Employees can get carried away on social media. US Airways learned this the hard way when its employee responded to a customer complaint on Twitter with an obscene picture of a woman and a toy jet. An apology and deletion of the tweet followed an hour later (an eternity in cyberspace). US Airways claims its employee made an “honest mistake,” and the incident has not spawned a lawsuit, but one can imagine situations in which the malicious online statements of an employee land the employer in legal trouble.
So what’s an employer to do? Thankfully, employers can find some solace in Section 230 of the federal Communications Decency Act (“CDA”), as a recent Indiana case illustrates. In Miller v. Federal Express Corp., an employee of a non-profit organization, 500 Festival, Inc. (“500 Festival”), and an employee of FedEx separately posted comments on media websites criticizing the plaintiff’s leadership of Junior Achievement of Central Indiana, which he ran from 1994 to 2008. Although the employees posted the comments using aliases, the plaintiff traced the comments back to IP addresses assigned to 500 Festival and FedEx and sued them for defamation.
The Indiana Court of Appeals affirmed the trial court’s dismissal of the defamation claims against 500 Festival and FedEx based on the Section 230 of the CDA. Congress passed Section 230 to protect companies that serve as intermediaries for online speech from liability for harmful content posted by third parties. A defendant claiming Section 230 immunity must show that: (1) it is a provider or user of an interactive computer service; (2) the plaintiff’s claim treats it as the publisher or speaker of information; and (3) another information at issue was provided by another content provider. Satisfying these three elements immunizes the defendant from suit, although the author of the offensive content could still be held liable.
It’s not difficult to see how Section 230 applies where, for instance, the operator of an online discussion forum is sued for defamation based on a comment posted by a forum member. The operator easily qualifies as an “interactive computer service” and can argue it is not liable for content that someone else published. But could a corporate employer qualify for Section 230 immunity? The court in Miller said yes, siding with precedent set by California and Illinois courts. An employer that provides or enables multiple users on a computer network with Internet access qualifies as a provider of an interactive computer service. Since the defamation claims tried to hold 500 Festival and FedEx liable for allegedly publishing statements made by their employees, Section 230 barred the claims.
Controlling what employees say online can be a daunting task, but it’s nice to know that employers have some protection from legal liability for the “honest” (or not so honest) mistakes of employees.
“It’s my First Amendment right to say what I want!” The First Amendment is commonly invoked to justify personal expression. But did you know that the First Amendment applies only when the government is involved? For example, the First Amendment wouldn’t prevent a private company from firing an employee for making offensive comments about the governor. If the same employee worked for a government office, then the First Amendment might apply. As a lawsuit recently filed against the County of Maui illustrates, the First Amendment adds a layer of complexity for public employers dealing with controversial social media activity of its employees.
The First Amendment Lawsuit Against Maui County
Neldon Mamuad is a volunteer Liquor Commissioner for Maui County and part-time aide to a Maui County Council member. In July 2013, Mamuad started a Facebook fan page called “TAGUMAWatch,” named after a Maui police officer well-known for strict enforcement of parking and traffic violations. The page was intended to enable Facebook users to post about “Taguma sightings” and share their thoughts about him. TAGUMAWatch gained popularity quickly and evolved into a discussion forum on a variety of topics including news, traffic, and politics.
Mamuad claims that he didn’t publicize his involvement with TAGUMAWatch until a TV news story about the page named him as its creator. Mamuad also didn’t identify himself as a County employee when posting to the page or suggest that he spoke for the County.
The County somehow linked Mamuad to the page. Allegedly under pressure from the County, Mamuad changed the page’s name to MAUIWatch. A few days later, Officer Taguma submitted a complaint to the County alleging harassment via the page. After notifying Mamuad of the complaint and conducting an investigation, the County determined that Mamuad had engaged in harassment and cyber-bullying through social media and required him to enroll in an employee counseling program.
On March 3, 2014, Mamuad sued the County in federal court for violating his First Amendment rights. As of the time of this post, Mamuad’s motion for a TRO was pending.
When Does Employee Discipline Violate the First Amendment?
Most forms of internet expression qualify as “speech” under the First Amendment. That point has been driven home by recent legal developments, including a court decision that Facebook “likes” are protected by the First Amendment, a Ninth Circuit opinion recognizing that bloggers have the same First Amendment protections as traditional journalists, dismissal of an appeal from the termination of a public school teacher, and a federal lawsuit filed by a gun rights group alleging that the Honolulu Police Department censored comments on its Facebook page. Whenever the government is the one restricting speech, the First Amendment becomes relevant.
So how does a public employer know when it may discipline an employee for his or her social media conduct without violating the First Amendment? The general test in the Ninth Circuit, as spelled out in Mamuad’s TRO motion, looks at these factors:
- Did the employee speak on a matter of public concern?
- Did the employee speak as a private citizen or public employee?
- Was the employee’s protected speech a substantial or motivating factor in the adverse employment action?
- Did the government have an adequate justification for treating the employee differently from other members of the general public?
- Would the government have taken the adverse employment action even absent the protected speech?
Dahlia v. Rodriguez, 735 F.3d 1060, 1067 (9th Cir. 2013) (en banc). For a court to find that employee discipline violates the First Amendment, the first and third question must be answered in the affirmative, the fourth and fifth question answered in the negative, and for the second question, the employee must have spoken as a private citizen. The employee also has the burden to prove the first three factors. If the employee is successful, then the burden shifts to the government to prove the fourth and fifth factors.
