Although blogging and social networking may benefit companies in many ways, employers have begun taking note of important legal risks of employee use of Web 2.0. The ABA podcast a segment highlighting some of these risks entitled, “Tweet, Tweet, You're Fired“ raised additional issues which employers should consider in evaluating their policies and practices.

 As the prescient New Yorker cartoon pointed out, “On the Internet, No one Knows You’re a Dog.” Employees can inflict substantial harm on their employers – e.g., by divulging trade secrets or confidential information, or disparaging them, their employees or their goods and services, or even improperly disparaging competitors – through anonymous comments placed on social media sites. Many Internet users do not use email addresses that include personally identifiable information about themselves, and many sites permit anonymous postings. It is easy for any employee to avoid revealing his or her true identity, or even affirmatively misrepresenting that identity, when using social media.

Deciphering that information by subpoenaing the records of specific providers may be challenging or impossible. As a practical matter, then, employers may find it difficult to determine whether a specific employee was the source of a problematic communication posted through social media.

Even if an employer deduces or otherwise learns that an employee was the source of the communication, its power to regulate his or her conduct may be limited. For example, states sometimes prohibit the termination based on lawful off-duty conduct unless that conduct relates to a bona fide occupational requirement and is related to the employee’s work activities and responsibilities or creates a conflict of interest. See, e.g., Colo. Rev. Stat. § 24-34-402.5(1). Moreover, state and federal whistleblower laws may protect the identity of some employees who are using social media to blow the whistle on illegal practices.

Despite such limitations, however, an employer can reduce some of the risks associated with its employees’ anonymous use of social media sites. In its electronic resources policies, the employer should:

•  Require employees to use only the address provided to them by the employer in all email communications made in connection with work performed for or on behalf of the employer.
• Prohibit employees from anonymous or pseudonymous posting about the company.
• Require employees affirmatively to disclose their names or positions in every communication or social media post on behalf of the employer where the identity of the sender or poster would not otherwise be revealed.