subscribe: Posts | Comments

Social Media and the Future of Hiring: “So, please explain this picture on Facebook…”


Having served on the hiring committee at my law firm for many moons, and having interviewed law students for far too many years to admit to in a public forum, I was struck by this article:

While most of the focus has been on the marketing potential of data captured by Internet data companies such as Experian and Rapleaf, not many users of social networking sites have yet considered the impact of companies using it to build a snapshot of their lives for assessing credit or insurance applications or employment prospects.

Should employers be looking at Facebook pages or other social networking sites?  How much of a background check is appropriate, or worthwhile?  At what point does a brief perusal of publicly available information become an exercise in trying to live your own episode of the Rockford Files

This is, of course, less a question with a single answer for everyone than a question with different answers for different companies and even different states (and different positions — you might reasonably take greater care in hiring someone to handle large cash transactions than someone who will be raking your leaves).  But the really critical issue raised by this article and many others like it is not, really, what anyone should individually do as an employer — different companies will make decisions based on a variety of issues some of which are unique to their industry.  Instead, the issue to consider is that an entire generation (and presumably, all  generations after this) is being raised in an atmosphere where mistakes are never forgotten, and oversharing is the norm.

Teenagers, by definition, are error prone.  They make mistakes of judgment, and have since time immemorial.  Until recently, most of those mistakes were cleansed by the passage of time.  If a 19 year-old in 1956 did something foolish, in most cases they could put it behind them.  In fact, if someone did something foolish at any time prior to 1995, they could probably put it behind them, so long as they weren’t going into politics.

Today’s teenagers are not so lucky.  While teenagers today are just as oblivious as to the impact of their behavior as they always were, now, as the Violent Femmes might sing, there really is a Permanent Record.  Worse, the permanence of the Internet appears to be largely ignored by users of social media, who don’t seem to know or care that they are potentially creating an archive of ill-advised activity for future employers (or spouses!) to peruse. 

I suspect that the legal impact of this development will fade over time — when the teenagers of today are the senior managers of 2046.  They’ll be able to properly empathize with those who drunk-Tweeted 140 uncomfortable characters about their date last night.  In the meantime, and for the next several decades, we can expect a variety of troubling stories of jobs lost, or never obtained, because of poor social media hygiene.

Wikileaks and Facebook: The Two Futures of Social Media

Comments Off on Wikileaks and Facebook: The Two Futures of Social Media

The Wikileaks controversy has quite a bit to say about the future of social media, and about information culture more generally.  In particular, this controversy tells us that in the future there may be more secrets, rather than fewer ones.

I’m sure that conclusion seems quite counterintuitive: after all, didn’t Julian Assange just rock the diplomatic world with his dump of hundreds of thousands of diplomatic cables?  Doesn’t the easy electronic transfer of documents render this type of thing more likely in the future?  Isn’t this just the beginning of a new age where transparency is the norm?

Well, yes and no.  We are entering a new age of transparency — for you.  Everyone will know more about you, and your secrets, and every detail of your private existence (just check out Gary Shteyngart’s  hilarious Super Sad True Love Story to see this notion taken to its logical and horrific conclusion).  But perversely, the inclination will now be for governments and large commercial institutions to hold real secrets about themselves even more tightly to their chests.  With data security a more pressing issue, fewer people will be permitted to see real confidential information.  More telephone calls and less documentation may become the norm.   The trend towards fewer secrets may render real secrets all the more difficult to know.

Nearly every technological development over the past several years has been devoted to capturing data.  Document management systems and data mining, e-mail archives and browser cookies — all of these things and so many more are devoted to finding and maintaining data.  But if the growth of electronic media has resulted in the dawn of an age where nothing is ever forgotten, it is suddenly becoming apparent that a lot of folks miss that option.  People want to have their mistakes erased, they want to be able to step away from that drunk moment on Twitter.  But they can’t.  Individuals are becoming like flies caught in amber, a series of embarrassing moments frozen in time forever.  Companies and governments, however, can act with a bit more intentionality.  With an understanding of how e-discovery works, and the knowledge that Wikileaks is out there as an option for disgruntled ex-employees, many folks will see an advantage to holding cards closer than ever to their chests, which can make the process of public disclosure far more challenging, and perhaps impossible.

So our two futures may exist in paraellel — one, where everything is known, and another where everything is disclosed but the real secrets are never revealed.

The New FTC Online Privacy Guidelines: Will “Do Not Track” Become Reality?

Comments Off on The New FTC Online Privacy Guidelines: Will “Do Not Track” Become Reality?

