’s indisputable right, in relation to an employee, that the employee should devote his or her undivided attention and effort to doing the job he or she has been employed to do.
“Undivided” of course does not mean the employee may not make a private phone call, send a private email, or make a personal social media post during working hours; any more than it means that the employee cannot stop for a cup of coffee, to have lunch, to chat briefly with a co-worker, or to use the bathroom.
Private use of technology should not distract from the tasks at hand
It means, simply, that the employee must focus on the job, and do it to the (reasonable) standards set by the employer, and within the (reasonable) time allocated to the task. If there is a key message about dealing with problems which arise from private use of technology, it is that the focus should be on what the employee should be doing, not on what the employee should not be doing.
Of course, this assumes that what is being done with the technology is simply time-wasting, and is not anything likely to damage the business in some other way. But what happens when this activity is not just time-wasting, and is having (or has the potential to have) some more adverse impact?
Employee code of conduct can define expected standards of loyalty and professionalism
Policies may not solve all problems, but they are very useful in setting boundaries and managing expectations.
Policies about issues of this kind are most conveniently included in a code of conduct for employees. In that way employers minimise the extent to which rules of this kind are seen as singling out some activity as “banned”, and present these rules as a coherent suite of provisions broadly asking employees to do what most people would expect: to do their job to the best of their abilities, to be loyal to the business, and to deal with customers, clients and co-workers in a professional and civil manner.
The concept of loyalty includes employees refraining in their private lives from any activity likely to harm the business, its reputation, or its customers. This is a legitimate expectation, not an impermissible intrusion into the private lives of employees.
And the added benefit of spelling this out in a policy is that, if some employee does think his or her private life is suffering unjustified intrusion, this debate can be held around the terms of the policy. This is better than waiting until the point when the employee has been dismissed for a post appearing to endorse a competing business and wants to argue that the employer can’t intrude on an employee’s private life and in any case, had never said anything about prohibiting activities of this kind.
Questions to ask yourself before you send that email
A quite different situation is that of an employee – or for that matter anyone – who suffers self-inflicted damage as a consequence of an ill-considered social media post or email. (For example, that hilarious email you sent about the boss’s new hairpiece somehow made its way to his inbox and now you find yourself looking for a new job.)
Emails are generally accepted as a rather less formal mode of official communication than letters, so that a level of familiarity is tolerated which might cause a raised eyebrow in an official letter. People feel more able to include modest witticisms in emails than in letters.
However, if your email is any less formal than a communication on letterhead conveying the same information, it is crucial that you read it very carefully before pressing “Send” and, in so doing, ask yourself a couple of questions.
If you have attempted a joke, would the complete stranger who has received the message after you mis-typed the address immediately recognise it as a joke, rather than an offensive or critical comment?
Or does recognition of what you said as being light-hearted depend on the reader having some personal knowledge of you, the recipient and whoever you are talking about? And would you feel comfortable with the chief executive or managing director of the business reading your email?
Be selective about what you post and whose friend requests you accept
More importantly, what about your social media page, and your posts? If your page is generally accessible, is it essential to let readers know where you work? If your material is accessible only to your “friends”, how well do you know them? How selective are you in accepting friend requests?
And how selective are you in what you post? Is it essential to post that picture of you and your buddies late into that long lunch? And if you feel it is, how will people seeing it know in what circumstances the picture was taken? Again, think before you post.
Risk of defamation actions relatively low
A recent high-profile case notwithstanding, the prospect of being sued for defamation is fairly low, because of the huge expense of seriously commencing proceedings, let alone actually conducting the litigation. However, when you post on social media, you are “publishing”.
“Publication” is the essence of the tort of defamation: someone you disparage in a completely private setting has no cause of action. But once you communicate to some third party – even only one person – what you have said, the right of the person disparaged to sue for defamation arises, even if in the overwhelming majority of cases no action will be taken.
Inappropriate emails and social media posts can have serious consequences
However, this does not mean that there may not be other serious consequences, if there is a sufficient link to the workplace. Even though the post may be made without any involvement of infrastructure owned by the employer, and the events depicted may not have been on the employer’s premises, it is still possible that there will be a connection to the workplace which will be sufficient to justify the employer taking disciplinary action. Importantly, someone criticised or “trolled” may seek a remedy for alleged harassment.
Generally speaking, it will not be a defence for the person sending the email or posting on social media to say that it unforeseeably fell into the possession of someone to whom the sender had no intention of providing it. The “re-publication” which occurs when a recipient forwards an email, or shares a post with their own friends, may sometimes be a mitigating circumstance, but will not absolve the original sender from all liability.
In a nutshell, it is vital for both employees and employers to be well aware of the uncontrollable nature of electronic communication, most notably social media, and to treat it with the caution and care it deserves.
For more information, please see Social media defamation: be cautious when posting or re-posting online comments, reviews and links.