Social Media Use by Teachers and Students: OCT Recommends Limits

The Ontario College of Teachers has recently issued a professional advisory recommending strict limits on interactions between teachers and students through social media.  The advisory emphasizes that teachers are professionals, who are held to high standards of conduct, in both their professional and private lives.  Since inappropriate electronic communications with students – including those outside of school hours and unrelated to school matters – can lead to teacher discipline, and even criminal charges, the OCT recommends that teachers take certain precautions in their electronic communications, particularly through social media.  Among other guidelines, the advisory recommends that teachers:

  • not be “friends” with students on Facebook, refrain from “following” students on Twitter, and otherwise avoid personal connections with students on social media;
  • notify parents before using social media for classroom purposes; and
  • use appropriate privacy settings when using social media, to ensure that students may not access personal or inappropriate postings.

The recommendations are not surprising, given the high standards of conduct expected of teachers, and the perils teachers may face from inappropriate use of electronic media – as illustrated by the recent Ontario Court of Appeal decision in R. v. Cole.

Although specific to the educational context, the OCT’s professional advisory reflects the importance of addressing the impact which social media, and electronic media in general, can have in various settings.  Employers should consider whether the dynamics of their workplace justify guidelines or policies on the appropriate use by employees of social media, for example, in their interactions with each other or with customers, suppliers or other parties.

A link to the OCT’s professional advisory is here, and a related CBC article is here.

Employer access to employee e-mails in Canada

I presented at an OBA privacy conference back in early June but held off posting a short paper I wrote for it entitled, “Employer access to employee e-mails in Canada.” The paper argues that there are signs that the traditional “no expectation of privacy” approach to addressing employer access to employees’ stored communications is waning, leaving employers with a choice between giving clearer notice to employees or, alternatively, implementing purpose-based controls to protect employee privacy.

This is a hot topic north and south of the border, and was so even before the Superior Court of New Jersey Appellate Division issued its much discussed decision in Stengart v. Loving Care Agency on June 26th.

Stengart is about whether privilege is waived in solicitor-client communications that are stored on an employer’s system. Our own leading case on this issue is Daniel Potter, which suggests that privileged communications made by employees on employer systems deserve greater protection than other “private” employee communications. Despite this distinction, the reasoning in Stengart is very broad, very pro-privacy and is further reason for employers to pay heed to the issues I raise in my paper.

For a copy of the full paper, please click here. And please feel free to contact me or comment below with your feedback and ideas.

OBA’s “Hot Issues” seminar and employee computer monitoring

I delivered a presentation at the OBA’s “Hot Issues in Privacy Law” seminar this morning called “Employee Computer Monitoring: Wither the most certain management right of all?” Here are the slides:

I prepared a paper for the presentation that I’m trying to re-purpose, and am going to hold off on publishing it for now. I hope I can make it available in one form or another soon. [Addendum: Here’s a copy of my speaking notes, which contain some of the key ideas.]

I enjoyed attending the entire session. The issues kept coming back to data security, which makes sense given the costs and risks of data breaches. Coincidentally, I had a call right after I returned to the office on a breach. For what it’s worth, I don’t find a discussion of costs and risks very helpful in guiding clients through the decision making exercise. Instead, I guide them to make decisions with a view to writing the story that they can cling to however all the external (and uncontrollable) factors play out. But even if I play my role to its best, it still can leave clients with some agonizing decisions. So if there’s one thing I can echo from today’s seminar, investing in prevention is a great idea. Data breaches suck!

You can read what are essentially a copy of my notes for the morning here. Remember to read from the bottom up.

Enjoy!

Cloud Computing, Second Life and the University

This is the title of our just-published university sector client bulletin. It was one of those writing projects I thought I could tackle quickly but led to some significant inquiry and learning, all of which was rewarding. It is written for universities but is relevant to anyone with responsibility for computer use policy in an organization. Click here for more. Hope it is helpful.

Case Report – Employer owns mixed contact list stored on its system

In this United Kingdom departing employee case from this June, the High Court held that an employer had exclusive ownership of a contact list alleged by an employee to be his personal contact list because it was maintained on its computer system.

The defendant was a journalist who worked in trade publication and conference buisnesses for a number of years before joining the claimant, who operated a similar business. He gave evidence that he maintaned a personal contact list, updated it from time to time, and had over eight years of editorial and industry contacts amassed when he commenced employment with the claimant. Nine years later, and after transferring the list to an MS Outlook database maintained by the claimant and adding work-related contacts, the defendant left with two other employees to start a competing business. In addition to suing to recover damages for the defendant’s pre-departure breach of loyalty and fidelity, the claimant disputed his ownership of the list.

Although it held that the company had not effectively incorporated its computer use policy into the defendant’s contract of employment, the court nonetheless found it had exclusive ownership of the list. It made the following broad statement:

I am satisfied that where an address list is contained on Outlook or some similar program which is part of the employer’s e-mail system and backed up by the employer or by arrangement made with the employer, the database or list of information (depending whether one is applying the Database Regulations or the general law) will belong to the employer…

In all those circumstances, I find that such lists will be the property of the employer and may not be copied or removed in their entirety by employees for use outside their employment or after their employment comes to an end.

Because this is not likely to be appreciated by many employees, it is in my judgment highly desirable that employers should devise and publish an e-mail policy…

In the absence of such a laid down policy, I next have to consider the status of contact details which have been put on to an employer’s system by an employee for their own use outside their employment, in ignorance of the fact that they would thereby become part of the Claimant’s property…

In my judgment it is reasonable to imply in the absence of any laid down guidance a term that an employee will at the end of their employment be entitled to take copies of their own personal information and, where the information is person [sic.] and confidential to them, such as details of their doctor, banker or legal adviser, to remove them from the employer’s system.

Most forms of e-mail system will permit the creation of compartmentalised address books, so that ordinarily an employee will be able to put their own personal contact details of friends, relations, and the like into a personal address book. In those circumstances, in the absence of clear evidence of an e-mail policy, I would be inclined to the view that ownership of that part of the database resided with the employee…

In assessing the facts, the Court held that the defendant copied the entire mixed list for the purpose of competing with the defendant and that it would not be appropriate for it to parse the list. It ordered the sequestered database to be delivered up to the claimant and enjoined the defendant from using it except for contact information “known by other means.”

Pennwell Publishing (UK) Ltd v. Ornstien, [2007] EWHC 1570 (QB).