Community feedback: be careful what you wish for

Occupy Wall Street S15 Arrest

The first anniversary of Occupy Wall Street gathered at Washington Square Park, Occupy Town Square. A march down Broadway to Zuccotti Park started at 6pm on September 15th.

A recent New York Police Department attempt to engage with New Yorkers serves as a reminder that crowdsourcing positive feedback doesn’t always work quite as well as you may hope, if it works at all. As Ars Technica reported:

The Twitterverse was abuzz Tuesday evening after the New York City Police Department made what it thought was a harmless request to its followers: post pictures that include NYPD officers and use the #MyNYPD hashtag.

Much to the NYPD’s surprise and chagrin, the simple tweet brought on a torrent of criticism from the Internet. The result was national coverage of hundreds of photos depicting apparent police brutality by NYPD officers, which individuals diligently tweeted with the hashtag #myNYPD.

The Ars article touches on a number of other, similar attempts to elicit positive feedback from communities and the clear trend is that the community will give you its assessment of what you are doing and represent, it won’t necessarily give you the feedback you probably want.

This isn’t necessarily a reason not to engage with your community but it does require courage. If you want honest feedback, community feedback is a terrific opportunity to get it. If, on the other hand, you don’t want to venture outside a positive reinforcement bubble, perhaps start with a different sort of campaign.

Bombs under wheelchairs, model airplanes and other stupid tweets

The last couple weeks saw two spectacular lapses in judgment in corporate Twitter accounts. The first was the pornographic US Airways tweet in response to a passenger’s complaints about a delayed flight and the second was an FNB employee’s flippant tweet about an ad personality’s activities in Afghanistan.

Each incident has unfolded a little differently. Both are stark reminders about the very serious legal consequences for misguided tweets.

The last couple weeks saw two spectacular lapses in judgment in corporate Twitter accounts. The first was the pornographic US Airways tweet in response to a passenger’s complaints about a delayed flight and the second was an FNB employee’s flippant tweet about an ad personality’s activities in Afghanistan.

Each incident has unfolded a little differently. In the case of the US Airways tweet, it appears that the tweet was a mistake and that the employee concerned will not be fired. Here is an explanation of the incident and some commentary from Sarah and Amber on a recent Social Hour video:

On the other hand, FNB has reportedly launched disciplinary proceedings to deal with its employee’s tweet. According to TechCentral:

Disciplinary processes were under way following an offensive tweet sent from a First National Bank Twitter account, the bank said on Wednesday.

“We can confirm that disciplinary actions are currently under way as we are following the required industrial relations processes,” FNB’s acting head of digital marketing and media, Suzanne Myburgh, said.

In both cases, the companies concerned removed the offending tweets as soon as they discovered them and apologised for the tweets. Both incidents attracted a tremendous amount of attention and both brands were praised for apologising and being transparent about their investigations into their respective incidents. The benefit of this approach has been to mitigate the reputational harm both companies faced by engaging with their followers and keeping their customers updated on their investigations.

It is worth bearing in mind that managing corporate social media profiles at scale is not a simple exercise. As Cerebra’s Mike Stopforth pointed out in his Twitter post-mortem of the FNB tweet controversy:

He went further to characterise the tweet as a single error in the context of a very active Twitter profile:

I don’t think I would characterise the tweet as an “understandable error”. Twitter profiles as prolific as FNB’s @RBJacobs profile require careful attention to the kinds of tweets that may be published and to what extent the teams managing these profiles can inject their personalities into the corporate personality or representation of the brand online.

As I pointed out in my blog post titled “Gender activism, trolls and being fired for tweeting“, employees need to understand there are serious legal consequences for their bad decisions –

> From a Legal Perspective

The legal issues here are perhaps not as exciting as the raging debate and threats but they are important nonetheless. One of the central themes in the blog posts by both companies, Playhaven and SendGrid, is that employees who fail to fulfil their obligations towards their employers can be dismissed. In both Richards’ and Playhaven’s ex-employee’s cases, both individuals brought their employers into disrepute through their actions and, in this respect, exposed themselves to disciplinary action.

Employees owe their employers a number of duties and they can be disciplined if they fail to honour their obligations towards their employers. Employees’ duties include the duties to –

  • further the employer’s business interests;
  • be respectful and obedient; and
  • not to bring the employer into disrepute.

