JWS Consulting is a division of Johnson Winter & Slattery providing commercial consulting services.
We are engaged by major Australian and international corporations as legal counsel on their business activities, disputes and most challenging matters.
Established in 1993 by Tony Johnson, Nigel Winter and Peter Slattery as a boutique corporate firm, JWS grew rapidly to become a leading independent Australian firm.
The quality of our legal advice and service to clients is recognised through independent industry recognition and direct client feedback.
Learn more about breaking news at Johnson Winter & Slattery, including major transaction announcements, practitioner appointments and team expansions.
JWS supports a number of community initiatives and not for profit organisations across Australia through pro bono legal work and charitable donations.
We are proud to sponsor a number of community initiatives.
Social media has provided vast opportunities for businesses and has increasingly become a necessary tool, particularly as a means of engagement for promotion and provision of information to a wide-scale audience. However, its ease of use and wide-ranging application combined with the ability of users to instantaneously disseminate information has also brought difficulties and challenges for businesses.
In this article:
This article concludes with a general discussion of the use of social media policy, both as it applies to employees and the involvement of the business in social media.
Huge amounts of text, images, music and audio-visual materials are available in the digital environment. The ease with which these materials can be accessed, downloaded, reproduced and communicated holds social and economic benefits without which businesses as well as individuals can no longer imagine functioning. At the same time, however, the availability of text, images, sound and moving images at everyone’s fingertips has caused many to overlook the fact that they are protected by intellectual property rights, in particular copyright, which apply in the same manner in the digital environment as they do in the physical world. Contrary to common belief, the internet is not the public domain, a copyright free zone. What does this mean, from a legal and practical perspective?
Copyright owners, usually the author of copyright materials, have exclusive rights in relation to these materials, including the right to publish, copy and communicate them to the public. Communicating means making copyright material available online or transmitting it electronically. Any use of a substantial part of copyright material without the permission of the copyright owner infringes copyright unless a defence applies. Whether a part is “substantial” is determined on the basis of a qualitative rather than quantitative test: a part is substantial within the meaning of the Copyright Act 1968 (Cth) if it is an essential or material part of the copyright work. Some uses of substantial parts of copyright material without the permission of the copyright owner are authorised under statutory exceptions, for example fair dealings for the purpose of criticism or review and parody and satire. However, these exceptions are interpreted restrictively and businesses should seek legal advice as to how they could rely on them in the context of social media.
In addition, individuals have moral rights in relation to their works, such as the right to be identified and named as the author of their works and the right to ensure that their work is not subjected to any act that is in any manner harmful to the author's honour or reputation. A failure to respect these rights amounts to an infringement unless the conduct was reasonable in the circumstances.
Copyright and moral rights are infringed not only by the unauthorised use of copyright materials and a failure to respect moral rights but also by authorising someone else to infringe, for example by asking for or encouraging the infringer’s conduct, or providing the infringer the means to do so.
Businesses with an online presence must ensure that they either own the intellectual property rights to the materials used on their website or their social media platforms, or that their use of these materials is duly licensed. In this context, a few points are noteworthy:
Businesses should monitor content and remove any content if there is a claim for copyright or moral right infringement until the matter has been assessed. While social media can be a fantastic promotional tool, allegations of “rip-off” can generate very negative publicity.
Organisations that collect personal information must comply with the Privacy Act 1988 (Cth) and the National Privacy Principles (NPPs) under the Privacy Act. “Personal information" currently means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. From 12 March 2014, when important amendments to the Privacy Act will take effect, the definition of “personal information” will cover information or an opinion about an identified individual, or an individual who is reasonably identifiable. Given this broad definition, most information on social media relating to individuals is likely to be covered by the Act and will need to be dealt with, in particular collected, used and disclosed in accordance with the NPPs.
Businesses should also be mindful of confidentiality issues that might not fall within the scope of privacy legislation because the information does not relate to individuals. Duties of confidence are breached by unauthorised use or disclosure of information in circumstances where the recipient of the information knew or ought to have known the information was confidential. For example, the publication on social media of the photograph of an employee holding a confidential report could result in such a breach if the nature or content of the report is apparent from the photograph.
There is no general right of privacy in Australia that protects a person’s image. Proposals at federal level and in some States to legislate a statutory cause of action (a right to sue created by law) for serious invasions of the privacy of natural persons, which would have allowed individuals to take action against the publication of certain personal materials, appear to have been shelved. However, in addition to obligations under privacy legislation (see above), businesses should be mindful of the following areas of law when posting or allowing the posting of photographs of people on social media:
Employees should be reminded of their duty of confidence, and made aware of the risks of breaching these duties by the use of social media. Monitoring of content and the immediate removal of any confidential content should enable businesses to prevent or minimise breaches.
The social media policy should provide guidance as to what is acceptable and flag the risks associated with the publication of defamatory, misleading and deceptive or otherwise inappropriate content. Businesses should monitor the content posted on their social media accounts and remove any questionable images as soon as practicable.
The conventional law of defamation applies to publication via social media.
The seemingly unfettered social media environment stems from popular social media sites being hosted in the United States, a jurisdiction with express constitutional protection and judicial support for freedom of expression.
