No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Risk

Social Media: The Challenge of Managing Millions of Friends

by Michael Connor
October 6, 2014
in Risk
Social Media: The Challenge of Managing Millions of Friends

The world of social media moves quickly.

In July 2012, for example, Netflix CEO Reed Hastings posted a statement on his Facebook page that the online video company had reached one billion hours of viewing. The company and Hastings subsequently received a Wells notice from the Securities and Exchange Commission (SEC), warning that the agency might bring a civil action for violating Regulation FD, which requires public companies to make full and fair public disclosure of material non-public information.

Fast forward less than a year later to April 2013. The SEC issues a report in which it takes no enforcement action against Hastings or Netflix. Further, the Commission says companies can make announcements over social media, including Facebook and Twitter, by providing relevant web addresses through notifications on their company websites and press releases. “We appreciate the value and prevalence of social media channels in contemporary market communications, and the Commission supports companies seeking new ways to communicate and engage with shareholders and the market,” the SEC says.1

Netflix and the SEC are not alone in embracing the power of social media networks. Fortune 500 companies are “bullish” on social media, with 77 percent having active Twitter accounts and 70 percent now on Facebook, according to a recent study by the Center for Marketing Research at the University of Massachusetts.2 The survey found that companies were also experimenting with platforms like Google+, Foursquare and Instagram. The Fortune 500, the study concluded, “now seems comfortable and even excited with its newfound ability to engage its vendors, partners, customers and others in ways that could not have been imagined when most of their corporations began.”

For ethics and compliance professionals around the globe, this wide-scale and rapid adoption of social media means increasing attention must be paid to how new technologies are being incorporated more broadly into the fabric of an enterprise. Only a few years ago, a principal compliance worry was whether a company’s reputation and its business could be damaged by employee posts on Facebook. While that remains a legitimate concern, the ethics and compliance spotlight must necessarily focus on a broader range of activities.

New Challenges

Privacy is one critical concern, as a wide variety of social media and mobile applications enable companies or their third-party service providers to gather personally identifiable information (PII), location data and other confidential customer information.

For example, in July 2013, the U.S. Federal Trade Commission’s (FTC’s) revised Children’s Online Privacy Protection Act (COPPA) Rule took effect, prohibiting certain websites and online services from collecting, using or disclosing personal information of children under 13 without first notifying parents and obtaining consent.3 The modified rule also widens the definition of children’s personal information to include persistent identifiers such as cookies that track a child’s activity online, as well as geolocation information, photos, videos and audio recordings. (Proposed legislation expanding those protections to children ages 13 to 15 has been introduced in the U.S. Senate and House.4)

State legislatures are also focusing on social media privacy concerns, with California enacting several key laws in 2013. One measure requires that any website or mobile application disclose how it responds to “do not track” signals or other mechanisms that provide consumers a choice regarding the collection of personally identifiable information about their online activities.5 Another piece of California legislation—the so-called “eraser” law—requires website operators to honor requests made by minors who are registered users to remove content the minor posted on the site.6

International regulation of social media varies greatly. The draft European Union Data Protection Regulation,7 which could be approved this year, contains a controversial feature giving consumers the right to be forgotten—now being called the “right to erasure”—that would entitle anyone to contact an Internet firm and have it delete personal data from their services. Third parties hosting the data would be required to remove it as well. The draft regulation includes stronger safeguards for data transfers to non-EU countries and substantial fines for non-compliance—up to 100 million Euros or up to 5 percent of a company’s annual worldwide income, whichever is greater.

Sector Guidelines

Ethics and compliance professionals should ensure that they’re communicating with their own marketing and advertising teams and, importantly, understanding the role of third-party providers in application development. Increasingly, regulations and guidelines are tailored to industry specifics. For example:

