Heyl Royster


Heyl Royster


Practitioner’s Points


Social Media Investigation: How Much is Too Much?: The Impact on Employees' Privacy Rights and Pointers to Avoid Litigation

On January 25, 2012, the National Labor Relations Board ("NLRB") released an Operations Management Memo ("OM 12-31"), its second since taking on its first social media case in November of 2011, which sets forth its position concerning "how much is too much" when it comes to monitoring and restricting employees' use of social media sites ("SMS"). In a nutshell, the message is:

Social media policies should be specific and not overly broad such that they might "chill" activity protected by the National Labor Relations Act ("NLRA").

An employee's SMS activity will not likely be protected by the NLRA unless it relates to the workplace and involves other employees.

In OM 12-31, the NLRB reviewed fourteen cases. Half of the cases involve questions about employer social media policies, five of which were found to be unlawfully broad. The NLRB found that it is unlawful for a policy to forbid employees from making "disparaging comments about the company through any media, including online blogs, other electronic media or through the media" because "it would reasonably be construed to restrict" protected Section 7 activity. The NLRB also found a policy to violate the NLRA which provided that "employees should generally avoid identifying themselves as the employer's employees unless discussing terms and conditions of employment in an appropriate manner." Additionally, the NLRB found that an employer's disclaimer in a social media policy that nothing in the policy should be construed to prohibit employee rights under the NLRA was not enough to make the overall policy lawful. The NLRB did shine some light on what provisions might be acceptable, including a policy which prohibits the use of social media to "post or display comments about coworkers or supervisors or the employer that are vulgar, obscene, threatening, intimidating, harassing, or a violation of the employer's workplace policies against discrimination, harassment, or hostility on account of age, race, religion, sex, ethnicity, nationality, disability, or other protected class, status, or characteristic." The NLRB also found that an employer could request employees to confine their social networking to matters unrelated to the company if necessary to ensure compliance with securities regulations and other laws. It prohibited employees from using or disclosing confidential and/or proprietary information, including personal health information about customers or patients, and it also prohibited employees from discussing launch and release dates and pending reorganizations.

The other half of the cases addressed in OM 12-31 involved the discharge of an employee after the employee posted comments on Facebook. Many of the discharges were ruled to be unlawful because they stemmed from unlawful policies. One of the cases reviewed involved a collections agency that fired a worker for her expletive-laced Facebook post complaining about being transferred to another department. The post rallied support from other co-workers. The worker was fired for violating the company's policy against disparaging remarks. The NLRB found that the discharge was unlawful.

This area of law is still developing since most laws were drafted before social networking became popular, but employers can lessen any expectation of privacy that employees might have, and violations of privacy, by taking the following steps:

  • Establish a SMS policy that is specific and not overly broad. For example, it is permissible to prohibit the disclosure of "confidential information" so long as "confidential information" is defined.
  • Have the employee sign an acknowledgment of receipt and agreement to the SMS policy.
  • Include a provision that, if an employee identifies the employer on the employee's SMS, the employee should include language which makes it clear that the postings are the employees' personal views and that the employee is not a spokesperson for the employer.
  • Incorporate by reference other existing policies including anti-harassment, anti-discrimination and non-disclosure policies.
  • Require a written acknowledgement by employees that they are responsible for the content of their Internet postings during work hours, and/or when using employer-owned computers and smart phones, and whenever their posting associates them in any way with the employer (including any private page that specifically identifies them as an employee of the company).
  • Limit employee access to social media during the scope of work and when using employer- provided equipment.
  • Make sure that employees are informed that a violation of the company's social networking policy could lead to discipline, including termination.
  • Although you cannot rely upon a NLRA disclaimer to rescue an overly broad SMS policy, you should still include one.
  • Enforce the policy.