Defuse Social Media Attacks

By Anne E. Larson Sep 8, 2014

Employers need strategies to prevent social media attacks or other inappropriate social media use by their employees. They also need to quickly and effectively respond to these incidents.

Consider these real-life examples:

  • Your employee tweets negatively about the president of the United States using the company’s Twitter handle. How do you respond?
  • Your employee threatens physical violence against his co-workers and spouse on Facebook. Should you notify law enforcement? Fire him?
  • Your CEO receives threats from an anonymous e-mail address. You suspect that an employee you recently disciplined is behind the threats. What can you do?
  • Someone anonymously uploads a manufactured video to YouTube that appears to depict health care workers at your facility abusing patients. You suspect it is a fired employee. How do you respond?

When social media is used wisely, it can be a smart, polished and effective means to promote a company, its events, and its products or services. Some employees, however, do not realize that they can harm themselves and their employers when they post impulsively, without thinking through the consequences to their careers—or the company’s brand, competitive strategy and customers.

During one of the 2012 presidential debates, President Barack Obama mentioned that his grandmother died two days before he was elected in 2008. An employee of a well-known appliance company tweeted from the company’s corporate account that his grandmother died because she knew how bad the president’s first term was going to be. The company subsequently offered its Twitter followers its “deepest apologies for an irresponsible tweet that is in no way representative of the brand’s opinion.”

Individuals are increasingly being held responsible for what they say on social media. A recent case, Elonis v. United States, illustrates this trend. Anthony Elonis openly posted threats against his spouse and co-workers on Facebook. He was subsequently convicted of violating a federal statute that prohibits the transmission of threats to injure another person in interstate commerce. His conviction is currently under review by the U.S. Supreme Court.

However, unlike in the Elonis case, a significant number of disparaging, harassing or threatening posts are anonymous. Currently, the legal options for employers to get anonymous posts removed or to discover the author’s identity are limited. The anonymity of many harassing or defamatory posts generally means that the only obvious target for employers is the Internet service provider (ISP) or website on which the posts appear. To further complicate matters, Section 230 of the Communications Decency Act of 1996 (CDA) provides broad civil immunity to websites that contain information provided by others. This effectively prevents aggrieved employers and supervisors from suing a website for libel, unless the site itself is the provider of the harmful information at issue.

There are some tactics employers may consider to deal with and help prevent social media attacks. Employers may be able to remove unwanted posts from websites, to determine the identity of an anonymous blogger short of litigation, and to change the company’s culture so employees will find negative use of social media to be unnecessary.

Website ‘Terms of Use’

A website’s “terms of use” agreement or policy provides employers with some basis to challenge inappropriate posts. Simply by using a website, users agree to the terms and conditions set forth in the site’s terms of use. A site’s terms of use likely prohibit individuals from using the website to commit unlawful acts or for any purpose that is unlawful. The terms of use likely also provide a procedure for complaining about violations by the site’s users.

When a post is defamatory, discriminatory, threatening, abusive or harassing, an employer should check the terms of use and request to have the post removed if the content violates the terms. If posts, for example, improperly use trademarks or disclose employee medical conditions or other Health Insurance Portability and Accountability Act-protected information without consent, employers should likewise check the terms of use, complain, and ask that the post be removed if it violates the terms.

Unfortunately, most websites’ terms of use fail to identify specific individuals to whom complaints may be made. That means employers must often send their complaint to a general e-mail address with little, if any, ability for follow-up. Because sites may not respond to e-mailed complaints, employers may be left wondering whether their message was read or even received. Then, employers must have patience in waiting and watching to see if the website edits or removes the posted message.

Telecommunications Harassment Act

The Telecommunications Harassment Act may provide some relief to employers in attempting to remove posts that contain abusive, threatening or harassing content. The act prohibits websites from knowingly permitting their site to be used for postings “with intent to annoy, abuse, threaten or harass any person.” A website risks potential criminal exposure under the statute if it allows an abusive, threatening or harassing post to remain on its site after being put on notice that a particular post’s content violates the act.

