The majority of organizations utilize social media to market their products and services, interact with consumers, and manage their brand identity.  Many mobile applications and websites even permit users to sign-in with their social media accounts to purchase items or use the applications’ services.

While using third party social media websites has significant advantages for businesses, it also raises distinct privacy concerns.  Specifically, the terms of use that apply to social media platforms may give the platform the right to share, use, or collect information concerning your business or your customers.  To the extent that the social media platform’s privacy practices are not consistent with the practices of your own organization, they may contradict or violate the privacy notice that you provide to the public. The following provides a snapshot of information concerning social media privacy.

74%

Percentage of Fortune 500 companies on Facebook.1

93%

Percentage of Fortune 500 companies with a corporate presence on LinkedIn.2

76%

Percentage of online adults using social networking sites.3

500 Million

Number of accounts stolen in Yahoo’s 2014 data breach.4

 

 What to consider when evaluating your organization’s use of social media:

  1. How would a data breach of social media platforms affect your organization? Do you have a plan if your social media account is breached?
  2. Does your organization share information with an intermediate service provider, such as a social media analytics company, to provide or analyze social media services?
  3. Is your internal data or customer personal information protected under your agreements with third parties, including social media platforms?
  4. What types of customer personal information are solicited, collected, maintained, or disseminated via your social media platforms (g., geo-location)?
  5. Do you display information or images of users or other people, including your employees? Did the people in the images give their permission and/or sign a release?
  6. Is your client list private? Do your employees connect to your clients on social media?
  7. How is information about your customers that is collected from social media sites being stored? Do any third parties have access to that information?
  8. Do users log-in to your services or make purchases through a social media platform?
  9. What type of personal information do your customers share with you on social media platforms?
  10. Does your use comply with the platform’s policy for collecting data from users? Do you review the platform’s policies regularly?
  11. Does your organization have a social media policy governing employees’ use of social media, particularly pertaining to sharing confidential customer and organizational data on the platform?
  12. How does your IT team manage the security and passwords for your social media sites?

1. Nora Ganlm Barnes, Ava M. Lescault and Glenn Holmes, The 2015 Fortune 500 and Social Media: Instagram Gains, Blogs Lose,  http://www.umassd.edu/cmr/socialmediaresearch/2015fortune500/.

2. Id.

3. Pew Research Center, Social Networking Fact Sheet, http://www.pewinternet.org/fact-sheets/social-networking-fact-sheet/.

4. Seth Fiegerman, Yahoo says 500 million accounts stolen, CNN, (September 22, 2016), http://money.cnn.com/2016/09/22/technology/yahoo-data-breach/.