By Libby Valos Moss and Aubrey Kuchar
It is likely that most of you reading this article use some form of social media, whether it be for business or personal use. If you are not using social media, you have at least heard people talk about Facebook, LinkedIn, Twitter, YouTube, MySpace, and blogs. What most employers do not think about is the way social media should or should not affect your decisions about your employees. The following is a list of issues that arise when discussing social media and its impact on employment issues. While the list is not exhaustive, it is designed to get employers to begin thinking about social media and its impact on their business and, more important, how to protect themselves
1. Federal statutes may or may not protect employees.
The Stored Communications Act was enacted to ensure the confidentiality of electronic communications. The SCA makes it a criminal offense to “(1) intentionally access without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility; and thereby obtains … [an] electronic communication while it is in electronic storage.” 18 U.S.C. § 2701(a)(1)-(2). Generally speaking, the communications protected by the SCA are only those in which an employee has a reasonable expectation of privacy. If an employer makes clear that certain communications are unprotected (i.e., establishes a social media policy), or an employee puts information on publicly available social media, the employee likely will find no protection under the SCA.
2. Indiana has no state law regarding cybervetting.
Currently Indiana has passed no law regarding cybervetting. As other states are developing laws, we can expect only that Indiana will be sure to follow.
3. Beware of how you “came to know” information.
Should employers use information they found on the Internet to make employment decisions, they must be careful to only use information publicly posted or given explicitly to them by the employee himself. In Pietrylo v. Hillstone Restaurant Group, 2009 WL 3128420 (D.N.J. 2009), Pietrylo, an employee of Houston’s restaurant, started a group on MySpace.com where employees could “vent about any BS we deal with at work without any outside eyes spying in on us. This group is entirely private, and can only be joined by invitation.” Pietrylo invited other employees to the group, including Karen St. Jean. St. Jean became an authorized member of the group.
While dining at the home of TiJean Rodriguez, a Houston’s manager, St. Jean accessed the group through her MySpace profile on Rodriguez’s home computer and showed Rodriguez the group page. St. Jean then provided the password to other managers at their request. Although St. Jean stated that she was never explicitly threatened with any adverse employment action, she gave her password to the managers solely because they were members of management and she thought she “would have gotten in some sort of trouble.” Ultimately, a manager terminated Pietrylo and another employee due to concerns that the content of the MySpace group would affect the operations of Houston’s, specifically by contradicting Houston’s four core values: professionalism, positive mental attitude, aim to please approach, and teamwork.
The terminated employees sued Houston’s, and a trial was held. The jury found in favor of the employees and awarded them punitive damages. The jury found Houston’s violated the SCA when its managers accessed the MySpace page without the members’ authorization to join the group, but instead pressured St. Jean to give them her password.
On appeal as to the award of punitive damages, the court held that although Houston’s has a right and obligation to protect its employees and managers from harassment or humiliation and to protect the core values of the restaurant, the jury’s findings show the jury did not believe the method used by Houston’s to protect those values was proper. The jury determined that Houston’s knowingly accessed the stored communications without authorization several times. The jury was not persuaded by Houston’s claimed lack of knowledge of “non-authorization.” Furthermore, the court determined that the jury had sufficient evidence from which it could reasonably infer that Houston’s acted maliciously in repeatedly accessing the group via St. Jean’s password due to St. Jean’s feelings that she had been coerced into providing her password to managers.
One of the many lessons from this litigation is that an employer should be very cautious in making employment decisions based on information not publicly disseminated on the Internet. Further, employers should never request an employee to provide a password to a site that cannot be publicly accessed.
4. Develop a policy and apply it uniformly.
It behooves employers to develop a uniform policy for both internal and external Internet use. Internal Internet use occurs when the employer or employee use social networking websites as a function of their jobs. Internal Internet policies that employers may want to consider include notifying employees that their Internet usage is being monitored at work. Also, the employer should notify employees that dissemination of confidential information, negative comments about the employer or fellow employees, and accessing certain websites may be grounds for discipline.
External Internet use occurs when employers use social media websites to research applicants. This is also known as cybervetting. External Internet policies that employers may want to consider are listing the social media websites that will be searched for every applicant, specifying the information that the employer hopes to glean from those websites, and whether current employees will be investigated periodically. Once a policy is developed, as with all employment policies, the employer must apply it uniformly to prevent claims by its employees.
