Social Media Never Sleeps at LegalTech New York
I had the pleasure of attending the “Money Never Sleeps and Neither Does Social Media: FINRA’s View is the Future for All” workshop at LegalTechNew York last week. The panelists were Debbi Corej (VP of Compliance at Prudential), Melanie Kalemba (VP Business Development of Socialware), Lisa Sotto, Esq. (Partner and Head of the Global Privacy and Data Security at Hunton & Williams LLP), and Allison Jane Walton, Esq. (eDiscovery Counsel, Symantec). One neat component of this workshop was that they handed out remote polling devices so that the audience could interact by answering questions anonymously and analyze the results in real-time.
The first major topic of the presentation was the complexity of privacy laws. Given the fact that there are more than 10 federal laws, hundreds of state laws, and various industry standards, there is no overarching privacy scheme in place in theU.S.and around the world. U.S.’s privacy laws such as HIPAA for the health care industry, COPPA for children’s data, and DPPA for DMV records require strict security and protection of this sensitive information. The Federal Trade Commission (“FTC”) has the authority to enforce such laws, however, enforcement typically falls after either a security breach, deceptive statements in privacy policies, or lack of conspicuous notice. Attorneys General are also becoming more proactive in the fight, yet privacy protection is still a global issue.
Secondly, having a formidable social media policy (“SMP”) is imperative. Employees are leveraging their “personal” networks to achieve “professional” success, which drives value in a relationship economy. Social networks such as LinkedIn and Facebook are designed for users to have one profile, so it is likely to expect overlap between “personal” vs. “professional” content. To protect the organization, the SMP should describe appropriate business usage of social networking sites (“SNS”). Here are the Elements of a Social Media Policy Checklist that they provided:
- Form a social media committee to manage project adoption;
- Gain consensus of company’s key stakeholders to establish and prioritize objectives and goals of employing social media;
- Research and understand social media options, benefits, and pitfalls;
- Determine best fit of company with social media options;
- Determine which features/options/settings the firm is comfortable with or would prefer to prohibit;
- Develop firm and regulatory compliance processes;
- Draft company’s social media policy;
- Designate employees to test approved social media sites;
- Collaborate/coordinate with marketing department on guidelines for communicating with the public and pre-content approval process;
- Work with legal department to develop proper disclaimers;
- Work with IT department to integrate tools and automate procedures (monitoring, documentation, access);
- Implement [a] social media training program;
- Establish monitoring, supervision, and documentation procedures;
- Activate social media program (enable & automate access); and
- Review written policy frequently as social media is evolving rapidly
One of the key takeaways from this presentation is that a social media policy should be integrated into your document retention polices because it should be treated just like any other type of electronically stored information (“ESI”). Companies can either block access to social media all together, or create and implement strict policies and procedures. Social media can help grow your business, however, the ability to finesse the “personal” use versus the “professional” use can be challenging, yet highly beneficial.
Kevin L. Nichols is the Principal of KLN Consulting Group located in San Francisco, which speciLalizes in Litigation, Diversity and Business Development/Social Media consulting.