I've written before about the dangers of employers accessing employee's social media accounts without appropriate controls in place. One of the biggest risks is that an employer will learn some protected fact about an employee (e.g., medical information) that could lead to an inference of a discriminatory motive if that employee later suffers some adverse action.
Deneau v. Orkin, LLC (S.D. Ala. 5/20/13), illustrates this risk in practice. One week before Orkin terminated Tammy Deneau for repeatedly working overtime without authorization, Deneau posted the following on her personal Facebook page: "anyone know a good EEOC lawyer? need one now." At his deposition, Deneau's branch manager testified that he saw the comment on her Facebook page and faxed it to the division human resources manager, who, in turn, recalled that management-level discussion about the Facebook post preceded Deneau's termination.
The court concluded, with very little discussion, that the Facebook post qualified as protected activity to support Deneau's retaliation claim, and that she had made out a prima facie case of retaliation:
Based on the close temporal proximity between Orkin learning of the Facebook comment and Plaintiff's termination, the Court finds that Plaintiff has established a prima facie case of retaliation.
Nevertheless, Deneau lost her retaliation claim, because she could not prove that the employer's legitimate non-retaliatory reason (the repeated unauthorized overtime) was a pretext for retaliation.
Even though the employer won this case, it nevertheless illustrates the dangers employers face when reviewing employees' social media accounts. Facebook, Twitter, and other social media channels can prove to be treasure trove of protected information—information about an employee's personal and family medical issues, religious issues, genetic information, and, like this case, protected complaints about discrimination.
If you have a legitimate reason to review an employee's social media accounts (e.g., is the employee trashing your business online, or is the employee divulging confidential information?) do so with appropriate controls in place. Have a non-decision maker conduct the review, and provide to the appropriate decision makers a report sanitized of any protected information. This simple control will insulate your organization from any argument that the decision maker was motivated by an unlawful animus based on protected information discovered in the employee's social media account, and could prevent an expensive and risky lawsuit.