Mind your own business – how can a business protect its social media contacts?
Michelle Lawlor-Perkins, Blake Morgan LLP
Business contacts are the life blood of most companies and can require many years of investment to grow and to see a return. In today's age of technology, many businesses now store contacts not only internally, such as on its company database, but also on social networking forums, like LinkedIn. If an employee leaves a business and seeks to take with them key contacts, this can be hugely damaging to the business. So who owns the social media contacts and what steps can a business take to protect them?
Who owns the contacts?
To date, the question of who owns social media contacts is one which has been relatively untested. Cases suggest, however, that contacts that are created and maintained by an employee on an employer's computer system belong to the business, even if those contacts are accessed remotely, such as from a Blackberry (see the court's decision in Whitmar Publications Ltd v Gamage http://www.bailii.org/ew/cases/EWHC/Ch/2013/1881.html). The employee might, however, be able to retain contacts he made prior to joining the business (see the court's decisions in Penwell Publishing v Ornstein http://www.bailii.org/ew/cases/EWHC/QB/2007/1570.html and Hays Specialist Recruitment (Holdings) Limited and Another v Ions and Another http://www.bailii.org/ew/cases/EWHC/Ch/2008/745.html).
Potential legal remedies
No court has specifically addressed the question as to whether a list of contacts on LinkedIn or another social media platform amounts to a "database" which is therefore capable of being protected by the UK's database laws. Where, however, an employee builds up his social media contacts by, for example, pursuing leads and sending invitations, it is highly likely that a court would take the view that the employee's social media account amounts to a "database" within the meaning of the law. Accordingly, a business could benefit from database rights to protect its social media contacts. Further, employees who misuse social media contacts are likely to be in breach of their implied duties they owe to their employer, meaning that a business could take appropriate disciplinary action against the employee if the employee is still employed.
Practical steps for protecting social media contacts
Undoubtedly the best way to protect social media contacts is by taking preventative steps against their misuse. The key to achieving this is the contractual documents and policies and procedures of the business. A business should take the following proactive steps at the outset of an employee's employment to minimise damage to its business:
- Issuing contracts of employment that expressly prohibit misuse of an employer's confidential information both during and after an employee's employment. The definition of what constitutes the "confidential information" should be tailored specifically to the business and should be defined to include an employer's actual clients or potential clients.
- Appropriate post-termination restrictions should be included in the employee's contract, which could include seeking to limit where the employee can work after they leave the business and/or limiting the clients and remaining employees that can be contacted. These restrictions should be carefully and reasonably drafted to increase the likelihood of enforceability, and should be reviewed periodically, including when an employee is promoted. Failing to do so could mean that the restrictions are unenforceable (see for example the court's decision in Bartholomews Agri Food v Thornton http://www.bailii.org/ew/cases/EWHC/QB/2016/648.html).
- Contracts could also require an employee to delete from LinkedIn (and all other social media platforms) contacts that were acquired during the course of employment and to confirm that they have done so.
- Employees should also be issued with a clear social media policy, which sets out how social media should be used and should make it clear that action could be taken by the business if there is a breach of the policy so as to act as a deterrent against misuse.
Taking the time to carry out the above steps will undoubtedly help a business to deter former employees from seeking to attack its business and should help to avoid timely and costly litigation.