Secrets of Social Media: Who owns social media accounts?

I’m sure that many people find it exciting to read about U.S. college athletics, although it’s hard to imagine how that could result in any trade secrets. But consider this: Andy Bitter, a former sports journalist covering the travails and triumphs of the Virginia Tech football team, was recently sued by his former employer, a local newspaper, for trade secret theft. The violation? Refusing to turn over the login and password for his Twitter account when he left.

Never mind that the account had been given to him by a previous writer and that he had renamed it “@AndyBitterVT” to reflect his personal devotion to Virginia Tech. According to the plaintiff Roanoke Times he was obligated by the company’s employee handbook to turn over all company property, and this necessarily included the Twitter account he had used to stay in touch with his fans (more precisely “followers” of which he had about 17,000). The information associated with the account was alleged to be worth $150,000. (One fellow journalist, commenting on the story, wondered out loud how a sportswriter’s tweets about a single college team could be “worth as much as a small yacht.”)

As often happens in trade secret cases, it seems that the plaintiff didn’t think this one through before filing. After all, they call it “social” media because people tend to form communities of interest online, and those who had signed up to follow Mr. Bitter’s commentary on their favorite football team were pretty unhappy about how he was treated by his former bosses. One of the scores of reader comments to stories about the lawsuit read, “You guys are out of your minds. I follow Andy Bitter, not you.” Subscription cancellations followed.

In spite of the mess it created, the Roanoke Times has reminded us of some important questions for industry in the information age. Who owns social media accounts? What role do they play in building competitive advantage? And how should companies manage their use?

In ancient times (that is ten years ago, before Facebook, Twitter, LinkedIn and the like), businesses could control their own messaging to the public, through advertising and public relations firms. Social media, like other aspects of the internet, disrupted and “disintermediated” this structure, allowing not just traditional journalists but everyone else with a computer or smartphone to step out in public and (occasionally) be heard. Companies (and a few politicians) recognize the advantage of this direct marketing opportunity and have jumped on the bandwagon with their own accounts and campaigns.

But then there are the hundreds of millions of individual accounts, including in the hands of employees. What new challenges do employers face as a result?

One of the biggest threats is to corporate information security. Social media companies have succeeded, through incessant and automated behavioral conditioning, in convincing an entire generation of workers that sharing is a good thing. And sharing more is even better. That is what many employees do in the evening on their smartphones: reveal everything about what is going on in their lives.

And then we expect them to come into the office the next morning and use those same devices – which by the way are connected to the company’s networks and databases – with mature, sober discretion? If someone wants to brag, why not talk about the cool (but unannounced) product they’re working on? If they want to complain, why not troll management (anonymously of course) for its blunders? And if an engineer faces a knotty technical problem on a project, why shouldn’t she just post a description to a Facebook group where other engineers can see it and offer suggestions?

The inclination toward sharing, reinforced constantly by social media, represents a serious challenge that can only be addressed through training and consistent management, providing the antidote of a culture of confidentiality. Click here to read my October 2016 newsletter about training, “The Most Cost-Effective Way You Can Protect Your Trade Secrets?”.

But getting back to the more specific set of problems reflected in the litigation filed against Mr. Bitter, the good news is that managing these accounts, and separating the personal from the corporate, is straightforward. It begins with establishing and communicating a company policy about the use and ownership of social media. Accounts created by the company, which can be usefully deployed for sales and marketing purposes and to enhance the company’s image, should be designated and named appropriately, with control over credentials and content just as with company networks and data.

It may be best simply to prohibit employee use of personal accounts for any company business. But if you allow it, employees should be obligated by contract to provide access and to transfer ownership and control when asked, or at termination.

Employees and contractors who are employed to create content need special attention, to ensure that what they do for you is designated a “work for hire” and that they have agreed to assign to the company all rights to the content.

A word about managing the risk of new hires. In addition to getting the usual assurances that they will not bring to the job any information that doesn’t belong to them, you may want to inquire about whether they intend to use any pre-existing social media accounts to help them in their new assignment.

As for suing departing employees over their Twitter accounts, be careful what you ask for. In addition to provoking the rage of many of his followers, the Roanoke Times was just countersued by Mr. Bitter for defamation. Remember, the emotionalism that drives trade secret litigation can take it in unpredictable directions.

Share

Warning & Disclaimer: The pages, articles and comments on IPWatchdog.com do not constitute legal advice, nor do they create any attorney-client relationship. The articles published express the personal opinion and views of the author as of the time of publication and should not be attributed to the author’s employer, clients or the sponsors of IPWatchdog.com.

Join the Discussion

3 comments so far.

  • [Avatar for Anon]
    Anon
    November 15, 2018 08:05 am

    Daniel,

    Whether on purpose or not, you have used a term that — if applied to its legal extent — brings about the opposite conclusion that you state.

    Contacts of adhesion are not enforceable.

    Those who seek to own that data would fight you tooth and nail to have that term NOT apply (much like the CEO type who simply would not answer the question put to him).

    As for the Roanoke case, as the second paragraph in the story alludes to, the twitter account was not his own personal account (he did not create or start it on his own, but inherited from a prior writer of the company. Not stated, but I believe in actuality, that writer also did not start it, but it was started by the entity trying to enforce its ownership.

  • [Avatar for Daniel Cole]
    Daniel Cole
    November 13, 2018 02:43 pm

    @1 By the contracts of adhesion we all agree to when we sign up to use these services the company involved does. Twitter, facebook etc.

    To the original poster – wow. They seriously think that have a chance of saying they own his personal twitter account? I mean if it was a Roanoke Times twitter account or Roanoke Times Sports twitter account maybe but wow does this seem like a suit any sane attorney should have told them not to do.

  • [Avatar for Anon]
    Anon
    November 13, 2018 10:01 am

    Not to ignore the thrust of the article, but this past Sunday’s 60 Minutes had a piece that asked a different (albeit related, and IMHO, better) question: who owns the data that the social media vehicles (including Twitter) manipulate?

    This was asked of a CEO type of a company that relies on that data.

    Naturally, he did not want to answer that question, and in fact he refused to answer that question. Instead he wanted to recast the discussion.

    This related to the differences in how Europe treats that underlying data through which social media operates and how the US treats the data (including GDPR impacts).