For professional services firms, social media is like fire: a useful tool when correctly and safely harnessed but able to wreak havoc if mishandled. For some years now it has been impossible for City firms and their staff to effectively promote their brand and services without social media, but the growth in use of platforms such as LinkedIn and Twitter has resulted in legal and regulatory issues.
The ability of online mishaps and misjudgements to harm the financial and reputational interests of individuals – and the firms they work for – should never be underestimated. In this article we explore the ways in which firms can best protect themselves from the multitude of risks arising from social media activity by partners and employees, both in the course of their duties at work and in their private lives.
This is an increasingly important issue due to a number of separate but interlocking factors. Social media is near ubiquitous amongst all age groups, a development which has only been accelerated by the events of 2020, particularly the sudden and sustained increase in working from home and the resultant decline of physical social interaction.
As a result, social media activity (both for personal and business purposes) and its associated risks have undoubtedly grown. Many people are posting updates on LinkedIn and other networks about their adjustments to homeworking life and mental health hacks, which will likely increase as the Christmas period approaches. It’s easy to see how the blurring of personal and work life – not to mention the tendency of many to engage in frank and fraught political discussions on platforms such as Twitter – could bring about change in the tone and content of social media usage, which could well give rise to posts and messages which reflect poorly on the user’s employer.
Two recent cases discussed in the following section highlight the risks involved in these trends, and why it is important for firms to refresh their approach to social media and consider the action points set out below.
Regulators and online behaviour
Meanwhile, regulators including the SRA have undoubtedly heightened their scrutiny of the online behaviour of those they regulate, even when online in a private capacity.
A notable example is that of Mark Lewis, a high-profile media lawyer who was issued a fine by the Solicitors Disciplinary Tribunal for a string of offensive communications on Twitter and Facebook, despite the SDT’s acknowledgment of his having at times been provoked by anti-Semitic abuse on the part of “vile trolls”. The SDT nevertheless found that Lewis had not acted with integrity and failed to uphold the confidence the public places in the profession. The outcome of the case, which was subject to a significant amount of scrutiny in the legal press, shows how vigilant regulators can be of conduct unbecoming of a legal professional online.
More recently, in BSB v Diggins, the respondent, a barrister who no longer practises, was fined after sending a tweet which the Bar Standards Board found to be “offensive and racially charged”. Diggins argued that it was a private Twitter spat which it was not the business of the BSB to investigate, and that the norms of everyday life did not apply on Twitter where many users engage in rude and offensive tweeting. However, the High Court recently upheld the BSB’s allegation that Diggins had behaved in a manner which is likely to diminish the trust and confidence placed by the public in the profession. Notably, his Twitter profile contained a web link that took the user to his personal website which identified him as a barrister. This was persuasive for the Court, which dismissed the argument that the BSB should not be policing a barrister’s personal life.
All of these developments give rise to a much greater need for firms to address the risks of social media, so as to minimise its potential effects on their reputation, regulatory standing, client connections and workforce stability. This can be addressed by a number of measures, which are described below, including a clear and detailed social media policy, contractual terms, training and protocols.
All staff, whether partners or employees, create a risk
In the social media age, all staff, from senior partners to junior employees, now wield the power to destroy the business for which they work by their words or actions online, whether or not they expressly advertise their affiliation with the firm online.
A well-drafted social media policy is one means of minimising the risks, but is not the only precaution that professional services firms should take. It is just as important to ensure that there are contractual terms in place, in the partnership agreement and individual employment contracts, which govern the ownership of business contacts and other social media output and confer sufficient control on the firm.
What does a good social media policy look like?
A good social media policy:
- regulates both personal and business use of social media, whether at home or in the office. In the past, employment tribunals have been persuaded that an employee’s dismissal for private comments on social media was unfair because the comments had been made outside of work, whereas the employer’s social media policy only applied to activity which took place within the workplace
- recognises that there are some circumstances which can’t be foreseen, such as new social media platforms or modes of communication, and contains sufficient flexibility to cover these situations. However, firms should keep the policy under review and nominate a partner or senior member of staff to have responsibility for keeping it up to date and take account of new technologies
- ensures that partners or employees giving their professional opinion (such as comments on a legal case or news story) do so in such a way as to minimise the risk of a professional-client relationship arising
- makes it clear what the consequences of a breach of the policy are. This includes, in the more serious cases, immediate expulsion or dismissal. Firms should consider what types of behaviour will amount to misconduct and what will amount to gross misconduct and give a (non-exhaustive) list of examples
- applies to all members of staff and not only employees: this is particularly important for professional services businesses which will also need to regulate the behaviour of partners and independent contractors to the same (if not greater) degree.
The question of when a firm owns a partner’s database of contacts (such as on LinkedIn) is invariably a complex issue of fact and law. Whilst partnership agreements will often have detailed provisions dealing with ownership of precedents, know-how and other materials, these will often leave social media issues up in the air.
Partnership agreements should specify when professional social media contacts belong to the firm and not the partner personally. Where necessary, they should also contain obligations relating to the social media accounts themselves, such as to transfer the login details upon the partner’s departure from the firm. This would be appropriate where the partner had specific responsibility for managing the firm’s social media accounts.
Firms should also ensure that they have other key measures in place, such as:
- providing training to partners and employees on the content of your social media policy and the implications if it is breached
- ensuring politically sensitive social media activity is aligned with the firm’s values and otherwise coordinated with the firm’s management where appropriate
- ensuring that other key policies which may be relevant to social media use are in place, such as IT and communications, anti-bullying and equal opportunities
- data protection and privacy policies which are GDPR-compliant and make it clear that the employer is entitled to monitor its IT systems to ensure compliance with the social media policy, to the extent it is legally entitled to do so
- a clear protocol of what is required of a partner or employee upon termination, such as the return and deletion of business contacts gained during employment and the communication of login details for accounts managed on the employer’s behalf by the departing employee.
If you have any questions about your firm’s approach to social media and key measures to manage risk, please contact a member of the team or speak with your usual Fox Williams contact.