Making Cyberbullying a Criminal Offence in Canada

On Wednesday, the Canadian federal government introduced Bill C-13, a ‘new’ cyberbullying bill to address the increasingly harmful effects of intimate images going viral online.  The cyberbullying proposals are part of a wider omnibus bill that amends a few acts, including the Criminal Code and Evidence Act. 

Many of the cyberbulling provisions are in fact similar to provisions in Bill C-30 that was introduced in February 2012, but that was withdrawn due to the public opposition over the extent to which ISPs would have been required to hand over customer information.  For further commentary, here’s a good summary of critique on the bill by CBC journalist, Andre Myers.

Parliament’s summary of Bill C-13

This enactment amends the Criminal Code to provide, most notably, for

(a) a new offence of non-consensual distribution of intimate images as well as complementary amendments to authorize the removal of such images from the Internet and the recovery of expenses incurred to obtain the removal of such images, the forfeiture of property used in the commission of the offence, a recognizance order to be issued to prevent the distribution of such images and the restriction of the use of a computer or the Internet by a convicted offender;

(b) the power to make preservation demands and orders to compel the preservation of electronic evidence;

(c) new production orders to compel the production of data relating to the transmission of communications and the location of transactions, individuals or things;

(d) a warrant that will extend the current investigative power for data associated with telephones to transmission data relating to all means of telecommunications;

(e) warrants that will enable the tracking of transactions, individuals and things and that are subject to legal thresholds appropriate to the interests at stake; and

(f) a streamlined process of obtaining warrants and orders related to an authorization to intercept private communications by ensuring that those warrants and orders can be issued by a judge who issues the authorization and by specifying that all documents relating to a request for a related warrant or order are automatically subject to the same rules respecting confidentiality as the request for authorization.

The enactment amends the Canada Evidence Act to ensure that the spouse is a competent and compellable witness for the prosecution with respect to the new offence of non-consensual distribution of intimate images.

It also amends the Competition Act to make applicable, for the purpose of enforcing certain provisions of that Act, the new provisions being added to the Criminal Code respecting demands and orders for the preservation of computer data and orders for the production of documents relating to the transmission of communications or financial data. It also modernizes the provisions of the Act relating to electronic evidence and provides for more effective enforcement in a technologically advanced environment.

Lastly, it amends the Mutual Legal Assistance in Criminal Matters Act to make some of the new investigative powers being added to the Criminal Code available to Canadian authorities executing incoming requests for assistance and to allow the Commissioner of Competition to execute search warrants under the Mutual Legal Assistance in Criminal Matters Act 

 

Tweet Like Share on LinkedIn Email

Implementing a Successful BYOD Program

Last week, I conducted a workshop on implementing a successful “Bring Your Own Device” (BYOD) program at the Canadian Institute’s Privacy Law & Compliance Conference.  I met a wonderful group of privacy experts who had plenty to contribute to the discussion. 

We talked about the benefits, risks and costs of permitting employees to use their personal device to perform work-related tasks, which typically includes accessing the company’s network.  Over half the group was in the public sector and regularly handled very sensitive, confidential personal information. 

The private sector attendees in the group had an equally strong concern about protecting highly sensitive and confidential business information.  At the end of the day, most organizations, regardless of how open they may or may not be, require a certain level of security around their data, intellectual property and personal information.

So how to implement a successful BYOD program?

 

 

Continue Reading...
Tweet Like Share on LinkedIn Email

Who Owns "Publicly Available" Social Media Content?

Who owns your LinkedIn connections?  I’ve blogged about the ownership of social media content a few times already (here, here, and here) and I continue to believe that the real battle will be over connections made in the course of business. 

Are these connections your extended network that you brought into the employment relationship that you can take with you when you leave?  Or are they the employer’s customer list in which the employer has a proprietary interest?

Traditionally, employers owned the customer list, and most employers will likely continue to believe that for some time to come.  But increasingly, we are seeing individuals demand ownership over their own online social network.

The Canadian Eagle Case

This is the core of the US cases, Eagle (LinkedIn) and PhoneDog Noah (Twitter).  There is also some Ontario law that pushes forward this concept that online social media contacts may not necessarily belong exclusively to the employer.  For example, in the summary judgment case of Eagle Professional Resources Inc. v. MacMullin2013 ONSC 2501(Ont. S.C.), confirmed on appeal yesterday, the court held that three employees did not breach the non-solicitation provision of their employment contract when they allegedly contacted their former employer’s customers. 

Can “Publicly Available” Information be Confidential?

The employees argued that they did not actively approach any of their former employer’s customers, but to the extent that they did continue to work in their field, they relied on “publicly available” information.

It is established law (and common sense) that a company cannot assert confidentiality over otherwise publicly available information.  In the Canadian Eagle case, the employer argued the customer information was taken from an internal database.  The three defendant employees argued the customer information was publicly available online from social media sites such as LinkedIn:

27 In this case, there is no evidence from Eagle, other than a very bald assertion, that it had any proprietary interest entitled to protection. According to the Defendants, the information that they learned at Eagle was all publicly available and obtained from such sources as social media websites.

As a summary judgment case, the decision is brief and does not go into detail about the nature of the social media sites, who owned them, whether they were the companies’ or the employees’ sites, or whether the online public sources were open to anyone in or beyond the company.  All we know is that they were “publicly available”, essentially eliminating the employer’s proprietary interest over such content.

There are, of course, various intellectual property laws available to prevent people from stealing content or scraping from another person’s or company’s website.  What remains less clear, however, is the extent to which an employer can ascribe a confidential value to something that is publicly available. 

But the Telephone Book is not Confidential

One colleague of mine has commented that the concept is not new if you think about the traditional telephone book.  The difference, however, is that the value of the list is derived from WHO is on that confidential list, not what is their telephone number or email address.  In other words, who cares who lives in Toronto?  As an employer, I would want to know which specific individuals in Toronto will want my business, and that is the list I would want to protect and prevent employees from taking with them and competing against me.

What to do?

The LinkedIn account is a contract between the individual and LinkedIn, but employers who anticipate a lot of active LinkedIn participation on behalf of the company should consider some sort of additional agreement between the employer and the employee.  This agreement could set out the parameters of use, who speaks on behalf of the company, and most importantly – who owns the content, some of which is produced on company time and on company equipment.

The law is quickly evolving on social media content, but there is no doubt that many of the headaches could be avoided with strong contracts upfront, entered into when the parties are still friends.

 

Tweet Like Share on LinkedIn Email

Does Eagle v Morgan Apply in Canada?

A couple of readers have asked to what extent US based social media cases will apply in Canada.  We don't yet have a large body of social media cases in Canada (other than run of the mill termination cases involving social media), so there tends to be a lot of discussion up here about US based social media cases.  Given that the US population is 10x larger than Canada’s population, it makes sense that there is simply a much larger volume of American caselaw to work with. 

For novel issues in general, Canadian courts will often take into consideration cases from other countries in the Commonwealth and the US. 

So for the world of social media, where many of the issues remain novel and unlitigated, US cases may be influential on our own adjudicators looking for guidance and analysis.  While US cases are not a binding legal precedent, they may provide an important backdrop to a Canadian decision.

A good example is the Eagle v Morgan et al. case (for a commentary on the piece, see my recent blog post here).  In that case, one of the three successful claims was for a breach of the former employee’s privacy tort of intrusion upon seclusion by appropriation of identity.  However, while Dr. Eagle won certain of her legal claims, she was unable to prove any actual damages and therefore was awarded $0.

Dr. Eagle may have had a better result in Canada.  Last year, the US tort of intrusion upon seclusion was introduced into our jurisprudence through the Jones v Tsige (2012 ONCA 32) case (discussion in a past blog post here).  The court adopted the US tort, but with a critical difference:  there is no requirement to prove harm to a recognized economic interest in Canada to be awarded damages. 

Paragraph 70 and 71 of the Jones v Tsige case set out the elements of the tort as follows:

c) Elements

[70]         I would essentially adopt as the elements of the action for intrusion upon seclusion the Restatement (Second) of Torts (2010) formulation which, for the sake of convenience, I repeat here:

One who intentionally intrudes, physically or otherwise, upon the seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the invasion would be highly offensive to a reasonable person.

[71]         The key features of this cause of action are, first, that the defendant’s conduct must be intentional, within which I would include reckless; second that the defendant must have invaded, without lawful justification, the plaintiff’s private affairs or concerns; and third, that a reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish. However, proof of harm to a recognized economic interest is not an element of the cause of action. I return below to the question of damages, but state here that I believe it important to emphasize that given the intangible nature of the interest protected, damages for intrusion upon seclusion will ordinarily be measured by a modest conventional sum. [emphasis added]

Thus, while Dr. Eagle failed to obtain any damage award in Pennsylvania, in Ontario at the least, she may have won her claim and received an award notwithstanding her failure to establish harm to a recognized economic interest. 

