By David Ogilvy — Partner, Employment Law and Dispute Resolution & Joanna Bain — 1st Year Trainee

The increasing popularity of social networking sites such as Twitter and Facebook has significantly altered how people interact. It is now commonplace for people to unthinkingly share the minutiae of their day with a comparatively large online community.

What are the risks?

This habit of over-sharing can have a significant impact on an employer, regardless of whether the online activity concerned took place within working hours.

Employees might post negative comments on social networking sites about their employment which can be potentially damaging or defamatory. This applies equally to materials posted by employees such as photographs or videos. Easy access to online forums means that it takes just seconds to post a kneejerk reaction to a situation. The immediate accessibility of these sites, combined with an element of naivety on an employee’s part can have serious consequences for an employer’s reputation.

Employees could also, intentionally or inadvertently, disclose confidential information which can have ramifications for the employer. Flippant reference to the running of the organisation can potentially leave the employer open to security breaches which could have long term effects on the business. This also applies to the storage of confidential information on websites such as LinkedIn, which are designed for making business contacts.

Another obvious risk of allowing access to social networking sites is their addictive nature. The availability of procrastination tools such as Facebook in working hours can lead to a marked decline in workplace productivity, and can affect profitability.

Employers must be aware of these issues in order to deal with them appropriately and minimise risk. The employer must decide whether such behaviour warrants disciplinary action, and if so, what level of sanction would be reasonable in the circumstances.

Restriction of access

Deciding how best to control this situation can be difficult. One obvious solution is to restrict access to these sites, at least during working hours. It is difficult to justify why employees should have access to such material at work.

Another possible course of action is to produce a well defined policy that lays down a clear distinction between “corporate social networking” and “social networking”. Provided that the purpose of corporate networking is made clear, this could potentially be effective, although it is of course open to abuse.

Simple regulation of access does not, however, necessarily cover all eventualities. People can still use social networking sites in their leisure time, which can impact an employer.

Can online activities be subject to disciplinary action?

The press has reported numerous examples of employees facing disciplinary action as a result of their online activities. A recent Guardian Freedom of Information request indicates that over the past three years, over 1700 public employees have been disciplined or even dismissed over inappropriate use of internet and email.

Under s.98 of the Employment Rights Act 1996, and employee’s ‘conduct’ can constitute a fair reason for dismissal. Whether particular online activities constitute gross misconduct to merit summary dismissal will of course depend on the particular facts of each case. The employer must consider the severity and potential impact of the employee’s behaviour in order to assess what would be a reasonable response.

Which factors are considered in assessing whether dismissal is fair or unfair?

It has been suggested in the ECJ case of Pay v UK that it may be proportionate to dismiss an employee based on damage to an employer’s reputation, if the conduct in question conflicts with the employee’s professional role. Although not necessarily decisive, a significant factor will be whether the employer has in place an internal policy governing social networking that has been clearly pointed out to staff. Other factors may include the age of the material concerned and who posted it, how the employer became aware of it, and whether it caused actual damage to reputation.

Vicarious liability

Employers may also be held responsible for their employees’ online activities, including online bullying outside working hours. The normal delictual tests of whether the conduct concerned was ‘within the course of employment’ are applied, but case law suggests that these principles have been widely construed in order to allow the employer to be held liable for the employee’s actions.

The employer, to defend a vicarious liability action, must demonstrate that all reasonably practicable steps were taken to prevent the conduct concerned occurring.

How to be prepared

One thing that could aid an employer in this situation is a well drafted, easily accessible disciplinary policy, for example on the intranet, setting out clear guidelines in terms of what is acceptable, what is not, and what the possible consequences are. This kind of pre-emptive action could prevent issues early on. Best practice would be for employers to devise specific rules regulating the use of social networking sites both within and outwith the workplace, perhaps in the form of an ‘acceptable use’ policy. This would cover the situation discussed above involving harassment and online bullying, as well as general use of websites such as LinkedIn and Facebook.

The policy should remind employees that they are representatives of the company and also that what they post on these forums is not necessarily private. Copyright issues could be addressed, as well as the inclusion of personal details and susceptibility to fraud. The policy should clearly illustrate what kind of behaviour could warrant disciplinary action (for example bringing the company into disrepute), or dismissal for gross misconduct. This provides the employee with clear guidelines, and allows the employer to point to an accessible policy in any subsequent disciplinary procedure. The policy could be drafted collaboratively with employees. It would also be sensible to have all employees read and sign a copy of the policy to acknowledge acceptance of its content. This code should also provide for procedures to be followed in a disciplinary situation, adhering to the ACAS code, as well as any internal disciplinary procedures.

Usefulness of social networking

Such websites can be useful for an employer in terms of vetting potential candidates. What people post online can be telling, and may affect the employer’s decision on whether to employ someone. Employers, however, must be aware that any such action is likely to involve the use of ‘personal’ or ‘sensitive personal’ data, and so must be consistent with the Data Protection Act 1998 Schedule 1.

Deciding not to employ a person based on this information may also leave the employer open to a discrimination claim. Applicants/employees should be informed that their Internet use may be monitored in accordance with the relevant legislation. Cases on employee surveillance, however, indicate that activities partly taking place in public do not engage Article 8, therefore the human rights issue is perhaps less significant than initially thought. This is reinforced by the fact that much of this material is freely accessible by other users.

It is clear that badly managed or malicious social networking by employees can have potentially disastrous consequences for an employer. Due to the relative infancy of this issue, employment law at present does not provide concrete responses to the questions arising. As suggested above the main thing for employers to consider is putting in place a regulatory framework. Employees, of course, must also be aware of the risks and proceed with caution. It is difficult to justify tribunals protecting employees from the consequences of what they post online, but it remains to be seen what approach the tribunals will take in this regard. With the social networking trend showing no real sign of abating, employers must be prepared for these issues to arise more frequently in a wider range of contexts.