Legal risks of social networking for business

Much has been written on the “perils” of engaging in social networking by Australian business.  There are even some decided cases that have emerged in 2011 which highlight some of these perils.  Whilst there is no need to panic, by participating on Social Media Sites (SMS) during and after hours Employees can, and do, expose themselves and their Organisation to a diverse range of legal risks associated new millennium scenarios that remain largely untested legally.

social-media-croppedWhat’s all the hype about in social media?

Facebook, Twitter, Linkedin, Youtube and numerous other Social Media Sites, have become a part of our daily lives.  Its seem that almost everyone from young to old, rich to poor, CEO’s to tradespeople are engaging.  Moreover, the advent of Twitter has made live televsion an interactive event.  Social Media Sites are no longer just for Gen Y’s they have now become an invaluable marketing tool for organisations from large to small.

Social media is now available in numerous different  formats including forums, weblogs, social blogs, wikis, podcasts, pictures, video, and countless derivative applications that pop up almost daily.  It provides organisations with many opportunities such as business development, branding and client communication, but how about the disadvantages?  One of the predominant disadvantages is that Social Media Sites can distort the boundaries between the work and private life of employees, meaning that people now interact in a social setting and also do business as a result of this interaction.

The expansion of social networking law

In recent times, across all jurisdictions there has been an evolution of the law in relation to social media.  We have seen that website owners can owe a duty of care to their users, individuals who cannot be located can be served on their Facebook profile, profile pages of individuals can be used as evidence, paternity orders can be served by Facebook and Company Directors can be fined personally for misleading and deceptive statements left by others on their Facebook Wall.  As a result, legal risk is growing just as fast as the ever emerging technology.

Classification of risks associated with participation in Social Media Sites

The presentation of an ordered nomenclature of legal risks in this area is not easy.  This is because the risks cross both statutory and common law boundaries and are evolving at the same rate as the technology  itself.  Nonetheless, the following table shows a classification system and whether the threat is internal or external to the organisation or both:

Risk Category Internal External
Confidential Information – loss and



Wrongful dismissal


Statutory Risks

  • Trade mark infringement – Trade Marks Act 1995 (Cth)
  • Copyright – Copyright Act 1968 (Cth)
  • Privacy – Privacy Act 1988 (Cth)
  • Discrimination – Anti-Discrimination Act 1991 (Cth).
  • Misleading and deceptive conductCompetition and Consumer Act 2010 (Cth) and Trade Practices Act 1974 (Cth)
  • Defamation – Defamation Act 1995 (Qld) and Common Law
  • Negligent misstatements – Common Law








Occupation and organisation specific risks

  • Specific to the industry that the organisation operates in.


Reputation risk



Loss and disclosure from confidential  information

Business networking sites such as LinkedIn allow individuals to network with others by creating a connection with them.  Employees are able to upload their email address book to LinkedIn and invite clients to connect.  Although seemingly harmless, this can in certain circumstances constitute a breach of confidential information, as the employee is publicising their organisation’s database.

In addition, when an employee exits the organisation they are subsequently able to change their status on their LinkedIn profile and notify all their connections (which may include parts of the organisation’s database)
of the new company that they work for.

Breaching continuous disclosure obligations

Employees and officers of listed public companies could breach their continuous disclosure obligations through inadvertent disclosure by inviting individuals connect on LinkedIn, Facebook and or Twitter.

Furthermore, employees should take reasonable care when inviting individuals to LinkedIn with who they work with.  An example is when a contact is recommended as a “partner”, when in fact that an alliance has been formed between companies has not been announced to the market.

Tweeting, tagging and status updates

By publicising what you are doing and your location on Social Media Sites, there is a chance that an informed user could make inferences based on your activities.  An example is when you are supposed to be at a
business meeting and you tag yourself on the Gold Coast, with a status update of “enjoying the sun”.  The disclosure of your location may be an inadvertent breach of confidential information and a listed public company’s continuous disclosure obligations.

Wrongful dismissal

In the decision of Mr Damien O’Keefe v Williams Muir’s Pty Ltd  T/A Troy Williams The Good Guys[1], Fair Work Australia upheld the right of an employer to dismiss an employee over a crude and threatening Facebook rant against a manager that was posted out of hours on his home computer.  The Tribunal’s deputy president stated “The fact that the comments were made on the applicant’s home computer, out of work hours, does not make any difference“.  It would seem that this case is simply an extension of common law principle as decided in B. Rose v Telstra Corporation Limited Print Q9292 (1998) IRCommA 1592.

Trade mark infringement

Most Social Media Sites have the capability to establish personalised URLs, groups, and fan pages for users.  An example is www.facebook/dundaslawyers.

Has your organisation reserved all the names that it can on Social Media Sites to protect itself from someone taking your trademarked name?

What would you do if someone had taken your trademarked name on a social media site and started using it inappropriately without your  consent? What’s worse is that its possible that an organisation in another country may have an equal and competing right to use that name in their country.