Damages for the Ontario tort are capped at $20,000, so it remains to be seen whether that relatively low cap will discourage people from spending big legal fees for a fairly low win.  The tort will no doubt be coupled with more fruitful claims in most situations.

Take-Aways

There are two key concepts to take away from the relationship between the Eagle and Jones cases:

1.     Canada is not a US State, and indeed a different country with different laws.  Yes, really.  Check on Wikipedia if you don't believe me: http://en.wikipedia.org/wiki/Canada (English) or http://fr.wikipedia.org/wiki/Canada (French).   

2.     US cases do influence our laws, although not as a binding legal precedent, and always filtered through our Canadian legal lens that tends to result in more employee-friendly results.

 

Tweet Like Share on LinkedIn Email

Ownership of LinkedIn Content: Eagle v Morgan

Who owns your LinkedIn content?  As described in my last blog post, the battle over who owns social media content, and particularly LinkedIn connections and any other social media “customer” list, has yet to come.  LinkedIn content will likely be where employers and companies may have a financial motivation to fight for the content, depending on how the social media content was used in the course of business.

The Eagle v Morgan et al decision came out in March, and is one of the few cases to date that provides some insight as to where the courts may go on social media content.  This is a Pennsylvania case, but some of the underlying legal concepts may be applicable in Canada, albeit not as a direct precedent. 

For a full review of the facts, see Sara Hutchins Jodka's summary on the Employer Law Report blog.  For some good analysis about the case, Daniel Schwartz has discussed the case a couple of times in his blog, Connecticut Employment Law Blog.

The Facts

As with most law, the case turned on its particular facts:

  • Dr. Linda Eagle co-founded her banking education company and she was a key sales generator and face of the company;
  • She provided her staff with her LinkedIn password, and directed them to maintain her LinkedIn account, including updating content, responding to messages, and expanding connections;
  • The company heavily used senior executive LinkedIn accounts to expand the company’s network and to generate business;
  • Dr. Eagle and her co-founders sold the company in October 2010, but stayed on as employees until they were terminated by the new owners the following June 2011; and
  • Immediately upon termination, the company changed Dr. Eagle’s LinkedIn password, replaced her photo with that of her replacement, and changed most but not all content.

Needless to say, Dr. Eagle was ticked.  She gained access to her account within a number of weeks, but only by going through LinkedIn directly.  

Dr. Eagle sued her past employer for a long list of claims, winning on the following:

  1. unauthorized use of name
  2. intrusion upon seclusion by appropriation of identity
  3. tort of misappropriation of publicity.

For most of us mortals, we’re simply not important enough to have any sort of celebrity name that can be misappropriated for any monetary value.  In this case, however, Dr. Eagle remains a leader in her field and organizations hire her for her unique skills.

The Decision

The bittersweet twist in this case is that while Dr. Eagle successfully proved her first three claims, the court held that she had not established any monetary damages, and was therefore awarded $0.  Although she did prove her point that the company misbehaved very badly, it is a rather hallow victory.

Take-Aways

So who owns social media content?  The Eagle case suggests that the owner of the LinkedIn profile does, even when that owner expressly directs the company’s staff to maintain and develop some of the content.

The company had unsuccessfully counter-sued Dr. Eagle, arguing that her LinkedIn connections belonged to the company.  Similar to the types of arguments put forth in Phonedog, those connections are already in the public domain, making the proprietary claim a bit of a stretch.

This is why social media connections are not simply a Rolodex to which the employer can claim ownership.  Social media connections/followers/friends are not particularly private, confidential or even unique.  It’s a collection of relationships, which may or may not be directly related to the employer, even if the employer’s staff has developed many of those connections.

We’ve now seen a move in the law towards recognizing who may own the content, and in the absence of crystal clear employer policies, it will likely be the employee.

What remains to be seen is how to commodify content and relationships.  Who cares who owns the content and relationships if they are legally worth $0.  Most of us, however, have a gut feeling the value is a good deal more than $0.  Social media isn’t just social – it’s business too.

Tweet Like Share on LinkedIn Email

Who Owns Work-Related Social Media?

Who owns the social media content created and maintained in the course of employment? Work product is traditionally the proprietary interest of the employer. But there’s something different about social media content. 

A blog created by a company employee during company time on a company computer with a focus on the company’s products may be straightforward – the blog and its content are owned by the company.

LinkedIn: Where the battle will likely take place

But what about LinkedIn?  I've blogged about the @PhoneDog_Noah case and the ownership of Twitter followers in the past, but the future battle will no doubt be focused on LinkedIn. While the LinkedIn User Agreement is between the individual and LinkedIn, the reality is, a key purpose of LinkedIn is to either generate business in one’s current occupation (i.e. increase your employer’s business), or to generate business and connections for the next position (i.e. for the next employer). 

The question is whether the development of connections and of one’s network in general is as a result of one’s individual personality, or as a result of one’s association with a company name. In other words, do people connect with me because I’m a lawyer at XYZ LLP, or because of my individual personality/voice? I suspect in most cases, for most people, it’s a combination of the two. 

And it’s this combination that makes LinkedIn different than a traditional Rolodex. A company’s customer list is the company’s property, and a departing employee cannot take that list with her. 

But in the modern world of social media, do you take your LinkedIn connections with you? I’m guessing 100% of us believe that we do – it’s our own individual account. And LinkedIn would agree. But will your employer?

You Own My Relationships?!

A Gen-Y employee would find it rather unseemly that their relationships with their colleagues, friends, and general network is somehow owned by one’s employer. None of us expect to stay with the employer for 30 years anymore. Compiling, developing and working hard to nurture our network of relationships is a critical tool of business that we need to take with us. 

Conversely, employers have a good reason to assert a proprietary interest over its customer list. 

Let the battle begin.

Stay tuned to my next post where I will debrief about the Eagle v Morgan case, one of the few cases out there that has gone to trial on the issue of LinkedIn content ownership.    

Continue Reading...
Tweet Like Share on LinkedIn Email

How Gen-Y is Redefining Face Time in the Office

The Olden Days

In the olden days, like, in 2003 before we even had Twitter or LinkedIn or smart phones smarter than the first rockets into space, “face time” only meant spending time in the office long into the evenings so that the managing partner/boss/bonus committee saw us squirreling away at our desk looking busy, profitable and devoted. 

Enter Gen-Y

Ask your local 15 year old teenager whether the time spent communicating with their friends via their device is “real” interaction with their friends. They’ll give you that blank, silent stare that says, “I feel sorry for you and your people and their lonely lack of understanding of how the real world works. And I shall now Tweet about this sad and oppressive situation to all of my followers.” 

Gen-Y is redefining how we interact with each other. The innate comfort with communicating by technology means that they value such interactions in a way that we old folks over 40 will never understand. Forcing your 25 year old employee to stay in the office for the sake of staying in the office just to watch each other work doesn’t resonate with how they interact with each other. 

For Gen-Y, “facetime” includes communicating through technology, not just sitting side by side at a boardroom table chit-chatting about the weather.

The Yahoo Experiment

Marissa Mayer believes that in order to rebuild a collaborative, innovative culture at Yahoo, she had to pull all of her employees back into the workplace. Yahoo is a tech company, and yet its CEO believes communications by technology are not enough to foster a productive workplace. I have no doubt she had plenty of data upon which to base this decision, and she’s not some 90 year old anti-technology curmudgeon, so I watch with great interest whether her decision will trigger some sort of internal renaissance, a great departure of talent, or a neutral cultural shift, but slight boost in productivity. 

The key for most workforces – whether or not fledging and in need of renewal like Yahoo – is to balance the real value of good old-fashioned in-person relationship building with forced in-person facetime beyond that which is effective to nurture collaboration, productivity and employee trust. 

Employers who understand and respect that Gen-Yers build meaningful and real relationships with each other through their smartphones and devices, will be far better positioned to understand why they may roll their eyes at expectations of in-person “facetime”, when they are readily accessible at the touch of a keyboard 24 hours a day. 

Gen-Y wants to work hard as hard as any other generation – but they expect to do it differently because they are growing up in an entirely different world.

[My thanks to Ye Xia, a very hard working Gen-Y articling student in my office who shared this insight with me.]

Tweet Like Share on LinkedIn Email

BYOD Part 4: Developing a BYOD Program

photo credit: <a href="http://www.flickr.com/photos/aforgrave/6168689222/">aforgrave</a> via <a href="http://photopin.com">photopin</a> <a href="http://creativecommons.org/licenses/by-nc-sa/2.0/">cc</a>

In this fourth piece on Bringing Your Own Device to work, I build upon my past posts that set out the benefits, costs and risks of BYOD. 