This last duty has received considerable attention in recent complaints brought to the > Commission for Conciliation, Mediation and Arbitration> including the case of > Sedick & another and Krisray (Pty) Ltd (2011) 32 ILJ 752 (CCMA)> where the commissioner upheld the employees’ dismissals and commented as follows:

Taking into account all the circumstances – what was written; where the comments were posted; to whom they were directed, to whom they were available and last but by no means least, by whom they were said – I find that the comments served to bring the management into disrepute with persons both within and outside the employment and that the potential for damage to that reputation amongst customers, suppliers and competitors was real.

and

This case emphasizes the extent to which employees may, and may not, rely on the protection of statute in respect of their postings on the Internet. The Internet is a public domain and its content is, for the most part, open to anyone who has the time and inclination to search it out. If employees wish their opinions to remain private, they should refrain from posting them on the Internet.

FNB clearly seems to have a process in place to identify, respond to and address incidents such as this tweet. It presumably has a sound policy framework that it will rely on when dealing with its incident. This is where a social engagement policy (what used to be a “social media policy” and which has evolved since then) is really important.

Although much of the focus of a social engagement policy has traditionally been on behaviours which must align with the brand, the policy also serves an important disciplinary function by clearly communicating a standard which employees using social communication tools must meet. This, in turn, ties into one of the important requirements of a sound disciplinary procedure: demonstrating that a clear standard was effectively communicated to employees who were aware of the standard and failed to meet it.

We may learn what happens to the FNB employee who published that ill-advised tweet. What is certain, though, is that this won’t be the last incident like this. We will see more incidents at other companies and the sooner companies develop effective processes to address these incidents, the better.

Extorted out of a $50 000 Twitter handle

Update (2014-02-26): The Next Web has reported that Hiroshima is once again in control of his envious Twitter handle, @N.

A good Twitter handle is an increasingly valuable part of your online identity and if you were fortunate enough to register a very short or common name for your Twitter handle, it could be that much more valuable. Naoki Hiroshima was one of those really fortunate people and he published a cautionary tale on Medium involving GoDaddy, PayPal, a devious extortionist’s social engineering and poor security. The story begins with this –

I had a rare Twitter username, @N. Yep, just one letter. I’ve been offered as much as $50,000 for it. People have tried to steal it. Password reset instructions are a regular sight in my email inbox. As of today, I no longer control @N. I was extorted into giving it up.

If your social profiles are important to you, make sure you safeguard them adequately. Security measures may add more complexity but they exist to prevent attacks like this one. What I found particularly interesting was Hiroshima’s recommendation not to use a custom domain-based email address as your notification address because it can be susceptible to this sort of attack.

<

p>This may not be feasible for corporate accounts but it is certainly something to plan for.

Cancer stories and contextual privacy

If you are unfamiliar with Twitter direct messages, they are inherently private and only people who follow you may send you direct messages. Aside from not informing Adams that she was writing a story about her, Keller apparently did not obtain Adams’ permission to repeat the direct message conversation and that violated Adams’ privacy, regardless of how public she is about other aspects of her experiences. 


Privacy on the social Web is tricky. A year after Randi Zuckerberg’s reminder that privacy is nuanced and contextual, Emma Keller, writing for the Guardian, crossed a few lines in her article about Lisa Adams’ experiences with breast cancer which was titled “Forget funeral selfies. What are the ethics of tweeting a terminal illness?” and was withdrawn by the Guardian after a controversy exploded on Twitter. The article is still available in the Internet Archive’s Wayback Machine if you would like to read it.

In her post titled “Social Media Is a Conversation, Not a Press Release” on Medium, Zeynep Tufekci explored a few themes that emerged from the controversy, including the ethical implications of Keller’s approach and the value of a public conversation about cancer. Although the subject resonates with me, generally, (my father passed away on 2003 after a short struggle with pancreatic cancer), this aspect stood out for me:

Emma Keller admitted that she had conversed with the subject via email and DM on Twitter without telling her that she was doing a story about her, and quoted Lisa Adams’ private direct messages without as much of a notification, let alone a permission.

In her article, Keller referenced a direct message conversation she had with Adams:

In some ways she has invited us all in. She could argue that she is presenting a specific picture – the one she wants us to remember. “I do feel there will be lasting memories about me. That matters,” she wrote to me in a direct message on Twitter.

If you are unfamiliar with Twitter direct messages, they are inherently private and only people who follow you may send you direct messages. Aside from not informing Adams that she was writing a story about her, Keller apparently did not obtain Adams’ permission to repeat the direct message conversation and that violated Adams’ privacy, regardless of how public she is about other aspects of her experiences. She related another incident which highlights the nuances:

She describes a fantastic set up at Sloan-Kettering, where she can order what she wants to eat at any time of day or night and get as much pain medication as she needs from a dedicated and compassionate “team”, but there is no mention of the cost. She was enraged a few days ago when a couple of people turned up to visit her unannounced. She’s living out loud online, but she wants her privacy in real life.