5. Certain screenings of social media websites may be acceptable.
Employer screenings of job applicants’ social media websites are becoming increasingly common. Prospective employers may be looking for signs of illegal activity, negative comments about prior employers and coworkers, and photographs of unprofessional behavior. Information gained from a Google search may be acceptable cybervetting since it is public information. Information that may be found from a simple Google search includes public postings, public blogs, and even the initial photograph on Facebook. In fact, employers may need to cybervet applicants to avoid a future claim of negligent hiring. However, information from privacy-protected social networking pages and blogs may be off limits, as described in more detail in the Pietrylo case. To date, one of the few industries that has guidelines for cybervetting is law enforcement as found in its study, “Developing a Cybervetting Policy for Law Enforcement,” published in December 2010. The study provides a thoughtful analysis of both proper and improper usage of cybervetting.
6. Do not allow information posted on social media to become the basis of an illegal employment action.
When an employer makes hiring decisions or adverse employment actions, such decisions or actions must be based on unbiased, nondiscriminatory considerations. While decisions based on race, color, gender, disability, age, and national origin are prohibited, an employer may come across information relating to these factors inadvertently by searching employees’ social media pages. For example, if an employer visits a competent employee’s Facebook page and learns that the employee practices a religion to which the employer is vehemently opposed and demotes or fires that employee, the employer’s knowledge gained through social media may form the basis of an employment discrimination claim. The employer will have to show that a legitimate, nondiscriminatory reason formed the basis for the decision to defend the employee’s claim.
7. Employees can express views without retaliation.
Once an employee has alleged an adverse employment action based on a biased or discriminatory reason, the employer cannot retaliate against that employee based on knowledge gained through access to an employee’s postings on social media. If the employee’s “opposition” to an unlawful discriminatory practice by the employer appears on an employee’s social networking site or blog, adverse action taken by the employer could lead to a retaliation claim by the employee.
8. Content posted on social media can be discoverable.
When an employee brings a claim against his employer, a question often arises as to whether information posted by an employee on a social media website is discoverable. The U.S. District Court for the Southern District of Indiana addressed this issue in EEOC v. Simply Storage Management, LLC, 270 F.R.D. 430 (S.D. Ind. 2010). The court acknowledged that content on the employee’s Facebook and MySpace pages were not shielded from discovery simply because the accounts were “locked” or “private” because any concerns with confidentiality could be addressed with an appropriate protective order. Simply Storage was able to discover the content of the employees’ communications, third-party communications, photographs, and videos posted to their Facebook and MySpace pages, with some limited scope, because the employees claimed emotional distress caused by the alleged sexual harassment of a supervisor. The court reasoned, therefore, it is reasonable to expect severe emotional or mental injury to manifest itself in the content of the employee’s social media pages. Therefore, based upon the specific claims made by an employee, the content of social media pages can be discoverable.
9. Be careful who your “friends” are.
While it should go without saying that employers should be cautious about “friending” employees on Facebook, realistically an employer may feel compelled to accept a friend request from an employee as a gesture of goodwill. However, communication on Facebook can blur the professional relationship of employer and employee and cause a strained work environment later. Just as attorneys must be cautious about the ethical considerations of friending judges, bailiffs, or court reporters, and unrepresented parties to litigation, employers should be cautious of the consequences associated with being “friends” with employees on Facebook.
10. Ultimately, all employers should use their best judgment when it comes to social media in the workplace.
As the adage goes, the only thing that stays the same is change. Technology is rapidly changing, making it faster and easier for people to post their thoughts and photographs for all to see. As a function of the ease of sharing information, employers have increased access to that information. Simple curiosity is enough to make employers want to look at what employees post. And there are good business decisions that can be made based on the information employers find. However, employers should be cautious as they surf the Internet – they may continue to use it as a tool to garner information but, in short, should access only public information and do so uniformly and in accordance with their own written policies.•
Libby Moss and Aubrey Kuchar are partners in the Indianapolis office of Kightlinger & Gray. Kuchar chairs the Worker’s Compensation Section of the DTCI. The opinions expressed in this article are those of the authors.