Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

Social Media Increases Security, Privacy Risks

Social Media Increases Security, Privacy RisksSocial Media Increases Security, Privacy Risks

Businesses reap tremendous benefits from social media, which allows for interaction, cross-communication and engagement in ways traditional marketing could never do. But with the upside and many benefits of social media come new risks, such as security, privacy, intellectual property, employment issues.

Here are some of the issues your business is exposed to and should be aware of when on Facebook, Twitter, LinkedIn, YouTube, Google+, and the many other social media sites.

Security Risks: By their very nature, social media sites pose potentially increased security risks, and if a breach occurs from activities on these platforms, your company can be faced with a lawsuit. Security breaches may occur from a variety of sources, including malware being downloaded onto your website through the use of social media. This can happen when an employee downloads an application, or is a victim of “phishing” or “click-jacking”, on a social media site while using a company computer. Phishing involves the act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Click-jacking involves a malicious technique of tricking a web user into clicking on something different to what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web page.

If your company’s social media-related security policies, procedures, and technical safeguards are inadequate, you could be held liable for a breach arising from acquired malware. What’s more, social engineering within social media sites, as well as “spoofed” social media profiles or pages, provide other points of entry for attackers and pose more legal risks for organizations. A spoofed site is when a criminal has set up profiles or fan pages to look exactly like an organization’s own page. If a customer or employee is duped into providing company information, personal information, or sensitive information (such as usernames and passwords), it could pose legal liability risks to the organization whose profile or fan page was spoofed, or replicated in a fake version.

Privacy Risks: As a company, you have an obligation to protect the privacy of members of the public who join your social networking pages on third-party sites, or who provide personal information through social media sites – just as they do, in many cases, when consumers provide personal information on a company’s own website. For example, not only do companies need to guard against violating the Children’s Online Privacy Protection Act (COPPA), they need to conform to the privacy regulations and terms of use of those third-party sites. Facebook, for example, has stringent guidelines surrounding company promotions on their site. Finally, companies may run into legal trouble if their social media activities violate their own privacy policies.

Additionally, there are several ways in which social media activity might compromise or leak sensitive company information (or client information) that could result in legal problems. These are: through crowd-sourcing sites (the company posts a problem and asks for solutions from the public, with the unintended consequence that trade secrets are indirectly revealed); through inadvertently compiled client lists (a president’s contacts on LinkedIn, for example, could equate to a complete client list, visible by competitors); and through the inadvertent disclosure of “competitive intelligence” while discussing products, customers, and strategic decisions on various social networking sites.

Employment Practices: Today most all companies, recruiters and HR managers are using social media to hire and to check on potential applicants. LinkedIn is a perfect example of this. Additionally, companies have disciplined or fired an employee for misdeeds on social media platforms.  But beware: Employers who hire outside vendors to investigate either an applicant’s or an employee’s social media activities and content may be required by law to get written consent from those individuals. What’s more, impermissible discrimination in hiring based on social media research can subject a company to an EEOC investigation, as well as possible action for alleged violations of the Civil Rights Act of 1964, the Age Discrimination in Employment Act, the Americans with Disabilities Act, and many other federal and state statutes. Social media legal risks may also be present if an employer decides to fire employees based on their Facebook interactions with other employees in the organization.

Be sure you have proper policies and procedures in place when it comes to your company’s social media practices. In future blog posts, we’ll discuss pinpointing your company’s social media risks and ways to mitigate them.

Source: Ace & Information Law Group

Comments

comments

Blogged on: October 8, 2012 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions