Home

Think twice before you tweet

By Samiksha Singh, Director, Employment, Cliffe Dekker Hofmeyr

 

In the age of social media, the line between business and personal interests is blurred and it has become increasingly important to evaluate the potential consequences not only on your personal profile but also on the profile of the brand, institution or company that you associate yourself with.

 

Social media has recently been set ablaze with controversial and inappropriate remarks and the consequences have been far reaching.

 

In the employment context, while there are several cases which confirmed the fairness of dismissals of employees who made disparaging comments about their employers or colleagues on social media, the recent events raise the question as to whether an employee can be appropriately disciplined and possibly dismissed for making inappropriate remarks on social media even if the remark is not related to his or her employment.

 

Can inappropriate conduct on social media, which is not related to the employment of the author, constitute misconduct outside the workplace?

 

While it may not be the conventional nature of an act of misconduct, the age of social media and technological advancement has changed the way in which we communicate and engage with other individuals and with the public. In his South African Social Media Landscape Report, 2014, Arthur Goldstuck, states that:

 

“Employees active in social media are becoming brand ambassadors for their respective brands, often outperforming the brands themselves on social media…”

 

It is important to note that the ‘brand ambassadors’ of a company are not confined to a list of the marketing and public relations employees of the company but every employee of the company becomes a brand ambassador as they in some way or the other publicly display their association with the company. For instance, employees who update their Facebook or LinkedIn profiles to indicate their employment with the company, display their association with and are brand ambassadors of the company much in the same manner as employees who deal directly with customers and the public as outlined in the course and scope of their employment.

 

Accordingly, while employees should ensure that they positively influence public perspective in order to take the brand of their employer forward, employers must take proactive steps to ensure that they are protected from any actual or potential reputational damage caused by inappropriate or unsavoury remarks made by their brand ambassadors. The moment that a comment or remark is posted online, there is no turning back. Posts can be shared instantaneously and screen shots of posts are generally saved for future use. Therefore the ability to delete unsavoury posts and even the author’s account, does not create a guarantee that the actual post will be deleted from virtual or actual reality.

 

According to many of the UK Judgments relating to social media misconduct, the Courts have held that it is not necessary to prove actual damage to the reputation of the company, but that it will be sufficient to show that certain remarks have the potential to cause reputational damage.

 

There are no reported Labour Court judgments in South Africa which deal with the dismissals related to online misconduct outside the workplace. Our Courts will therefore look to the precedent set by the tribunals and Courts in the UK and the decisions by the UK courts will set the trend on how our Courts deal with this new but rapidly advancing issue.

 

In the case of Weeks v Everything Everywhere Ltd ET/2503016/2012, the UK Employment Tribunal was required to deal with an unfair dismissal dispute which arose out of the employee’s misconduct on social media. While the misconduct related to comments about the employee’s workplace and colleagues (these similar cases have already been dealt with by the CCMA in South Africa), the Judge made an important comment about privacy and online misconduct as follows:

 

“many individuals using social networking sites fail to appreciate, or underestimate, the potential ramifications of their ‘private’ online conduct. Employers now frequently have specific policies relating to their employees’ use of social media in which they stress the importance of keeping within the parameters of acceptable standards of online behaviour at all times and that any derogatory and discriminatory comments targeted at the employer or any of its employees may be considerable grounds for disciplinary action. There is no reason why an employer should treat misconduct arising from the misuse of social media in any way different to any other form of misconduct.”

 

It is therefore highly likely that our Labour Courts, in addition to following the UK case law on social media misconduct, will follow our own case law in respect of misconduct committed outside the workplace. In the matter of City of Cape Town v SA Local Government Bargaining Council & Others (2011) 32 ILJ 1333 (LC), the Labour Court upheld the dismissal of a senior employee who was found to be party to the fraudulent issuing of a drivers licence. The Labour Court found that the dishonest conduct of the employee went to the heart of the employment relationship and was essentially destructive of the employment relationship.

 

Employers are advised to implement stringent social media policies which deal with all eventualities relating to online behaviour and to ensure protection against potential or actual reputational damage to the company.

 

For more information please contact Samiksha Singh at [email protected]

Article published with the kind courtesy of Cliffe Dekker Hofmeyr www.cliffedekkerhofmeyr.com

 

What does POPI compliance mean?

By Jan du Toit

 

Latest developments – Registration of Information Officers:

 

On 17 May 2021 the Information Regulator’s long awaited online portal went live for the registration of Information and Deputy Information Officers.

 

The Information Officer of a Responsible Party is the person at the head of your company (CEO or MD) or any person acting in such capacity, or specifically appointed by the MD or CEO to be the Information Officer. Registration must be completed before the end for June 2021.

 

The address for the portal is  https://justice.gov.za/inforeg/portal.html   

 

The following information is required to successfully register: 

  • Company name.

  • Company registration number.

  • Company type.

  • Company physical and postal addresses.

  • Company telephone and fax numbers.