Privacy isn’t an all or nothing thing. As I pointed out in my post about Randi Zuckerberg’s contextual privacy experience last year –

The seminal case on the right to privacy in South Africa is the Constitutional Court case of Bernstein and Others v Bester NO and Others. The Constitutional Court said that the right to privacy is informed largely by a legitimate expectation of privacy which, in turn, means that a person must establish that:

“he or she has a subjective expectation of privacy and that the society has recognized that expectation as objectively reasonable.”

The subjective component means that a person can’t have an expectation of privacy where that person has consented to have his or her privacy invaded. The objective component introduces a requirement for reasonableness when assessing an apparent privacy violation. There is a notion of a “continuum of privacy interests” which is a helpful application of this idea of a legitimate expectation of privacy. The Court in the Bernstein case said the following:

“The truism that no right is to be considered absolute, implies that from the outset of interpretation each right is always already limited by every other right accruing to another citizen. In the context of privacy this would mean that it is only the inner sanctum of a person, such as his/her family life, sexual preference and home environment, which is shielded from erosion by conflicting rights of the community. This implies that community rights and the rights of fellow members place a corresponding obligation on a citizen, thereby shaping the abstract notion of individualism towards identifying a concrete member of civil society. Privacy is acknowledged in the truly personal realm, but as a person moves into communal relations and activities such as business and social interaction, the scope of personal space shrinks accordingly.”

This is an explanation for why people in the public eye have a different legitimate expectation of privacy than people who are deeply private and secretive. A person’s legitimate expectation of privacy is determined by their level of publicity and the consents they have given to invasions of their privacy.

<

p>Keller made a common mistake of assuming that because Adams is public about some aspects of her cancer experiences that she has waived her expectation that the rest of her life enjoy some measure of privacy. This is not the case. Privacy is a complex and nuanced set of expectations and rights and is complicated by the very public fora we use to share aspects of our lives. Nevertheless, it is a model which confounds many people, including journalists who should take greater care with information they are privy to.

Nokia’s errant F-bomb tweet and a reputational smear

Although the tweet was almost certainly not sanctioned by Nokia’s marketing team, it highlights the importance of carefully managing not only access to a brand’s social profiles and establishing clear guidelines for people who do have access to those profiles explaining what acceptable behaviour and content are because whatever is published using those platforms is going to be perceived as representative of the brand to some degree. Aside from the obvious reputational smear, consider the economic impact of a brand that is perceived to have taken a strong stand against its customers, especially at a time when it is undergoing considerable transformation.

I’ve always admired how Nokia engages with its customers and fans (often the same) using social media. I love their YouTube videos and I was a passionate evangelist for their products for a couple years before I eventually put down my Nokia N97, flirted briefly with Android (my experience with the HTC Desire was less than “wow”) and switched to an iPhone. Nokia’s staff have always struck me as deeply passionate about their products and the work they do so the tweet that appeared on the Nokia New Zealand Twitter stream yesterday must have been a shock to many.

2013-11-26 Nokia NZ F-you tweet

The tweet was, predictably, taken down and the following apology was published soon afterwards:

As The Next Web pointed out in its post about the tweet, there are a number of explanations for the offending tweet but that may not have mattered much at the time:

As you’d expect, the post has since been deleted. We can think of a few explanations for it, such as hacking, a disgruntled employee, an account mixup, or a practical joke gone awry, but whatever it is, Nokia isn’t going to be winning the Internets today. We’ve reached out to the company to see if we can find out what happened.

Although the tweet was almost certainly not sanctioned by Nokia’s marketing team, it highlights the importance of carefully managing not only access to a brand’s social profiles and establishing clear guidelines for people who do have access to those profiles explaining what acceptable behaviour and content are because whatever is published using those platforms is going to be perceived as representative of the brand to some degree. Aside from the obvious reputational smear, consider the economic impact of a brand that is perceived to have taken a strong stand against its customers, especially at a time when it is undergoing considerable transformation. What if this drop in Nokia’s share price was a result of the tweet (I don’t see an indication that this is the case but this scenario is hypothetically possible)?

So what can brands do?

