Who owns your data?
Posted by Jane on Nov 02, 2015
At the risk of stating the obvious, it’s the 21st century. And this means that practically every business – large or small – has an online presence. Website, Facebook page, LinkedIn profile, Twitter feed, you name it, most businesses are using some form of online and social media marketing to put products and services out there.
However, it’s not only the businesses; it’s also the individuals that work for them. Employers actively encourage employees to use social media in the course of their jobs – business cards, for example, are rapidly becoming passé when a mutual connection on LinkedIn gives you all the contact information you need. This raises a question for employers. When business-critical data is collected by an employee in the course of their employment, but they store and access that data online through a personal profile… who owns that data?
Ownership of cloud content is a cloudy issue
Ownership and use of online data is a recurring hot topic. Usually this revolves around personal data and most often, Facebook: the issue of who owns uploaded content and, more pertinently, how information about how that content can be (and is) used for targeted marketing campaigns. The backlash against data usage can be seen in the surging popularity of new social media network, Ello, which promotes itself on having a charter that says, “Ello shall never make money from selling user data.” But while individuals (1.35 billion of them on Facebook at the last count) are concerned, businesses aren’t; but perhaps they should be.
It’s common in certain lines of business – especially sales – to include a non-solicitation clause in employment contracts. After all, you don’t want to be paying someone to build up an impressive client portfolio only for them to leave, set up on their own, and then steal your business away from you.
The enforcement of such clauses has always involved some practical difficulties. Once upon a time, the departing employee might be asked to hand over their rolodex or address book. With corporate email, their Outlook (or whatever) data sat on an in-house server and was easily retained. But with LinkedIn (and other private cloud storage options) how does an employer retain that client data, and are they allowed to anyway?
Furthermore, when your ex-employee updates their profile, LinkedIn sends an automatic message to their contacts. Going back to your non-solicitation clause, does that count as soliciting business or not?
A few legal precedents
A case in the UK courts some years ago (2008) saw an ex-employee of the Hays recruitment firm, forced to hand over his LinkedIn data. That seems clear enough but a CIPD article about this very issue shows that the issue is still current. Interestingly, a more recent case in the US courts took the opposite view, that the sheer availability of information in social media, argued against that data belonging to the previous employer. And just to swing the pendulum the other way, a recent case in Australia found it was fair to dismiss an employee who’d been soliciting business from his employer’s clients via LinkedIn. In other words, the legal position has yet to settle down.
What to do?
The solution is classic HR: you need a clear policy and you need to make employees fully aware of it. As and when they leave your employ, they should remove LinkedIn connections that were made in the course of their employment with you. There’s still the practical difficulty of enforcement, but the first and most important step is having an up-front policy.
Request your free trial
Online software, simple pricing, and a smart business tool to make it
easy to manage people