The genie is out of the bottle when it comes to 'cyber spying'

Revelations this year that some of the UK’s top companies are ‘spying’ on their customers raises a number of questions about customers’ privacy rights. But at the same time, it highlights the problems these companies have in making sure they protect their reputations.

It was reported earlier in the year that firms, including BT, easyJet and Carphone Warehouse, have used specialist software to track individuals who have made complaints against them on social media sites.

It is not just customers that are being tracked. Figures from a US survey show 8% of firms have sacked social media miscreant employees for their behaviour on sites like Facebook and Linkedin.

Now, as more monitoring software is developed, it seems there is no going back.

These days, it is easy for anyone to publish information – negative or positive – online via sites such a Facebook or Twitter. Businesses are so concerned that they are taking a far more proactive approach to monitoring their reputation, brand and revenue stream by identifying negative or untrue posts, articles, blogs or reviews online. 

The extensive sharing of information on social media sites is something firms are increasingly monitoring, but this inevitably has implications for personal privacy. The use of social media is growing at an incredible rate and it should come as no surprise companies are using this to connect to their customers. 

Firms are also using specially developed software to scan for negative comments about them on sites such as Facebook, Twitter and YouTube, and other forms of social media including blogs, news feeds, forums, message boards and chat rooms.

External monitoring services have been employed to keep track of their online reputation. Many other companies will follow this trend as more monitoring software is produced. The relationship between employees and employers could be strained as employers use software to monitor posts made by their workers on social media sites.

Although privacy campaigners have accused companies using such software as ‘spying’, companies which monitor social networking sites are legally permitted to do so, provided the content viewed on an individual’s social networking page is classified as ‘public’. 

This is because personal information publicly available via social media sites is voluntarily posted by the user themselves. It can be argued that use of that information does not constitute a violation of their right to privacy. 

It is, therefore, important for users of social media sites to check their privacy settings. 

Social media users must be more savvy about the impact of their online views. Individuals should be aware the internet is an open environment and their digital comments can have real-life consequences. When users of social media sites complain about a company via a public forum, they should know they could be contacted by the organisation regarding that complaint in order to remedy the position. 

If a social media user does not want their complaint to be seen by third parties, the user should update their privacy settings accordingly.   

An individual using a social media profile to make untrue and malicious statements about another company or individual may be liable for defamation. This can be the case even where the publication is merely to designated ‘friends’.  

Evidence shows false profiles are commonly created on social media sites. In most cases, the potential claimant is usually satisfied with the offending content being removed when they do not have funds to pursue the matter. 

However, more legal cases are going to court regarding defamatory content posted on the internet via social media. If this type of comment is made, it will often be made anonymously. 

In various recent cases in England, lawyers have managed to get round the anonymity problem by obtaining Court orders requesting Facebook discloses not only the registration data but also the details of the IP addresses and email addresses of the individual which created the profile on which the defamatory content was included. 

These cases illustrate that, although a post may be made anonymously, in the event of a legal challenge an ISP may be obliged to release information about the identity about the content provider.     

Users of social media also need to give some consideration to the personal information they may be posting about third parties on their own and other users' profiles. In particular, photographs can be uploaded to a user's profile and tagged with the name of those featured in the photograph without their knowledge or consent. 

Users should, therefore, bear in mind that uploading information about other individuals may impinge upon their privacy and data protection rights so consent should be obtained in advance. Users should also consider whether by posting the content online, they would be infringing the copyright of a third party. 

Given the increasing number of legal cases seen in this area, users of social media sites must consider the possible implications of any comments or content they are posting online. 

The UK Information Commissioner’s Office has published a general guidance note on how to use social media safely. This note provides some helpful tips and warnings about posting personal information to such sites. 

Alison Bryce is a partner in the intellectual property & technology team at Maclay Murray & Spens LLP.