Full Text of Interview from Portfolio.com

I was interviewed recently by Romy Ribitzky from Portfolio.com. I posted a link on this blog several days ago. Given that the interview was considerably longer than the quotes used (understandably, charitably and without complaint), I thought I'd include the full scope of my thoughts -- yes, for what they're worth -- here.


Romy Ribitzky: Do companies have the right to dictate what an employee can and can’t do with their own, personal, online presence?

Jonathan Pink: Companies have no absolute legal right to dictate what an employee can or can’t do, and in fact some states have statutes that affirmatively prohibit an employer from taking action against employees for lawful off-duty activity. Some courts have held that these statutes do little more than reaffirm existing rights, but an argument exists that posting to blogs or social network sites would fall into the category of lawful activities protected by such statutes. Companies may try to circumvent such statutes by having employees enter into a nondisparagement agreement, a confidentiality agreement, or the like. If consideration is given for these contracts, and the parties knowingly and affirmatively assume the obligations set forth in them, companies can acquire rights not otherwise theirs to assert. That said, without such agreements, and without suggesting that employees ever have the right to engage in illegal activity, companies do not have the right to dictate what an employee can or can’t to with their own, personal online presence. Also, of course, where the employer/employee are in a at-will employment state, such as California, an employer may terminate an employment for no reason at all. This means that while an employer may not regulate otherwise legal, off work conduct absent a contractual agreement to the contrary, an employer can look at the employee’s on-line persona and decide “we really don’t want someone like that here.”

Romy Ribitzky: What legal murkiness do you enter when you encourage your employees to blog, tweet, etc. about your organization, their projects?

Jonathan Pink: Asking employees to blog, tweet, etc. about their employer can be a double-edged sword both legally and otherwise. You may recall that Comcast was the subject of some highly unfavorable bulletin-board posts, and the negative commentary posed a real PR danger to the company. One rogue employee took it upon himself to set the record straight by posting positive comments and addressing the inaccuracies that were multiplying on the web. When word reached upper-management, the immediate reaction was to reel in this employee. But the company’s CEO saw it differently, he saw the benefit of this fellow addressing the inaccuracies and posting the good word about the company. The result was, the employee was given not just the right to continue.

From a legal standpoint, having an employee in this position can also present problems. Is the employee then speaking on behalf of the company as an authorized agent? Probably, and if so, his or her statements may be attributed to the company itself. This can have unexpected and unintended ramifications. Another issue is copyright infringement. If the employee decides to lift text from another source for use on the company-sponsored blog, not only will the employee be liable for infringement, but the company too may find itself facing an infringement claim, or at the very least a Digital Millennium Copyright Act takedown notice. A tougher call would be if the employee disparaged a third party on the company sponsored blog. The Telecommunications Act of 1996 (47 USC 230(c)) may provide protection to the company, depending on whether it had control over the employee’s content, while the employee individually would have no protection.


Romy Ribitzky: What are the privacy risks with searching a candidate’s social media sites as a factor in the employment decision?

Jonathan Pink: If a prospective employee places his or her content on the web, he/she should fully expect that will be discovered by a prospective employer. If the candidate placed the content onto the web, there are few - - if any - - privacy rights he or she could claim. An interesting footnote on that point, I have a client that is a large media company head quartered in New York. The client recently mentioned that it now requires perspective employees to “friend” it on Facebook so that the HR department can have a look at would-be employees beyond what is reflected in their resumes. As long as the perspective employee agrees to this, there is nothing illegal about it. Moreover, while it may appear somewhat invasive, it also may prove very helpful in making employment decisions that save the company money down the line.

Romy Ribitzky: What privacy risks are associated with monitoring your employees on social media platforms while they’re at work?

Jonathan Pink: The general rule of thumb is that an employee has no right to privacy over anything he or she writes, posts, or retrieves from the web while using an employer’s computer. This includes emails, and Facebook posts. The employer has the right to monitor employees’ computers - - and many companies make frequent use of this right. So, in a nutshell, employees should assume that they have no privacy rights with respect to any social media platforms they interact with while at work.

Romy Ribitzky: What should you consider when developing internal social networking sites for employees?

Jonathan Pink: When developing internal social networking sites for employees, common sense and discretion should dictate the rules of the road. Obviously rules need to put into place, and followed rigorously, to protect fellow employees and company property. This means staying clear of disparaging, taunting and threatening co-workers, and using discretion before publishing non-public, company information. So, employees need to remember that what they post is public, or semi-public, and they need to “play nice.” What one employee regards as funny may be viewed by others as derogatory, insulting, threatening, inappropriate and/or offensive, any one of which could cost the posting employee his or her job. Employees should allow their conduct to be governed by the maxim “discretion is the better part of valor.” And if an employee doesn’t think he or she can live within such guidelines, they should opt-out of any participation in such a venue.