So you’ve now decided to jump in (or some other reckless decision maker in your organization has), and you now have to develop your BYOD program.  Here are five tips to consider when rolling out your BYOD Program:

  1. Policies: Policies are an essential backdrop for employers in our Canadian, contract-based, non-at-will employment law environment. Whether you have a formal written contract for each employee or not, a properly drafted and executed workplace policy can lay out the details for a BYOD program, articulate parameters around device use during and after work hours, and set out expectations of privacy. 

By setting out these expectations, the employer can then rely on the policy document to discipline or dismiss an employee who fails to adhere to the workplace rules. Conversely, an employee can look to the policy for clarity on how he or she can use his or her device in the workplace.

  1. Content of Policies:   A BYOD policy should include provisions that speak to the following issues: exactly what devices are permitted; that specific security programs should remain updated; that work-related content developed on a personal device is the intellectual property of the company; that the security of the company server will prevail when determining when to remote wipe a lost device; that the employee has no expectation of privacy in any device plugged into the company system. As set out in R v Cole, while an employer can only lower, and not eliminate expectations of privacy on a workplace computer, here is the moment and place to set out language to articulate employer expectations around privacy issues.

     

  2. Context: The policy should remain in context with your workplace and industry. There are rarely good “off the shelf” solutions, and policies should be an organic document that reflects workplace culture, workplace demographics and the vision of where the company is going. A careful cross-reference with other workplace policies will ensure consistency and ability to use policies in conjunction with each other. For example, the workplace harassment, discrimination, privacy, data security and/or confidentiality policies all should be read together to present a uniform approach to electronic information and devices.

     

  3. Privilege: It may be useful to articulate that the BYOD program is a privilege, not entitlement, and that the employer reserves the right to revoke the privilege should an employee abuse the BYOD program.

     

  4. Termination Protocol: Finally, employers should turn their mind to how they will deal with personal devices when an employee resigns or is dismissed. If the device has a lot of confidential information and/or the employee has remote access to the server, there should be a checklist ready to go should the employment relationship go south and proactive measures need to be triggered urgently. Your IT and HR team should be working together with management to develop a termination protocol for all electronic data, including such data on personal devices.

For most workplaces, BYOD will be a non-starter within a couple of years. Developing the protocols and policies, and having open discussions about what both employers and employees want/need will eliminate the growing pains often associated with adopting new devices and technology.

For more information on the benefits, cost and benefits of BYOD, feel free to visit my past posts:

Has your workplace adopted BYOD? I’d love to hear how it’s going, and whether you have any other tips to add to the list.

Photo credit: aforgrave via photopin cc

 

Tweet Like Share on LinkedIn Email

BYOD Part 3: Costs & Risks of BYOD

As I set out in my previous blog posts, the demand for bringing your own device to work continues, and is largely driven by the many benefits of embracing BYOD. In this post, I set out some of the costs and risks of BYOD. 

  1. INCREASED TECHNOLOGY COSTS: For every benefit to embracing BYOD, there is the other side of the coin. While BYOD may eliminate some hardware costs, your IT team now has to be up to speed on more than one system. This may involves costs for more than one security regime, as well as ongoing training to support different software and hardware requirements.
  2. OVERTIME EXPOSURE: The after hours productivity may also create exposure for unapproved and unintended overtime pay. The slow death of the 9-5 work day and increasingly blurred lines between work and play require clarity around expectations for after-hours work. BYOD could mean more non-work related activities by day and more work related activities by night. 
  3. CONFIDENTIALITY: Not every position is BYOD appropriate. For positions that involve particularly sensitive information or in a smaller company where there aren't the technical resources to let one rogue employee have their own technological infrastructure, the risks and costs may outweigh the benefits. 

Emergency service providers are a category of worker that may present practical obstacles too tricky to overcome. See my post on “Social Media and the EMS Employee” from last October. Some EMS employers are simply banning all electronic gadgets so that their employees can focus on driving and/or on the patient in front of them, and to avoid liability issues along the way.

In determining whether a position is “appropriate” for BYOD, I would hesitate to draw conclusions from how senior a person is in the organization.  I recall seeing President Obama using his Blackberry during his first presidential campaign and wondered then about the confidential and sensitive nature of the information on that device. Presumably someone has figured out the security and confidentiality issues in that case.

  1. PRIVACY: Employers must recognize that they can lower but not fully eliminate expectations of privacy on a workplace computer through effective policies (see my blog post on R v Cole, "Privacy & Porn on Workplace Computers"). Having said that, employees must realise that they give up some privacy when plugging into the mothership. 

Security protocol, for example, might demand that the IT folk be able to remotely wipe a device clean when it goes missing on the subway. There goes the picture of your daughter losing her first tooth or the video of your boyfriend’s drunk dancing at your co-worker’s wedding (which probably shouldn’t have been on there in the first place, but then, you weren’t exactly sober either when you filmed it).

  1. SABOTAGE (OR MORE LIKELY, IMPROPER USE) : While electronic sabotage more frequently happens in those novels that you have a fake slip cover for, permitting personal devices in the workplace could lead to heightened risk of industrial sabotage, or at the least, a pain in the neck unauthorized access of the server through a personal device. 

For example, in Hendrickson Spring v United Steelworkers of America, Local 8773, the employee connected his cell phone to a company laptop to access the internet and watch videos unrelated to company business. He was caught again two weeks later, and during the ensuing investigations, denied everything. He was terminated for misappropriation and improper use of company computer hardware/software, improper access of the internet through the company’s computer system, and improper skirting of the company firewall, all on company time. 

His termination was upheld at arbitration: he had a relatively short service with three previous disciplines. The deal breaker appears, however, to have been the arbitrator’s finding of dishonesty and lack of credibility.  While no data was lost and no industrial sabotage occurred, the employer had to expend resources and time to defend the termination. Whether the employer had banned all devices or embraced BYOD, the cost remains that there will always be those vexing employees who take the issue too far.

While not at the top of likely risks to actually unfold in your workplace, sabotage does happen. In an older labour arbitration case out of Quebec, Telebec Ltee and ACET, the employee was terminated for the sabotage he committed when he wiped his computer clean of information on his way out the door. His termination without cause due to a restructuring made this otherwise discipline-free employee lash out at his computer, and he deleted ten days worth of work data and various formats and methodology for which only the employee was responsible. This converted his termination to cause. 

The case is not strictly a BYOD case, but it does highlight the vulnerability of electronic information when accessed by a ticked-off employee. Increasing electronic entry points to the server through BYOD will force your IT folk to stay on their toes. (And to show that the more things change the more they stay the same, the Telebec case relies on knitting machine caselaw to set out the threshold for upholding a termination for industrial sabotage.)

Weighing the risks, costs and benefits of embracing BYOD will vary from industry to industry, and company to company.  All of your employees no doubt already have some sort of device in their pocket, already putting the company at risk of inadvertently tweeting, posting or emailing out confidential information during or after work hours. Pulling that device into workplace and setting up transparent and engaging policies may help mitigate the risks of a phenomenon that will likely continue to gather speed, with or without workplace blessing.

Okay, fine, I give – BYOD it is. Now what? Stay tuned for my next blog post:

  • Developing a BYOD Program

 

Tweet Like Share on LinkedIn Email

BYOD Part 2: Benefits of BYOD

As I set out in my last blog post, "Who is Demanding BYOD?", the demand for bringing your own device to work may come from all corners and levels of the company. In this post, I set out the benefits of BYOD. 

Benefits:

1.      EMPLOYEE REQUESTS: The most obvious benefit to embracing BYOD is employee engagement and retention. If you are in an industry full of creatives, Gen-Y or tech savvy employees, it's a no brainer and you probably had BYOD before we all came up with the catchy label.   Giving employees choice and respecting different preferences can demonstrate progressive workplace culture and nurture employee loyalty. 

On the other hand, if you are in a necessarily conservative industry such as the military equipment manufacturing industry, it is likely also a no brainer that security issues may outweigh any potential benefits. For the many companies in between these two extremes, employee engagement and retention may be one of a number of benefits to consider.

2.     CLIENT OPTICS: Certain clients in certain industries may have a preference for one type of device over another. If you are visiting a Blackberry dependent tech client in Waterloo, whipping out your iPhone is both rude and stupid. If your client is in Cupertino, your Canadian loyalty may not be quite so impressive. Allowing BYOD flexibility to support various platforms may be essential to reflecting business reality.

3.     INCREASED PRODUCTIVITY: BYOD may positively impact employee productivity. Letting people connect their tablet to the company email and document system may facilitate convenient and more frequent after hours work. Rather than lugging a cumbersome laptop home, employees can use their tablet to finish up a document or clear out their email after the kids go to bed. Business travellers, trade show attendees and salespeople on the road all may find BYOD a critical piece to maintaining productivity out of the office.

