As Google+ grows in popularity—now with more than 20 million users—the new social network is triggering a number of questions with legal implications from businesses about potential policy changes, data retention issues and more, according to Joshua Kubicki, senior director of legal and corporate practices at Applied Discovery, an e-discovery provider that works with corporations preparing for and responding to legal actions.
"Google+ changes things by expanding things," Kubicki says. "This isn't just another platform, it's Google's platform, which brings up a lot of issues surrounding privacy like what information Google collects and how they use that information, which isn't necessarily a bad thing. Consumers are constantly trading off privacy to gain products, innovations and services."
To prepare for the potential surge in Google+ interest, Kubicki offers five recommendations that businesses should consider when allowing employees access to Google+ from within the enterprise and on enterprise-issued devices.
1. Include Google+ in your social media policy
Social media policies and acceptable-use policies are important to businesses for a number of reasons, including ensuring that employees understand which behaviors are and are not appropriate, as well as potential consequences.
Just because Google+ is new, doesn't mean businesses should ignore it, says Kubicki. "Legal tends to see a lot of cases of businesses that ignore social media. Instead, they need to be sure they're addressing social media use and specifically including Google+ in their policy."
Here are a few things to consider when updating your policy: Should you allow access to everyone, or select groups? Are employees allowed to disclose where they work? What about company-issued devices such as mobile phones? And, with the advent Google+ Circles, what information can they share privately and publicly?
Kubicki says it's important to note that not everyone understands how to use Google+ privacy controls just yet. And unless you do, you likely think that sharing a post with a circle means only those people can see it. The reality: the members of your circle can actually reshare your post with their circles, and before you know it, your post is no longer private—one reason why it's so important to address all angles of a platform in your policy.
2. Train employees in your policies
The actions you take surrounding social media within the enterprise shouldn't stop solely at creating a policy. The next step—one that most businesses don't take yet is, perhaps, the most important, according to Kubicki—training employees in your policies.
"Too often, companies that have a social media policy stop short of training. We highly recommend that organizations provide training to both the sanctioned users of social media on behalf of the company and also to the rest of the employees," he says.
This training should encompass what the social media policy is, what's allowed, what's prohibited, how use is monitored and what enforcement actions may be taken. Additionally, Kubicki says, the rights of both the employer and employee need to be communicated and understood by all stakeholders.
Training should also encompass all the platforms available to employees, for example Facebook and Twitter, and what the individual functions are. "We do recommend a basic overview on the most popular platforms out there for all employees to establish a baseline of understanding so that digital natives and recent users can communicate," Kubicki says.
3. Consider the potential of Google+
"Right now, there's no search button in Google+, which is a little odd because Google is a search company," Kubicki says. "Once they do have a button, the question becomes, 'What it will be searching?' Will it search what you've posted privately to your circles, or publicly to everyone? And when I search your content, what will it bring up?"
It's important to keep these questions in mind both for your business and your employees, Kubicki says, because you never know how your information will be used in the future.
"AdWords 'reads' your Gmail and analyzes the language, so you could imagine it could also read dialogue in your Google+ Circles," he says. "How comfortable are you that Google has access to your private conversations and uses that information for advertising? That brings up privacy issues."
4. Google+ activity is discoverable in litigation
"Many people think that just because Google+ is a new social network, it's out of the scope of discoverable information in litigation," Kubicki says. "But that's not the case."
He says that all social media is considered electronically stored information, regardless of how old or new the service is, and thus falls within the scope of potentially relevant information. Therefore should a lawsuit arise, an employee's Google+ information could be admitted as evidence in civil litigation.
Since companies are required by law to preserve any potentially relevant data that is reasonably accessible, there could be scenarios where the company may be required to capture and preserve this data itself. Kubicki says that they're already seeing this within the financial services industry, "where this obligation is born out of regulatory compliance needs."
5. Don't discount Google+ yet because of privacy and security concerns
Kubicki is quick to point out, though, that privacy or security concerns shouldn't prompt businesses to block Google+ just yet. It's important that employees "find a personal comfort level because the only way they're going to learn and the only way Google+ will get better is by people using it," he says. "You don't want people being too careful—wade in, don't jump in."
Kubicki also says that Google+ appears to be as safe as any other major platform, though he acknowledges that there will likely be glitches and patches in the future. But between a solid social media policy and proper employee training, he says, businesses should be able to navigate the growing popularity of Google+ smoothly.
This story, "Google+: Five legal issues for businesses" was originally published by CIO.