Caution: Blogging May Be Hazardous to Your Job

By Rory O'Connor, AlterNet. Posted June 16, 2006.

It's hardly news to the technically savvy that emails written and sent while at work are about as private as Paris Hilton's sex life. In fact, nearly half of all large corporations actually employ staff solely to monitor outbound employee email. And according to a recent survey of nearly 300 decision-makers at large U.S. companies, conducted by the messaging security company Proofpoint Inc., there is growing concern in corporate America over the fact that information deemed sensitive by the enterprise is escaping through electronic channels. In fact, more than half of the companies surveyed expressed "uneasiness" that regulations guarding the firm's privacy are regularly violated by members of their "e-communication" communities.

As a dedicated blogger, however, I was particularly disturbed by the finding that nearly one in five companies has disciplined an employee in the past year for disobeying blog or message board policies -- and more than 7 percent have actually fired workers for violating those policies. Bloggers beware! The job you save may be your own

In its annual study of content security issues, Proofpoint found that "outbound electronic communication protocols" are seen as an ever-increasing source of risk for companies. No wonder -- more than a third of all large companies reported that they had investigated suspected email leaks of confidential or proprietary information or a suspected violation of privacy or data protection regulations in the past year.

While emails have long been a major source of corporate exposure, newer communication channels are now seen as increasingly risky as well, according to Keith Crosley, Proofpoint's director of market development. Crosley, who designed the annual survey, agrees that "a significant number of large corporations are newly concerned about emerging technologies." The companies fear that financial data, health care information, or other private materials may be posted in blogs, sent through instant messaging, or transmitted by other means -- and they have begun rigorously enforcing regulations aimed at protecting data they see as private and/or proprietary, as the survey's key findings reveal:

• Nearly one in three companies has fired an employee for violating email policies in the past 12 months, and more than half have disciplined employees for violating email policies.
• More than one in five companies say they "were impacted by improper exposure or theft of customer information," while 15 percent suffered from "improper exposure or theft of intellectual property."

The companies estimate that more than 20 percent of outgoing emails contain content that poses a legal, financial or regulatory risk, most commonly in the form of messages containing confidential or proprietary business information. More than 25 percent of companies surveyed were ordered by a court or regulatory body to produce employee email in the last year. But many companies also noted that their confidential, sensitive or private information was exposed not by their own employees, but instead by a third-party vendor or outsourcing firm with whom they share data -- which suggests that the corporations may be blaming the wrong people at times.

"This is not just companies being paranoid about blogging, because they don't understand it," says Proofpoint's Crosley. "This is a real enterprise issue, and there are real risks and impacts to the companies. One of ten publicly traded companies surveyed say they investigated the exposure of financial information that was directly relevant to the corporation in the past year. Obviously such exposure can negatively impact the price of a company's stock, and it could lead to insider trading issues as well."

For years, employee email has been where the action is in terms of corporate efforts to protect personal identity and keep financial information confidential, prevent the dissemination of confidential internal memos or private health care information, or ensure compliance with financial disclosure or corporate governance regulations. But now it is the emergent blogosphere, along with instant messaging, peer-to-peer networks, and message boards, that corporations see as a bigger threat moving forward -- and the empire has begun to strike back with an unprecedented wave of discipline and firings.

Ironically, knowing what is and what is not an acceptable form of electronic corporate communication is often difficult. Proofpoint's survey shows that only 60 percent of large corporations even have a policy on blogging -- and of those that do, many provide little or no training of employees as to what is acceptable.

"There should be much more dialogue between employers and employees to define what is acceptable and to understand what might be a problem," concludes Keith Crosley. "Many employees literally have no idea that they may be inadvertently communicating something harmful to the corporation -- until it's too late."

What's the bottom line for workers? Crosley's advice is that they educate themselves. "Understand what your employer's policies are in regard to email and blogging," Crosley warns, "or you could be unpleasantly surprised."

              

Filmmaker and journalist Rory O'Connor writes the Media Is A Plural blog.

Liked this story? Get top stories in your inbox each week from Media and Technology! Sign up now »