4.     COLLABORATION: Linking up devices may encourage people to connect together more frequently, leading to more collaboration and more effective communications. 

5.     COMPANY COST SAVINGS: An obvious bottom line benefit is that the company is no longer on the hook to pay for the hardware. Employees insisting on their own type of device and want to simply connect what they already have can eliminate a line item in the company's technology budget.

 

In addition to various other benefits, there are, of course, risks and costs associated with BYOD. Stay tuned for my next blog post to round out this rosy picture. 

My next posts on BYOD:

  • Risks & Costs of BYOD
  • Developing a BYOD Program
Tweet Like Share on LinkedIn Email

BYOD Part 1: Who is Demanding BYOD?

As employees increasingly demand to use their preferred electronic device in the workplace, employers are working through whether the "Bring Your Own Device" (BYOD) concept is a good idea, or an employee perk to ban for security and cost reasons. In my next few blog posts, I plan to explore the issue and take a look at the pros and cons, and to set out how to implement an effective BYOD program for those workplaces that are going to jump in.

Consuming & Pushing Out Content 

Smart phones and tablets continue to change how we consume online content, communicate with each other and participate in social media. I recently upgraded my device and have been pleased with how much easier and quicker it is to sync my social media platforms and to post or tweet on the spot. It turns out that the kids these days are not spending all their time in front of a screen tweeting each other, but rather, staying on top of technology makes social participation seamless and efficient to do on the go. 

The Lure of Mobile Across the Ages 

We cannot underestimate the allure of the mobile device, and employers who try to ban such extensions of an employee's social system without good reason are likely to face resistance. Beyond all the stereotypes of Gen-Yers needing to tweet out what they just had for lunch, the more powerful call for BYOD may come from your higher end executives who have set up their electronic infrastructure at home and want their mobile device to match - out of efficiency, a reluctance to waste time learning multiple platforms, or perhaps perceived status of one environment versus another. 

Whether it is Apple for your Boomer's excessive jazz collection on his beautifully designed minimalist machine (speaking of stereotypes) or PC because your Gen-Xer still prefers to get at the motherboard to customize and upgrade her own engine power, employees come with all kinds of non-work related reasons for BYOD.

The C-Suite Demand

The other surprising corner from where the BYOD demand appears to be coming are C-suite executives who, according to one study conducted by Wakefield Research for Avanade, are focused on the benefits of what can be accomplished outside the office walls. Their IT decision makers, on the other hand, are still focused on how to minimize potential risks. 

Here are some other findings from that same study, which surveyed about 600 C-level executives and IT decision makers in 19 countries:

  • More than six in ten companies (61 percent) report the majority of their employees now use personal computing devices in the workplace.
  • More than half (54 percent) report the majority of their employees use smartphones for basic work tasks such as reading email, online documents and calendar invitations.
  • One-third (33 percent) report the majority of their employees use tablets for basic work tasks.
  • More surprisingly, the exact same number of respondents – 33 percent – report the majority of their employees are using tablets for advanced business purposes such as CRM, project management, content creation and data analysis.

Like social media, or desk top computers before that, or the new-fangled telephone before that, the allure of technological development continues to be the increased speed by which we can access information and communicate with each other. The modern variety of devices upon which to do this are increasingly vast.

Stay tuned for my next posts on BYOD:

 

Tweet Like Share on LinkedIn Email

Social Media and the EMS Employee

 

Paramedics and other emergency workers face unique communication issues when on duty.  Speed, constant availability and focus are paramount.  So how does one check their smart phone email, update their Facebook status or tweet out an update?  Turns out they don’t.  At least not in some of the organizations that are starting to ban personal electronic devices in the workplace because of the realities of an emergency worker’s day to day job.

I spoke at the Manitoba EMS Conference, InterAct2012 last weekend and met a lot of smart, friendly, and talented people.  I presented on social media in the workplace, an issue which has a number of unique nuances when the employee is busy driving emergency vehicles and saving lives.  Click here for a copy of the power point presentation.

Here are few of the issues EMS workers face in our evolving social media world.

Patient Confidentiality

Patient confidentiality regularly winds its way throughout the case law involving health professionals.  Health professionals are governed by provincial privacy legislation and are usually trustees of the personal health information they interact with throughout their day.  There is a very low tolerance in the case law for revealing confidential information. 

Social media gives rise to challenges around inadvertent disclosure of patient confidentiality, which in several cases has led to termination of employment. 

An example is in Credit Valley Hospital v CUPE in which a hospital employee was called to clean up after a patient had tragically committed suicide in the parking lot.  The deceased patient had already been removed, and the employee took two pictures of the scene, posted them to his Facebook and added this comment on one photo: “Mother pleads with kid not to jump off PRCC side of the parking lot but did anyways poor thing”.  Through his comment, he revealed the age, medical information and location of the patient.  His termination was upheld at arbitration. 

Safety

Given the intense, emergency situations that EMS workers regularly find themselves in, the issue of safety is frequent raised.  With many provinces now passing laws prohibiting the use of any hand-held electric device while driving, the usual safety concerns also interact with traffic laws.  A brief call on the cell phone, a quick text or a mindless glance at the Twitter feed all while driving are safety issues, let alone a PR disaster when such conduct is noticed by the public.

And yet, EMS workers are human too – they have spouses, a social life, daycare workers to communicate with, co-workers to interact with online, time to kill when waiting on a call for hours in the hallway of a hospital.  This tension will no doubt continue to be part of the lively conversation between EMS providers and their unions.  How does the school of a paramedic’s child contact him during the day when his child is sick?  Can’t co-workers shoot each other a quick text about a job related task?  Management will continue to point out the infrastructure in place to contact workers on a call should there be a personal emergency, and at the end of the day, providers generally prioritize the safety of patients and employees when on duty.

BYOD

Many employers are starting to adopt a “bring your own device” approach in the workplace, largely in response to employee requests.  The opposite is happening in some EMS workplaces, however, given concerns around patient confidentiality and safety.  Some EMS employers are simply banning any personal electronic devices in the workplace.  When the purpose of such a policy focuses on safety and patient confidentiality, rather than curbing employee conduct, it will be difficult for employees to resist such a policy.

As social media continues to infuse every corner of our lives 24/7, it will be interesting to watch the EMS world, and to see how health care professionals will balance the tension between personal desire for access to the online world, and the practical realities of the job that present challenges to such access.

 

Tweet Like Share on LinkedIn Email

NASA's Social Media in the Workplace

For any fellow space geeks out there, the last few week have been a very exciting NASA adventure, with Curiosity landing on Mars and transmitting amazing photos back to earth.  Videos and photos of the NASA employees erupting with joy after the 7 minutes of silence during the landing were very moving.  I love such great news stories. 

Employers can learn a lot from NASA as an employer.  I say this not just because I'm going to be an astronaut when I grow up and want to suck up to my future employer, but also because NASA has managed to nail on the head the use of social media in the workplace - at least it so appears to a mass consumer like me. 

Simon Houpt wrote a great piece in the Globe & Mail the week of the landing setting out the ways that NASA employees have successfully used social media to discuss and promote its workplace activities.

From the Twitter feeds (@MarsCuriosity, over a million followers), to Facebook, to the personable interviews generating great social media content, NASA has generated an online buzz through its own employees.  This includes spin-off NASA related online conversations, such as the entertaining Twitter feed of @SarcasticRover (e.g. "I just did my first geological survey of Mars... most rocks are undecided, but still plan to vote. Go Democracy! #curiosity2012).

NASA employees engage with the public (i.e. the customer, client, audience) directly through tweets, blog posts and intereviews.  NASA has cut out the middle person and encourages the press to directly access NASA's own media sources, rather than farming out the information through a third party.

I realise most employers do not have an annual budget of $18 billion, or the universally known and valued brand that NASA enjoys.  I also suspect NASA's main recruiting "problem" is which super smart and capable applicant to choose from.

Even given those obvious advantages, the fact remains that NASA has a very important brand to protect.  How do you do that if your employees are tweeting at will with no central control?  It's the ongoing debate of spending lots of the marketing budget to create a globally recognized, unified brand and voice, while figuring out how to engage in social media, which involves an inherently individual voice and effort. 

In NASA's case, perhaps it's an elaborate internal marketing strategy to appear to be giving their employees free reign on social media, while in fact only tightly controlled and pre-approved content providers are seemingly tweeting at will.  I'll let you know when Starfleet Academy - I mean, NASA - hires me on.