  1. For starters, manage access to social profiles using a centrally controlled dashboard of some sort. Services like Hootsuite allow brands to establish user accounts and to grant access to multiple social profiles. They also allow for a degree of moderation and, importantly, to revoke access to those profiles without needing to disclose each profile’s access credentials. Of course, access to the dashboard’s administrative settings should also be carefully managed.
  2. Brands should ensure that the passwords they use to secure their social media profiles are secure. Don’t use simple passwords because they are easy to remember, use long and pseudo-random strings with mixed characters. Services like LastPass make managing these long passwords pretty easy and LastPass’ recent update allows people to share passwords.
  3. Implement clear and effectively worded social engagement policies to manage internal stakeholder (not just employees but contractors and partners too) expectations about what they can do on the brand’s behalf. These policies should go beyond simple social media policies and should extend to different forms of engagement. An effective model focuses more on behaviours than on specific technologies. Crucially, these policies should form part of a company’s internal policy framework and be effective performance management tools. Three line social media policies written to be catchy and praise-worthy in the media are typically useless from an enforcement perspective which is, essentially, their purpose.

This particular tweet is just indicative of an ongoing risk brands face. Just as social media profiles are wonderful tools for engaging meaningfully with various stakeholders, they can also be used to wreak havoc on a brand’s reputation. This reminds me of that saying “a moment on your lips, a lifetime on your hips“ (or something like that). A lifetime on the social Web is can be measured in days and weeks because that is how long it can take to kill a reputation. A tweet can be the start of that.

Gender activism, trolls and being fired for tweeting

One of the big stories online this last week involves objectionable jokes, a tweet, a blog post, a lot of trolls and a couple people being fired in the aftermath of it all. This is a cautionary story for a number of reasons. It has implications for gender activism, free expression and employment-related concerns we have been seeing percolating in various judicial and administrative fora for a couple years.

One of the big stories online this last week involves objectionable jokes, a tweet, a blog post, a lot of trolls and a couple people being fired in the aftermath of it all. This is a cautionary story for a number of reasons. It has implications for gender activism, free expression and employment-related concerns we have been seeing percolating in various judicial and administrative fora for a couple years.

What Happened

The protagonist is Adria Richards who was one of the many attendees at the PyCon conference and this is her introduction to the events that sparked the controversy in her post titled “Forking and Dongle Jokes Don’t Belong at Tech Conferences“:

Have you ever had a group of men sitting right behind you making joke that caused you to feel uncomfortable? Well, that just happened this week but instead of shrinking down in my seat, I did something about it an here’s my story…

Yesterday, I publicly called out a group of guys at the PyCon conference who were not being respectful to the community.

For those of you visiting from Hacker News from the tweet and from this post, thanks for stopping by. Enjoy the context.

I tweeted a photo of the guys behind me:

I publicly asked for help with addressing the problem:

I tweeted the PyCon Code of Conduct page and began to contacting the PyCon staff via text message:

and I’m happy to say that PyCon responded quickly not just with words but with action and a public response:

She explained further, in her “back story” explanation that one of the two men passed a comment about one of the speakers which Richards agreed with. She responded to him and the conversation quickly led to the jokes she objected to:

The guy behind me to the far left was saying he didn’t find much value from the logging session that day. I agreed with him so I turned around and said so. He then went onto say that an earlier session he’d been to where the speaker was talking about images and visualization with Python was really good, even if it seemed to him the speaker wasn’t really an expert on images. He said he would be interested in forking the repo and continuing development.

The man’s companion passed a comment about “forking” (a term used in software development for creating software code derivatives) and “dongles” which Richards objected to on the basis of the apparent sexual innuendo and in the context of what she saw as a broader gender issue in the technology field where there are relatively few women developers and technologists compared to men. She turned and took a photo of the men and posted her tweet which the conference organisers saw and followed up on.

Dismissals

One of the men behind Richards was subsequently dismissed by his employer, Playhaven. Playhaven’s CEO intimated that the reason his company dismissed the employee may not have been solely because of the jokes –

It has come to our attention that a topic concerning a former PlayHaven employee has generated a passionate online debate.

There are a number of inaccuracies being reported and I would like to take this opportunity to provide some clarity.

PlayHaven had an employee who was identified as making inappropriate comments at PyCon, and as a company that is dedicated to gender equality and values honorable behavior, we conducted a thorough investigation. The result of this investigation led to the unfortunate outcome of having to let this employee go. We value and protect the privacy of our employees, both past and present, and we will not comment on all the factors that contributed to our parting ways.

