Social Media Sites & ‘Privacy’ Issues at Work – ‘In-Private Browzing’
December 20, 2009 by admin
In follow-up to my previous articles on this subject, today I would like to offer my thoughts on email scandals, privacy and security, ‘in-private browzing’ capabilities, and the challenges that these processes present for us all.
As a result of the proliferation of social media sites like Facebook®, LinkedIn®, MySpace® and Twitter®, as well as numerous others, individuals have the ability to create personal profiles, and exchange e-mails, pictures, files and instant messages over the Internet.
While I certainly agree with the above statement, I point out that we have communicated with each other through our various email systems for the past several years. Just take a look at all the ‘scandals’ over breach of confidentiality issues over the years using simple processes such as Lotus Notes, Hotmail, or Outlook, and various other ‘secure’ corporate email programs.
These scandals go all the way back to the 1980’s, and involve people such as Bill Gates himself in the Microsoft federal ‘anti-trust’ case involving IBM, as well as ex-politicians, Presidents, CFOs and CEOs.
Most recently of course is the ‘Climategate’ email scandal involving Britain’s Climate Research Unit (CRU) and the Intergovernmental Panel on Climate Change (IPCC), with respect to ‘hacked’ statistics and emails indicating that scientists have overstated the real threat of global warming.
In an effort to protect themselves as well as their employees, most firm policies state that any material with the company logo and/or signatures must receive approval prior to electronic release, and ‘locked down’ into PDF before employees can send out the material via the firm email system.
It is important to note that all servers keep a copy of all emails sent and received, usually for a set period of time, which can span anywhere from 60 days to 1 year. Your firm’s IT Leader should be able to provide more information on this process if you are interested in learning more regarding your own firm’s policy.
Privacy and Security are of primary concern for anyone that spends any amount of time on the Internet, particularly given the latest viruses, trojans, and frauds, which have managed to surpass the complexity of those that we have previously witnessed and challenged through this medium.
I believe that it is for these reasons that IE8 Beta 2, Google Chrome, Safari, and Firefox came up with ‘in-private browzing’, and ‘in-private filtering’. With these features enabled, sites that you visit will not be listed in your browser history; download lists are cleared, cookies are either not loaded at all, or deleted once you disable the ‘in private’ mode, and so on.
An important fact that I would like to point out here is that there are programs available, both paid and free, that enable ‘hiding yourself from sites’, such as the for-pay Anonymizer or the free, Tor.
While I assume that firms automatically disable the ‘in-private browzing’ feature on their networks, if an employee is determined to send documents of a ‘confidential’ nature, he or she could likely find a way. Depending on their level of technical expertise, they may be able to do so under the radar of your IT department.
The following Q&A highlights a number of queries employers have with respect to the use of social media sites on the job:
Q. Are social media sites used in the workplace?
A. Yes. Some employers develop their own internal social media sites to assist employees in working together or for sharing company information. In many cases, social media sites are accessed by employees at work for personal reasons.
Q. Why should you be concerned about employees’ use of social media sites for personal reasons?
A. One major concern is loss of productivity.
A 2007 study by Richard Cullen of SurfControl, an Internet-filtering company, estimates that Facebook® may be costing Australian businesses $5 billion a year. A second major concern revolves around privacy issues.
Q. What privacy concerns do social media sites raise for employers?
A. You need to be aware that monitoring potential or existing employees through personal or work-based social media sites may be subject to privacy legislation applicable in your jurisdiction. In British Columbia, for example, employers are restricted in their ability to collect, use and disclose employee personal information without an employee’s consent.
Q. How do these privacy concerns manifest themselves?
A. Many employers use Internet search engines, personal websites and blogs to discover information about prospective employees. You should be aware that even publicly available social media site pages might contain inaccurate or outdated personal information. Equally, you must be extremely hesitant about relying upon such information. You should also not use personal information obtained from such sites in a discriminatory manner against prospective employees.
In addition, most employees view their personal social media site pages as private. Employees are often unaware that personal information posted on these sites may be accessible by their employers and co-workers. Any organization that monitors its employees’ use of social media sites must ensure that its employees are aware of this practice.
My Opinion: I find it difficult to believe that employees would not be aware that social media sites can, and likely will be accessed by their fellow peers and employer. These are highly profiled sites and as such, site content is for ‘public’ consumption. Personal and Confidential data can be ’blocked’ from displaying where desired.
Q. What are the possible consequences to you of inappropriate use of employee personal information on social media sites?
A. An employer that uses an employee’s personal information, obtained from a social media site without that employee’s consent or in a discriminatory manner, could face privacy or human rights complaints, a workplace grievance under a collective agreement, and negative publicity.
Q. How should you minimize the risks associated with social media sites?
A. Employers should develop and communicate to all employees a clear policy on the appropriate use of social media sites. The policy should cover:
- whether work-based or personal use of social media sites is permissible in the workplace;
- under what circumstances, and when (e.g., unpaid breaks) social media sites may be used;
- a description of acceptable and unacceptable use of social media sites;
- whether the employer monitors social media sites;
- whether privacy legislation applies to the collection, use and disclosure of personal information in the workplace; and
- the consequence of failure to abide by the policy.
Q&A Source: http://www.mondaq.com/canada/article.asp?articleid=90210