Every organization has its own mandate around sensitive information, controlling its brand, and dealing with a broad range of employee literary and social media skills - from the Law Society, to a military defence manufacturer, to a non-profit religious charity, there will be no one-size fits all.

The lesson from NASA, however, is that even a large, high profile, globally branded enterprise with presumably plenty of sensitive and confidential information has managed to allow the individual voices of their employees to be heard online - and concurrently, to have a personable corporate social media voice.

  

Tweet Like Share on LinkedIn Email

Are Blog Posts "Workplace Conduct"?

Last week, the Human Rights Tribunal released a very interesting decision in which discriminatory comments made by a union president on the union’s blog raised the issue of competing human rights – namely the right to be free from discrimination in the workplace vs the right to freedom of expression and association: Taylor-Baptiste v. Ontario Public Service Employees Union

The case turned on two issues: 

(i)               whether the union president’s blog posts were work-related and captured by the Human Rights Code’s right to be free from discrimination “in the workplace” and/or “in respect of employment” (they were not); and

(ii)             whether the union’s right to freedom of expression and association trumped the manager’s right to freedom from discrimination (yes, it did in this context).

Facts

In this case, a female manager claimed that the union’s president was posting discriminatory comments about her on the union’s blog. There was no dispute in the decision that the comments were discriminatory:  references to her sleeping to the top, having “intimate knowledge of another deputy”, suggestions that the manager had only obtained her position through sex, and that if she didn’t know the answer to something so simple, she should call her “boyfriend” over at his office.

The comments were made on the blog during heated collective bargaining in the fall of 2008. The union president states that the purpose of the blog was to communicate to the union membership, particularly in light of the ongoing negotiations. It was apparently a widely read blog in the workplace.

The union argued that the comments on the blog were not “in the workplace”, while the manager argued that the blog was an extension of the workplace, and that social media are integrally woven into the fabric of the modern workplace.

Competing Rights

The Ontario Human Rights Code prohibits discrimination “with respect to employment” and “in the workplace” as follows:

Employment

5(1)  Every person has a right to equal treatment with respect to employment without discrimination because of race, ancestry, place of origin, colour, ethnic origin, citizenship, creed, sex, sexual orientation, gender identity, gender expression, age, record of offences, marital status, family status or disability

Harassment in Employment

(2)  Every person who is an employee has a right to freedom from harassment in the workplace by the employer or agent of the employer or by another employee because of race, ancestry, place of origin, citizenship, creed, sexual orientation, gender identity, gender expression, age, record of offences, marital status, family status or disability.

[emphasis added; provisions are as amended since the case was heard]

It is important to note that the manager filed the claim against the union and the union president only. The employer was not named. This impacted the analysis as to whether discrimination occurred “with respect to employment” and/or “in the workplace”.  

 

Were the Blog Posts “In the Workplace”?

In deciding upon the application of section 5(2), the adjudicator, David Wright, concluded that the blog posts were not conduct “in the workplace”:

[25]  I agree with the applicant that employers can discipline employees for actions they take in cyberspace, and that the Code may apply to workplace-related postings on the internet.  It is not open to serious doubt, in my view, that in 2012 postings on blogs and other electronic media may be part of or an extension of the workplace and that the Code may apply to them.

[26]  However, I agree with the respondents that in the circumstances of this case, the blog comments themselves were not harassment “in the workplace” under s. 5(2). They were made on a blog identified with the union that, although open to the public, was directed at communication between union members and their leadership. There is no evidence that Mr. Dvorak made the postings while at work for the employer. There may be circumstances in which postings in cyberspace are sufficiently connected that they are “in the workplace”. However, even giving them a broad interpretation, the words of s. 5(2) cannot apply to this blog, given the context.

There are plenty of examples where online conduct, such as comments on Facebook or a blog, gets pulled into the workplace as a disciplinary offence. In this case, however, the adjudicator allowed the employee to wear two different hats, and contextualized the comments accordingly. 

Thus, while wearing his union president hat, the respondent could post on the union blog comments that were directed to union members. Whether or not the comments were discriminatory or harassing, the comments were not made “in the workplace” and so not captured by section 5(2) of the Code. This was so, despite the union president being an employee in the same workplace as the manager about whom he was blogging discriminatory comments.

Were the Blog Posts “In Respect of Employment”?

Section 5(1) of the Code has a broader application. It will capture issues around a generally poisoned workplace, not just specifically targeted conduct. In this case, because the manager did not name the employer (i.e. the party who had the primary power to address a poisoned workplace), the analysis became limited to the union and its president’s responsibility and liability. 

Ultimately, the adjudicator held that the comments were made in the course of the blogger’s duties as the local union president, and that his comments on management were protected by the Charter of Rights and Freedoms:

Fundamental Freedoms

2. Everyone has the following fundamental freedoms:

(a)

freedom of conscience and religion;

(b)

freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication;

(c)

freedom of peaceful assembly; and

(d)

freedom of association.

            [emphasis added]

The comments were limited to a couple of posts within one month, in the midst of a large volume of other posts about the ongoing bargaining. The manager was unable to prove that the online comments had specific reverberations in the workplace, although the manager pointed out her resulting stress and use of the employee assistance plan.

This case pits the manager’s right to freedom from discrimination against the union president’s right to freedom of expression. 

In resolving these competing interests, the adjudicator looked to the nature of the comments themselves, finding that they focused on labour-management issues such as genuine concerns around nepotism and updates on the contract negotiations in play at the time, albeit using sexist language while doing so. The adjudicator held that the comments were:

“analogous to comments on labour-management issues made at a union meeting or a union newsletter. Comments on such issues are at the core of the constitutional protections of freedom of association and expression and the union’s right to operate independently of the employer.”

The blog comments were characterized as advocacy on behalf of union members by a local union president, and as such, held to be protected by the Charter right to freedom of expression and association (see Ontario (AG) v Fraser, 2011 SCC 20). 

In this circumstance, core Charter rights and freedoms trumped over the Code’s rights to freedom from discrimination. 

Context Does Matter

People often describe online comments as having the same exposure as an employee shouting out comments in the hallways of the workplace. A public comment is a public comment. This is apparently not the case, and context really will matter. 

While post-modern Gen-Yers who continue to carve out their online rights will no doubt roll their eyes and sigh, “Duh!”, the rest of us over 35 will be a little surprised that discriminatory comment about a manager posted on a public blog is okay. 

Social media continues to push the envelope on what is appropriate “public” commentary, what is workplace conduct, and what is personal vs professional. This decision moves the discussion forward on what is protected online free speech for unions.

 

Tweet Like Share on LinkedIn Email

Social Media in Your Business

Over the last few months, I have been working with a colleague from our IP practice group (Stephanie Vaccari) and from our Competition & Technology practice group (Arlan Gates) to develop a cross-disciplinary social media team at my office.  Together, we have been able to tackle social media issues from all angles, and to walk through client issues in a way that reflects business reality, namely that social media issues cut across all departments of an organization, requiring a wholist approach to the problem. 

And so, we have recently launched our Toronto office initiative, Social Media in Your Business.  We have put together a brochure outlining the broad ways that social media can impact your business, are hosting our first client webinar today (I'll post the link when it becomes available), and will continue to collaborate to learn from each other and expand our collective wisdom on social media issues.  I'm looking forward to sharing more details as we continue to grow the initiative.

Tweet Like Share on LinkedIn Email

Terms of Service and Employee Social Media Passwords

Over the last couple of months, there has been an interesting debate in Canada and the US about whether an employer can ask for a social media password. For some of the highlights of the conversation in Ontario, see:

South of the Border

The issue originally hit the headlines when the American Civil Liberties Union complained on behalf of a Maryland correctional officer.  The ACLU uploaded avideo on YouTube and asserted that the employee's privacy rights had been violated when his employer turned to the employee during a re-certification interview and demanded his Facebook password. Maryland has since passed the first US law prohibiting employers from demanding social media login information.

California, Illinois, Texas, Washington and New York have also introduced social media privacy bills, and earlier this week, the Password Protection Act of 2012 was introduced at the federal level to prohibit employers from demanding social media login information as a condition for employment.


So Should Canadian Employers Ask for Social Media Passwords?

At this point, only Nova Scotia has introduced a bill banning employers from asking for social media passwords.  The first reading was in April, so it is only in at the beginning of the process.

Last week, the Ontario Office of the Information and Privacy Commissionerintroduced a guideline recommending against employers asking for social media passwords.  Other provincial privacy commissioners have published similar guidelines about social media background checks.

At this point, however, there is no specific law on the issue in Canada.

I personally come down on the side of those who see this as a very, very bad idea for employers to consider, and yet if an employer merely gathers the data and does nothing with it in Ontario, it probably isn’t a technical legal violation.  (See my blogs posts here and here on the privacy law gap for Ontario employee information.) 

