12 Feb Social Media Policy – Top 10 things to consider
Social media can be a great tool for promoting your Australian business, but things can go seriously wrong very quickly, if proper procedures aren’t in place for all employees and contractors (even while “off the clock”).
That’s why it’s vital to have a social media policy in place to establish guidelines on how it’s used and managed within the organisation.
It also means that people within the business know what the ground-rules and expectations are for what they say and post on social media either on behalf of the organisation or that could be potentially associated with it.
We often find that if people aren’t told specifically about the rules, they often don’t understand what’s expected and therefore think they can operate without consequence. That is, it’s best practice to have one in place so there’s no “I wasn’t told” arguments later down the track.
A social media policy sets out rules for your business’ social media use (for everyone), as well as how employees should use social media in their personal and professional lives. It will aid in protecting your business’ online reputation and at the same time, minimise the risks connected to work-related or private social media use.
Here’s what we recommend you consider including specifically in your social media policy.
1. Determine who the social media policy applies
The policy should apply to all employees and any other individuals nominated by your business (e.g. contractors with any access to it or could be linked with the organisation).
It should apply to conduct involving social media that occurs during work hours and importantly, can also apply for online conduct outside of work hours for personal use (i.e. “off-the-clock”).
This is crucial as your business could be impacted by an employee’s use of social media, so it’s important employees and contractors are aware they need to make sure their behaviour on social media is professional at all times, not just at work.
2. Control access to social media accounts
Social media is a great way to engage with current and potential clients and also to share content, but it’s so important to place limits on who has access to it and can publish on behalf of your business. Many business’ reputation has been significantly affected by rogue employees or contractors.
A social media policy should specify who is authorised to use your business’ social media accounts and any unauthorised use is prohibited. It should also nominate specific individuals who are solely permitted to create and post material.
Limiting access to social media accounts provides extra security because only employees or contractors that are well-informed of their obligations and responsibilities are using the business’ social media accounts and there are severe consequences for breaches of the policy.
The employees who have access to the social media accounts need to be very careful they don’t post something mistakenly thinking they are on their personal account, when in fact they are signed into their employer’s account. Scott Bartosiewicz, a former social media strategist for New Media Strategies, made that mistake when he was logged in to Chrysler’s Twitter account, mistakenly thinking he was using his personal account, and tweeted, “I find it ironic that Detroit is known as the #motorcity and yet no one here knows how to f***ing drive”. Not surprisingly, Scott’s employment was terminated and even worse – his employer, New Media Strategies lost its contract with Chrysler. (‘Man fired over obscene Chrysler Tweet is sorry’, NBC News).
3. Establish the parameters for acceptable use of social media
It’s imperative to set clear standards for what constitutes acceptable and unacceptable use of social media.
The policy should specify, when using social media, that employees:
- must uphold the good reputation of the business and not publish anything that would put the business in disrepute or damage its reputation;
- not use the company logo or branding on any social media platform without prior approval from the business;
- must respect other people’s opinions and act courteously;
- not engage in discrimination, defamation, bullying or harassment (this will be discussed further below);
- not post anything that might be considered inappropriate, offensive or crude humour;
- maintain privacy of personal information of employees and clients or customers; and
- not infringe another person’s intellectual property or breach confidentiality (this will be discussed further below).
A clear example of an inappropriate use of social media is a tweet posted by Elon Musk of all people stating, “Despite intense efforts to raise money, including a last-ditch mass sale of Easter Eggs, we are sad to report that Tesla has gone completely and totally bankrupt.” The tweet caused Tesla’s share price to fall by 5.1 percent! (‘Elon Musk’s tweets bring controversy, nearly 30 million followers,’ Reuters). It’s just a good example of what a big impact a few keystrokes can have – even if in jest.
4. Maintain the security of social media channels
There are many areas that pose risks to the security of social media accounts, such as malware attacks, social media hackers, third party apps and mobile phones.
Your social media policy should also include a set of guidelines outlining which personnel have access to account passwords, how often the passwords are changed and how often the anti-virus software is updated.
It should identify the various security risks and how to address them, as well as include an action plan of what to do in the event of a security breach. This way people are made aware of the potential security risks and a clear action plan to be followed in case of breach, whatever it might be.
5. Protecting and Respecting Intellectual Property
This is a must to include in a social media policy. Employees and contractors must be crystal clear on the dos and don’ts when it comes to using social media and respecting the intellectual property rights of the business and other parties, making sure they don’t infringe any intellectual property and expose the business to expensive legal proceedings, and damages!
It’s all too easy to find a photo online that goes well with a post you’ve written and post it online, but some people are unaware that you must seek permission from the photographer or owner to use the photo and provide them with a credit. For this reason, it’s worthwhile taking time to explain to employees how to comply with intellectual property law.
