Avoiding the risks

An outline of steps employers can take to avoid the pitfalls of social media
By William Watson and Susan MacMillan
|Canadian HR Reporter|Last Updated: 08/08/2017

It’s 2017 and social media has never been more popular. Many people use social media accounts daily — and employees and employers are no exception. 

But social-networking sites are rife with offensive behaviour and inappropriate images. So it’s not surprising that an employee’s online “bad behaviour” can negatively impact her employer.

More surprisingly, an employer’s use of its own accounts can also be problematic.

Taking proactive steps is the only meaningful way to minimize a company’s exposure to both sources of risk.

“But it’s my personal account”

Many workers don’t see a connection between their social media presence and their job. This is particularly true when employees are online outside of work hours — their perception is they ought to be entitled to do what they want and say what they want.

But employers are increasingly being identified in relation to online bad behaviour by employees. Toronto Fire Services, Hydro One and Postmedia are among a growing number of employers whose names were in the headlines after employees’ inappropriate tweets or behaviour outside of work hours emerged in the media or went viral.

Employees, or their unions, may also take deliberate action in the cyberworld to make an employer look bad. For example, last December, the union representing pilots at Amazon’s air freight delivery partner went online to warn customers the pilots needed a fair contract, otherwise orders would likely not be delivered in time for the holidays.

This action was clearly meant to damage Amazon’s reputation and business.

Legal risks still taking shape

New developments in privacy law are rapidly emerging, including novel responses to disturbing trends on the Internet.

For example, in 2016, a new privacy tort, “public disclosure of embarrassing private facts,” was introduced by the Ontario Superior Court in an undefended motion in Jane Doe 464533 v. N.D. While the decision has since been set aside to be determined at a full hearing with both parties in attendance, it wouldn’t be surprising to see this tort applied again when the Jane Doe case is reheard, or in another case.

The tort of “intrusion upon seclusion,” established by the Ontario Court of Appeal in 2012 in Jones v. Tsige, is another recent protection against invasion of personal privacy.

Companies are at risk of being brought into such actions if the plaintiff can argue the employer was vicariously liable for the actions of its employee.

Educate employees

A comprehensive social media policy is the best way to make employees think twice before they tweet or otherwise express themselves on social media. The policy should specify:

• who it applies to (in addition to employees, consider including contractors or others whose communications could reflect on the company)

• what employees can and cannot do (for example, don’t connect social accounts to work email addresses, don’t use social media for internal communications and don’t bad-mouth the company)

• allowable conduct on personal devices outside of work hours

• what disciplinary measures will apply.

It’s also important to define “social media” broadly to avoid leaving the door open for employees to argue they didn’t know a particular form of social media was covered. Employees also need to be trained and retrained regularly on the policy, and should sign off their agreement with the terms.

Employer use can also attract risk

Employers are capitalizing on social media for brand building, increasing their visibility in the market, communicating with customers and stakeholders, recruiting new talent, and more. But there can be risk associated with some of these practices.

In a recent decision, a labour arbitrator found the Toronto Transit Commission (TTC) liable for failing to protect its workers from harassment and discrimination on its Twitter account. The TTC had set up the account to respond to passengers’ questions and complaints. The union sought to shut it down and produced hundreds of tweets from passengers that were abusive, racist, homophobic, threatening or discriminatory. 

While the arbitrator agreed it would be difficult — if not impossible — for the TTC to regulate dialogue on social media platforms such as Twitter, that was not a defence to workplace discrimination or harassment. Although decided in an arbitration context, the principles of the TTC case can also be applied outside of a union environment. 

As a result, all employers should take reasonable steps to address harassing or discriminatory comments directed at workers on their social media accounts, including:

• monitoring their accounts

• responding to uncivil, abusive or threatening online posts targeting workers

• demanding that users immediately delete any offensive post, or face being permanently blocked

• ensuring policy sets out how to deal with such posts.

Social media background checks

A background check on a prospective employee can be as simple as viewing an applicant’s Facebook profile or as complicated as hiring someone to conduct an extensive search.

While checking these sites for information may seem easy and effective, the reality is there are a number of risks associated. Often, there is no way of determining if the information collected is accurate or current.

For example:

• names may be incorrectly listed on photographs or elsewhere

• photographs and other information might be several years old

• the individual performing the check might guess which social media account matches the candidate’s name.

Worse, the individual performing the check might screen out a candidate based on information related to a prohibited ground of discrimination under human rights legislation.

Basing a hiring decision on one or more of these grounds (such as age, race, gender, physical disability or sexual orientation) can result in liability.

Social media background checks may also breach applicable privacy legislation because there is only a limited ability to control the amount of information collected, which may result in the collection of irrelevant or excessive information about an individual, or of third-party information.


Employers need to be proactive in addressing social media issues by establishing, reviewing and updating a robust social media policy that educates employees on what online conduct is permitted and prohibited, and setting out the do’s and don’ts of social media use.

The law is constantly evolving in terms of social media. It’s necessary to stay on top of policy — be sure to diarize an annual or semi-annual review and make any updates needed.

Both at Baker McKenzie in Toronto, William Watson is a partner and Susan MacMillan is a professional support lawyer. For more information, visit www.bakermckenzie.com.

Add Comment

  • *
  • *
  • *
  • *