The, as yet, unnamed man posted a comment on Hacker News where he took responsibility for the “dongles” comments and contextualised the “forking” comments. He also defended Richards to a degree –

Hi, I’m the guy who made a comment about big dongles. First of all I’d like to say I’m sorry. I really did not mean to offend anyone and I really do regret the comment and how it made Adria feel. She had every right to report me to staff, and I defend her position. However, there is another side to this story. While I did make a big dongle joke about a fictional piece hardware that identified as male, no sexual jokes were made about forking. My friends and I had decided forking someone’s repo is a new form of flattery (the highest form being implementation) and we were excited about one of the presenters projects; a friend said “I would fork that guys repo” The sexual context was applied by Adria, and not us.

My second comment is this, Adria has an audience and is a successful person of the media. Just check out her web page linked in her twitter account, her hard work and social activism speaks for itself. With that great power and reach comes responsibility. As a result of the picture she took I was let go from my job today. Which sucks because I have 3 kids and I really liked that job.

She gave me no warning, she smiled while she snapped the pic and sealed my fate. Let this serve as a message to everyone, our actions and words, big or small, can have a serious impact.

I will be at pycon 2014, I will joke and socialize with everyone but I will also be mindful of my audience, accidental or otherwise.

Again, I apologize.

Richards initially believed that her employer, SendGrid, supported her stance but she was also dismissed

Effective immediately, SendGrid has terminated the employment of Adria Richards. While we generally are sensitive and confidential with respect to employee matters, the situation has taken on a public nature. We have taken action that we believe is in the overall best interests of SendGrid, its employees, and our customers. As we continue to process the vast amount of information, we will post something more comprehensive.

SendGrid’s CEO published an explanation for Richards’ dismissal on his company’s blog in which he, essentially, indicated that Richards’ actions were inconsistent with her role as a developer evangelist at his company and it would not be appropriate to retain her given the manner in which she addressed her concerns –

On Sunday at PyCon, Adria Richards felt comments made behind her during a conference session were inappropriate and of an offensive, sexual nature. We understand that Adria believed the conduct to be inappropriate and support her right to report the incident to PyCon personnel. To be clear, SendGrid supports the right to report inappropriate behavior, whenever and wherever it occurs.

What we do not support was how she reported the conduct. Her decision to tweet the comments and photographs of the people who made the comments crossed the line. Publicly shaming the offenders – and bystanders – was not the appropriate way to handle the situation. Even PyCon has since updated their Code of Conduct due to this situation. Needless to say, a heated public debate ensued. The discourse, productive at times, quickly spiraled into extreme vitriol.

A SendGrid developer evangelist’s responsibility is to build and strengthen our Developer Community across the globe. In light of the events over the last 48+ hours, it has become obvious that her actions have strongly divided the same community she was supposed to unite. As a result, she can no longer be effective in her role at SendGrid.

In the end, the consequences that resulted from how she reported the conduct put our business in danger. Our commitment to our 130 employees, their families, our community members and our more than 130,000 valued customers is our primary concern.

Backlash Online

The responses to Richards’ tweets and the events that followed has been fairly varied. According to The Verge’s post titled “Thug mentality: How two dick jokes exploded into DDoS and death threats” –

Playhaven has since backed off on the story, claiming the firing happened for a number of reasons — but by then, the torches had been lit. A Pastebin post this morning promised an Anonymous-affiliated attack — “an explosion of lulz and collateral damage.” The only way to forestall the damage, the message said, was to fire Richards. 4chan’s /pol/ board also promised an attack. Shortly after, a massive DDoS attack brought down Sendgrid.com, and forced Richards to shield her personal site behind Cloudflare’s anti-DDoS service.
A few hours later, Sendgrid announced it had fired Richards, effective immediately. With no site to post on, they had to make the announcement on Facebook, saying “we have taken action that we believe is in the overall best interests of SendGrid.” A little after 3:30 EST, the site came back online.

Addressing Important Social Issues

As The Verge and other commentators pointed out, the important issues are at risk of being lost in the flamewar that has erupted online –

But any legitimate questions have already been lost in the flood of vitriol against Richards, including outright death threats. Nearly 200 comments have been left on Sendgrid’s Facebook post, including a number of racial epithets. (Richards is African-American.) Hacker News has been aggressively moderating the discussion, and has deleted a number of threads on the topic. Seeking to repair the damage, a number of figures have already come forward to offer Richards a job.
It has all the hallmarks of a flamewar, a conversation dominated by the loudest and most offensive voices. The conversation has become an echo chamber of horrible, with the worst offenses of each side trotted out in place of anything resembling equanimity. Defending Richards — a woman who, it bears repeating, is still receiving racially motivated death threats — is seen as equivalent to casting a father of three into the poorhouse. She “got him fired,” as a thousand comments will remind you. Playhaven, the company which did the actual firing, seems to have gotten off scot-free, in both the comments sections and the Anon-affiliated chat rooms of the world. As it turns out, sometimes the internet is a terrible place.
What we most want, across the board, is for this not to have happened. It was such a simple joke, in the beginning — the kind of thing high school boys tell, before enough women call them out on it and they stop. Why couldn’t Richards have called them out the same way? Over and over, observers have put forward the same fantasy, in which Richards talks to the developers face-to-face, they fess up, and the whole thing lives and dies as a quiet argument in the tenth row of an otherwise-boring tech conference.
But in a world where thousands of anonymous men can instantly gather to deliver swift retribution against any perceived threat, it’s easy to understand why more women don’t speak out.