If an employer has had no success in getting a website to remove posts that violate its terms of use, another option may be to remind the website of its obligations under the act to remove abusive, threatening or harassing posts.

Section 230(c)(2) of the CDA also provides websites with an independent exemption from liability when they take good-faith steps to restrict access to harassing material or to filter such material. Thus, removal of posts can be mutually beneficial for both the employer and the website under both statutes.

Forensic Imaging

Employers benefit from having signed agreements that require employees to turn over laptops or other electronic devices for inspection and imaging at termination or upon request. Such agreements should include an employee’s personal electronic devices if used for work.

If an employer believes that a current employee is the author of an anonymous post, such agreements can assist the employer in confirming his or her identity through inspection or forensic examination of the device. Forensic examination may reveal the deleted e-mails or texts (or remnants of them), including the dates and times the device was used to visit specific websites. With respect to the earlier real-life example about the CEO who is receiving anonymous threats, an examination of a device’s Internet history and e-mail remnants could reveal that an employee created a personal e-mail account from his device to send those threats to the CEO.

Practical experience with cellular service providers may have already taught employers that the content of text messages is difficult to obtain by means of subpoena or even the employee’s own signed authorization. Cellular service providers do not want to be in the business of producing text messages in response to civil subpoenas, so they generally respond that text messages are preserved only for a handful of days or not at all. Yet, forensic examination of smartphones may reveal the actual content of text messages–even deleted texts—provided employers have the necessary employee agreements in place to allow them to inspect and/or image the device.

Culture Built on Trust and Responsiveness

Employees are less likely to engage in social media attacks if employers create a culture that demonstrates that they respect and promptly address employee concerns.

Most employees are at-will and can be discharged at any time without notice. However, giving employees notice of their performance problems and an opportunity to correct them can help prevent negative, disparaging posts. Even if a discharged employee does not accept the termination decision, most co-workers recognize when a peer has been given a legitimate opportunity to fix performance issues. This may encourage co-workers to not post negatively about the decision, so there will be no protected concerted speech.

Additional pragmatic steps that employers can take to develop a culture built on trust and responsiveness include regular training and dissemination of anti-harassment policies. Employers then need to be receptive to complaints when they occur, and immediately investigate and resolve them. This same level of employer responsiveness applies to compliance policies and employee hotlines that encourage internal reporting on issues beyond harassment, so concerns are promptly addressed.

While it never hurts to remind employees of the company’s internal complaint procedures, employers should be careful not to tell employees to only complain internally—rather than file a charge with the applicable agency or air their grievances online. The National Labor Relations Board (NLRB) views such directives to have the effect of inhibiting employees from engaging in protected concerted speech in violation of Section 7 of the National Labor Relations Act.

Regularly Train Employees

A lesson employers should take from both the anti-Obama tweet and the Elonis case is the continued need to train employees on the company’s social media policy.

Encourage smart, positive use of social media, and remind employees of the consequences of using work e-mail accounts or Twitter handles to express personal opinions or politics, to violate the law, or to violate the company’s anti-harassment and bullying policies. Recent NLRB guidance has confirmed an employer’s ability to regulate off-duty social media conduct by employees like Elonis who violate a company’s policies or code of conduct.

Because some employees view social media as a lawless zone where they can behave as they see fit without regard to right and wrong, they need to be told that this is wrong. Let employees know, especially, that if their use of social media involves threats of harm, the company will cooperate with law enforcement authorities. Any threatening posts can have consequences for their employment and potential criminal liability.

Anne E. Larson is an attorney with Ogletree Deakins in Chicago.


Job Finder

Find an HR Job Near You
Post a Job


Find the Right Vendor for Your HR Needs

SHRM’s HR Vendor Directory contains over 10,000 companies

Search & Connect