DOCUMENT Magazine - Spring 2012 - (Page 14)

COlUMN UNdeRstANdINg tHe LegAL ANd RegULAtoRy RIsks IN socIAL MedIA by Brian W. Hill urging adoption of social media isn’t exactly a state secret. Facebook, Twitter, LinkedIn and other services can deliver compelling enterprise value connecting clients, partners and colleagues. Effective use can help employees find and share expertise, improve interactions with clients and even strengthen emergency communication plans. Against this backdrop, however, there are valid reasons to be concerned about the legal, compliance and security risks posed by the rapid adoption of social media. Social media poses dramatic challenges to regulatory compliance and e-discovery due to critical reliance on third parties for information collection and capture, rapidly rising content volume and fast-changing applications, as well as the headaches that come with the challenge of ensuring authenticity. Without an effective approach to address legal and compliance risks in social media, your organization may face increased e-discovery costs and stiff regulatory fines and sanctions. Email, files and a broad range of other types of electronically stored information (ESI) — including social media — can be critical in e-discovery. Case law is evolving, but social media evidence affects corporate trade secret theft, trade libel, copyright and other types of litigation. Just as email played a big role in Enron’s demise a decade ago, Forrester expects that social media communications will become an increasingly important risk area for litigation. Trying to track down social media communications or failing to appropriately preserve them in response to litigation can be a costly experience for enterprises. Regulatory concerns, particularly in the financial services market, have prevented many firms from giving the official green light for social media adoption. The Financial Industry Regulatory Authority (FINRA) has stated that social media will be an increasingly important focus in its examinations. Shedding light on how it will enforce these regulations, in mid-2011, FINRA fined and suspended a California-based broker for sending a series of tweets that FINRA considered “misrepresentative and unbalanced.” As regulators develop their social media compliance requirements, fear and uncertainty around sanctions give many enterprises pause. Although enterprises in a range of different vertical markets express concerns about risks with social media, financial services firms are especially concerned about the impact on their compliance obligations. FINRA, the selfregulatory agency of the securities industry, has issued important notices on social media. FINRA published social media guidance in its January 2010 Regulatory Notice 10-06 and provided supplemental direction in its August 2011 Regulatory Notice 11-39. While FINRA’s guidance and clarification on compliance obligations for social media directly affect the financial services industry, FINRA’s influence will undoubtedly affect other vertical markets, as risk professionals refine solution requirements and note lessons learned in early-stage financial services deployments. Given the nascent market stage of information archiving and governance tools for social media, Forrester recommends that you build effective policies governing social media usage in your enterprise. Social media can empower your organization and deliver solid business value, but to reduce compliance, litigation and security risks, enterprises need to develop a corporate social media policy. The policy, which you should craft with strong cross-functional input, should, for example, cover what your organization will and will not do online, what your employees can and cannot do and what members of the public can and cannot do on your social media sites. Enterprise risk profiles and use cases vary, but it’s critical to have a well-communicated social media policy in place before leveraging social media for business use and implementing supporting archiving and governance tools. O BRIAN W. HILL is a principal analyst at Forrester Research, serving Security & Risk professionals. He is a leading expert on e-discovery, archiving strategies, records and retention management initiatives and enterprise content management (ECM) endeavors. For more information, visit 14 spring.2012 Full column:

Table of Contents for the Digital Edition of DOCUMENT Magazine - Spring 2012

DOCUMENT Magazine - Spring 2012
Most Social
Editor’s View
Taking Payments Cues from Millennials
Document, Document, Who’s Got the Document?
Say Goodbye to Big Brother… for Now!
Understanding the Legal and Regulatory Risks in Social Media
Let’s Keep It Private
The Price Is Right
It’s All in the Numbers
Options and Challenges
I Feel a Change Comin’ On
Social Technology & Business
What’s New on

DOCUMENT Magazine - Spring 2012