No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

OMG! #SocialMedia & #Compliance? ROFL!

by Michael Connor
May 29, 2015
in Compliance

“We don’t have a choice on whether we DO social media,” says digital marketing guru Erick Qualman. “The question is how WELL we do it.”1

Indeed, a majority of adults online in the U.S. now use social networking sites.2 And the boom is global: Facebook, for example, boasts 1.3 billion monthly active users—more than half the world’s online population, with 81 percent of its active daily users located outside the U.S. and Canada.3 With smartphones offering easy and ubiquitous Internet access, content is by no means restricted to text. The fastest-growing social network currently is Instagram, where an average of 60 million photos are shared each day.4

Companies and their ethics and compliance professionals are clearly responding to this ongoing explosion in social media. In one recent survey, some 88 percent of corporate respondents indicated they have a policy related to employees’ use of social media, up from 65 percent in 2013.5 These policies merit regular attention as technologies change and, perhaps more importantly, as more companies increase their use of platforms such as Facebook and Twitter to increase brand exposure, boost web traffic and gain market insight. By one estimate, social media marketing budgets are projected to double in the next five years.6

The efficacy of any social media policy will therefore depend in large measure on how well it is integrated into day-to-day business operations and corporate culture; the size and complexity of a company’s social media policy should reflect the scope of the organization’s involvement with these new communications platforms.

Policies and Practices

As we’ve written in prior Risk Forecast Reports, an effective social media policy should be simple, consistent and tightly aligned with a company’s code of conduct. Whatever the company guidance for in-person encounters, and whatever the rules for general good behavior, they apply in the online world as well. Examples of thoughtful policies are those developed by IBM7 and The Coca-Cola Company.8

But there’s no accounting for bad-taste status updates, the oversharing of personal information or photos by employees or inadvertent leaks of confidential information on social media. So companies need to be vigilant, yet not overly prescriptive in their policies. And even the best organizational policies should be reviewed regularly to ensure they stay abreast of legal and regulatory developments. The social media landscape changes daily; what follows are a few things to keep in mind.

Employee social media postings regarding an employer are often “protected” communications. While corporate policies can and should preclude employees from disparaging the company or fellow employees, the context of an online post is critical. The U.S. National Labor Relations Board (NLRB) has shown a consistent tendency over several years to treat many employee social media postings as “protected concerted activity” under Section 7 of the National Labor Relations Act.9 In an August 2014 ruling, for example, the NLRB ruled that “liking” a Facebook comment could be protected activity. The case involved the Triple Play Sports Bar and Grille in Connecticut, where an employee complained in a profanity-laced post that the employer had incorrectly filled out tax forms and the employee had to pay higher than anticipated state income tax.10 Another employee liked the original post. Triple Play fired the original poster as well as the employee who liked the post. The NLRB concluded that because the initial post was protected activity, liking the post was “an expression of approval of the initial status update,” and, as such, was also protected activity.

Social media marketing posts are subject to most of the same regulatory restrictions as traditional advertising. High-end shoe retailer Cole Haan found itself slapped with a warning by the Federal Trade Commission (FTC) in 2014 following its promotion on Pinterest, a social media site where users can save and organize images knows as “pins” in collections known as “boards.” Pinterest followers had been invited to post images of Cole Haan shoes with the hashtag “WanderingSole” (#WanderingSole), with a $1,000 shopping spree promised to the contestant with the most creative entry.11 Unfortunately, the promotion did not disclose that the “pins” may have been motivated by the possibility of winning a shopping spree and thus ran afoul of FTC guidelines which state that if there is a connection between the endorser and the marketer of a product that would affect how people evaluate the endorsement, it should be disclosed. Social media marketers should consult the FTC’s guidance for mobile and other online advertisers which explains how to make disclosures clear and conspicuous to avoid deception.12

Social media practices are often the subject of industry-specific guidelines and regulations. In June 2014, for example, the Food and Drug Administration issued draft guidance on social media for pharmaceutical and medical device companies.13 The guidance would require companies to post both the benefits and the main risks associated with a product, potentially with a hyperlink taking the reader directly to a more detailed list of risks. The FDA draft was widely criticized by the industry, including by a leading trade association that argued that the FDA’s “own use of social media is decidedly not the way the agency claims that companies should use these platforms.”14 Banking and finance companies are subject to strict industry social media guidelines as well.

