To read more about privacy issues arising from social media, click here.

Every time the courts reach some semblance of comprehensive standards for e-discovery, it seems another new technology comes along, adding even more jumbled pieces to an already challenging puzzle. Along with instant messaging (IM) and social networking sites such as Facebook, Twitter has become one of the most recent and popular innovations in Web 2.0 technology. Some jobs encourage use of the microblogging site, where users can post brief statements, or “tweets,” that answer the question “What are you doing?” and send public messages to other members. Even President Obama had an account during his election campaign.

An increasing number of companies, including JetBlue, Comcast and General Motors, have employees monitor what the public says about them on Twitter, and some companies tweet back to consumers.

In today’s workplace, IM can often increase job efficiency and ease the anxieties of working parents. Jeane Thomas, a partner at Crowell & Moring and chair of the firm’s e-discovery group, has worked with clients who use IM to make sure their children arrive home from school safely, and many employees communicate with each other via IM because it’s faster than waiting for e-mail responses.

But these and other popular new forms of online communication carry risks for employers because the content is discoverable, just like e-mail and any other electronically stored information (ESI).

“When it comes to text messaging, IM and Twitter, people are not thinking it could be discoverable,” Thomas says. “They think when they close that message box it’s gone, and no one will ever find it.”

Troublesome Tweets

This misperception about the permanence of IM and Twitter communications may lead to inappropriate work behavior and resulting employer liability.

“I’ve seen a lot more vulgar language and racier topics being discussed [in IM],” says Jeff Beard, a senior consultant at Daticon EED, an e-discovery service provider. “People think they’re having a private discussion when they’re not.”

As a result, IM records can provide evidence of offenses including sexual harassment or discrimination.

Additionally, Twitter’s length limit can make communications opaque and potentially damaging in court.

“When you send one of these tweets explaining what you’re doing, it has to be 140 characters or less,” Thomas says. “That may cause people to use a lot of shorthand or say things not fully in context.”

Employees using Twitter, IM, Facebook or MySpace always leave discoverable information somewhere, even though it’s often not on internal company servers. This can complicate e-discovery, but it doesn’t mean the data is inaccessible.

“You have to assume it exists somewhere,” Thomas says. And savvy attorneys already have started requesting records from social networking sites and IM providers as standard discovery procedure.

Confirming Claims

But online communications aren’t just a liability for in-house attorneys. Defense counsel are also using IM and social networking site records to defend against certain kinds of claims, according to Albert Barsocchini, associate general counsel at Guidance Software, an e-discovery software provider.

For example, legal departments can use social networking sites as a defense against sexual harassment suits–by finding evidence online that a plaintiff routinely invited or encouraged the type of conversations about which he or she has complained. And they can verify workers compensation claims: If a person is photographed at a dance club the night after he supposedly hurt himself at work, the claim could be bogus.

In Beye v. Horizon Blue Cross Blue Shield of New Jersey, the insurance company defendant was fighting claims from people with eating disorders. It successfully subpoenaed e-mails, journals, diaries and communications–including entries on Web sites such as MySpace or Facebook. According to court documents, Blue Cross wanted to use the material to “get a snapshot of the [plaintiffs'] condition and reports about the condition.”

There are no hard and fast rules or substantial case law at this point regarding admissibility and discoverability of online communications, but experts say legal departments should follow this guiding principle: If information is potentially relevant, then it’s also discoverable.

Policy Power

The key to managing emerging online communication tools is to keep your head out of the sand, says Craig Carpenter, vice president and general counsel of Recommind, an e-discovery provider. You can’t fight new technologies, so you have to adapt to them. Corporate policy is a good place to start.

For example, unless there is an overriding business purpose that necessitates the use of Twitter at work, Thomas recommends a policy disallowing it for business communications.

If there is a need for social networking on the job, Barsocchini suggests banning personal communication from business accounts. “You don’t want to mix personal stuff with business stuff because there are too many examples of embarrassing situations arising when you do that,” he says.

Since IM is so widely used in offices, experts suggest adopting an internally hosted client so the company can decide whether or not to archive conversations–and they generally advise against archiving, unless there is pending litigation.

But company policy is only the beginning.

“The policy is important,” Carpenter says. “But what if a judge or jury looks and says, ‘You have this policy, but you never enforced it, you never audited it and you never even took a look to see if anyone was following it’? It may not be worthless, but you’re not going to win that case.”

He recommends trying to understand what employees use and why–and also adapting to employee needs, not just creating blanket restrictions.

Still, aggressive employee training and an awareness that “Big Brother is watching,” in the form of IT or
e-discovery software, can also help discourage inappropriate conduct. Barsocchini suggests management alert employees that their computers may be monitored and that there is no expectation of privacy with a work computer.

“It’s normally enough to have employees take a second thought before using it for an inappropriate purpose,” he says.