|
 |
|
General Information
|
Add To My Personal Library |
November 19, 2010
• Vol.32 Issue 24
Page(s) 34 in print issue
|
Social Media: E-Discovery Concerns
Make Sure Your SME Is Protected
|
According to a recent survey, enterprises are increasingly concerned about e-discovery issues related to social media, creating a strong need for better communication between IT and enterprise legal representatives.
| Key Points
• Enterprises should be aware of the many e-discovery issues that come with employees using social media networks such as Twitter, Facebook, and LinkedIn.
• Policies can help with prevention and should include clear articulation of what subjects can be addressed in social media and how such accounts will be monitored.
• Consider technical solutions that provide social media archiving and monitoring. | The Economist Intelligence Unit for Deloitte Forensic Center found that roughly two-thirds of respondents surveyed expressed concern about e-discovery challenges posed by online social media forms, and 44% of respondents expect their companies’ information technology departments’ e-discovery challenges to increase. However, about 61% of those surveyed expect their enterprises to be only somewhat effective or not effective at all in dealing with e-discovery issues three years from now.
 Know The Perils
Since the passage of the Federal Rules of Civil Procedure in December 2006, all businesses need to be prepared to discuss how and where they keep employee communications, notes Greg Arnette, founder and CTO of Sonian (www.sonian.com), a cloud-powered email archiving firm.
“All employee communication must be preserved in a compliant manner and discoverable in the event of litigation,” he says. “These regulations often apply to all business correspondence, which now includes social network communication such as tweets, Facebook status updates, LinkedIn postings, and director or private messages across these platforms.”
In the event of litigation, he adds, businesses that don’t have access to this communication may face serious consequences, such as steep fines, costly lawsuits, and even jail time for those knowingly concealing information.
“Unfortunately, retrieving information from such a fluid medium is often like pulling teeth,” says Adam Sand, general counsel at ZL Technologies (www.zlti.com). “Even armed with a subpoena, social media outlets do not find it in their interest to cooperate. Therefore, organizations need to take it upon themselves to manage social media with the same or a greater degree of diligence as they do other forms of electronic communications and content.”
Focus On Prevention
If a company is utilizing social media for corporate purposes such as marketing or client communication, then the enterprise needs to have clear and firm policies as to the type of information that can be disclosed and the manner in which it can be disclosed, according to Howard Reissner, CEO of Planet Data (www.planetds.com), a firm focused on the creation and development of legal technologies.
He notes that such policies should include who can represent the organization, which subjects can be addressed (and particularly what can’t be mentioned), and whether the legal department should be notified prior to specific types of info dissemination. Additionally, the company should clearly articulate whether individuals can maintain personal accounts, and if so, how they’ll be monitored to prevent the unauthorized disclosure of information that may expose the organization to legal liability. For example, if the company is a financial institution, employees need to know that a simple comment such as “working on a killer merger” on a Facebook feed can be a potential SEC violation, notes Benish Shah, attorney at Sardar Law Firm.
Reissner adds, “Each employee should be educated as to the improper use of personal platforms to divulge confidential and/or harmful information about the organization or other entities that the individuals gained through their employment.”
It’s important to have only authorized personnel—those who’ve been trained in the areas of records management, compliance, and corporate law—represent the organization on social networks, he adds. Policies on non-approved uses of social networks need to be clearly drafted, given to all employees, and acknowledged in writing.
Companies also have to proactively and systematically update record management protocols to incorporate emerging technologies such as text and instant messaging, states Regina Jytyla, managing staff attorney at legal technologies and data recovery firm Kroll Ontrack (www.krollontrack.com). This will help ensure that all content is being captured.
But even with these controls, an enterprise may want to brace for challenges ahead. “Responding to requests for information contained on social networking sites presents obvious problems, as the content is not stored on user equipment or company servers, making the identification and collection of this data much more challenging,” says Jytyla.
Technology Tools
The most obvious technical solution is to prohibit use of social networks in the organizational infrastructure, notes Planet Data’s Reissner, but this can be very challenging as employees increasingly blur the line between work and home. After all, Facebook is awash in status updates about working on tough projects or dealing with cranky managers.
But it’s possible to use technology to minimize risk, with software platforms that monitor the types of text used in social media and email, and there are different companies that can provide social media archiving and monitoring.
At a minimum, enterprises should have the capability to store social media communications that pertain to business in the event of an e-discovery query, Sonian’s Arnette notes. “It’s important to look at social media archiving and storage in the context of an overall enterprise information management strategy,” he says. “Social media monitoring should be the first step; all other communication should be secure, and then companies can move forward with monitoring and archiving social media.” 
by Elizabeth Millard
Top Questions
According to Sheheryar Sardar and Benish Shah, attorneys at Sardar Law Firm, which handles many social media legal issues, here are some questions to kick off the creation of a company policy:
• How does the company use social media?
• Do company employees using social media on a personal level create risk to the company?
• Do company managers create a risk through social media usage?
• How can the company create policies and develop strategies to avoid potential risks?
• Is a company representative reading through blogs that mention or discuss the company?
• Is there a way to influence the online conversation on various social media platforms so that the company is participating in social media instead of avoiding it? |
|
|