Legislators and regulators are increasingly taking action regarding how companies use the data gathered through social media applications. Social media networks are commonly viewed as broadcast media—a way for individuals or organizations to transmit messages to individuals or groups. But corporate marketing campaigns often also harvest personal information related to a broad range of demographic criteria including age, ethnicity, health and socioeconomic status. If the data is used improperly, an organization could be exposed to considerable legal and regulatory risk.

The state of California, for example, in September 2014 enacted a landmark law, the Student Online Personal Information Protection Act (SOPIPA),15 which restricts the ways education technology companies can use the information they collect about elementary through high school students. The law prohibits websites and online applications from using, disclosing or compiling the personal information of a minor for the purpose of marketing or advertising and “knowingly engaging in targeted advertising to students or their parents or legal guardians, using covered information to amass a profile about a K–12 student, selling a student’s information or disclosing covered information.” Following enactment of the California law, a number of major educational companies pledged to adopt similar data protections throughout the U.S.16

Separately, in June 2014, a working group appointed by President Obama to examine data practices warned that “…big data analytics have the potential to eclipse longstanding civil rights protections in how personal information is used in housing, credit, employment, health, education and the marketplace.”17

Expect more controversy regarding the European Union’s new data regulation and the “right to be forgotten.” While aspects of the EU’s General Data Protection Regulation (GDPR) continue to be debated, most observers expect its adoption by sometime in 2015. The regulation, which would be in force in every EU member state, establishes a “right to be forgotten,” which allows people who are mentioned in data to obtain the erasure of that data and prohibits further dissemination of such data once the person exercises their right.18 A May 2014 ruling by the Court of Justice of the European Union focused attention on search engines and intermediaries such as Google, which has received more than 140,000 requests to have links removed. However, the right to be forgotten could have important implications for any company or data controller that hosts user-generated content; they could be subject to compelled take-down orders.19

Risk Management

Addressing the risk management challenges presented to an organization by social media requires input from specialists in compliance, technology, information security, legal, human resources and marketing.

Some helpful approaches to developing a comprehensive risk management system for social media practices can be found in guidance published by the U.S. Federal Financial Institutions Examination Council (FFIEC), whose recommendations could also easily apply to companies outside the financial sector.20 The guidance encourages companies to consider adoption of:

  • a governance structure with clear roles and responsibilities whereby the Board of Directors or senior management of a firm directs how using social media contributes to the strategic goals of the organization;
  • policies and procedures regarding the use and monitoring of social media and compliance with all applicable consumer protection laws and regulations;
  • a risk management process for selecting and managing third-party relationships in connection with social media;
  • an employee training program that incorporates the organization’s policies and procedures for official, work-related use of social media and potentially for other uses of social media, including defining impermissible activities;
  • an oversight process for monitoring information posted to proprietary social media sites administered by the organization or a contracted third party;
  • audit and compliance functions to ensure ongoing compliance with internal policies and all applicable laws and regulations and incorporation of guidance as appropriate; and
  • parameters for providing appropriate reporting to the organization’s Board of Directors or senior management.

Despite all of this social media activity, data indicates that ethics and compliance professionals have not yet fully embraced these new platforms as a means for spreading the compliance message. One recent survey found that only half of the respondents (51 percent) use internal social media channels to communicate about compliance and ethics issues. And only 41 percent use external social media to communicate with investors, the general public, government and other stakeholders about their compliance and ethics efforts and outcomes.21

If they’re not doing it already, ethics and compliance executives might do well to engage personally and professionally with at least some of the various social media platforms. There’s a lot to be learned, especially as younger employees, customers and stakeholders continue to turn to social media for news and information and as a method of communicating their product likes and dislikes. It’s a dynamic and increasingly important method of understanding how a corporate reputation is understood by others.

Michael Connor is an expert with LRN’s  Ethics & Compliance Alliance (ECA). The ECA is an online community of thought leaders and practitioners that provides unique resources and support to enhance enterprise-wide knowledge, mitigate risk, support collaboration with experts and implement program components. It provides a unique opportunity to interact and collaborate with leading subject-matter experts across all the major ethics and compliance risk areas and provides an extensive library of hands-on resources and tools to include model policies and program materials, risk assessment procedures, legal research, analyses of recent legal developments and educational materials such as the ECA Risk Forecast Report.

