by Peter Kelman, Esquire
Published in Mass High Tech in two parts, October 11, 1999 & October 25, 1999.
Introduction
The “Instantnet” could be another name for the Internet. Once a statement is published on the Internet, it is instantly available to hundreds of millions of readers worldwide. Unlike printed material which has a short shelf-life, Internet content remains accessible to more and more readers until the author erases it. If material is anywhere, it is everywhere; if material is available at any time, it is available all the time. In other words, the Internet is the perfect medium to promote gossip. The last thing you and your company want is to be the subject of that gossip. As companies like Raytheon and Xircom have discovered, once the genie is out of the bottle, it is tough to put back in. The key is to keep the genie in the bottle. This article will discuss some ways to prevent your employees from transmitting company gossip across the Internet.
The Problem
Many Internet service providers, or “ISPs” (e.g., America Online, Lycos, Excite, Prodigy, to name a few) provide bulletin boards or chat rooms where individuals can post messages about a company. For example, Yahoo! hosts a bulletin board for every publicly traded company. Most ISPs do not edit or examine the content of messages posted by participants. The ISP is merely a passive conduit through which information passes. Congress, in the Telecommunications Act of 1996, conferred immunity on ISPs for the obscene content of messages posted by users. This statute has been broadly interpreted by the courts to confer immunity on ISPs for messages that originate with third party users of the service. See Zeran v. America On-line, Inc., 129 F.3rd 327, (4th Cir 1998). In 1999, Congress reinforced the notion of insulating ISPs from the consequences of the actions of their users in Title II of the Digital Millennium Copyright Act. This law limits the exposure of ISPs to liability for copyright infringement activities of users. See 17 U.S.C. sec. 512, also available on-line at http://lcweb.loc.gov/ copyright/.
Moreover, participants in ISP chat rooms typically use pseudonyms to disguise their identity. Pseudonyms usually are descriptive and designed to achieve some effect by the originator (e.g. “companyemployee”), which casts the message in a certain light. So the Internet provides a medium through which an individual, emboldened by anonymity, can post a message, scrutinized by no editor, to be read by an audience of hundreds of millions of people forever.
Raytheon and Xircom are two high-profile, publicly traded companies that have been the target of negative comments posted on web bulletin boards by individuals purporting to be company employees. In Xircom’s case, an anonymous employee posted false and misleading statements about the company’s product development. In Raytheon’s case, more than 20 employees participated in on-line chat rooms, with code names that revealed proprietary information about company contracts and financial information. Both companies filed lawsuits to compel the ISP to disclose the authors’ true identities. For a company damaged by such statements, this procedure does little to restore image. The battle may be won, but the war is lost. Xircom, in fact, created a web page on which its general counsel defended the actions of the company (see http://www.xircom.com/ vpr/news/archive/ index.html). Hardly a p.r. coup. (For more information on this topic, see the Wall Street Journal, “CEO Exposes, Sues Anonymous Online Critics,” July 7, 1999).
The Company’s Solution
A better approach is to cause an ISP to immediately remove such damaging statements before the information spreads. While ISPs do not have liability for the truth or accuracy of statements posted by their users, most ISPs have a policy defining the rules by which message authors should abide. For example, Yahoo! publishes “Community Guidelines” which set forth the rules for posting messages on its bulletin boards (see http://docs.yahoo.com/info/guidelines/community.html). The Guidelines state that any message which violates Yahoo’s! Terms of Service Agreement (TOS) may be deleted. The TOS is the subscription agreement between Yahoo! and its users (see http://docs.yahoo.com/info/ terms). In the TOS, a user agrees not to post messages which:
- Are defamatory, libelous or invasive of another’s privacy;
- Impersonate any person or entity; or
- Contain information which the user is under contract not to publish (such as inside information, proprietary and confidential information, or information which violates a nondisclosure agreement).
To implement these rules, Yahoo! provides a service whereby a reader can identify an offending message and request that Yahoo! remove it, citing the reason for its removal.