The Federal Trade Commission has been busy.  Hot on the heels of a new set of Green Guides regulating environmental claims, yesterday the FTC unveiled a new proposed framework for consumer privacy.  Entitled (appropriately enough): “Protecting Consumer Privacy In An Era of Rapid Change,” this document is the result of many months of roundtable meetings with industry and consumer groups.  While this is just a proposal (public comments are being sought until January 31, 2011) there is little question that new guidelines of some kind will be put in place next year, and will probably follow some (although not all) of this document.  So what does it mean?

The proposals from range from the banal (everyone should have clearer, more concise privacy policies) to the potentially dramatic (the idea of a “do not track” button on websites to protect against data mining).  Of course, that last item is the one that drew the headlines.  But how much of this will actually become a reality?

Be assured that the banal items will all become elements of the future guidelines.  Companies will almost certainly need to become more transparent and clear in their privacy practices, and the FTC’s long-standing concerns in this regard are likely to remain a continuing element of its enforcement approach.  The dramatic elements of the report are, however, far less likely.  To begin with, it is not clear that the FTC even has the power to enact something like “Do Not Track” on its own authority, and David Vladeck, director of the FTC’s consumer protection bureau, said “I do not think that under the F.T.C.’s existing authority we could mandate unilaterally a system of ‘do not track.”  Given the fact that Congress will be shared by two parties with quite different views of balance between business and consumer interests, it seems unlikely that Congress will act on that point anytime soon.

So while this is an important document, and reveals much about the way in which the FTC staff is thinking about privacy issues online, neither businesses nor consumers should presume that the most significant proposals will become industry requirements in the near term.  However, they do reflect the tension that continues to build between the benefits of data mining for business and the concerns of consumers.  That tension is unlikely to dissipate, and will almost certainly result in more enforcement and more litigation in the coming years — whether Do Not Track becomes a reality or not.

Social Media Security: Firesheep and other scary new developments

Comments Off on Social Media Security: Firesheep and other scary new developments

As always, there have been a variety of new stories swirling around social media and its discontents over the past week.  This week, the big stories have been all about security:

  1. Firesheep: A software developer created a Firefox extension that allows users to easily abscond with cookie information over Wi-Fi networks.  The creator claims that his invention is harmless.  Others argue that it violates wiretapping statutes.  Everyone agrees that it is a dramatic development, especially because half a million people downloaded it in the first week.  Perhaps that open Wi-Fi network doesn’t look so appealing anymore…
  2. A report circulatedthat Twitter, Facebook and others in the industry are not doing enough to combat security threats like, um, Firesheep.
  3. Sensing a theme, another developer announced “Idiocy” designed to hijack the computers of “unsafe” Twitter users and tell them that they’re…well…idiots.
  4. Random journalists and bloggers are now hijacking accounts, just to show that they can.  Now that waterboarding yourself has become passe, journalists have been forced to actually become tech savvy, apparently.  I will predict that we can look forward to Katie Couric using Firesheep to look at the Facebook account of Glenn Beck sometime during sweeps week.

So what does all of this mean?  It means that users of social media and — quite frankly — any non-encrypted website through public Wi-Fi networks need to strongly consider either using VPNs (virtual private networks) or encrypted connection programs like HTTPS Everywhere

This should hardly be a surprise, of course.  The earliest cyberspace sagas (like Neuromancer) were focused on hackers breaking into secured computer networks.  At this point, the hacker is a cultural archetype.  Now that everyone is on a computer network (social media has sped the trend to an almost surreal extent), it only makes sense that these efforts would be further democratized.  Now everyone can be a hacker.

This is not one of those stories that has a simple, happy ending.  Everyone needs to be aware, and everyone needs to be cognizant of the risks.  The sophistication of security measures increases no faster than the sophistication of folks who want to look at or steal your information.  As Prof. Moody would tell us, “constant vigilance” is the only recommended course of action — for all of us.

More Questions For Facebook: And Why “It’s Legal” May Not Be Enough Anymore

Comments Off on More Questions For Facebook: And Why “It’s Legal” May Not Be Enough Anymore

Sen. Jay Rockefeller (D. WV), current Chairman of the Senate Commerce Committee, has sent a note to Mark Zuckerberg.  It was not, as you might imagine, a friend request, or a request to play Mob Wars.  Instead, Sen. Rockefeller had a few questions for the reluctant star of The Social Networkregarding Facebook’s privacy enforcement efforts.  As you might guess, this missive was spurned on by the recent Wall Street Journalexpose on the widespread sharing of data by Facebook Apps.  In part, Sen. Rockefeller’s note included the following:

The Journal’s report raises serious questions about Facebook’s commitment and ability to enforce its own explicit privacy policies on behalf of consumers. One quoted Facebook official asserts that, “[o]ur technical systems have always been complemented by strong policy enforcement, and we will continue to rely on both to keep people in control of their information.” However, given the scope of the reported privacy breach and the fact that Facebook’s most popular apps are not abiding by your company’s rules, this assertion appears to be strained. Consequently, I request that you provide answers – with specificity – to the following questions:

1) How does Facebook enforce its Privacy Policy relating to affiliated application operators and websites? What logistical protocols are in place to promote maximum compliance? What resources, including the number of personnel, does Facebook dedicate to monitoring and enforcing application operators’ compliance with its Privacy Policy?