For provinces such as British Columbia, Alberta and Quebec with provincial privacy legislation, employee personal information has greater protections and asking for such information will likely cross the legal line. 

Even in Ontario without specific protections for employee personal information, the problem is, of course, that for most employers, it will be very tempting to quietly pass on the candidate whose online profile indicates she is 4 months pregnant, highly politically charged, controversial, clearly a bit of a drunk (while pregnant!!), has sued her last 10 employers and believes working Friday afternoons should be banned in Canada. If the employer were conducting a regular interview, most of this information – some protected under the Human Rights Code, some not – would remain unknown until she starts running amuck in the workplace. I get why an employer would want to avoid the situation, but there are just too many landmines to worry about when demanding a social media password during an interview.

Terms of Service

The focus of the debate has been correctly centred on the discrimination and privacy concerns. Another issue receiving some, but not enough, attention is the extent to which the social media platforms themselves permit this use. Users enter into a contract with the social media in order to use their service. The services may be free, but no less legally binding. 

By demanding that a candidate hand over his or her social media password information, an employer is asking that candidate to breach the terms of service with the social media provider.  Facebook itself issued a statement in March condemning the practice and advising users they should not reveal their login information.

The Facebook Statement of Rights and Responsibilities includes the following statements: 

  • 3(5) - You [User] will not solicit login information or access an account belonging to someone else.
  • 3(10) - You [User] will not use Facebook to do anything unlawful, misleading, malicious, or discriminatory.
  • 4(8) - You [User] will not share your password, (or in the case of developers, your secret key), let anyone else access your account, or do anything else that might jeopardize the security of your account.

Not only is the candidate prohibited from sharing his or her password, but should the HR Manager conducting the interview happen to have a Facebook account, he or she would be violating the Terms of Service of his or her own account by soliciting the login information of someone else. Arguably he or she is doing so on behalf of the employer, so vicarious liability arguments could come into play. Should there be clear company policy prohibiting the practice, however, an employer could argue that the rogue HR Manager was acting beyond his or her duties. 

Either way, it all gets so messy. Why ask for the hassle for information that is frequently inaccurate, dated and irrelevant, particularly when you usually cannot legally use the more juicy information in the first place?

Dan Michaluk’s Best Practices

If you do intend on asking for social media passwords, I suggest you review Dan Michaluk’s useful “employer-friendly” post on his All About Information blog, which includes the following best practices in managing the legal risks associated with conducting social media background checks:

  1. Check at the end of the hiring process. This is a background check, not an evaluative process. It should come as the next to last step in the hiring process.
  2. Check only when there is a demonstrable need. What’s the need? What are the alternatives? Why is this the better alternative? Document your needs analysis.
  3. Search based on objective criteria. It will be very hard to establish the validity of a profiling exercise – i.e., an exercise in which you attempt to draw broad inferences about job performance or trustworthiness based on social media activity. Unless you have a qualified expert prepare a defensible predictive model, don’t profile. Look for objective behaviors that raise legitimate concerns in light of job responsibilities. For example, you may look for statements that a candidate for a sales or marketing position has made critical comments about your company or industry that are incompatible with becoming a representative of the company.
  4. Have someone other than the decision-maker search. This is a means of ensuring that the decision-maker does not see irrelevant information that may be related to a personal characteristic that is protected by anti-discrimination legislation.
  5. Direct a written report to the decision-maker. The report (which contains only feedback on the objective search criteria) goes in the hiring file and is part of the formal record upon which the hiring decision is made. This record is designed to assist in the defence of discrimination claims and is a record of due diligence. It makes the actual (forensic) record of the internet search irrelevant to a discrimination claim, which should minimize e-discovery risks.
  6. Validate negative information. Positively identifying the author of internet publications can be difficult. Validate authorship and seek an explanation.

This Too Shall Pass

Given the number of legal and practical risks, employers should be careful what they wish for. Should you feel it essential to wade into this dodgy, dangerous water, be prepared for the potential consequences. 

From what I can tell anecdotally, few employers actually ask for social passwords so let’s hope this pseudo-storm will pass over as we figure out how to integrate social media into the workplace in a manner that works for both employers and employees.

Are you an employer that finds it necessary to ask for your employee's social media passwords?  I'd love to hear your perspective, given the prevelance of the anti-password and login information voice.

Tweet Like Share on LinkedIn Email

The Natural Connection Between Social Media Legal Issues & Employment Law

Businesses do not experience the impact of social media in fragmented departmental silos. Rather, social media is an inherently cross-department, internal and external experience for most organizations. Employees, clients, third party providers, experts, consumers, journalists and competitors all participate in social media about your organization, whether or not invited to do so. And regardless of whether you are at a multi-national company, social media ignores borders and engages users from around the globe.

Depending on the business, the whole point is to broadcast your message as widely as possible. For others, it is an ongoing attempt to limit exposure and to retain confidentiality about products, developments or strategies.

Social Media is a People Issue

Addressing the legal implications requires the same sort of cross-discipline, cross-practice and cross-jurisdictional approach. But if social media doesn’t recognize departments, borders or realms of authority, why does it seem to be such a prevalent issue for employment lawyers in particular?

I had an interesting lunch with a partner in my firm’s Information Technology and Communications practice group last week. We agreed that legal issues involving social media tends to arise in the employment context more than any other area of law. I suggest that this is because the underlying purpose of social media is to connect people, not computers, issues, products, regulations or governments, making employment law the natural centre of gravity for social media issues. 

While social media takes place on computers, it is not a computer issue. It is a people issue that flows from individuals communicating with each other about everything from what one had for breakfast to how to overthrow a government. 

In the business context, problems arising because of social media use will eventually involve the HR manager who must deal with the human being that posted, tweeted or blogged out of line – or more optimistically, to reward the human being that created an exciting new opportunity for the company. 

More than Messing Around at Work

In any event, we’ve moved past the basic time theft issue of people wasting hours looking at high school friends’ photos on Facebook during work hours (just discipline them as you would discipline the guy chatting at the water cooler too much). 

The legal risks and opportunities of social media that impact businesses in all corners of the organization continue to grow in sophistication and diversity, notwithstanding that HR will inevitably deal with the aftermath. 

Issues that businesses face include:

  • revealing business and trade secrets through social media
  • breaching privacy law
  • dealing with negative consumer comments that verge on defamation
  • meeting corporate social responsibility and stakeholder expectations through social media
  • breaching anti-spam legislation through enthusiastic social media
  • breaching professional regulations through social media information that has become relied upon advice
  • breaching advertising and competition regulations with online communications and contests
  • determining how and when evidence from social media can be preserved and used in litigation, and
  • how to ensure your third party providers comply with your social media policies and strategies.

The employment issues are similarly broad:

  • balancing the private and public, personal and work realms (about which opinions will widely vary depending on how old the employee is)
  • balancing employee freedom of speech vs the employer’s right to manage
  • ensuring workplace policies that touch on social media consider workplace culture, the organization’s branding and marketing strategies, any research and development employee agreements, general computer use policies, human rights and harassment policies, etc
  • director and officer liability issues around who is authorized to represent the company through personal or company social media
  • ownership of any Twitter lists, LinkedIn contacts, Facebook friends and other social media connections after an employee leaves the organization (see my post on Phonedog Noah)
  • online recruitment and what to do with the juicy Facebook dirt about prospective candidates
  • and at least 1,000 other issues that have come up in the social media context…

It is the cross-discipline, cross-jurisdictional nature of social media legal issues that makes the area so personally interesting. It gives me the opportunity to interact with the intellectual property, litigation and IT lawyers in the Toronto office of my firm, as well others in my firms’ offices around the globe (including participating on a panel on social media in our Tokyo office in April with a lawyers from Chicago and Sydney).  

If there was ever a truly global area of law, social media is it. 

For anyone interested in an around-the-world overview of social media and employment law, feel free to check out the two articles I co-wrote last fall: 

Tweet Like Share on LinkedIn Email

@Phonedog_Noah: Who owns your Employee's Twitter Followers?

If you have encouraged your employees to set up a Twitter account to tweet information about the company’s business, who owns the followers if they leave? This is the question in Phonedog v Noah Kavitz, a California case that will no doubt have an impact in Canada.

Phonedog Noah

In that case, Phonedog encouraged its employees to use social media for marketing its cell phone products. One employee, Noah Kavitz, set up a Twitter account with the user name @Phonedog_Noah. He proceeded to amass over 17,000 followers. 

After four years, the employee resigned, apparently on good terms, changed the username to his own name, and continued to send tweets to the followers. As of today, he has an impressive following of 24,398, an increase no doubt due to the publicity of this case.

