Skip to content

In house social media monitoring

December 7, 2010

My company can read my work e-mails. Most-likely, so can yours.

We all know this. Because it doesn’t really impact us in any way. I don’t care if my agency reads my work e-mails.

But I know they can’t read my gmails or yahoo mails.

And they can’t read Facebook.

They can read my twitter posts (I can’t bring myself to use the term Tweets, I just can’t).

But, unless they are connected to me, they can’t see my LinkedIn stream, and unless they know my username, they can’t see my reddit or Digg comments. (They won’t see many comments on the latter, I’ve made the switch).

I tell you this because I work in an industry that is regulated by the FCC. If I promote a client on a social media site, I have to disclose the relationship.

You may have seen this one Twitter. Big Twitter celebs use the tag #client to denote the promotion of a client.

Because we’re a regulated industry, we created a social media posting policy. The policy is designed to protect us from ourselves, but also protect the company. There are some arcane rules in social media about ‘ownership’ of content, so a policy can help usurp that in a crisis. (Note: when a Dominos employee filmed themselves doing nasty things with the food, Dominos could not get the video taken down. It wasn’t their content.)

Should usernames and passwords be public?

So here’s the question: since the web effortlessly links social media sites to people, and thus to employers, should staff give social media passwords to their employer? Should it be a cost of employment, only used in a crisis, or only used to monitor content. Not to see what people are saying, to archive what is said in case something comes up months later.

Again, the purpose of this monitoring isn’t to read status updates. But to archive them in case the FCC comes calling.

Enhanced by Zemanta
10 Comments leave one →
  1. December 8, 2010 2:36 pm

    I don’t think that social media users in a company should have to give up their passwords to their employers.
    Yes, there are now lines being drawn that didn’t exist years ago where anything a person does can get tied back to the company that they work for, but there’s still a privacy issue. I’m a believer that work is work and things I do in my own time are not related to work. However, I do understand why companies are concerned.
    I think that rather than always trying to be the police, companies should train their staff on how to properly and effectively use social media. By doing this, companies would need to worry less about what their employees are doing online in their free time.
    Yes, companies do need to be concerned, but I think that scare tactics don’t work in this case. I think that by empowering employees most will use their common sense and act accordingly. Social media policies are also great for these types of situations, but I think they need to be written to be more empowering to the employees rather than coming off as a list of “things you can’t do.”
    The more people are empowered to use social media in a good way, I think the more people will understand and use those new tools, rather than rebel or live in fear of what they’re doing online.
    I think giving up their passwords, etc. to personal accounts will rub people the wrong way though.

    Sheldon, community manager for Sysomos

    • December 8, 2010 6:10 pm

      Sheldon, thanks for your comment.

      We have a “things you can’t do” social media policy at EMA. That said, we don’t have a good way to archive the things people do say. I’m certainly not an advocate for less privacy, but I willingly let my company monitor my web traffic and work e-mail.

      I’m not sure what the perfect answer is, which is the point of the post. Thanks for your comment.

  2. Jeff Favalo, AE @ RES Exhibit Services permalink
    December 8, 2010 5:53 pm

    I don’t feel that it is appropriate for an employer to require passwords be submitted as a prerequisite for employment. If they did, and you complied, how long would it take for you to change that password or create an alias persona to “cover your tracks?” I look at it in the same sense as I do copy protection in the music and film industry. For every Macrovision, CSS or other encryption that has been created, there are countless programmers waiting to get their hands on it to break it. The “protection” that is put in place winds up costing more money and essentially being deemed ineffective.

    While I agree that organizations (Especially those who are regulated) need to take extra steps to protect themselves, I don’t see how requiring login credentials from their employees would be anything other than an invasion of privacy. I imagine that if an IT manager were to change a staffers password or cancel an account due to company defamation, well I would think you would see a nice 1st amendment lawsuit and probably a made for TV movie (that when released to DVD would be sure to have the latest copy protection available).

    • December 9, 2010 9:39 am

      Jeff, thanks for the comment.

      Agreed that people can “hide their tracks”. On Digg, I was “Zerobriers”. The point is, not-well-used social media profiles aren’t the issue. The issue is the well-used ones.

      Plus, that is where the problems could happen. So what are the options for companies that are regulated? I don’t promise to know the answer, but someone needs to get it.

      At one time, we were going to have a coffee?


  3. December 9, 2010 1:11 pm

    I think it makes a reasonable argument for the idea of having separate work and personal profiles, in the same way that people have separate work and personal emails.

    Which is against the TOS for Facebook, but perfectly normal on Twitter.

    Blogs get a little bit dicier. My employer has a login/password to my account for The Social Enthusiast, but then again, they own the domain and their logo is displayed in the header. It’s their blog, I just populate it.

    They don’t and never will have UN/PW for Internet Bard, because that’s my personal blog, I own the domain, I pay for hosting, and I use it as a point-of-contact for the exceptionally rare freelance work I do.

    I know your question was related to regulatory issues (something I’m pretty familiar with, myself). I’m no attorney, but I think that not having employee account access actually protects the firm; you can’t be held liable for that which is out of your control. Once you actually HAVE access, you’re responsible for policing that content as if it was your own. Better, I think, to leave the liability for that content where it belongs, on the individual.


    • December 9, 2010 3:36 pm

      Really appreciate your opinion on this. Your last paragraph gets the crux of my interest. While I agree with this:

      “Better, I think, to leave the liability for that content where it belongs, on the individual.”

      I suppose the issue could be that in the end, liability could rest with the company that is regulated. Because they are responsible for the liability of their employee.


  1. Writers: Optimizing your social media (and a question) | Chazz Writes
  2. Tweets that mention In house social media monitoring « People like to share --
  3. Tweets that mention In house social media monitoring « People like to share --
  4. Is there a crisis in those 90 million tweets? « People like to share

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: