Back in 2011, when y'all were Tebowing, planking and winning, I was blogging about this case where an employer allegedly updated its employee's Facebook page and tweeted from her Twitter account without her permission while she was on leave from work following a car accident.
The Stored Communications Act prohibits intentional, unauthorized access to electronically stored communications. The employer admitted that it had accessed the employee's social media accounts. However, it claimed that it had permission because the employee left her passwords stored on a company server. So, the employer moved for summary judgment.
Opposing the motion, the employee argued that, while the company did possess the account passwords, she had told them to leave their digital fingers off of her social media accounts. This would have made the access unauthorized.
So, faced with a he said/she said, the court, in this opinion, decided to let a jury decide who is telling the truth.
What does all of this mean for employers?
Jon Hyman, at the Ohio Employer's Law Blog, discussing the case here, offers this takeaway:
"If you are going to permit your employees to use their personal social media accounts for business purposes, get it in writing that you have rights to the accounts. Define who else can access the accounts, and what happens with them if the employee is incapacitated or no longer employed. Otherwise, you are potentially exposing yourself to an expensive and uncertain lawsuit to define these rights in court after the fact."
Solid advice right there.
I say that once the employee sets up his or her own social media account, it's hands off to the employer. Period. Sure, the employer can require that the employee's online speech conform to the law (e.g., trademark, copyright, and fair use laws) and otherwise require a disclaimer where a social media posting could suggest that the employee is speaking for the employer. But, directly accessing those accounts? Fuggedaboutit!
Instead, if you want an employee to tweet and Facebook for the business, then set up the account yourself, maintain the username and password, and have any employee with access to those accounts acknowledge, in writing, the company's ownership rights in the account.