Social Media for Managers

by Theresa Truscott

Ownership of social media contacts

The law in this area is still grey and enforcement is tricky for an employer, especially where there is a mix of personal and private contacts on one account, and where employees have private log-in details.

Whilst most social media situations are covered by existing legislation such as employment law, data protection, harassment and intellectual property, there is no specific legislation on social media. The current laws relate to the time when people used business cards and extends to the ownership of databases. However, it hasn’t moved on to specifically encompass social media contacts.

In the absence of specific legal regulation on the use of social media by employees and employers, it is important that there is a coherent and clear social media policy in place which deals with issues such as inappropriate use, ownership of contact lists and obligations with regard to confidential information. It needs to be consistent with other policies and disciplinary rules and appropriate to how your organisation expects to use social media, and for what purpose.

Before drafting a policy, a risk assessment exercise should be carried out in order to identify the different types of activities and conduct which may cause damage to the business. For example, educational institutions may have a policy of not ‘friending’ parents (or students) to avoid casual social comments being misconstrued or considered inappropriate and organisation being represented in a way it would not wish. Bear in mind, though, that employees may actually be friends with customers. So, you need to decide how to deal with this situation too, while striking a balance between the employee’s civil liberties, on the one hand, and your right as an employer to protect your business, on the other.

In the case of corporate social media accounts, it would be a sensible policy to control passwords to those accounts and ensure that more than one person within the organisation has this information so that an employee cannot leave and still have access and possibly post unauthorised messages or change login details so that the employer is locked out.


When HMV called in administrators in January 2013, putting at risk more than 4000 jobs at its stores, staff used the company’s Twitter account to inform followers that workers at the head office and other non-shop employees were being fired.

One staff member, later revealed as HMV’s social media planner, tweeted ‘We’re tweeting live from HR where we're all being fired! Exciting!’

Disputes over certain social media contacts such as Twitter followers or Facebook friends, for example – particularly if these were brought to an organisation by an employee who has been hired specifically to manage the organisation’s social media presence, is expected to promote the company’s brand in social media, or comes into employment already having a significant professional or industry social media presence – arise because of lack of clarity over ownership.

The line between a personal and professional social media accounts can be blurred, so it is important that if someone is managing an account on behalf of a company, that this is clear from the way it has been set up: management should create the accounts (using the company name in the handle or account name), maintain the passwords, only give access to those who need it as part of their job duties, and direct the content. The employer must communicate to the employee that it owns the accounts and the content, and that contributing content is part of the employee’s job duties. This can be done by incorporating specific language regarding these duties and the ownership of social media accounts and contacts into offer letters, job descriptions, confidentiality agreements, separation agreements, and non-competition or non-solicitation agreements. Being clear from the beginning of the employment relationship can be crucial to avoiding later disputes and litigation over who owns a particular social media account and the contacts associated with it.

Employees’ social media accounts are more difficult to govern, and in recent cases, the courts have come to different conclusions:

Example 1

A HR professional uploaded his CV onto LinkedIn and ticked the box stating he was interested in other career opportunities. His bosses asked him to remove his CV and invited him to a disciplinary hearing for ‘inappropriate use of social media’. His employer claimed his actions were in breach of its policies, which precluded him from ticking the ‘career opportunities’ box in LinkedIn. He resigned and won a case for constructive unfair dismissal because the tribunal ruled the company was guilty of ’serious breach of contract’.

Example 2

In a recent High Court decision, it was ordered that a former employee of a recruitment company had to disclose his LinkedIn contact list. His company suspected he had taken contacts belonging to them and copied them to his LinkedIn account. However, the interesting point to note from this decision was the fact that the Court decided that the list of LinkedIn contacts actually belonged to the employee and NOT the company, despite the information being gathered during the course of his employment (which is the usual legal test when considering who owns work that is created in the course of an employee’s employment).

If a dispute does go to court, then being in a position to prove ownership of contacts created during the employee’s tenure will be crucial. Factors that may be taken into consideration include:

  • who had access to the accounts and passwords?
  • whether (and how) the ‘handle’ or account was associated with the employer’s name or brand
  • the value of the followers, fans, or connections
  • employee contracts
  • employment law, private lives, data protection, competition, harassment
  • Outlook contacts – will depend on precedents set in case law.

The position currently appears to be:

  • If the contacts are in the name of the employee’s personal account (in other words they are not maintaining the account on behalf of their employer) the employee is likely to be in a stronger position when determining ownership of contacts.
  • If the contacts could be deemed to be private information acquired during employment (emails and direct dial telephone numbers, for example), this could make the employee’s position weaker.
  • If the employee compiled their contacts from uploaded email addresses at work, or their employer provided them with business contacts or paid for a premium listing, then it is much more likely that a claim for ownership will find in the employer’s favour.

In Whitmar Publications Limited vs Gamage & Others, three senior employees had formed a new company prior to resigning from Whitmar. One of the individuals used Whitmar’s client contact details from Whitmar’s four LinkedIn Groups, which she administered, to invite prospective clients to an event promoting the new company.

Whitmar sought injunctive relief. The Judge found in favour of Whitmar. In relation to the LinkedIn Groups, the Judge found that the individuals were competing with Whitmar prior to their resignation. The claimants did not have post-termination provisions in their contracts. The employer sought to restrain their behaviour based on a breach of the implied duty of confidentiality. It is reported that the Judge ordered the individuals to give Whitmar control of the LinkedIn Account as the Contacts and the Groups were Whitmar’s confidential information.

What can employers do to protect their client list?

There are methods which employers might use to control employees’ accounts and claim ownership of contacts, but they can be impractical or inappropriate:

  • Banning use of social media at work

It would be possible to block access using the organisation’s equipment, but most people will be able to use their phones or use their home internet connection instead.

  • Deleting or handing over LinkedIn contacts on leaving employment

The employer would have to rely on the employee deleting the profile and/or contacts, as LinkedIn’s conditions do not permit the employee to give the username and password to the employer. It might not be possible to determine which contacts existed previously, or which new ones are not related to the business, and the employee could already have copied them prior to this point.

  • Copying information to the organisation’s customer database

This would ensure that the employer will still have access to the contact details after the employee has left, but relies on the employee keeping the data up to date.

  • Restrictive covenants

If not sufficiently carefully worded, covenants may not be enforceable.

  • Technical solutions

Configurations and profile settings can help to keep sensitive customer details confidential, but these can only be recommended by the employer.


Don't rely on a one size fits all strategy when drafting a social media policy or restrictive covenant.