Misleading and deceptive conduct

In the case of Australian Competition and Consumer Commission v Allergy Pathway Pty Ltd (No 2)[2],  a question arose for determination was whether Allergy Pathway Pty Ltd (AP) and its Sole Director were
responsible for false and or misleading and deceptive statements made by third  parties on its Facebook and Twitter pages.

In 2009, the Australian Competition and Consumer Commission (ACCC) brought proceedings in the Federal Court against AP and its sole Director Mr Paul Keir alleging that representations made about its allergy diagnosis products were false.  The allegations were not contested.

In 2010, the ACCC subsequently alleged that AP and Mr Paul Keir breached their undertakings and was in contempt of Court by publishing statements which included testimonials written by clients that were posted on
AP’s website and social media pages.

It was concluded by the Court that AP “accepted responsibility for the publications when it knew of the publications and decided not to remove them. Hence it became the publisher of the testimonials”.[3]

The case provides an important lesson that a party can be liable for comments made by third parties on their social media pages if they are knowingly false, misleading and deceptive and they knew of the statements
existence and still failed to remove them.

As a result, organisations engaged in social media should regularly monitor comments made by third parties on their social media pages and quickly remove statements that they know to be false and or misleading and


Do your managers accept all friend requests on Social Networking Sites from their  employees?  Does non-acceptance of a request amount to an act of indirect discrimination?

Section 7 of the Anti-Discrimination Act 1991 (Cth) (Anti-discrimination Act) prohibits discrimination on the basis of a variety of attributes such as sex, relationship status, age, race and so on.   If Managers indiscriminately accept Friend requests, it could be argued that the non-friending could amount to discrimination on the basis of one of the attributes in section 7.

Organisation’s liability for employee acts of defamation

The general rule is that an employer can be variously liable for the acts or omissions of their employees.  An employer could be held liable for defamatory acts and or statements of an  employee, if the employee was engaged by their employer to perform social media tasks.

Reputation risk

Reputation risk is probably the most imperative risk to minimise in the social media environment, as the intangible loss of reputation can significantly damage the hard earned brand, in a very short time.  Numous example of reputation of organisations being harmed on Social Networking Sites occur on a seemingly daily basis.   The dominos viral video disaster is but one.

What can an organisations do to protect themselves?

An organisation can implement several safeguards against the unwanted conduct of its employees, contractors and third parties on Social Media Sites.  These include and are not limited to:

  • blocking Social Media Sites that are not being used as part of an employees tasks;
  • monitoring employees use of Social Media Sites whilst at work;
  • reviewing employee/contractor contracts who participate in Social Media Sites as part of their job and include revised clauses relating to use of Social Media Sites;
  • introducing a comprehensive Social Media Policy to provide guidance and to bind employees both during and after work hours;
  • engaging various technological measure to protect against viral and malware threats;
  • engaging a social media reputation monitoring service;
  • training employees in how to engage effectively in Social Networking Sites and knowing when to escalate issues to their legal advisers;
  • having a system in place to respond to complaints on forums, sites and fan pages; and
  • having a documented effective social media strategy in  place; and
  • preparing a Crisis Management Plan to deal with a social media crisis.

Like most things a common sense approach is required and senior management should be involved in the process.  Senior management needs to make informed decisions relating to the acceptance or rejection of the identified risks that are specific to their organisation so that they can obtain the benefits of participation.

Related articles

How much is a Twitter follower worth?

Social Media Policies are a necessity for Large Companies – Fair Work Australia

User posts are advertisements!

Media commentary involving Dundas Lawyers

More than social – BRW

Paternity test ordered via social network Facebook – The Australian

In the Black – the Magazine of CPA Australia.

Using Social Media – Know your legal risks – Sydney Morning Herald, 18 January 2012

Dundas Lawyers is a Commercial Law firm based in Brisbane and advises organisations on issues of corporations law, intellectual property and technology law.  Legal Practice Director, Malcolm Burrows is a
leading authority on legal issues faced by organisations in Social Media.  He has done numerous radio interviews on the topic and commented in magazines published by the Australian Institute of Company Directors (AICD) the Institute of Chartered Secretaries and recently “In the Black” the magazine of the Institute of Chartered Accountants.

Malcolm Burrows B.Bus.,MBA.,LL.B.,LL.M.,MQLS.
Legal Practice Director
Telephone: (07) 3221 0013
Facsimile: (07) 3221 0031
Mobile 0419 726 535


This article is general in nature and cannot be regarded as legal advice. It is general commentary only. You should not rely on the contents of this article without consulting one of our lawyers. If you would like advice regarding how the law applies to your individual circumstances, then please contact Dundas Lawyers.


[1]  [2011] FWA 5311.

[2]  [2011] FCA 74.

[3]  Australian Competition and Consumer Commission v Allergy Pathway Pty Ltd (No 2) [2011] FCA 74 at 33.

Send this to a friend