2) What penalties does Facebook impose on application operators and websites that violate the company’s Privacy Policy? Are offending application operators allowed to continue to do business with Facebook?

3) Does Facebook take steps to retrieve information from application operators found in violation of the company’s Privacy Policy?

4) The Journal article quotes a Facebook official that asserts the company has “taken steps… to significantly limit RapLeaf’s ability to use any Facebook-related data.” What exactly does this mean?

5) According to the Journal article, there appears to be a pattern of privacy infractions involving Facebook applications. Specifically, what other past problems has Facebook encountered with regard to applications, and what steps did Facebook take to rectify them? Are these applications still available on Facebook’s platform?

6) To the extent that personal data has been shared in violation of Facebook’s Privacy Policy, what steps has Facebook taken to notify individual users as to the specific information that has been mishandled, and who has had access to that information?

Now, here at Legally Social we are on record as being somewhat nonplussed by the “scandal,” but these are legitimate questions.  More critically, they underline an important fact about the world of social media and privacy: what you are obligated to do under the law at any given moment may have very little relevance as to whether you get into trouble. 

Let’s repeat that, because it is a dramatic change: just because something is “legal” in the world of social media doesn’t mean that it won’t still be a problem.  Because technology is evolving so quickly, and the law has not even remotely caught up (heck, there are legitimate arguments that copyright law hasn’t really ever caught up to the invention of the computer) there is a significant gap between the expectations of consumers and legislators and the laws and regulations as actually written.   When the gap between expectations and “reality” is big enough, there is a tendency for regulators and legislators to simply look for creative ways to fit square pegs into round holes — to find some way to punish “wrongdoers” regardless of whether or not the law actually was meant to address the issue at hand.

We appear to be approaching such a moment right now, and it is thus a precarious time.  Rather than merely address the simple question of “what is legal,” lawyers and social media entrepreneurs need to consider other possibilities, including questions of “what is going to get me hauled in front of a congressional committee,” and “what is going to put me in a political advertisement in the Attorney General’s race in some random state.”  This does not mean that social media needs to be more conservative; rather, it means that social media needs to be more creative about disclosure, consent and enforcement.  In the end, being questioned by congress is not a big deal, so long as you have compelling answers to provide.  Right now, that’s the key takeaway from Facebook’s growing pains, and the meteoric rise of Web 2.0.

When Worlds Collide: Mixing Friends and Business

Comments Off on When Worlds Collide: Mixing Friends and Business

In the famous Seinfeld episode The Pool Guy, George Costanza panics when confronted with the prospect of one group of friends meeting his girlfriend, Susan.  He has successfully kept his relationships in independent silos, you see, and he has no idea how (or whether) they will mix together.   Hilarity, of course, ensues — his “worlds collide!” as he so aptly puts it — but in your own life, hilarity may not exactly be the result when different aspects of your life are suddenly placed in uncomfortable proximity with each other.

With the rise of social media, each one of us has a choice: either engage in strict social media hygiene (using one social media platform for friends, another for business) or be prepared for work colleagues to know everything about your penchant for extreme knitting and Powerman 5000.

This is not necessarily a good or a bad thing — and whether it is a positive or a negative in your own life may depend on a whole host of factors, including the type of job you have, the age of your friends and colleagues, and the type of extracurricular activities you engage in.  It is striking how — when speaking with young professionals in their early 20s — they cannot even imagine a world where work and social existence are separate.  They’ve never been adults in a world where you didn’t know what your friends and colleagues were up to.  The sheer quantity of texting, messaging, status updates and tweets in their lives is daunting, and they see no reason to place artificial limits on it.  Conversely, older professionals (even those who are tech savvy and quite comfortable with social media) are appalled at the notion that these worlds may ever overlap.

This generational difference in the ways of social media is likely to grow even more extreme in the years to come, as ever more social media intensive kids grow into adults with communication habits wildly divergent from what we’ve seen before.   Obviously, this represents an opportunity, but it also represents a danger — both for the companies involved, and the individuals who may be breaching trusts and duties without a second thought.

Thus, we should all consider how we engage with social media today — and not merely in the abstract, but in practice.  Who do we “friend,” and what type of person really reads our status updates.  Why are we saying what we’re saying, and do we really need to say it?  These can be uncomfortable questions, but they must be asked if we are to remain calm when worlds collide.

« Previous Entries Next Entries »