Applying this test to employee social media conduct isn’t simple, but it helps government employers assess whether the First Amendment counsels against disciplinary action.
Complaint in the Mamuad lawsuit
Motion for TRO in Mamuad lawsuit (w/o attached declarations and exhibits)
Working remotely has never been easier thanks to the proliferation of mobile devices like smartphones and tablets. Enabling employees to do work outside of the office and standard work hours can be a boon for productivity, but it carries a legal risk for employers: unexpected claims for overtime pay. Under the federal Fair Labor Standards Act (FLSA), non-exempt employees must be paid overtime compensation for work they perform for the employer’s benefit in excess of forty hours in any workweek. Work done remotely, such as responding to emails on a smartphone or drafting a report on a laptop at home, could push an employee’s work hours in a given week beyond the forty-hour threshold. FLSA violations can occur unexpectedly because an employee need not have been asked to work beyond the 40-hour workweek to be entitled to overtime pay.
Two cases illustrate the risk of allowing employees to work outside of the office using mobile devices. In Allen v. City of Chicago, a Chicago officer sued the Chicago Police Department under FLSA for requiring him to work “off the clock” using a department-issued Blackberry device without receiving overtime pay. A Chicago federal district judge conditionally certified a collective action to allow 200 similarly situated officers to join in the lawsuit.
In O’Neill v. Mermaid Touring Inc., the former personal assistant of pop artist Lady Gaga, Jennifer O’Neill, sued for overtime compensation under FLSA. O’Neill alleged that she worked 24/7 because she was expected to have her phone on in order to respond to Lady Gaga’s calls at any time of the day. A New York federal district judge recently denied the defendants’ motion for summary judgment that O’Neill’s on-call time is not compensable, thus setting the stage for trial in the case to begin on November 4.
Allen and O’Neill highlight the need to institute clear policies spelling out the authorization an employee must obtain working remotely with a mobile device. Organizations that allow employees to use mobile devices for work purposes should require employees to keep track of the time they work remotely or consider installing software on that employee’s mobile device that automatically performs such a timekeeping function. Taking proactive measures to manage mobile device usage at work is crucial to preventing employees from secretly racking up overtime hours and then demanding compensation for it.
Employer sues ex-employee for not updating his LinkedIn profile — Jefferson Audio Visual Systems, Inc. v. Light, 2013 WL 1947625 (W.D. Ky. May 9, 2013).
What would you do if your ex-employee told everybody he still works for you? One company’s response was to sue. In the first case of its kind, the company decided to sue its former employee for fraud for not updating his LinkedIn profile.
Jefferson Audio Visual Systems, Inc. (JAVS) fired its sales director, Gunnar Light, after he mishandled a potentially lucrative deal and made defamatory statements about JAVS to a prospective customer. Shortly afterwards, JAVS filed a lawsuit against Light alleging various claims, including fraud. JAVS argued that Light was fraudulent in failing to update his LinkedIn profile to reflect that he was no longer a JAVS employee. A Kentucky federal court dismissed the fraud claim because JAVS failed to show that it was defrauded by Light’s LinkedIn profile. At most, JAVS alleged that the profile tricked others. Under Kentucky law, a party claiming fraud must itself have relied on the fraudulent statements.
LegalTXTS Lesson: JAVS’ actions against its ex-employee might have been rather extreme, but the case is a reminder that ex-employees can leave behind an electronic wake that is damaging. Because computer technology is an integral part of work life, management needs to be intentional in disengaging ex-employees from the electronic systems and online persona of the organization. Each organization must determine for itself what measures for dealing with such post-termination issues are feasible, effective, and consistent with its objectives, but here are some suggestions:
1. Promptly update the organization’s website, social media profiles, and any other official online presence to reflect that the former employee no longer works for the organization.
2. Specify who owns Internet accounts handled by the ex-employee for the organization’s benefit and the information stored in the accounts. This includes social media accounts and cloud storage accounts (e.g., DropBox, Google Drive, SkyDrive) to the extent they contain proprietary data. As part of this measure, be sure to obtain the information needed to access the accounts, including any updates to login credentials.
3. Restrict the amount of access to which former employees, as well as current employees whose departure is imminent, have to workstations, databases, and networks of the organization. Limiting access helps to prevent theft of trade secrets and proprietary information. Many CFAA lawsuits have been spawned by a failure to take this precaution.
4. Check if the employee left behind anything that would enable him or her to gain unauthorized access to company systems, like malware, viruses, or “back doors.”
5. Enable systems that allow of erasure of the organization’s data from electronic devices used by the ex-employee to remotely access the work network, such as smartphones, laptops, and tablet computers.
6. Establish guidelines on employee use of the company’s intellectual property on personal internet profiles (e.g., Facebook, Twitter, LinkedIn), including trademarks and trade names.
Check out the article on Internet firings posted on HR Hero’s “Technology for HR” blog. The article talks about the firing of the Applebee’s waitress who snapped a picture of a receipt on which the customer, a pastor, wrote: “I give God 10% Why do you get 18?” and posted it on Reddit. I was happy to provide commentary for the article on Applebee’s social media policy and suggest tips for employers dealing with embarrassing Internet activity of employees like the Applebee’s incident.