Employment law has consistently lagged behind the advance of technology. As a result, when novel issues involving technology occur, they have (so far) been resolved by analogy to the non-digital world.
To be effective, your information technology, social media and online transaction policies need to be easy to understand. After all, they will need to be followed by not only the technologically literate, but (especially) by those who struggle with technology.
Using analogies, we will explain the concepts underpinning these policies, and describe the context in which they operate and some of the challenges they need to address. This will allow you to cut through the hype and techno-speak and assess what you really need from your policies.
Data Security Policies – a digital file as analogous to a physical file
Not so long ago, data security was a simple business. A client file was either on your desk, with a typing pool, locked in your filing cabinet, or lost.
Today, there are somewhat greater challenges:
- Your employees may be carrying around the equivalent of thousands of files at once in their smartphones or laptops;
- The files can be accessed remotely from a wide variety of locations, at any time of the day or night;
- The files can be instantaneously copied and transmitted to vast numbers of recipients;
- The files may be held on a mixture of business and private devices;
- The files may no longer have physical form, and may be held in a “cloud”;
- It is possible to delete multiples files with a single key stroke.
Thinking about data security using analogies can help employers draft sensible policies and help employees understand those policies, because rules about access, security and permissions that make sense for physical files also make sense for digital ones.
The main difference is that of scale. For example, leaving an unsecured iPhone on a café table is similar to leaving a six foot high pile of paper files behind!
Ask yourself, what rules would I need in place to deal with this problem if these were physical files? How does the fact that the information is digital complicate these rules? What is the underlying issue I need to address?
Social Media Policies – Social Media as analogous to the staff water cooler
a) Even on the internet, people are just people
Social media is both phenomenal and mundane. It is phenomenal in that it is used daily by hundreds of millions of users and accounts for the largest volume of internet traffic. Yet it is mundane in that most of that traffic consists of those people sharing jokes and photos, or talking about sports or TV shows with their immediate circle of “friends”. In this respect, it is analogous to the staff water cooler.
b) Talk is cheap (but still actionable)
While there may now be digital celebrities who can influence trends and generate publicity, trendsetters have always existed in the non-digital world. By their very nature, such celebrities are few and far between. Most rants or tirades are ignored or quickly forgotten because they are self-serving, mundane and made by people with little or no influence. The internet does not transform trolls into megastars. Despite the intense media interest in misconduct on the internet, the courts have (so far) poured cold water on the suggestion that Facebook posts are an existential threat to any business. By all means take action, but try to keep things in proportion. Being called a “jerk” on the internet may not be the end of the world as we know it.
c) If you talk to the public it is not a private conversation
There remains a common misconception that social media comments and posts are somehow private or sacrosanct. In a legal sense, there is little difference between posting pictures on your Facebook page and handing them around to your friends at the water cooler. It is no surprise that recent cases have considered posts to be admissible evidence.
d) You are wearing the company t-shirt
All employees are (to a greater or lesser extent) ambassadors for their business. Much like somebody wearing the company t-shirt, how employees act while using social media (or the internet generally) reflects on the company as a whole.
The same informal rule that applies to the staff water cooler translates equally to social media: don’t bad-mouth the boss or the company, because you can never be quite sure who will overhear you. If you can manage to promote the company in the process – kudos to you! Positive online interactions will increase the worth of your “brand”.
For some individuals, particularly those who are figureheads for the organisation (for example, TV presenters or senior executives), the obligation to behave responsibly may extend well past working hours and the company t-shirt is always “on”.
e) One size does not fit all
Is the “right” Social Media policy for your business prescriptive or permissive? Draconian or “hands off”? The answer to this question depends very much on your people and your business: what is the water cooler culture like at your company?
Online Transaction Policies – using the business’s “digital” chequebook
While there are more ways than ever to pay for goods and services online, it is important to remain vigilant. If a deal sounds too good to be true, chances are it is a scam. If an e-mail says it is from a bank or tech support but the reply address looks unusual, chances are it is a scam. If only one employee has the technical knowhow to conduct online transactions, make doubly sure that there is accountability and independent scrutiny, because if you don’t, you may find out they were helping themselves to your money all along!
The internet is an invaluable business tool, which makes financial transactions fast and convenient. It has also presented embezzlers, fraudsters and scammers with new opportunities to take your money.
When the test of your online transaction policy comes, it will not necessarily be the most tech-savvy employee who is involved. In fact, it is much more likely to be the person who struggles to set up their out of office reply who clicks on the link to “[generic initials]supoprt.co.ru”. It is important that all employees understand what is expected of them and that proper systems and procedures are in place. Make sure you treat your digital chequebook with as much care as your physical one!
What Bartlett Law can do for you
- Assist in drafting and implementing plain English data security, social media and online transaction policies;
- Vet and critique your existing data security, social media and online transaction policies;
- Assist with investigation and disciplinary issues arising from data security, social media and online transaction issues;
- Represent you at mediations;
- Represent you in the Employment Relations Authority and the Employment Court.
Contact us to learn more.