Australian software company unveils social media monitoring program as reputation fears grow

An Australian company is ramping out a new piece of software which allows companies to monitor their employees’ activity on social media programs, and reports any activity that could be in breach of company policy.

But businesses are being urged to carefully implement a detailed legal framework before they introduce any monitoring activity, with a legal expert suggesting employers could face legal action if they do not properly warn employees before monitoring takes place.

Queensland-based Netbox Blue, which was co-founded by BRW Young Rich List entrant Trent Davis, says its new SafeWatch software will help businesses struggling to monitor employee activity on social media sites, such as Facebook and YouTube.

Davis was listed on the 2009 Young Rich List with a $56 million fortune. He founded NetBox Blue in 1999, with John Fison joining on as chairman in 2005.

Fison says the company developed the software over time as more of its customers noticed employees were spending more time on these sites, and wanted a solution for protecting the corporate reputation.

“We’re starting to roll this out to a few early customers, and it’s been in the development cycle now for a couple of years. We’d been doing a lot of space in email monitoring during the past few years, and also increasing that activity for corporates. Now we’re taking that one step further as more companies requested help for social media.”

The software works by setting up a number of keywords or phrases. Whenever an employee connected to the network mentions those keywords or phrases on a social network, a report is immediately filed and an administrator notified.

The report contains the message converted into a “common format”, which the company says allows the message to be stored in a log. The software can also be installed on company laptops.

“The company might put their own name in, or a customer name, or some type of record. It could even be profanity, or that type of breach. The clever part is the ability to deconstruct the messages from different areas and produce it in a format where the company can apply specific rules for notifying themselves.”

The software currently monitors activity through emails and messages, status updates or “tweets” on Twitter, Facebook, MySpace, YouTube, Gmail, MSN Messenger, Jabber and Yahoo.

Currently the software is being used by a number of schools, including a 2,000-strong laptop network at Queensland’s John Paul College, but Fison says the corporate sector is catching on.

“We’re trying to position this as a positive tool rather than a negative monitoring type tool. Spyware technologies are designed for the head-over-the-shoulder approach, and we think companies wanting to progress need to use social media – this is a way to make sure its being used properly.”

But Fison says the company is aware of the privacy issues surrounding social media, and says the software is only one small part of what a company should be doing in regards to developing policies around the use of social media.

“Our technology is only part of an overall solution. We would always recommend that companies develop a strategy for using social media sites and put in place a legal and HR framework that builds on those acceptable policies.”

“I think companies can work with legal firms quite closely to develop these policies. I think companies have the right to analyse that traffic on their networks and monitor for any breach in policy, but it needs to be done within existing legal frameworks.”

Bronwyn Maynard, senior associate and team leader at Harmers Workplace Lawyers, says businesses should be extremely careful in setting up monitoring policies in order to avoid extremely harsh legal penalties.

“A key due diligence step is for businesses to ensure, prior to implementing such software, that they understand and adhere to relevant obligations under privacy legislation.”

“In New South Wales, for example, the Workplace Surveillance Act imposes obligations on employers in relation to the implementation of “computer surveillance” of employees, which would encompass the use of such software by companies.”

Maynard says business could face harsh legal action for breaches of privacy legislation. She mentions that a company terminating employment agreement through information unlawfully obtained could be unable to use that information in court if the employee challenges the decision.

“The key step is for companies to ensure that they have a policy in place, that is circulated to employees, (by email is fine), that lets employees know of the computer surveillance that the company will, (or may), undertake.”

“In New South Wales, due to obligations in the Workplace Surveillance Act, the policy needs to be in place at least 14 days before the surveillance is due to commence, and needs also to inform employees about the kind of surveillance being implemented, how it will be carried out, when it will start, and whether it will be continuous or intermittent.”

COMMENTS