[CASE UPDATE AS OF DECEMBER 2012:  The parties settled out of court and the terms remain confidential.  Unfortunately, we'll have to wait for another case to make its way through the courts for a final decision.  The issues raised in the case, however, remain unsolved and of great interest to many workplaces.]

Employer Sues Noah

The employer then sued its former employee for continuing to use the Twitter account. The employer allocated a value of $2.50 to each Twitter follower and claimed damages of $340,000 for (1) misappropriation of trade secrets; (2) intentional interference with prospective economic advantage; (3) negligent interference with prospective economic advantage; and (4) conversion.

In November 2011, the employee lost his attempt to have the matter summarily dismissed, so there is still no final decision on the issue. We’ll have to wait for the case to make its way through the court systems.  

For Noah’s side of the story, see Samantha Collier’s blog “Social Media for Law Firms” for an interesting interview with him, as well as a link to his CNN interview.

Commodification of Followers

This commodification of followers has led to a couple of interesting developments:

  • First, it generated a lot of funny tweets out there about striking it rich overnight because of Twitter follower numbers (as of today, I personally have another $1,430 to add to my kids’ RESP! Oxford here they come!);
  • It introduced a so-called “industry standard” of how much a Twitter follower is worth, although it remains unclear how the “industry standard” was arrived at, upon what research it is based and whether, in fact, their marketing folks just made it up; and
  • It has generated a lot of philosophical blog posts about whether we are all widgets to be traded electronically, or whether we are human beings with human relationships that should not come with a price tag.

Personal or Business?

One of the reasons attaching a price tag to people is distasteful in this context is that we all want to believe that social media is always about personal relationships, not deliberate, targeted marketing. 

Social media is all about the individual voice. The marketing gurus have known this for awhile, and deliberately get into the social media space to sell/place/plug a product by an individual. The Millennials are far too sophisticated to put up with blatant advertising at them. They want someone to share with them his or her individual opinion about a product or service, enabling the consumer to make decisions based on whatever level of trust or influence exists between the parties. 

And so, Phonedog_Noah chirped to his followers about himself (to build trust) and about the product (to sell, as part of his job).

It is precisely the blending of personal and business that sells to Millennials and beyond, but it’s a pain in the neck for employment lawyers. Had Phonedog required its employees to set up an account for business purposes only, it would have a stronger argument that the followers were no different than a Rolodex or customer list, which an employee is not entitled to take with them when they leave a job. 

On the other hand, social media is not as engaging, interesting or successful if it is a generic mantra from a company with no personal voice. The mix of personal and business may sell, but it creates a lot of ambiguity about who owns the results of the employee’s efforts.

Take-Away for Employers

Yes, I know I say this in virtually every blog post, but a good policy is key. If you have a workplace social media policy that clearly articulates where that line is between personal and business, then as an employer, you will be in a much better position to lay claim to the followers, friends, or connections that are generated for work purposes only. 

The policy should require employees to separate the business and personal wherever possible. If you’re requiring your employee to participate on Twitter or Facebook, then have them set up both a personal and a professional account to keep the lines clear. 

Among other things, the policy should also cover the standard provisions about whether the employee can engage in personal social media during work hours and what the employee is permitted to express about the company on any personal accounts. 

It is also worthwhile for employer’s to think about the content of the employment agreement itself. If you know up front that social media will be a required part of a candidate’s job, laying it out expectations in a contract can save you some headaches down the road.

I have no doubt that a case like Phonedog will come to Canada at some point. Until then, we have no clear line about who owns the work product of social media. All you can do is remove as much ambiguity as possible through policies and communications. 

And while your at it, have your marketing people talk to your HR people once in awhile.

My thanks to my colleagues Maartin Vestering (in our Amsterdam office) and Justine Phillips (in our San Diego office) for bringing this case to my attention.

Tweet Like Share on LinkedIn Email

Clawbie 2011 Nominations

Here are my last minute Clawbie nominations.  This year, there are way too many excellent Canadian legal blogs to choose from, so here is my unscientific and utterly biased criteria:

  1. Must focus on employment and labour law (because frankly, I rarely have time to read other blogs and wouldn’t have a clue anyways).
  2. Must be an individual’s blog, rather than a firm blog.  I prefer to get to know the voice, personality and perspective of the individual writing.  I also want to applaud the extra effort it takes for an individual to keep up the hard work without having the resources of ghost writers or a marketing department.
  3. I like frequent postings. This is my most hypercritical criteria, since I never blog as much as I’d like to.

My Top 3:

 

Doorey’s Workplace Law Blog - Lots of opinions, lots of passion and frequent, interesting updates on Canadian employment and labour law.

 

Quebec Labour Law -Gabriel Granatstein does a great job of regularly posting relevant, accessible and interesting blogs on Quebec employment and labour law. It’s a unique and valuable resource.

 

Canadian HR Law

Stewart Rudner’s blog posts in the HR Reporter website are a great source of employment law concepts and practice points.  As the king of legal social media in the employment realm in Toronto, Stewart is a great example of how to communicate, interact and relate to his audience.  

 

Runner’s Up:

 

Human Rights in the Workplace

Donna Seale consistently writes interesting, compassionate, topical pieces.  She has told me that business was unusually busy for her this fall, so her posts are not very frequent, but are still great when she manages to fit it all in. I would have put her in the top 3 if she wasn’t such a successful, busy lawyer.

 

Watershed LLP

Michael Fitzgibbon has been a long-time blogger that provides brief yet dense posts that highlight new developments in employment law in an interesting, accessible manner.  His business model and approach to client fees makes him both a business and thought leader in our field.

 

Canadian Workplace Law

Greg Gowe’s blog has been around since 1997, long before most of us had heard of the word “blog”.  Based in BC, he provides diverse, frequent and current employment and labour law updates.

 

First Reference Talks

Yosie Saint-Cyr and her team of bloggers have become my go-to starting point on many issues.  In depth, timely and well written articles. Yes, I know this one doesn’t meet my second criteria, but it’s such a good blog and has a small team, and the posts still read with lots of individual personality.

 

Happy holidays everyone!

 

DECEMBER 31, 2011 UPDATE: 

I am pleased to note that my blog has been selected for a 2011 Clawbies Award for one of the 3 best private practice legal blogs in Canada.  Thank you to everyone who nominated me, to those on the panel who made the decision, and to the readers who keep me on my toes!

Tweet Like Share on LinkedIn Email

Top 25 Blogs of 2011 Nomination

I have recently had the honour of being nominated for the LexisNexis Top 25 Labor and Employment Law Blogs of 2011.  Despite even LexisNexis spelling "labour" incorrectly, I feel quite humbled and privileged to be included on the list. 

My Shameless Plug

Now for my shameless plug - LexisNexis is inviting readers to visit their site and vote on the nominations to determine who will be on the final list.  Every comment posted on their Labour and Employment Law Community page (where the nominees are listed) counts as a vote.  It takes less than a minute to post the comment.

At the very least, it's a great excuse to see what other employment law blogs are out there - most are US based, so it's an opportunity to expand beyond the Canadian market.

End of shameless plug.  To anyone who does post a comment as a vote, thank you very much. 

Excellent Canadian Blogs

The LexisNexis list focuses on the US, but there are a number of excellent Canadian blogs that I read regularly and should have made the list:

 ...and many more that I know I have inadvertently missed.  Feel free to email me if you think I should have added another to this list.

SEPTEMBER 13, 2011 UPDATE:

Thank you to everyone who kindly took the time to nominate my blog.  I'm happy to announce that the blog was selected as one of the LexisNexis Top 25 Labor & Employment Law Blogs of 2011.  I appreciate the support and remain humbled to be included on the list.

Tweet Like Share on LinkedIn Email

Summer Reading

For all you poor souls at a beautiful cottage this hot, sunny summer with nothing better to do but read about employment and human rights law, here's a brief list of good reads to consider (and with everyone now using some sort of tablet, you can download the info before heading up to the lake): 

  • Think Before You Click:  Strategies for Managing Social Media in the Workplace:  this is a great compilation of many of the big US thinkers in the area, including Molly Di Bianca (Deleware Employment Law Blog), Eric Meyer (The Employer Handbook Blog) and Daniel Schwartz (Connecticut Employment Law Blog).  I follow the tweets and blogs of these three lawyers regularly.
  • Donna Seale's - weekly Twitter Talk:  if I only have a few minutes to spare for social media reading, I usually start with Donna's Human Rights in the Workplace blog and tweets.  Her Twitter Talk is a great compilation of employment and human rights law tweets.  She's out of Manitoba, with a Canada-wide focus that's always timely and interesting to read.
  • Of course, the First Reference blog is a key resource with several contributors and daily content.  They are an HR publishing company, but their material never reads like an ad for their services - it's good substantive content.
  • Zinio - a colleague recently pointed this app out to me.  I suspect I am the last in Toronto to have heard about it, but it's a great source of digital editions of a large selection of magazines.  It works beautifully on my iPad.  
Tweet Like Share on LinkedIn Email

Social Checks on Potential Candidates

Good employers always conduct a reference check to determine whether to hire a candidate.  With the world of online communications, however, how far should an employer go when researching the background of a potential candidate?  At what point does that legitimate research become inappropriate snooping into a person's private life?