Romy Ribitzky: What are the protections companies enjoy when a third-party posts comments on their social media sites or in response to a blog, tweet, etc.

Jonathan Pink: The Internet has opened new channels of communication and self-expression. An individual’s ability to have a voice in the world has never been greater. While this is good, it also presents risks to those who write first and think later. With this in mind, when a third-party posts comments on a company’s social media sites, or in response to a blog, the most common danger is that the poster will defame another party. As with traditional print media, laws related to defamation apply in cyberspace as well.

Companies, however, may have protection for allegedly defamatory statements made by others on their site. This is because providers of interactive computer services are immune from liability for content created by third parties when sued "as the publisher or speaker of any information provided by" someone else under the Telecommunications Act of 1996 (47 U.S.C. § 230(c)).

Courts have applied Section 230(c) to a broad mix of "computer service providers." For example, courts have found that this Section shielded the publisher where third party content was posted a blog entitled “ripoffreport.com” that warned consumers about unscrupulous practices and bad service, and it has also been used as a defense to claims of negligent misrepresentation, interference with prospective advantage, unfair business practices.

Romy Ribitzky: When are companies liable for that post and how can they limit or prevent liability?

Jonathan Pink: Section 230(c), however, will not provide protection to a company where the company itself is the deemed the speaker/poster of the content. Thus, where the content was posted by an employee working in his or her capacity as a company representative, the company itself will likely be deemed the speaker, and will be held liable for comments posted.

We see something similar in the area of copyright infringement, where a company can, in some instances, be held liable for another person’s infringing post either as a direct infringer or as a party with secondary liability. Secondary liability cam be either contributory infringement and vicarious infringement. The good news is, however, that – as with claims for defamation – some additional protections exist on line that do not exist in traditional print media. In the cyber world, the safe harbor provision of the Digital Millennium Copyright Act may apply to protect a company from liability, provided it complies with all of the Act’s requirements. This means designating an agent for notification with the Copyright Office, and establishing – and posting -- a policy against repeat infringement by its readers. So, while companies may not have a duty to police their blogs for copyright infringement, they must act to remove infringing content when they are put on notice or face liability.

Romy Ribitzky: Can companies moderate user product reviews and discussions and keep its legal protections against wrongful posts from users?

Jonathan Pink: There is no easy answer to whether companies that moderate user product reviews and discussions can continue to maintain their legal protections against wrongful (e.g. defamatory) posts made by users. Courts have consistently held that 47 USC section 230(c) protects one from exercising traditional editorial controls over user-generated content. Thus, for example, deciding whether to publish, delete, or edit material should all be covered by Section 230. However, the further away a company moves from these traditional editorial functions, the more it risks losing its Section 230 immunity. If a company does nothing more than host third-party content, without providing any editorial oversight, it will likely be protected under Section 230. If it exercises traditional editorial functions over user-generated content, it should be protected as well. But once the company goes beyond that, it starts getting into potentially choppy legal waters.

Romy Ribitzky: What issues arise from your company’s blogging about a competitor’s product both on the clock and off, in case an employee does it from a personal account at home?

Jonathan Pink: When blogging about a competitor’s product, be it on or off the clock, the same general rules regarding trade liable, interference with economic advantage and false advertising apply. In short, making statements that are false or disparaging is never a good idea, and it’s not made any better when done on line. As to whether the company – as opposed to the individual -- could be held liable for this conduct, that would turn on the facts specific to the controversy. In other words, was the off-duty employee engaging in conduct on behalf of the company? I know how most companies would answer that question if this came to litigation.

Romy Ribitzky: How should you handle legal and governmental requests for information about your members?

Jonathan Pink: Handling legal and governmental requests for information will depend on the scope of the information requested. These types of requests should always be directed to the company’s legal department or outside legal counsel. There are times, in certain circumstances, where such requests for information will be overly broad or may improperly impinge the target’s right to privacy – thus subjecting the responding company to liability. Certainly, we’ve seen many cases where the subpoenaing party has been unable to attain the information they requested and, on the flip side, we have been successful in obtaining such information from those who would have liked to shield it. So it is a fact specific situation, and the answer will vary based on those facts.

jonathan.pink@bryancave.com 949-223-7173