From a Legal Perspective

The legal issues here are perhaps not as exciting as the raging debate and threats but they are important nonetheless. One of the central themes in the blog posts by both companies, Playhaven and SendGrid, is that employees who fail to fulfil their obligations towards their employers can be dismissed. In both Richards’ and Playhaven’s ex-employee’s cases, both individuals brought their employers into disrepute through their actions and, in this respect, exposed themselves to disciplinary action.

Employees owe their employers a number of duties and they can be disciplined if they fail to honour their obligations towards their employers. Employees’ duties include the duties to –

  • further the employer’s business interests;
  • be respectful and obedient; and
  • not to bring the employer into disrepute.

This last duty has received considerable attention in recent complaints brought to the Commission for Conciliation, Mediation and Arbitration including the case of Sedick & another and Krisray (Pty) Ltd (2011) 32 ILJ 752 (CCMA) where the commissioner upheld the employees’ dismissals and commented as follows:

Taking into account all the circumstances – what was written; where the comments were posted; to whom they were directed, to whom they were available and last but by no means least, by whom they were said – I find that the comments served to bring the management into disrepute with persons both within and outside the employment and that the potential for damage to that reputation amongst customers, suppliers and competitors was real.

and

This case emphasizes the extent to which employees may, and may not, rely on the protection of statute in respect of their postings on the Internet. The Internet is a public domain and its content is, for the most part, open to anyone who has the time and inclination to search it out. If employees wish their opinions to remain private, they should refrain from posting them on the Internet.

In this particular case Richards’ actions were interpreted by her employer as being a failure to both act in the role she was hired to fill, namely as a developer evangelist and to “build and strengthen our Developer Community across the globe”. Tweeting and blogging her concerns in the manner she did appears to be inconsistent with her employer’s expectations of appropriate responses to the comments and, translating this into a South African context, she would have failed in her duties to further her employer’s business interests and not to bring her employer into disrepute.

The Playhaven ex-employee similarly failed in his duties towards his employer and, in a South African context, would likely have been found to have brought his employer into disrepute through his “inappropriate” comments. Whether the comments were serious enough to merit dismissal may be arguable although this controversy has clearly highlighted the strong views on both sides. While this took place in a different jurisdiction, the result may have been similar were these two individuals South African employees representing South African companies. Another issue to bear in mind is that companies can also be vicariously liable for their employees’ actions and this could well extend to an employee’s social updates online.

The lesson to take away from this is that employees should be more mindful of what they tweet, particularly in a public context where their comments could be attributed to their employers.

Below is a Storify with links and additional stories.

What you should not share online

​The social Web encourages sharing but sometimes we share too much. This post gives you an idea of what to look out for and, perhaps, what not to share.

I received an email from Nadya, a Canadian student, who is researching how people express themselves online and she posed a few questions which I answered in a recording. This is related to my previous post titled “What you can legally say on Twitter” which I published in the aftermath of the Oscar Pistorius tweetstorm. I go a little further than defamation and also talk a little about privacy concerns and content sharing. The important thing to bear in mind is that just because you are using the social Web to express yourself, it doesn’t mean that what you say and share won’t have very real consequences for you and people close to you.

What you can legally say on Twitter

When it comes to acceptable conduct on Twitter and, defamation in particular, our law will govern how South African Twitter users use Twitter and may well inform how Twitter responds to improper use of its service too. Although simply making defamatory statements is not immediately actionable, doing so unjustifiably likely is wrongful and can expose you to legal proceedings seeking to stop you, to remove your defamatory statements or even to claim financial compensation from you. That said, there would be a tension between Twitter’s approach to users’ freedom of expression and local judicial authorities’ approach which could be interesting but, on the whole, Twitter will likely respect local laws which are aligned, at least ostensibly, with its values.