There are a number of causes that can be cited for removal of a message. Perhaps the easiest cause to cite is that the message violates your company’s employee nondisclosure agreement. In this age of electronic bulletin boards, company employee nondisclosure agreements should address the issue of employees posting such messages. A typical employee nondisclosure agreement recites that the employee will not divulge confidential or proprietary information of the company to third parties. This provision alone may not be sufficient. Relying on it to remove a message requires the company to demonstrate to an ISP that the offending message contains proprietary or confidential information. This can be problematic if the message contains information about some aspect of the company, like employee turnover, which is not typically considered confidential. Further a message consisting of mere opinions does not transmit confidential information, (e.g. “Management is in it only for the short-run for the money”).
A better way to prevent publication of such statements is to include a provision in your employee nondisclosure agreement and in your company’s policies and procedures manual that describes a process for posting statements on the Internet. An example of such a provision is:
To insure that the Company delivers a consistent message about its products, services and operations to the public, and further in recognition that even positive statements may have a detrimental effect on the Company in certain securities transactions and other contexts, Employee agrees that any statement about the Company which employee creates, publishes or posts during employee’s term of employment and for six month thereafter, on any media accessible by the public, including, but not limited to electronic bulletin boards and web-based chat rooms, shall first be reviewed and approved by an officer of the Company before it is released in the public domain.
Such a provision does not prohibit an employee from posting statements; it merely provides a procedure whereby such statements are reviewed, for legitimate business interests, before being published. Courts have long recognized the right of an employer to restrict the flow of company information in the context of non-disclosure agreements and reasonable non-competition agreements. A public employer, (a company funded in whole or in part by taxpayer dollars, not necessarily a public company, whose stock trades on an open market), however, is subject to First Amendment constraints which may limit its ability to enforce such an agreement. An analysis of whether an employee can make public statements about a public employer is fact-intensive and goes well beyond the scope of this article. The issue has been addressed by the United States Supreme Court in the case of Pickering v. Board of Education, 391 U.S. 563 (1968).
The best time to ask employees to agree to this condition is when they are hired. However, Massachusetts courts have held that continued employment of at-will employees may supply sufficient consideration to support entering into such an agreement after the employee has been hired. Whenever your employees sign such an agreement, use that opportunity to discuss with them the business reasons for monitoring statements in the public domain. Surely the best way to control the damage from such statements is to prevent publication in the first place.
If despite these precautions, an employee posts a statement about the company in the public domain, the presence of this provision should make your job much easier to convince an ISP to remove the message. ISPs are typically reluctant to remove a message based on it “defamatory nature,” which requires an ISP to enter into a judgment about the truth of the particular statement. However, if you can demonstrate that a statement is in clear violation of a company restriction on such statements, an ISP will be more willing to remove the statement. By extending the prohibition for a period of time after an employee leaves the company, you will have a strong argument for removal of a message posted by the prolific, ubiquitous web author “exemployee.”
If your company is unsuccessful in its efforts to convince an ISP to remove the message, you may resort to a civil lawsuit to compel the ISP to disclose the author’s identity. Such lawsuits are called “John Doe” cases, since the true name of the defendant is not known. As the plaintiff in such a suit, you will have the burden of convincing the court that the information disclosed in the public message is sufficiently damaging to the company that it merits the court to issue a subpoena against the ISP to reveal the author’s identity. However, as Raytheon and Xircom have discovered, the publicity generated by such a lawsuit should be considered before a company embarks on this path.
Conclusion
The best approach to controlling Internet gossip about your company is to prevent it from occurring in the first place. Adopt a policy limiting an employee’s right to make statements about the company in the public domain. Educate your employees about the consequences of such statements. Finally, monitor the various web bulletin boards where such statements appear. An ISP will not police its bulletin boards for you and typical web-based search engines do not examine the contents of individual messages. The task may be an on-going labor-intensive one, but the benefit of early removal of such a message more than offsets the effort involved.
Copy right 1999, Peter Kelman.