Each year, LexisNexis “honors a select group of blogs that set the online standard for a given industry.” This year, they expanded Top Blogs to include their Business Law Communities.

Compliance Building is one of the nominated candidates for the LexisNexis Top 25 Business Law Blogs of 2010, featured on the LexisNexis Corporate & Securities Law Community and the LexisNexis UCC, Commercial Contracts & Business Law Community.

Looking at the list of candidates, I see many blogs that I read regularly. If you are looking for a list of business law blogs to read, the list of nominees is a great place to start.

I think most of the nominated blogs are much better than mine. Whether its on quality, popularity, or some other factors, there is no way I will make it into the top 25. I will sit back and take the consolation prize: the honor of being nominated.

Lexis Nexis invites you to comment on the announcement post at either of the following links:

Top 25 Business Law Blogs 2010 – Corporate & Securities Law Community

Top 25 Business Law Blogs 2010 – UCC, Commercial Contracts & Business Law Community

To comment, you have to register. Registration is free and supposedly does not result in sales contacts. The comment period for nominations ends on October 8, 2010. They don’t say how they will end up selecting the top 25 out of the nominees other based on their review and your comments.

I’m also not sure how the Lexis-Nexis Communities fits in with the Martindale Hubbell Connected platform. There seems to be whole lot so substantive information in Communities that is missing in Connected. They should get these two sites together.

Vote for the business law blogs you feel are the best. Include Compliance Building if you think it’s worthy.

Back in December, the Federal Trade Commission released new guidelines that specifically required bloggers to disclose any material connections to a product or company they are writing about. In May, they brought their first action under those guidelines against Ann Taylor. The FTC declined to bring an enforcement action.

Last week, they brought their second action. A public relations agency hired by video game developers had employees pose as ordinary consumers posting game reviews at the online iTunes store, and did not disclose that the reviews came from paid employees working on behalf of the developers.

This time they decided to enforce. Reverb Communications, Inc. and its sole owner, Tracie Snitker, are required to remove any posted endorsements that misrepresent the authors and fail to disclose the connection between Reverb and Snitker and the seller of a product or service. Reverb would get paid to promote the games and would often get paid a percentage of sales.

The posted reviews were published between November 2008 and May 2009. The endorsed products by giving them 4 and 5 star ratings in iTunes. They also submitted positive written comments like these:

• “Amazing new game”
• “ONE of the BEST”
• “One of the best apps just got better”

I’m sure you noticed that the publication dates of the reviews predate the new guidelines were finally adopted. That means the FTC is willing to go back retroactively and enforce these guidelines.

Sources:

• FTC Press Release: Public Relations Firm to Settle FTC Charges that It Advertised Clients’ Gaming Apps Through Misleading Online Endorsements
• Agreement Containing Consent Order In the Matter of Reverb Communications, Inc. and Tracie Snitker
• Complaint In the Matter of Reverb Communications, Inc. and Tracie Snitke
• Analysis of Agreement Containing Consent Order To Aid Public Comment
• FTC and Bloggers – prior post on Compliance Building
• Charges Settled Over Fake Reviews on iTunes By Miguel Helft in the New York Times

It’s official. Social media is a risk factor. At least according to Estee Lauder and lululemon athletica.

Over at Footnoted, Michelle Leder and her team dig through SEC filings digging up the dirt on bad corporate behavior. They were digging through the 10-K for Estee Lauder when Theo Francis came across a new risk factor.

Our inability to anticipate and respond to market trends and changes in consumer preferences could adversely affect our financial results.

Our continued success depends on our ability to anticipate, gauge and react in a timely and cost-effective manner to changes in consumer tastes for skin care, makeup, fragrance and hair care products, their attitudes toward our industry and brands, as well as to where and how consumers shop for those products. We must continually work to develop, produce and market new products, maintain and enhance the recognition of our brands, achieve a favorable mix of products, and refine our approach as to how and where we market and sell our products. While we devote considerable effort and resources to shape, analyze and respond to consumer preferences, we recognize that consumer tastes cannot be predicted with certainty and can change rapidly. The issue is compounded by the increasing use of social and digital media by consumers and the speed by which information and opinions are shared. If we are unable to anticipate and respond to sudden challenges that we may face in the marketplace, trends in the market for our products and changing consumer demands and sentiment, our financial results will suffer.