Nokia Lumia launch-72

The Oscar Pistorius case has clearly illustrated just how important Twitter has become to us as an information service and as a form of expression for individuals. It exists both in the real world and in a sort of altered reality for many of its users. The result is that people often find themselves tweeting things they wouldn’t say in person and may of those things can be defamatory and actionable in our law. An important question is what you, as a Twitter user (or as a person using most publish social services, generally) can say (and, by implication, what you shouldn’t)?

What Does Twitter Permit?

Twitter’s terms and conditions comprise its Terms of Service and the Twitter Rules. Between them, these two frameworks establish a set of rules and guidelines for acceptable Twitter use[1].

Twitter’s Terms of Service

Twitter’s Terms of Service are the contract between you and Twitter. This is how Twitter introduces this contract:

These Terms of Service (“Terms”) govern your access to and use of the services, including our various websites, SMS, APIs, email notifications, applications, buttons, and widgets, (the “Services” or “Twitter”), and any information, text, graphics, photos or other materials uploaded, downloaded or appearing on the Services (collectively referred to as “Content”). Your access to and use of the Services are conditioned on your acceptance of and compliance with these Terms. By accessing or using the Services you agree to be bound by these Terms.

This means that the Terms of Service are the primary legal framework as far as you and Twitter are concerned. When you violate the Terms of Service you may not be breaking the law but you are breaking your contract with Twitter and can lose your profile and further access to the service. As the saying goes, “easy come, easy go” and Twitter can terminate your access to the service if you violate the Terms of Service. The section titled “Ending These Terms” includes the following:

The Terms will continue to apply until terminated by either you or Twitter as follows.

You may end your legal agreement with Twitter at any time for any reason by deactivating your accounts and discontinuing your use of the Services. You do not need to specifically inform Twitter when you stop using the Services. If you stop using the Services without deactivating your accounts, your accounts may be deactivated due to prolonged inactivity under our Inactive Account Policy.

We may suspend or terminate your accounts or cease providing you with all or part of the Services at any time for any reason, including, but not limited to, if we reasonably believe: (i) you have violated these Terms or the Twitter Rules, (ii) you create risk or possible legal exposure for us; or (iii) our provision of the Services to you is no longer commercially viable. We will make reasonable efforts to notify you by the email address associated with your account or the next time you attempt to access your account.

Twitter is also the gatekeeper when it comes to your Twitter use and can decide how and when you may use the service and in what manner:

Please review the Twitter Rules (which are part of these Terms) to better understand what is prohibited on the Service. We reserve the right at all times (but will not have an obligation) to remove or refuse to distribute any Content on the Services, to suspend or terminate users, and to reclaim usernames without liability to you. We also reserve the right to access, read, preserve, and disclose any information as we reasonably believe is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request, (ii) enforce the Terms, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) respond to user support requests, or (v) protect the rights, property or safety of Twitter, its users and the public.

Twitter Rules

So you can be sued for defamation of character for things said on Twitter. That’s assuming the person you defame has any character.

— Jonathan Witt (@Jonathan_Witt) February 23, 2013

The Terms of Service specify technical restrictions for how you may make use of the service but the Twitter Rules specifically address your conduct on Twitter and what is permissible. Interestingly, Twitter doesn’t address defamation directly in the Twitter Rules. Instead, it prohibits the following broad categories of activities on Twitter:

  • Impersonation: You may not impersonate others through the Twitter service in a manner that does or is intended to mislead, confuse, or deceive others
  • Trademark: We reserve the right to reclaim user names on behalf of businesses or individuals that hold legal claim or trademark on those user names. Accounts using business names and/or logos to mislead others will be permanently suspended.
  • Privacy: You may not publish or post other people’s private and confidential information, such as credit card numbers, street address or Social Security/National Identity numbers, without their express authorization and permission.
  • Violence and Threats: You may not publish or post direct, specific threats of violence against others.
  • Copyright: We will respond to clear and complete notices of alleged copyright infringement. Our copyright procedures are set forth in the Terms of Service.
  • Unlawful Use: You may not use our service for any unlawful purposes or in furtherance of illegal activities. International users agree to comply with all local laws regarding online conduct and acceptable content.
  • Misuse of Twitter Badges: You may not use a Verified Account badge or Promoted Products badge unless it is provided by Twitter. Accounts using these badges as part of profile photos, header photos, background images, or in a way that falsely implies affiliation with Twitter will be suspended.

