The importance of a clear policy on employees’ use of social media
Whilst there is legislation which is relevant to the use of social media by employees in the UK, there is no legislation which specifically governs its use. Consequently, policies on the use of social media, both in and outside the workplace, are encouraged so that it is made clear to employees firstly, whether the use of social media sites is permitted at all and, if it is, the rules which govern their use.
How extensive a policy should be will vary considerably depending on the size, sector and nature of the employer’s business. In drafting the right policy for their particular business, employers will need to strike a balance between a blanket ban on social networking whilst at work, which may be unnecessarily restrictive and therefore harm employer/employee relations, and undue leniency, which will only breed uncertainty about suitable workplace conduct.
Where the use of social media is permitted, the rules governing its use should remind employees that any breaches of the policy may lead to disciplinary action and that online conduct which is harmful to the employer’s business could amount to misconduct or, in some cases, gross misconduct which may result in dismissal.
Restrictions on the use of social media set out in the policy should include the prohibition of discrimination and the harassment or bullying of other employees. Employees should also be prohibited from disclosing or misusing the company’s confidential information or making negative comments about the company or its customers.
Can an employer monitor an employee’s emails?
There are limits placed on an employer’s ability to monitor an employee’s email activity, even where the activity being monitored takes place on company systems. These limits are governed by a number of different legislative provisions and common law principles and employers would do well to seek advice before monitoring is carried out.
The Regulation of Investigatory Powers Act 2000 (RIPA) which legalises the interception of email by the security services, also regulates an employer’s ability to intercept and monitor the emails of its employees on the employer’s IT systems. Monitoring an employee’s emails will be lawful under the RIPA where the employer reasonably believes that the sender and intended recipient have consented to the interception. It is likely that a clear policy or wording in the employment contract explaining that such interception could take place would be sufficient to demonstrate employee consent but it is more difficult to demonstrate that the recipient has consented.
In the absence of consent, the employer may also be able to rely on the provisions of the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 which authorise monitoring without consent in certain specified circumstances including where it is necessary to prevent or detect crime; to protect the communications system, for example, against unauthorised use and potential viruses; or to determine the relevance of the communication to the employer’s business, for example, by picking up relevant messages when someone is away from work.
However, the employer is expected to make all reasonable efforts to ensure system users know that communications may be intercepted, and any such monitoring must also comply with the complex provisions of the Data Protection Act 1998 which, amongst other things, require that the employer provides employees with detailed information about the monitoring of emails. An impact assessment must also be carried out before monitoring to ensure that a balance is achieved between allowing workers to enjoy privacy in the workplace and ensuring that the interests of the business are protected.
In addition employers must be careful not to act in a way which could breach the duty of trust and confidence implied into employees’ contracts of employment.
Can the employer dismiss an employee for inappropriate comments made on blogs and social media sites?
In the UK making inappropriate comments on blogs or social media sites is treated in the same way as other forms of misconduct and in certain cases has been considered a sufficiently serious example of misconduct to warrant dismissal (as shown in 2008 when a number of flight attendants were dismissed after they insulted passengers on their personal Facebook pages).
Where an employer has a clear policy on social media which explains that breaches of the policy may lead to disciplinary action and potential dismissal, any dismissal carried out in pursuance of the policy is more likely to be lawful. It will all depend on the precise circumstances of the case and the impact of the employee’s actions on the employer’s business and/or reputation. Dismissal for private conduct outside the workplace will, however, generally require greater justification than for a public transgression in the workplace. Also relevant are the individual’s rights to privacy and freedom of expression under the European Convention on Human Rights.