  • The U.S. Food and Drug Administration issued new guidance for mobile medical apps in 2013, citing research showing that 500 million smartphone users worldwide will be using a health care application by 2015; by 2018, an estimated 50 percent of the more than 3.4 billion smartphone and tablet users will have downloaded mobile health applications.8
  • Retailers who provide WiFi coverage in their stores and engage in mobile tracking of customers—an increasingly popular practice—are the focus of a Mobile Locations Code of Conduct developed by the Future of Privacy Forum, a privacy think tank.9
  • The Better Business Bureau’s Online Interest-Based Advertising Accountability Program has issued its first ever “compliance warning” under which websites are now expected to ensure that consumers receive “enhanced notice” regarding data collected for “behavioral” advertising and cannot simply rely on third parties, such as ad networks, to bring the websites into compliance.10

Spreading the Word

Word of mouth lies at the heart of social media (in fact, the industry has a Word of Mouth Marketing Association), and marketers increasingly look to “advocates” to help boost sales and reputation through Facebook “likes,” online reviews and comments. However, FTC Endorsement Guides state that if there is a connection between the endorser and the marketer of a product that would affect how people evaluate the endorsement, it should be disclosed; in 2013, the FTC released new guidance for mobile and other online advertisers that explains how to make disclosures clear and conspicuous to avoid deception.11

In September 2013, New York Attorney General Eric T. Schneiderman announced that 19 companies had agreed to cease the practice of writing fake online reviews for businesses and to pay more than $350,000 in penalties.12 The Attorney General’s investigation found that search engine optimization companies were using advanced “IP spoofing” techniques to hide their identities, as well as setting up hundreds of bogus online profiles on consumer review websites to post the reviews. The practice—called “astroturfing”—“is the 21st century’s version of false advertising, and prosecutors have many tools at their disposal to put an end to it,” Mr. Schneiderman said.

In the Workplace

Social media increasingly plays a role in just about all stages of the employment process—and at each stage, there are compliance risks.

Many companies, for example, regularly look up job applicants online as part of the hiring process. But according to a 2013 study by researchers at Carnegie Mellon University, many may also use what they find to discriminate.13 In an online experiment, the researchers tested responses of over 4,000 U.S. employers to a Muslim candidate relative to a Christian candidate, and to a gay candidate relative to a straight candidate. They found that “survey subjects with hiring experience are significantly less likely to say they would interview the Muslim candidate than the Christian candidate.” (However, researchers found no evidence of discrimination against the gay candidate relative to the straight candidate.)

If your company is contemplating asking employees to turn over the passwords for their Facebook or Twitter accounts, exercise extreme caution—and question whether you’ll get the results you want. While access to personal accounts might seem like a good way to protect proprietary information or trade secrets, it could also represent an invasion of employee privacy. According to the National Conference of State Legislatures, laws to prevent employers from requesting passwords to personal Internet accounts have been passed in 10 states (Arkansas, Colorado, Illinois, Nevada, New Jersey, New Mexico, Oregon, Utah, Vermont and Washington), and legislation has been introduced or is pending in at least 36 states.14

Every company should have a social media policy. An effective policy should be simple, consistent and tightly aligned with a company’s code of conduct; whatever the company code for in-person encounters and whatever the rules for general good behavior, they apply in the online world as well. Potential penalties for violations, including dismissal, should be made clear.

Consider, for example, the Social Computing Guidelines issued by IBM: “Be thoughtful about how you present yourself in online social networks. The lines between public and private, personal and professional are blurred in online social networks. By virtue of identifying yourself as an IBMer within a social network, you are now connected to your colleagues, managers and even IBM’s clients. You should ensure that content associated with you is consistent with your work at IBM.”15

In the U.S., the National Labor Relations Board (NLRB) has focused considerable energy on social media issues, with a series of rulings emphasizing that corporate guidelines must not violate Section 7 of the National Labor Relations Act (NLRA) by disciplining or firing an employee because the employee was using social media to engage in “protected concerted activity,” which occurs when two or more employees act together to protest or complain about wages, benefits or other terms and conditions of employment.

The Bright Side

As social networks continue to grow—soon to become more popular than voice or text communications, by some estimates—large enterprises need to acknowledge their emerging importance in virtually all aspects of business. Technology, marketing, communications, human resources and legal departments should coordinate and communicate on a regular basis. Corporate boards should be briefed regularly on the potential rewards and risks of these new media platforms.

