Smart policies for Smartphones: Acceptable Online Activities During Work Hours
I'm in Seoul, South Korea, this week for a Global e-Government Forum. Seoul is 13 hours ahead of Washington, DC, so for more than half the day, it's tomorrow. But that's not the only way that Seoul is in the future. The smell of kimchi mixes with the omnipresent electronica of smartphone rings and tablet notifications. The Samsung building is visible from my hotel room, and its logo appears on at a majority of devices I've seen in this city. I've learned that this country is home to nearly 50 million people and 30 million smartphones, about ten percent higher than smartphone usage in the US.
And during their lunch hour, the Koreans I've seen are using their mobile devices to share on social media, just like their American counterparts, and this brings up a tricky problem both for employees and employers. The best way to illustrate the problem is to go back in time, not just 13 hours, but, say, 20 years.
Twenty years ago, there was a clear delineation between professional and personal activities. If a man called into a radio show at 10:30 in the morning and vented his spleen, chances were he was on work time and using a work phone, so his employer could rightfully ask him not to do that again. If, however, a woman was on her lunch break, and she taped a sign to a bulletin board outside her neighborhood market inviting people to a clam bake at her church, her employer would have little reason to object (if it knew about the activity at all). And if any employee had taken a quick break to return a toaster and while at the store, got into an argument with another person in line who loved that toaster, and harsh words were exchanged, would it reflect on the employer?
Now: enter mobile devices and social media. Using a smartphone, any professional, like any of the Koreans I saw walking by the 14th-century Dongdaemun Gate, could post comments to a blog at 10:30 am, invite friends (or the public) to a clam bake (or a political fundraiser), or rail against a product and call its fans hucksters, shills, dupes, or worse. And because people may use public forums, employers cannot always simply ignore the behavior.
Like it or not, certain professionals, and certainly government employees, are under more scrutiny on social media. Both Slate and National Public Radio have recently run stories that examine what social media activity can (or should) get people fired. Alex Howardand Alice Lipowcz have written specifically about federal employees' use of social media, and touched on the issue of reputation, the latter by way of a quote from me, among others.
IBM has published a social media policy that I think is exemplary for any organization that wants to pursue the dual goals of encouraging employees to engage in social media and protecting the organization's reputation. Some of the key components are:
- [Remember] that what you publish will be public for a long time—protect your privacy and take care to understand a site's terms of service.
- If you publish content online relevant to IBM in your personal capacity use a disclaimer such as this: "The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions."
- Respect copyright, fair use and financial disclosure laws.
- Respect your audience. Don't use ethnic slurs, personal insults, obscenity, or engage in any conduct that would not be acceptable in IBM's workplace. You should also show proper consideration for others' privacy and for topics that may be considered objectionable or inflammatory—such as politics and religion.
- Be aware of your association with IBM in online social networks. If you identify yourself as an IBMer, ensure your profile and related content is consistent with how you wish to present yourself with colleagues and clients.
- Don't pick fights, be the first to correct your own mistakes.
- Try to add value. Provide worthwhile information and perspective. IBM's brand is best represented by its people and what you publish may reflect on IBM's brand.
Implicit in these policies, and explicit elsewhere in the guidelines, is that there is value as well as risk to the organization for its people to engage in social media.
The primacy of policy
The importance of developing a comprehensive policy for employees' use of their personal connectivity devices cannot be understated. The proliferation of mobile devices nearly ensures that employees will have unfettered access to the Web, so technological approaches to security can go only so far. That's why it is imperative for leadership to communicate to all employees that they are responsible for their own role in protecting the organization's data, networks and computers; managing their own productivity; and maintaining the organization's reputation.
As the US catches up to South Korea, and smartphones continue to find their ways into more and more pockets, these issues will become only more pressing.