Twitter, Facebook, LinkedIn and other social networking sites practically beg you to reveal
even more information about yourself. Log on and you’re asked: What are you doing? What are
you doing right now? What are you working on?
More on CIO.com
How Text Messaging and Facebook Can Get You in Legal Trouble
The Thing That Will Make Facebook Important to the Enterprise: More Business Widgets
Adoption of Corporate Social Networks Remains Sluggish
Whether they mean to or not, any of your employees active on these sites can give away
company secrets as easily as they do personal ones, 150-odd characters at a time.
For CIOs trying to get a grip on social networking by employees, Tom Mighell, a lawyer and
senior manager at Fios, an electronic-discovery consulting firm, offers some starting
1. Accept and train. Many employees will use social networking tools
regardless of what you want them to do. Instead of trying to stop them, teach them what to
say, or what not to say, about work. For example, employees might be tempted to promote the
features of a new product. But should that product become the subject of a product liability
statements could be used as damning evidence, Mighell says. Also, they should
be clear about which statements are opinion, which are fact. Talk frankly about the legal
2. Influence the socializing. Show how to use social networking tools
productively and creatively for work without giving away too much information. For example,
solicit expertise but don’t get too specific.
Wrong: “About to blow major deadline for Project Anaconda. Any SAP Netweaver experts out
Right: “Looking for an SAP Netweaver expert.”
3. Consider the complexities. If information posted on social networking
sites becomes relevant in a lawsuit, you will have to collect it, review it and search it so
you can comply with discovery requests. That may mean your social-networking employees may
have to give up some privacy—their site passwords, for example. This particular
situation hasn’t yet come up in court, but it could get messy if the employee refuses to
cooperate, Mighell notes.
4. Monitor. Designate a couple of people from the tech or legal groups to
do sweeps of Facebook, LinkedIn and other known hang-outs of your employees, to see who’s
saying and doing what. Talk to those who
aren’t following policy, and keep records to prove
regular monitoring and enforcement of your rules, he says. You can’t defend yourself if you
set policy but never enforce it.