For an Australian-based corporation, a much more conservative approach is required. Australian law gives rise to joint and several liability for multiple defendants involved in two defamatory publications – both the author and corporation involved in disseminating the allegedly defamatory material. A corporation will be liable for its servants and agents wherever publication was authorised, made in the course of employment and/or within the scope of an agent’s authority.
When it comes to user-generated content, a corporation exposes itself to a situation where it may be the publisher of material where it has no capacity to assess the defences that may be available to it. There can be no real assessment of truth and a very real possibility that malice could defeat any prospect of a comment defence. Anonymous user-generated content can leave a corporation holding the can for what may be a highly damaging, irresponsible or malicious posting.
Apply the same discernment in regulating corporate social media content as you would with any other corporate communication. Apply your social media policy (for more details, see below) and ensure that authority for social media communications is extended only to suitably-trained and experienced personnel or delegates.
Only allow user-generated content with careful pre-post monitoring.
With the increase in the number and popularity of social media sites as a way to stay connected with friends and colleagues, employees have rapidly grown accustomed to sharing their thoughts online without much consideration for the consequences. A number of recent decisions by the Fair Work Commission (FWC) have shown that the main challenges for employers in relation to social media and employees are determining when disciplinary action can be taken for conduct on social media and ensuring that employees do not engage in unlawful or inappropriate conduct in relation to their employment through social media posts.
The availability and portability of online social media sites has meant that the boundaries between workplace and private conduct have become increasingly blurred. Recent cases dealt with by the FWC illustrate that making unlawful, disparaging or negative comments about the employment, a colleague or an employer on Facebook or Twitter outside working hours, even if made on a personal computer or device, may justify termination of the employment in certain circumstances. This is particularly because comments made on social media sites create a permanent written record and potentially have a much wider audience than comments made verbally to colleagues.
However, employers need to carefully balance their obligation to ensure employees do not engage in unacceptable or unlawful conduct with their obligation not to take unjustifiable disciplinary action against employees. For example, in Stutsel v Linfox Australia Pty Ltd  FWA 8444, the FWC found that an employee was unfairly dismissed for making offensive and discriminatory comments about two managers on his Facebook page in his personal time. The main reason for the finding was that the employer had no social media policy and had not provided training to employees about inappropriate use of social media. This decision is currently being appealed.
In other decisions, the FWC has upheld the employer’s right to dismiss an employee:
Changes to the Federal Sex Discrimination legislation made in 2011 made it clear that sexual harassment and unlawful discrimination through new technologies such as social networking, websites, email, SMS communications and mobile phone camerasis prohibited. Employers will be liable for such conduct by their employees unless they can show they have taken all reasonable steps to prevent the conduct occurring and to deal with the conduct appropriately if it occurs.
Cyber bullying has also become a growing problem in Australian workplaces. Cyber bullying can include critical comments about employees or their behaviour and exclusion of particular individuals or groups. Cyber bullying can be discriminatory if it is based on a prohibited ground such as the victim’s sex, age, race, religion, politics, marital status or disability. Cyber bullying can also constitute a breach of health and safety obligations and an employer’s duty of care. In addition, proceedings can be commenced by employees in relation to cyber bullying under the new bullying amendments under the Fair Work Act 2009 (Cth) which commence on 1 January 2014.
Employers also need to be careful when taking disciplinary action against employees who make complaints about their employment or exercise other workplace rights on social media sites because of the general protections prohibitions under the Fair Work Act 2009 (Cth). These provisions prohibit employers from taking any detrimental action against an employee because they have made a complaint in relation to their employment or exercised other workplace rights. This can include complaints made over a social media platform.
In some comfort to employers, in the recent case of Banerji v Bowles  FCCA 1052, the Court held that an employer could take disciplinary action against an employee who made critical comments about her employer, the Department of Immigration and Citizenship, anonymously on Twitter. The employee argued that in making the comments, the employee was exercising her unfettered right of political expression. However, the Court rejected this argument and held that the employee’s right of political expression was limited by her obligation to comply with the terms of her employment contract, the employer’s Code of Conduct and the employer’s social media guidelines. However, employers must exercise caution when taking disciplinary action against employees for expressing political opinions as it may constitute unlawful discrimination.
Employers should provide clear guidance to employees on their use of social media to ensure that such use is responsible and appropriate by adopting and implementing a comprehensive and well-drafted social media policy (see below).
Employers should ensure that the policy is applied consistently to all employees.
However, when taking disciplinary action against employees for social media use, it is important to have regard to the employee’s personal circumstances, including their past employment record, any mitigating circumstances that justify the conduct and the seriousness of the consequences of the conduct, to ensure that the disciplinary action taken is proportionate to the misconduct.
Australian businesses can be held responsible for content uploaded to their social media pages by others.
The Advertising Standards Board (ASB) has recently found, in a determination regarding the Smirnoff Facebook page, that corporate Facebook and Twitter pages constitute “advertising” and that the Advertiser Code of Ethics applies to material or comments posted not only by the business itself, but by friends or followers as well. This means that a business can breach the Code without adding material to its page, but by not taking down offending material.