I posted on the topic of social media in the workplace last February, and continue to get questions about what social media information an employer can use.

It's Good Practice to Do a Social Check

Doing some amount of a social check on a candidate is a good practice.  You want to know if your candidate is publicly racist, overly opinionated about his supervisors, or parties a little too hard on a school night.  A basic Google search will pull up most of the LinkedIn, Facebook, Twitter or blogging presence.  It's free and not overly time consuming.  If nothing else, it will provide a glimpse into the candidates' general judgment on public comments.

Leave it to the Experts?

Companies are now starting to pop up that specialize in gathering social media and online information about candidates.  One US example that has been in the news lately is Social Intelligence.  While the extent of online information it can dig up has led some to question whether it is going to far, it does appears to remain within legal parameters.  As discussed on the Workplace Privacy Blog, in the US, the Federal Trade Commission recently indicated that "employers that rely on a social check service, like Social Intelligence, to search social media for information about job candidates must comply with the Federal Credit Reporting Act.".  According to the Federal Trade Commission, Social Intelligence does comply, presumably giving the green light to other similar companies.

In its Factsheet on Privacy and Social Media in the Workplace, the Privacy Commissioner of Canada does not reject the use of social media resources for employment purposes, but does warn that employers should not use the information in a discriminatory manner towards potential candidates.  For example, if you see that a candidate "Likes" a page on mental health issues, the CNIB or a women's right organization, it could be discrimination to pass the candidate over on that basis.  This falls in line with the various Canadian human right commission policies on discrimination in the workplace.

Of course, most employers would not expressly admit that they are not hiring a candidate because of the person's race, gender, or perceived disability, but there is no doubt that the information gathered in a social check would influence a hiring decision.  That is the point of the reference check, after all. 

Be Careful What You Wish For

The problem with a social check is whether you can rely on the information you dig up.  A general rule I have is that if the employee wrote the information him or herself, you're probably good to go.  If they were drunk when they sent out that tweet, then, well, perhaps they should have thought twice - the old "don't drink and dial" rule is transferable to the online world. 

While employers will want to pause to ensure the information is actually posted by the person (as opposed to posted by someone else on their Facebook wall), I say that that information is probably fair game for an employer to take into consideration (with all the usual caveats about not relying on information in a discriminatory manner). 

If, however, the information is posted by another person about the candidate, then employers should pause to consider the weight of the information.  Is the information posted by a bitter ex-spouse?  An angry teenage daughter?  A drunk friend who thought it was funny at the time?  Whether a deliberately false statement or an innocently incorrect one, social media checks need to proceed with caution to ensure any employment decisions are based on hard facts, not one or two potentially incorrect or "funny-at-the-time" comments. 

Sidenote: The Social Checks Can Bite You Back

As a sidenote to employers:  the social check can work both ways.  On Bob Sutton's Work Matters blog, he lays out a checklist for candidates to determine if their future employer will be a "bosshole".  Potential candidates can now dig for that kind of information online and equip themselves with far more information than a few years ago.

 

 

Tweet Like Share on LinkedIn Email

Handling Social Media in Your Workplace

Of the many areas of employment and human rights law that change quickly, I have noticed over the last 6 months that disputes over social media in the workplace have started to hit the courts and tribunals at a much faster pace.  While a year or two ago there was virtually no case law for employers to turn to for guidance, this is no longer the case.

Four blog posts over the last two weeks provide good summaries of the recent issues, benefits and pitfalls of using social media in the workplace.

  1. The All About Information blog cites a recent BC Labour Relations Board decision in which two employees were dismissed because of comments posted on their Facebook page that were critical of their employer.  Facebook continues to be a source confusion by employees about what is private and what is public.  Facebook is on the internet, which is an inherently public sphere.  Posting negative comments about your employer in your status update or on your wall is no different than sending a letter to the editor of your local newspaper.
  2. Also from the All About Information blog, there is a reference to an interesting article in the Ottawa Citizen that outlines how insurance companies are "Mining Information from Social Media Sites" to counter disability claims.
  3. In her Human Rights in the Workplace blog, Donna Seale pointed out a good online article about googling potential candidates.  It rightly points out that some quirky online details about a candidate may actually indicate a more interesting, diverse employee that can bring more to the table than a overly cautious or neutral candidate. 
  4. Finally, this morning on the First Reference blog, Stuart Rudner posted a good piece on the different ways employers can, should and/or should not use online content about candidates and employees.  As he notes, social media is "not going to go away" and there can be many benefits of engaging social media for employers throughout the employment relationship.  Whether it is to screen employees for hiring or to review a former employee's LinkedIn profile to determine whether he or she is mitigating his or her losses, the internet is a wealth of information. 

I particularly appreciate Stuart's observations that we old folks (i.e. those of us over 30) all engaged in some behaviour that is not particularly Facebook-friendly when we were younger.  The difference is that we enjoyed a world without instantly uploaded pics through a smartphone.  Hopefully common sense will come into play when deciding whether employers should act on online content involving candidates and employees.

While legal disputes are rarely good for anyone but the lawyers, the good news is that the growth in judicial decisions on social media will continue to provide greater guidance for employers who invariably struggle with how to integrate social media information into their workplace decision making.

 

Tweet Like Share on LinkedIn Email

Invitation: Update on Employment Law

My firm is hosting an employment law update on Wednesday, March 31, 2010 from 8:30-11:30am in Toronto, and we would like to open it up to attendees beyond our current clients.   This will particularly be of interest to HR professionals and people within your organization who deal with day to day employment law issues. 

If you are interested in attending, please contact me to rsvp (lisa.stam@bakermckenzie.com).

The topics are:

  • Keeping your Workplace Policies up to date:  Bill 168, temp agencies & the cell phone ban;
  • the new court rules and how they apply to employment law cases;
  • update on the new human rights regime in Ontario and what employers need to know;
  • social media in the workplace; and
  • round-table employment tips for the post-recessionary economy.

This will be a Tweet-friendly event, so we will encourage people to ask questions and make comments throughout.

 

Tweet Like Share on LinkedIn Email

Social Media in the Workplace: Reliable Evidence?

Should an employer friend his or her employees on Facebook? Connect on LinkedIn, follow on Twitter or read an employee’s blog? There is no consensus and employers continue to grapple with the role of social media in the workplace – and the role employers should take within these vehicles of communication. 

The more difficult question is not whether to friend, follow or read, but whether an employer can then rely on that information as evidence when hiring, disciplining or firing an employee. Does social media produce reliable legal evidence?

In the British Columbia Court of Appeal case, Bishop v. Minichielloreleased last week, the court upheld the lower court decision that ordered production of metadata from a plaintiff’s computer regarding his usage of Facebook. The court required the plaintiff to forward a copy of his computer hard drive to a neutral third party who would compile data on the narrow issue of the amount of time the plaintiff was spending on Facebook from 11pm to 5am. This was directly relevant to the plaintiff’s personal injury claim and to alleged fatigue during the day. The court permitted the forensic computer search on narrow grounds. While not an employment law case, the case does speak to how a court would rely on Facebook evidence.

Recent employment specific examples in the case law include:

  • Making disparaging comments about the company or the boss online: this is usually valid grounds for some sort of discipline, particularly if a fundamental breach of trust results from particularly nasty comments.
  •  Discovering unfavourable information online about a potential candidate and choosing not to hire him or her: this has human rights violation written all over it if the decision to not hire can be connected to the candidate’s age, disability, pregnancy, or any other ground protected by the Human Rights Code.
  • Firing someone because of comments posted on someone else’s Facebook Wall: talk about six degrees of hearsay separation! (Alberta Distillers Ltd. v. United Food and Commercial Workers, Local 1118 (Whiteside Grievance) [2009] A.G.A.A. No. 46)
  • Firing an employee because of information on their Facebook page if the employee claims the entire Facebook page is a fake page created by his ex-girlfriend: questions arise of proving the evidence found in Facebook.
  •  Whether a Status Update on Facebook could violate the confidentiality terms of a settlement agreement: apparently not, if the status is vague enough.

While American employers tend to have more leeway with disciplining employees for information gathered online, Canadian employers must continue to be cautious of the human rights regimes, privacy laws and employment law culture that afford employees more protection of their personal information than our neighbours to the south.

Tweet Like Share on LinkedIn Email