In addition, anyone who uses Twitter for the following purposes will be subject to “permanent suspension”:

  • Serial Accounts
  • Username Squatting (also known as Brandsquatting)
  • Invitation spam
  • Selling user names
  • Malware/Phishing
  • Spam
  • Pornography

Twitter protects users’ rights to freedom of expression, for the most part, although these protections are limited in some instances and have become somewhat eroded through steps taken to censor Twitter users, sometimes controversially. When it comes to freedom of expression, Twitter protects aspects of this freedom such as parody, commentary and fan accounts but has little tolerance for, and has developed specific policies catering for, misuses that include impersonations falling outside the scope of parody, commentary and fan accounts and abusive behaviour (which is not very clearly defined).

What Does the Law Permit?

@songezozibi#blacktwitter watched Carte Blanche and discovered that defamation laws cover social media. It’s hilarious.

— Sipho Hlongwane (@comradesipho) February 24, 2013

Defamation in South Africa has developed quite a bit in the last decade or so. That’s not to say that it has changed radically but how it is applied has. For one thing, the Bill of Right’s introduction (first in the interim Constitution in 1994 and, later, in the final Constitution in 1996) led judges to base their decisions on an analysis of the relative weight of various rights which usually include the right to dignity and the right to freedom of expression.

I referenced current judicial authorities on defamation which Judge Willis discussed in his recent judgment about a case involving defamation on Facebook in my article about that case and this extract is worth repeating:

After exploring Twitter briefly, Judge Willis turned to established case law in South Africa including authority for the proposition Roos expressed that a privacy infringement can be justified in a similar way that defamation can be justified and a more recent Supreme Court of Appeal judgment in the 2004 Mthembi-Mahanyele v Mail & Guardian case which, according to Judge Willis –

affirmed the principle that the test for determining whether the words in respect of which there is a
complaint have a defamatory meaning is whether a reasonable person of ordinary intelligence might reasonably understand the words concerned to convey a meaning defamatory of the litigant concerned

The Court, in the Mthembi-Mahanyele case set out the test for defamation as follows (and cited a 1993 case in the then-Appellate Division of Argus Printing and Publishing Co Ltd v Esselen’s Estate) –

The test for determining whether words published are defamatory is to ask whether a ‘reasonable person of ordinary intelligence might reasonably understand the words . . . to convey a meaning defamatory of the plaintiff. . . . The test is an objective one. In the absence of an innuendo, the reasonable person of ordinary intelligence is taken to understand the words alleged to be defamatory in their natural and ordinary meaning. In determining this natural and ordinary meaning the Court must take account not only of what the words expressly say, but also of what they imply’

Referencing one of the justifications for (or defences to) defamation, namely that the defamatory material be true and to the public benefit or in the public interest, Judge Willis drew an important distinction that is worth bearing in mind –

A distinction must always be kept between what ‘is interesting to the public’ as opposed to ‘what it is in the public interest to make known’. The courts do not pander to prurience.

The Court moved on to explore another justification, fair comment. In order to qualify as “fair comment” –

the comment “must be based on facts expressly stated or clearly indicated and admitted or proved to be true”

The person relying on this justification must prove that the comment is, indeed, fair comment and “malice or improper motive” will defeat this justification or defence, regardless of its demonstrably factual nature. In this particular case, the Court found that W acted maliciously and she was unable to prevail with this defence.

When it comes to acceptable conduct on Twitter and, defamation in particular, our law will govern how South African Twitter users use Twitter and may well inform how Twitter responds to improper use of its service too. Although simply making defamatory statements is not immediately actionable, doing so unjustifiably likely is wrongful and can expose you to legal proceedings seeking to stop you, to remove your defamatory statements or even to claim financial compensation from you. That said, there would be a tension between Twitter’s approach to users’ freedom of expression and local judicial authorities’ approach which could be interesting but, on the whole, Twitter will likely respect local laws which are aligned, at least ostensibly, with its values.

The Other Considerations

Leaving aside the law and your contract with Twitter, online defamation is tricky. Your legal rights and rights under a provider’s terms of service may protect you in theory but the social Web has its own dynamics which operate, frequently regardless of what should happen. It is very easy to tweet something that you may feel strongly about in that moment (I have certainly done that) and it is worth bearing Judge Willis’ advice in mind for those times when your tweets perhaps go too far:

Those who make postings about others on the social media would be well advised to remove such postings immediately upon the request of an offended party. It will seldom be worth contesting one’s obligation to do so. After all, the social media is about building friendships around the world, rather than offending fellow human beings. Affirming bonds of affinity is what being ‘social’ is all about.

  1. Other services have similar frameworks (take a look at Facebook’s Statement of Rights and Responsibilities and Community Standards guidelines as well as WordPress’ Terms of Service for hosted service users)  ↩