The view of the ASB reflects that of the Federal Court in ACCC v Allergy (No. 1) (2011) 192 FCR 34, in which it held a business responsible for publications when it became aware of and decided not to remove them.
The need for businesses to be diligent in monitoring and controlling their engagement with social media goes beyond just marketing techniques.
There appears to be a duty on businesses to not only enforce strict guidelines for material posted by representatives of the business on social media, but to moderate the material posted by the wider social media community. Businesses should ensure that care and consideration is employed for the message being conveyed through social media as a whole, in the same way it would for traditional marketing or advertising, to ensure that advertising standards are met.
It is recommended that businesses devise a policy for addressing content posted by the online community which may breach ASB Codes, including removal of content.
Social media goes beyond being an issue for the marketing department. The immediacy, reach and speed of social media increases the risk for ASX-listed businesses in managing their continuous disclosure obligations and effectively implementing their risk management policies. Factual, partially true or false information, disseminated via social media, can significantly affect a business, from its reputation to the price of its securities.
ASX-listed businesses are subject to continuous disclosure obligations, under the Corporations Act 2001 (Cth) and Chapter 3 of the ASX Listing Rules.
In summary, these businesses must ensure that price sensitive information is disclosed to ASX immediately when the business becomes aware of it, before it is disclosed by any other means.
There are limited exceptions to immediate disclosure of price-sensitive information, but these exceptions cease to be available once the information is no longer confidential. In addition, where ASX considers there is or is likely to be a false market in the securities of an ASX-listed business, ASX can require that entity to provide information immediately to prevent or correct a false market.
With the release this year of an amended guidance note on continuous disclosure, ASX has highlighted the potential impact of social media, including the importance of monitoring it during potentially price-sensitive confidential transactions.
Further, ASX-listed businesses must report annually against their compliance with the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations. These include principles and recommendations regarding disclosure of information and risk management.
When enforcing continuous disclosure obligations, the Australian Securities and Investments Commission is concerned that appropriate policy not only exists but that there is a culture that the policy is followed.
Directors should consider how social media fits within both the continuous disclosure and risk management frameworks for the business.
Businesses should understand what is being said about them on social media. A social media audit can be conducted, to determine who is saying what about the business, where and their level of influence.
Continuous disclosure policies should be reviewed having regard to the impact of social media, although the policy need not expressly refer to social media.
Social media policies for employees should regulate discussing or distributing information that relates to the business and set out the consequences of doing so. This might extend to notifying the business where appropriate, so that it can deal with any consequences of the information being made available.
Businesses should monitor social media, particularly during confidential transactions to determine whether any price-sensitive information has leaked or if there is the potential for creating a false market.
As can be seen from the above, businesses with an online presence are strongly advised to develop a social media policy. A well-structured policy will take into consideration the ways in which a business engages with others online and will address the manner in which social media is to be used, by whom and when.
A social media policy – no matter how well-meaning and planned – is in itself only a partial solution. The policy and objectives must be made known throughout the business, employees educated (preferably on a regular basis) as to the operation of the policy and it should be diligently enforced. It not only makes legal sense, but increases effectiveness and economic return to the business.
Businesses may consider addressing in their social media policy the manner in which employees are to use their own social media accounts.
This will set out how employees are to use social media as well as providing a means by which any issues arising from employees’ use of social media will be addressed.
In general, a well-drafted social media policy should:
The social media policy should be communicated and implemented appropriately so that all employees have read and understood the policy in full and received training about the policy.
It is important that businesses manage their online presence such that it maximises their effectiveness in marketing themselves and protecting their reputation. They may also keep open a platform to respond appropriately to social media discussions about the business.
Businesses with social media should specify the people entitled to access and post on behalf of the business, and set out strict guidelines for the type of content to be posted. Further, it is advisable that businesses employ a policy which requires a multi-tiered approach to the posting of content; that is, a third party employee must approve a post before it is published.
Passwords should be kept strictly confidential and not shared beyond those entitled to post on the business’ behalf.
Further, to reduce potential risk associated with former employees having access to businesses’ social media accounts, passwords should be changed regularly.
A social media policy should also address the manner in which the business should monitor and respond to any posts made by other members of the online community. This includes ensuring that information about posts is elevated to the right level of the business, as not all social media matters impact solely on marketing. For example, if another’s post appears to breach the ASB Codes, should it be removed?
There is a fine line between being sympathetic to the forum and allowing potentially offensive material to be posted: businesses should determine how derogatory comments by online users will be addressed. There may also be obligations on the business to moderate its content. Various software tools exist to assist in monitoring social media.
Businesses can consider a social media audit, to determine who is saying what about them, where and their level of influence.
If your business is involved in the licensing or assignment of IP rights (such as patents, registered designs or copyrights), you should urgently seek legal advice to ensure that all such...
With the Federal Government announcing its intention to introduce a Consumer Data Right (CDR) from 1 July 2019, how can you be prepared?
Employers engaged in contracting sectors – such as providing outsourced services to third parties under contracts for specified periods (e.g. catering, cleaning or maintenance contracts) – cannot...