  • Information Officer gender, nationality, full name and surname, ID or passport number.

  • Deputy Information Officers same details as per above.

 

POPIA Compliance – what must be done?

With a little more than a month left before POPI becomes fully effective, many employers may find themselves out of time to become fully compliant to amongst other considerations, the 8 processing conditions prescribed in the Protection of Personal Information Act.

 

To be considered compliant the following must be considered and applied in the business of a Responsible Party before 1 July 2021. 

  1. POPI training / awareness sessions for the CEO / MD, managers and others tasked with the company’s POPI compliance project. Have a look on our website for the next POPIA training dates.

  2. Compliance audit to be conducted company-wide per department / division to determine the current processing practices within the organization and to establish what needs to be done to be compliant.

  3. Correction of contraventions as identified, and to introduce reasonable technical and organizational measures to prevent the loss or unauthorized access of Personal Information.

  4. Introduction of Data Subject rights and consent in the business through policies and consent clauses / paragraphs / contracts.

  5. The introduction of a PAIA manual (Promotion of Access to Information Act) that incorporates data subject rights and participation in terms of POPIA. This manual must be published on one of the company’s websites. It is also important to note that the current exemption granted by the Minister of Justice for some business to not have such a manual in place currently, expires at the end of June 2021.

  6. General staff POPI policy and legislation awareness training.

  7. Registration of the company’s Information Officer (the CEO, MD or any person acting in such position).

  8. Follow-up assessment on compliance measures and adherence thereto.

 

It is important to note that no institution, not even the Information Regulator, can “accredit” any Responsible Party in South Africa to be compliant in terms of legislation. Compliance (or otherwise) will only be determined should an investigation be launched by the Information Regulator following a complaint. Should such an investigation confirm a lack of compliance, consequences such an administrative fine not exceeding R10m may follow (which one may luckily pay off in instalments). Further to this those whose rights are infringed upon by a Responsible Party not adhering to the requirements of POPIA, may also institute civil proceedings. Such  proceedings may result in compensation being awarded for loss, as well as aggravated damages determined at the discretion of the court.

 

In terms of section 19 of the Act, the Responsible Party (business owner / employer) is required to introduce reasonable organizational and technical measures to secure the integrity and confidentiality of Personal Information. The organizational measures referred  to above includes inter alia both internal and external policies to introduce the principle of protection of personal information in the workplace, as well as the rights of data subjects.

 

To allow you more time to focus on your business, the author of this article compiled a bundle of detailed policies for your business, ready to use. This includes all relevant forms to be used and a template document with draft consent clauses / paragraphs / rules  to be incorporated into service and employment contracts, job applications, credit and other applications forms, WhatsApp and Facebook groups / pages, and Independent Contractor agreements.

 

Also included is an Operator Agreement as required in terms of section 21 of the Act and a consent letter for existing clients / service providers, to agree to the continued processing of their Personal Information beyond June 2021.

 

The policies bundle includes: 

  • Privacy notice template to be published on your website.

  • Personal information protection policy.

  • Personal information retention policy.

  • Data breach policy.

  • Data breach register - form.

  • Data breach report - form.

  • Data security policy.

  • Data subject access request policy and procedures.

  • Data subject access request forms.

  • Processing agreement with third parties as Operators - contract.

  • Data subject participation - draft consent paragraphs / clauses to be incorporated into service and employment contracts, job applications, credit and other applications forms, WhatsApp and Facebook groups / pages and Independent Contractor agreements

  • Guidelines on the appointment of deputy information officers, inclusive of appointment letter.

 

For only R3750 you can now order you set of POPI policies, ready to use. Contact Jan du Toit for further assistance at [email protected]

 

 

 

 

 

 

 

 

Courses and Workshops

 

              

Managing Poor Performance/ Incapacity

10 February 2022 (09:00 - 12:00)

Interactive Online Course

POPIA: Protection of Personal Information Act

11 February 2022 (09:00 - 12:00)

Interactive Online Course

Workplace Discipline and Dismissal

18 February 2022 (09:00 - 16:00)

Interactive Online Course

Employment Equity Committee Training

18 February 2022 (09:00 - 16:00)

Interactive Online Course

Management and Leadership Skills

23, 24 & 25 February 2022 (08:30 - 16:00)

Interactive Online Course

The OHS Act and the Responsibilities of Management

24 February 2022 (08:30 – 16:00)

Interactive Online Course

Basic Labour Relations

25 February 2022 (09:00 - 16:00)

Interactive Online Course

Strategic Human Resources Management (HRM) and - Business Partnering

02, 03 & 04 March 2022 (08:30 - 16:00)

Interactive Online Course

Health and Safety Representative and Committee Training Course

03 March 2022 (08:30 - 16:00)

Interactive Online Course

Workshop Chairing Disciplinary Hearings

10 & 11 March 2022 (09:00 - 16:00)

Interactive Online Course

 

 Our Clients 

 

Android App On Google Play

Android App On Google Play