The ECA Risk Forecast Report is an annual publication of the most significant risks facing organizations today, as reported upon and analyzed by 12 leading ethics and compliance experts. These individuals—leading specialists whose articles are featured in the body of the Report—provide insight into the regulatory and compliance challenges we face in 2015 and the developments that are likely to result.

 

1 http://www.socialnomics.net/2010/05/05/social-media-revolution-2-refresh/

2 https://www.pewresearch.org/journalism/fact-sheet/social-media-and-news-fact-sheet/

3 http://newsroom.fb.com/company-info/

4 http://www.socialmediatoday.com/content/instagram-fastest-growing-social-network-4-brands-riding-wave

5 http://www.pwc.com/us/en/risk-management/state-of-compliance-survey/assets/pwc-state-of-compliance-2014-survey.pdf

6 http://socialtimes.com/infographic-20-marketing-trends-and-predictions-to-consider-for-2014_b137315

7 http://www.ibm.com/blogs/zz/en/guidelines.html

8 http://www.coca-colacompany.com/stories/online-social-media-principles

9 http://www.nlrb.gov/news-outreach/fact-sheets/nlrb-and-social-media

10 http://www.nylaborandemploymentlawreport.com/wp-content/uploads/sites/37/2014/09/TriplePlay.pdf

11 http://www.ftc.gov/system/files/documents/closing_letters/cole-haan-inc./140320colehaanclosingletter.pdf

12 http://www.ftc.gov/news-events/press-releases/2013/03/ftc-staff-revises-online-advertising-disclosure-guidelines

13 https://www.federalregister.gov/articles/2014/06/18/2014-14220/draft-guidance-for-industry-on-internetsocial-media-platforms-with-character-space-limitations

14 http://www.regulations.gov/#!documentDetail;D=FDA-2014-D-0397-0018

15 https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140SB1177

16 http://www.nytimes.com/2014/10/07/business/microsoft-and-other-firms-pledge-to-protect-student-data.html

17 http://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_5.1.14_final_print.pdf

18 http://ec.europa.eu/justice/data-protection/

19 http://bits.blogs.nytimes.com/2014/10/09/google-provides-details-on-right-to-be-forgotten-requests/?_php=true&_type=blogs&_r=0

20 http://files.consumerfinance.gov/f/201309_cfpb_social_media_guidance.pdf

21 http://www.pwc.com/us/en/risk-management/state-of-compliance-survey/assets/pwc-state-of-compliance-2014-survey.pdf


Tags: duty of care
Previous Post

Cutting Off the Ugly Head of Private Sector Corruption In Singapore

Next Post

Endpoint Security Won’t Solve All Your Needs

Michael Connor

Michael Connor

Michael Connor headshot 10-6-14Michael Connor is a seasoned, award-winning media executive, entrepreneur, and journalist with extensive experience in television, print, and the Internet. Michael brings deep expertise to LRN and ECA partners in areas of social media management and risk, strategic communication planning, and business ethics. Michael has launched and managed numerous ventures on multiple media platforms in the U.S., Europe, and Asia and is a recognized thought leader in the fields of business ethics, corporate responsibility, and sustainability.

Related Posts

mcdonalds

Uncharted Waters: McDonald’s Case Ushers in New Era of C-Suite Accountability

by Bart M. Schwartz and Bonnie Jonas
March 1, 2023

A C-suite title on your business card doesn’t just come with a cushy corner office. Since January’s blockbuster Delaware Chancery...

Fox_McDonalds Delaware Chancery Court Case_f

McDonald’s Delaware Court Decision Will Change CCO World Forever

by Corporate Compliance Insights
February 9, 2023

Podcaster and compliance expert Tom Fox digs into the details of a recent Delaware Chancery Court decision and how it...

quality level dial set to "high"

Caremark: Even the Highest Standard Can Be Met

by Jim DeLoach
December 23, 2020

The Caremark decision set a high bar for plaintiffs to scale in asserting a board’s failure to comply with the...

hand of client giving negative review

Culture, Integrity and the Board’s Role in Guarding Corporate Reputation

by Marc Tasse
January 13, 2020

The reputational risk that can result from allegations of noncompliance with corruption, bribery or money-laundering regulations is one of the...

Next Post
Endpoint Security Won’t Solve All Your Needs

Endpoint Security Won’t Solve All Your Needs

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights