Information Technology

Should that be in a personal online profile and can you use it?


Personal profile posts on business-oriented internet sites pose potential problems for organizations regardless of whether they are publicly traded. 

Proliferation of employee social media use continues unabated, and, in turn, the desire of organizations to rely on that employee-use to make certain employment-related decisions. Employee use of social media, including on professional business sites such as LinkedIn, generally presents many sensitive and difficult legal issues for organizations. The comments and other posts are intertwined with freedom of speech guarantees in the nation’s Constitution (at least for public employers), employee rights under the National Labor Relations Act, and other federal and state laws and regulations. As a result, these posts aren’t as easily “managed” as those which are purely company-related materials.

Moreover, unless an errantly worded post is spotted by company management, the social media monitoring team, or gets broad social media or mainstream/trade media attention—including going viral– many posts stay under the “corporate” radar.

One of those under-the-radar items is a profile posting on a business-focused online site. As a result, potential problems might sit unnoticed, ready to suddenly cause legal, regulatory or competitive woes for an organization. While similar problem-creating profile-wording might appear in a paper-based resume, that problematic information is likely to be seen by only a few. But online, the information is potentially exposed to many millions of eyeballs and the risk of potential damage is exponentially worse.

For example, a staff member might post her/his responsibilities at the company in a way which inadvertently includes proprietary or confidential information about finances, strategies, product developments, or regulatory issues.  Or, the social media post might be done in a more targeted way by a separated employee who violates a non-solicitation agreement the individual has with the former employer.

Likewise, the posting may have incorporated information about clients or types of clients—even if not specifically named, but identifiable —which might be useful to competitors, or touch a regulatory hot-spot.

Similarly, of special concern to the information technology team, the post might include a non-public email address or other contact information which could enable a cyber-thief to gain access to the broader corporate computer system.

From a corporate communications perspective, the post might use phrasing which hasn’t been (and might not be) approved by an in-house marketing or public relations team, resulting in a post that is inconsistent with the company’s approved strategic messaging plans for clients, prospective clients, and others, including regulators.

Among other issues, too, is the associated business-oriented photo; the individual might post her/his photo taken in an office-setting, inadvertently showing something in the background which might compromise company information—a map, signage, or codes.

An employee isn’t likely to upload any of this information with nefarious intent. But, missteps can and do occur; companies should help themselves by taking a variety of steps.

These include:

  • developing a social media policy that is consistent with the current state of the law, and that appropriately balances employee rights and the rights of the employer to establish and maintain certain workplace expectations—written jointly by corporate communications, internal/external legal counsel, and human resources– with specific reference to corporate-related personal profile issues;
  • disseminating the policy to all employees (full-time and part-time), vendors and consultants;
  • adding the policy to all contracts;
  • providing the policy document to all new hires on day-one, citing it specifically during orientation, and including it in the employee handbook;
  • setting up a process for employees, vendors and consultants to voluntarily submit these types of profiles for review to a specific corporate unit, such as communications, which, beyond spotting and discussing potential issues, may also help offer suggestions to improve the post; 
  • arranging for professional-looking profile-photos to be taken free by the company; and,
  • setting up a social media monitoring program which includes business-oriented sites, using internal or external staffing.

These steps won’t eliminate all problems, but they likely will avoid many.

Michael Schmidt is vice chair of the Labor and Employment Department and New York-Midtown office managing partner of Cozen O’Connor, a full-service law firm with 28 offices across two continents. Art Samansky is a principal of The Samansky Group, an Old Bethpage, N.Y.-based  corporate communications consulting