In fact, Facebook-like social networks within companies—often called “enterprise social networks”—are increasingly being deployed to foster better communication and productivity. The Gartner research firm predicts that by 2016, 50 percent of large organizations will have such internal networks, and that 30 percent of these “will be considered as essential as email and telephones are today.”16

For companies to achieve maximum benefits of these social networks, however, Gartner advises that businesses focus on leadership and relationships over content and technology. “Successful social business initiatives require leadership and behavioral changes,” Gartner says. “Just sponsoring a social project is not enough—managers need to demonstrate their commitment to a more open, transparent work style by their actions.”

The full LRN Risk Forecast Report can be accessed at: http://pages.lrn.com/risk-forecast-report-2014

Footnotes

1   http://www.sec.gov/litigation/investreport/34-69279.pdf
2   http://www.umassd.edu/media/umassdartmouth/cmr/studiesandresearch/2013_Fortune_500.pdf
3   http://www.ftc.gov/news-events/press-releases/2013/07/revised-childrens-online-privacy-protection-rule-goes-effect
4   http://www.markey.senate.gov/documents/2013-11-14_Markey_DNTK.pdf
5   http://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140AB370
6   http://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140SB568
7   http://www.eppgroup.eu/press-release/Data-Protection%3A-stricter-rules-to-the-benefit-of-all-users
8   http://www.fda.gov/medicaldevices/productsandmedicalprocedures/connectedhealth/mobilemedicalapplications/default.htm
9   http://www.winston.com/en/privacy-law-corner/privacy-group-recommends-a-mobile-tracking-code-for-retailers.html#page=1
10  http://www.bbb.org/us/Storage/113/Documents/First-Party-Compliance-Warning-20131008.pdf
11  http://www.ftc.gov/news-events/press-releases/2013/03/ftc-staff-revises-online-advertising-disclosure-guidelines
12  http://www.ag.ny.gov/press-release/ag-schneiderman-announces-agreement-19-companies-stop-writing-fake-online-reviews-and
13  http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2031979
14  http://www.ncsl.org/research/telecommunications-and-information-technology/employer-access-to-social-media-passwords-2013.aspx
15  http://www.ibm.com/blogs/zz/en/guidelines.html
16  http://www.gartner.com/newsroom/id/2319215


Tags: duty of careSocial Media Risk
Previous Post

Discipline and Rigor in Your Internal Controls

Next Post

Consumers Increasingly Hold Companies Responsible for Loss of Confidential Information, HyTrust Poll Shows

Michael Connor

Michael Connor

Michael Connor headshot 10-6-14Michael Connor is a seasoned, award-winning media executive, entrepreneur, and journalist with extensive experience in television, print, and the Internet. Michael brings deep expertise to LRN and ECA partners in areas of social media management and risk, strategic communication planning, and business ethics. Michael has launched and managed numerous ventures on multiple media platforms in the U.S., Europe, and Asia and is a recognized thought leader in the fields of business ethics, corporate responsibility, and sustainability.

Related Posts

social media post conceptual collage hands and likes

Refresher on Workplace Social Media Policies as Contentious US Presidential Election Nears

by Allegra Lawrence-Hardy and Maia Taylor
October 16, 2024

Employees have a right to express their political views on social media, but that doesn’t mean employers don’t also have...

vladimir putin

Election Interference Attempts: Why They Will Still Matter After Votes Are Cast

by Mike Driscoll
October 15, 2024

Campaign attacks may simply be practice for bad actors

social risk business

Social Selling Creates SEC Compliance, Security Demands for Financial Advisers

by Chris Lehman
May 10, 2023

Social selling gives financial advisers an effective way to connect with potential clients and build a rapport with them as...

mcdonalds

Uncharted Waters: McDonald’s Case Ushers in New Era of C-Suite Accountability

by Bart M. Schwartz and Bonnie Jonas
March 1, 2023

A C-suite title on your business card doesn’t just come with a cushy corner office. Since January’s blockbuster Delaware Chancery...

Next Post
Consumers Increasingly Hold Companies Responsible for Loss of Confidential Information, HyTrust Poll Shows

Consumers Increasingly Hold Companies Responsible for Loss of Confidential Information, HyTrust Poll Shows

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights