eDiscovery – Can You Control Your Social Media Risk?
Social media is the wave of the future, and most recently businesses have jumped on the social media bandwagon. For the most part it works out well. In some cases, not so much.
Many people think that they can control what is said on the Internet by setting high privacy settings to the accounts they are using to post information. Or they believe that once they’ve deleted something that it is gone forever.
Nothing could be further from the truth. Once something is posted on the Internet, it is only as private as those who can see it allow it to be. So unless you are absolutely sure that every single person on your Facebook page is someone who will not spread sensitive information, posting it is always a risk. As many of us use these sites to keep in touch with people from our past, or those who we’ve only met once or twice, this is a gamble, and depending on what you post, it may be one you can’t afford to lose. And this is an issues that will face not only individuals – but companies as well. And it has major eDiscovery and Computer Forensic implications.
As far as deletion, think about it this way. Once you’ve posted something on Twitter for example, it only takes seconds for it to be re-tweeted around the online world. That’s the whole point of Twitter. People have accounts set up to see tweets with single words or phrases, and if yours is interesting enough, it can, and probably will be re-tweeted for millions to see before you even realize you should have posted it. Hitting the delete button at this point hardly matters. You could be well on your way to losing your job, or much worse in only a few minutes.
How can you control these postings? That can be a challenge, especially in companies where someone else has access to what is posted. The best thing to do is to train employees on what is okay and what’s not, even though you think they should know.
It is extremely important for corporations to have a clear social media policy that is regularly enforced. It is also important not to allow those who aren’t completely trustworthy to have access to post, just as you wouldn’t allow them access to financial records or other sensitive information. TERIS is seeing more and more eDiscovery cases that involve social media accounts.
Social media is not going away any time soon, and it can be dangerous, but it doesn’t have to be if the right policies and procedures are set in place.