It’s so common for people to be unaware that they’re breaching someone else’s intellectual property and unfortunately, the buck stops with the business if it’s on the business’ social media platform. A social media policy is part of that education to make sure everyone realises the dangers and risks associated with the use. They will think twice if it’s in black and white. It should be part of the onboarding process and available at all times for them to view.
The policy should also prohibit the use of the business’ logos or trade marks, unless authorised to do so.
6. Maintain Confidentiality
It’s far too easy for confidential information of a business to be shared on social media, if employees or contractors aren’t clear about what information they can and can’t post. Proper safeguards need to be put in place to protect the business.
Confidential information includes trade secrets, know-how, information about the business not known to the public, business plans and strategy, intellectual property, any customer or client information and any other information designated as confidential by the business.
The policy should state that employees and contractors should not share any confidential information, unless given express authority to do so, and provide a clear outline of information that can’t be shared. You’d be surprised about how many people don’t understand what would be considered confidential and just rely on the “I didn’t realise” defence.
The seriousness of maintaining confidentiality is illustrated by the case when a former Tesla employee, who posted the dial-in information of an internal meeting on social media and was subsequently terminated. (‘Tesla warns employees of ‘potential consequences’ if they leak secrets to ‘people who will do anything to see us fail,’ Business Insider).
7. Preventing bullying and harassment
If an employee or contractor uses social media in a manner that amounts to discrimination, bullying or harassment, you, as an employer, could be liable for such conduct if it took place in the workplace or related to the person’s employment.
To reduce the liability of the business, you must show that you have taken reasonable steps to prevent discrimination, bullying or harassment by including in a social media policy that any such behaviour is strictly prohibited and educating employees on the matter.
The social media policy should also note that any existing company policies that address bullying and harassment extend to conduct on social media and that disciplinary action will take place if the policy is breached.
8. Manage employees’ “off the clock” personal use of social media
Unfortunately, as an employer, you may also be found liable for an employee’s personal use of social media if the use can be connected to the person’s employment.
Employees freely use social media in their personal time and don’t ordinarily consider how their behaviour online might affect your business. This is why a social media policy needs to make it clear that since employees are representatives of the business they must not post anything on their personal social media accounts that casts the businesses in a negative light, such as making complaints or negative statements about the business, its employees or products and services.
It should also state that they must act with integrity in a way that maintains the reputation of the business, respect other people and not post content that is offensive or could constitute defamation, bullying, discrimination or harassment.
A good example of the negative ramifications of employees or contractors using social media in their personal time was when Clementine Ford (a former Fairfax contributor) was the target of a sexually offensive comment made on her Facebook account by a hotel employee of Meriton. The employee had identified Meriton as his employer on his profile page. Clementine alerted the hotel of their employee’s behaviour and his position was subsequently terminated. (‘Hotel worker Michael Nolan sacked over Facebook post to Clementine Ford,’ Sydney Morning Herald). Meriton clearly had to deal with the situation and the impact on the business would have been extremely distracting and potentially damaging to the brand.
In a strange turn of events, the same Clementine Ford was suspended for four weeks after she was found to have breached Fairfax’s social media policy when she posted an aggressive tweet aimed at the Prime Minister. Fairfax found that her tweet contained abusive language, harassing and bullying behaviour and was solely devoted to attacking a person, rather than a position or idea. She resigned after her four-week suspension. For more details see (‘Former Fairfax contributor Clementine Ford blasts managers and editors,’ Mumbrella).
Another good example is when Martin Hirst, a university lecturer who worked at Deakin University was suspended without pay from his position when he used his personal twitter account to post “offensive and/or disrespectful and/or threatening” tweets that were directed at students. There was nothing on his account that linked him to Deakin University, but it found that the posts had the potential to “damage the reputation of the University”. (‘Deakin university journalism professor suspended without pay over tweets’, The Guardian).
In the case of Starr v Department of Human Services  FWC 1460, a Centrelink employee acted inappropriately when he posted on social media that customers were ‘spastics’ and ‘whingeing junkies’, discussed confidential matters concerning Centrelink and how it managed its affairs. The employee’s behaviour cast his employer in a very negative light, affecting its reputation. While the employee had been employed for 20 years, after a thorough investigation, Centrelink made the decision to dismiss him. The Fair Work Commission held that the employee’s conduct had contravened the code of conduct and Australian public service values.
In the case of Fitzgerald v Dianna Smith t/as Escape Hair Design  FWA 7358 Ms Fitzgerald, an employee of a hairdresser, was given a warning for tardiness and leaving work too early and was informed they would not be paid a bonus. She turned to Facebook and posted, “Xmas ‘bonus’ alongside a job warning, followed by no holiday pay!!! Whoooooo! The Hairdressing Industry rocks man!!! Awesome!!!” The employee was dismissed from her position for a variety of reasons, including posting the above comment.
The Fair Work Commission held that the dismissal was valid because the post affected the employer’s trust and confidence in the employee. It also went on to state that “it would be foolish of employees to think that they may say as they wish on their Facebook page with total immunity from any consequence.”
In a recent landmark case on freedom of speech, Comcare v Banerji  HCA 23, the High Court held that a former employee of the Department of Immigration and Citizenship, Michaela Banerji, was validly dismissed for posting over 9,000 anonymous tweets, strongly criticising and attacking her employer, its employees, government immigration policies and members of parliament, and that the dismissal did not impede her implied freedom of political communication.
In that case, it was found that Ms Banerji’s tweets breached the Australian Public Service code of conduct. This case is particularly interesting as Ms Banerji was using an anonymous twitter account and did not have any information revealing her identity or linking her to her employer on her account. This case acts as a warning to all employees not to make any negative comments about their employer on their social media accounts and that posting from an anonymous account doesn’t protect them at all.
The recent case of Isileli “Israel” Folau v Rugby Australia Limited & Anor is another classic example of how an employee’s personal use of social media can have a detrimental effect on the reputation of the employer. Mr Folau, a former Wallabies football player, posted a on Instagram that “drunks, homosexuals and adulterers” would go to hell – an insensitive post which caused outrage among the public and tarnished the name of Rugby Australia.
Mr Folau had posted similar homophobic tweets previously and was given a severe warning, but the above tweet led to Rugby Australia terminating his employment contract for breach of the organisation’s code of conduct. Mr Folau brought a claim under the Fair Work Act, 2009 stating the termination was unlawful because it was based on his religion. However, Rugby Australia maintained that Mr Folau was dismissed because he breached the player code of conduct that required players to “treat everyone equally, fairly and with dignity regardless of gender or gender identity, sexual orientation, ethnicity, cultural or religious background, age or disability;” to use social media appropriately; and not use social media in a way that may have negatively affected Rugby Australia or the game of rugby union.
Mr Folau and Rugby Australia have since settled the dispute, but Mr Folau’s contract remains terminated. This matter pushed the limits of religious freedom of expression, and while it did not have an official determination by the Court, it is clear if an employee’s conduct on social media breaches clear standards set out in a code of conduct, the conduct itself is grounds for dismissal.
9. Consequences of non-compliance with the social media policy
The policy needs to set out the ramifications of not complying with the social media policy.
Depending on the gravity of the instance of non-compliance, you may wish to consider terminating the employee’s contract, provided this is consistent with the company’s enterprise agreement or its policy that addresses disciplinary action in the company.
Where there is a suspicion of non-compliance with the policy, it’s worth stating that the business is entitled to launch an investigation that would require the employee’s full cooperation in the form of supplying the company with access to the contentious content and refrain from deleting any such content.
Where an employee has failed to cooperate with any investigation, a business can apply disciplinary action, such as terminating employment.
Many employees use social media accounts for personal use, but it’s important to protect your business from any careless remarks that could damage the reputation of the business. It’s wise to include in your policy that you may require your employees to delete any content on any personal social media account that you determine contravenes the social media policy and that not complying such a request could lead to disciplinary action, including written warnings and potentially termination of employment.
10. Compliance with other business policies
As you can see, there’s more to think about that what you might first expect in this area.
One of the big things we find is that unless something is in writing, many people think they don’t have to behave in any certain way. That is, well there were no lines made, therefore no lines crossed. It’s much better to spell it out in black and white, again so there’s no wriggle room.
The ultimate goal obviously is that the social media policy should stop it from happening in the first place, and secondly, that if damage does occur, you can show you took the necessary legal steps to do what you needed to do to make that clear. If you’ve done that, then there’s less legal liability on the business and its owners and finally, you have clear rights to take what disciplinary action you deem necessary under the circumstances under employment law.
While social media can be an invaluable tool and has many benefits, it brings with it many risks that a strong social media policy can help mitigate.
We can draft your small business social media policy for a fixed fee $450 + GST, fully tailored for your business and drafted by a qualified lawyer.
Article written by Ian Aldridge, Principal Lawyer Director and Gabriela Pesantez Laharnar, Junior Lawyer. © Progressive Legal Pty Ltd (2020) All legal rights reserved.
Contact us today if you require any assistance with Workplace Law advice.
- 27 March, 2020
- 27 March, 2020
- 17 February, 2020
Ian Aldridge is the owner and principal lawyer at Progressive Legal. After 12 years practicing as a litigation lawyer for small, medium and large firms in Australia and the UK, Ian returned to Australia disillusioned with the way Law was being practiced at all levels, especially for small business.
Ian started Progressive Legal in 2014 and provides a range of fixed-priced legal services for small business owners. Ian changed the way legal services are provided in Australia, by building Legal Shield™, a legal subscription to obtain tailored legal documents immediately and pay over time.
Ian has completed a Degree in Economics and Law from Macquarie University, has a Diploma of Legal Practice/Professional Program from the NSW College of Law (Commercial Law, Litigation, Legal Advice) and is a Key Personal of Interest (KPI).