Facing Up To Facebook - Society for Computers & Law

‘I hate this place.. I need something to do 🙁 ….I am bored people’.

A common feeling perhaps but not one you would normally share with the whole of the rest of your organisation.

At least this was the case before the explosive growth of social networking sites led to a blurring of the traditional boundaries between an individual’s professional and private personae. This easy lapse into informality, combined with a poor understanding of the privacy settings associated with those sites, has led to a proliferation of ill-advised comments and postings.

For example, the missive above was posted in a profile open to all of the user’s co-workers. While this may have caused some internal embarrassment, other Facebook postings have attracted press attention, such as those made by members of the ‘I Survived 118 118’ group (not to be confused with other similar groups such as the ‘118 118 apprecation [sic] society’ or the ‘I’ve been to a party dressed as a 118 118 person’).

This group was supposedly set up by employees of The Number UK Limited, who run the 118 118 service, and used to trade insults about customers, including one poster who claimed to have written customer’s telephone numbers on the walls of a public lavatory. It provides a clear example of the damage such sites can potentially do to both an employee’s and employer’s reputations.

What is Facebook?

Facebook itself is simply the latest in a long line of online social networks. One early and popular example is Friends Online, which grouped users based on their school or university education. Other well known examples exist, such as bebo and myspace, and there are more specialist social networking sites, such as shelfari (dedicated to book lovers) or OUTeverywhere (a social networking site for the gay and lesbian community). However, this article concentrates on Facebook as it has grown to be one of the more popular sites for university students and professional workers. This popularity may have originated from its subscription free model and minimalist design but it now increasingly benefits from a virtuous circle in which its large subscription base creates a network effect, drawing more and more members in.

The site itself allows a user to set up a profile page, which can be customised by adding photos and biographical details (such as age, marital details, contact details and employment history). The profile is supplemented by a wide range of other features such as:

· the wall – this allows users to post comments that are visible to others who view the profile;

· photo upload – users can upload photos and ‘tag’ them with other users’ names; and

· the ‘poke’ facility – this allows one user to ‘poke’ another. A standard ‘poke’ does not contain any information itself, it just attracts the other user’s attention. However, other applications can be used such as ‘X Me’ and ‘SuperPoke!’ that allow a user to (metaphorically) ‘bite’, ‘pinch’, ‘own’, ‘marry’, ‘worship’ or ‘throw a sheep at’ a friend.

Users then build up their own social network on Facebook by inviting other people to be their friends or by joining networks or groups. A wide range of networks and groups is available. These may be humorous (such as the ‘Jimmy Savile is a legend!’ group), special interest groups (such as the ‘Campaign Against Climate Change’ group) or for current or ex-members of most education institutions and workplaces (and, by way of example, four of the five magic circle law firms have a number of networks and groups associated with them). Some of these groups are very large, with the London network having over 900,000 members.

Finally, Facebook gives users detailed control over their privacy settings. The default position is that a user’s profile is visible to both the user’s friends and anyone in the user’s groups or network. However, users can alter this so that, for example, only friends can see their profile or conversely everyone can see their profile.

A Conundrum for Employers

Social networks such as Facebook pose a conundrum for employers. On the one hand their use can have a number of negative implications for the employer, such as potential damage to the employer’s reputation, as was graphically demonstrated by the ‘I Survived 118 118’ group.

Similarly, it is very easy for the employee to damage their reputation either within their own organisation or externally. Pictures of a recent drunken stag night are, of course, hugely amusing to the other members of the stag party but are less likely to generate confidence among that person’s professional contacts.

Facebook can also damage productivity and waste system resource. It is a highly addictive habit and time spent ‘Poking’ other users, writing on their walls or browsing their photos could normally be better spent working. Heavy usage, especially browsing photos or watching videos on the sites, can also impact on system performance. Finally, there are ongoing concerns that social networking sites could provide a back door for viruses to infect a system.

However, social networks are not entirely negative. They allow employees to maintain and develop both their social networks and, to an extent, their professional networks, which can provide wider business benefits. In fact, some networks, such as LinkedIn, are specifically designed for professional networking.

The idea of ‘networking’ on Facebook may seem ridiculous to many of the current workforce but younger users, the so-called ‘digital natives’ of Web 2.0, are much more comfortable with this medium and use it to develop large online communities. Blocking access may also be profoundly unpopular for these users, especially in many professional workplaces where employees spend the majority of their day behind a desk, as Allen & Overy found to its cost earlier this year when it had to unblock access to Facebook in the face of complaints from its staff.

Guidelines

Each organisation will have to make its own assessment of the issues raised by Facebook and other social networks. Some organisations, including a number of banks and utility companies, have reacted by simply setting their internet filters to block access at work. This is a very quick and easy solution to some of the system and productivity issues raised above. However, it does not solve some of the wider reputational issues and most of these organisations still have a number of groups and networks associated with them (not all of them entirely in keeping with their corporate branding).

Other options include allowing use but educating employees on what is and is not appropriate use of Facebook and other social network sites. Typically this would include:

· advising employees that their online activity could adversely affect their reputation and the reputation of their organisation if they identify themselves with their employer. Bringing the employer into disrepute could be a breach by the employee of their contract of employment, as could other activities such as posting confidential information about the organisation or its customers;

· ensuring users understand how the privacy settings work so they do not, inadvertently, publish their information too widely. For example, the default position on Facebook is that members of your group and network can see your profile, so being a member of the ‘London’ group will expose your profile to over 900,000 other Facebook users;

· providing guidance on what level of Facebook use is appropriate. For example, is reasonable use during working hours permitted or just use outside of working hours? This issue, and any subsequent monitoring, will need to be considered in conjunction with any existing Internet Use Policy; and

· warning users that exposing their personal details on Facebook may leave them vulnerable to identity fraud.

‘Sucks’ groups

Finally, organisations should consider whether to monitor networks or groups set up about them on Facebook and how to deal with these networks and groups if their content is inappropriate.

If the group or network has been set up by an existing or prospective employee then it may be relatively easy to exert some control over that site’s content or existence.

However, if the site is set up by ex-employees or members of the public, it may be much more difficult to control. For example, the ‘I Survived 118 118’ group is little more than a traditional ‘sucks’ site and, as such, will be hard to close. The group does use a registered trademark in its name, ‘118 118’, but as that text is being used for descriptive purposes and not in the course of trade it is unlikely trademark law could be used to restrain that use. Similarly, while copyright law could be used to restrain any reuse of an organisation’s logo on the network or group’s home page, it is very unlikely that it would be able to restrain use of the name itself. Finally, the content of the postings may be actionable if it is libellous or obscene. However, it is unlikely that the majority of the postings, even if they are not particularly complementary about an organisation, will fall into this category.

In any event, given the current media frenzy around Facebook, any direct action is likely to backfire spectacularly and, for many organisations, it may be better just to endure the pain as part of the transition to Web 2.0.

Allan Yeoman is an Associate at Linklaters: www.Linklaters.com

Upcoming events

Controlling Liability in IT Contracts – Clause and Effect

SCL Summer Networking Event – Organised by the Trainee Group

SCL Event: Procurement of Government IT Projects

Generative AI and Deepfakes: Understanding the Illusion

Annual AI Conference