Monday, July 19, 2010

A new Outlook for LinkedIn?

Contact ownership?

It is established law that Outlook and other business contacts can belong to the employer not the employee.  One of the main cases on this point is Pennwell Publishing (UK) Ltd and others v Ornstien in which the judge said:

Image: Michal Marcol /

".........where an address list is contained on Outlook or some similar program which is part of the employer's e-mail system and backed up by the employer or by arrangement made with the employer, the database or list of information ......... will belong to the employer"

So this is pretty certain, right? Well what happens if an employee uses a social network such as LinkedIn to invite contacts to join their network (publicly viewable) using email addresses sucked through from Outlook? See how to do it here 

Should these contacts also belong to the employer and has the employee just given away valuable information that is searchable by competitors? 

Unsurprisingly there has already been some clarification on this in Hays Specialist Recruitment and others v Ions [2008] that case said that because the contacts had been migrated to the social network and invitations had been accepted the information could no longer be considered confidential.  Such a breach of confidence may be actionable but would the employee be worth suing?

Interestingly, in the ' Hays' case Ions argued that he had been encouraged to join the social network by his employer.

Comment:  if you want your employees to engage in social networking on behalf of the business under what circumstances may this occur.  Do their employment contracts and policies make clear who owns the contacts (as well as the profiles) and where they can be used?  This is particularly poignant for recruitment agencies and sales teams where contacts are very valuable.

Even if the confidentiality of contacts is preserved social networks such as LinkedIn make it easier to reconnect as a former employee can simply search and reconnect for contacts. Where this is the case breach of a restrictive covenant may be a more valuable action although often not practical.

Restrictive covenants and LinkedIn

Social Media platforms have very powerful search functionality and with certain applications allow companies to trend sentiment towards their business and brands.   The open and searchable nature of social networks makes this analysis possible and led me to think what other uses could be made of these tools.

The one that stuck in mind was monitoring restrictive covenants.  Many employees (including lawyers) will have restrictive covenants in their contracts, for example the employee shall not:

".....solicit or endeavour to entice away from the Company the business or custom of a customer with a view to providing goods or services to that customer in competition with the business of the Company......." (PLC)

What better way to monitor compliance with such a clause than searching social media networks and in particular LinkedIn?  Status updates and lists of connections could be used to both monitor and prove breach of such restrictions.  The options available to an employer who discovers a problem will always be situation specific......but finding and proving a problem could be easier.

The searchability of Social Networks leads me the believe that Social Media is leading to more monitoring and consequently a "big brother" information society?  Who needs CCTV when you have social media? 

Wednesday, July 14, 2010

"Opting In for Privacy " for Location Based Social Networking?

Image: graur razvan ionut /

Location based social networking apps and sites such as Gowalla, Foursquare and Google Lattitude allow the tracking of an individuals location via mobile communication devices. This augmented information has the potential to be very valuable by profiling and targeting consumer behaviour, but to me also raises questions about privacy and data protection that have yet to be answered.  I have had a quick read of the rerespective privacy policies.
Gowalla's privacy policy states:

"To provide Gowalla, we collect, maintain, use, and display your personal data and the geographic location of your mobile device (we call this location fix of your mobile device “location information”)."

I don't have a problem with the collection and use of this information per se, particularly when it is required to provide a service that the user has opted to use.  Moreover, both Gowalla and Foursquare allow the user to set privacy settings to control the publication of their personal data.  However, there are some exceptions to where privacy can be controlled with one of the most notable being stated in Foursquare's privacy policy:

"While the Service does allow you to note your location at restaurants, bars, stores (and so) throughout your community, at no time does Foursquare ask you to provide your home address. You should be aware that if you or your friends add your home as a new venue in the Service database and that information is published on the Service (for example, via a user checking in to that home venue), that information may be published by third parties without our control."

So it seems that certain personal information can be published without control via privacy settings. Does this breach the Human Rights Act Art 8 which 'provides a right to respect for one's "private and family life, his home and his correspondence. (Ref Wikipedia)".

The main question I want to pose is should users of these sites have a reasonable expectation of privacy? My own thinking is that we are undergoing a cultural shift in attitudes towards data protection and privacy with the understanding that social network services have to be paid for by the users supplying valuable data about themselves that the operators can then levergae. Users making decision that the benefit to them of engaging outweighs their concerns about their data being used.

If these location driven service providers make it clear to me when my information is collected and used and how it might not be controllable then I can make an informed decision as to whether I opt in and participate. That said I wonder how may people read the privacy policies before signing up.

The moral of the story is to think carefully about privacy settings, privacy issues and (like life in general )who your friends are.

For the businesses providing the services I think more could be done to bring these issues to the notice of users when they are signing up. Does an "I agree to the terms and conditions and privacy policy" check box cut it when they are dealing with locational data?

It is of course a matter of fine balance between making it simple to sign up and giving clear information on privacy and data protection that people of all ages can digest.

Watch this space for the first privacy story to break.