It’s not exactly: “We could lose millions if the Twitteratti turn on us.”

Public companies disclose risk factors in their SEC filings trying to inform its stockholders and potential purchasers of its stock about potential losses. Failure to disclose a risk could result in a shareholder suit that the company was hiding its risks.

It looks like Estee Lauder is covering itself in case its customers get ugly in social media, start attacking the company, and stop buying its products.

Ever vigilant, Theo Francis poured back through the SEC database to see if any other companies had disclosed social media as a risk factor in its SEC filings. The only other consumer-product company they  found that lists social media as a risk factor in its 10-K was lululemon athletica, a Vancouver-based maker of “yoga-inspired apparel.”

Social media is not a new disclosure in SEC filings, but it was mostly discussed in marketing strategies and business strategies for tech and media companies. For example, Estee Lauder’s competitor Elizabeth Arden talks about the use of social media as part of its marketing strategy, but does not disclose it as a risk factor.

I wonder if we will see other companies start adding social media as a risk factor. Have you seen any other companies list it as a risk factor?

Sources:

• Warning: Social media at Estee Lauder… by Theo Francis in Footnoted
• Estee Lauder 10-K June 30, 2010
• Lululemon Athletica 10-K January 31, 2010
• Search the SEC’s EDGAR database for “social media”

Sort of.

The Supreme Court issued its ruling in Ontario v. Quon regarding a police chief reviewing the content of a police officer’s text messages with consent or a warrant. Many commenters hoped that the Court would issue a broad statement on an employee’s privacy rights in this age of cloud computing and web 2.0.

The Court chose to rule on very narrow grounds and not address the electronic privacy issue:

“A broad holding concerning employees’ privacy expectations vis-à-vis employer-provided technological equipment might have implications for future cases that cannot be predicted. It is preferable to dispose of this case on narrower grounds.”

The Justices were hesitant to jump into the battle about electronic privacy:

“The Court must proceed with care when considering the whole concept of privacy expectations in communications made on electronic equipment owned by a government employer. The judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role in society has become clear.

…

Prudence counsels caution before the facts in the instant case are used to establish far-reaching premises that define the existence, and extent, of privacy expectations enjoyed by employees when using employer-provided communication devices. Rapid changes in the dynamics of communication and information transmission are evident not just in the technology itself but in what society accepts as proper behavior.”

Instead, the Justices looked narrowly as the special situation of the government as an employer.  Since its the government, the Fourth Amendment’s protection against warrantless searches comes into play. (This is not applicable for a private employer.)  The standard  is that

“when conducted for a “non-investigatory, work-related purpos[e]”or for the “investigatio[n] of work-related misconduct,” a government employer’s warrantless search is reasonable if it is “‘justified at its inception’” and if “‘the measures adopted are reasonably related to the objectives of thesearch and not excessively intrusive in light of’” the circumstances giving rise to the search.”

Even if a government employee could assume some level of privacy in their messages, it would not have been reasonable for them to conclude that his messages were in all circumstances immune from scrutiny by the government employer.

Sources:

• City of Ontario v. Quon
• City of Ontario v. Quon hosted on JD Supra (the Court website has been unreliable today)
• Breaking: U.S. Supreme Court Rules that Two-Member NLRB Decisions Are Improper; Public Employer Can View Employee Text Messages by Daniel Schwartz in Connecticut Employment Law Blog
• Today’s Opinions in the SCOTUS Blog
• SCOTUS to SWAT Officer: No Prvcy 4 UR Txts in Above the Law
  

In the recent case of Crispin v. Audigier, a California judge ruled that Facebook and MySpace messages that aren’t publicly available are protected information under the Stored Communications Act, and therefore can’t be subpoenaed for use in civil litigation.

Buckley Crispin sued clothing maker Christian Audigier for copyright infringement, alleging that Audigier used his artistic material outside the scope of a license agreement. Audigier issued a subpoena to Facebook, MySpace, and two other third parties seeking communications by Crispin about Audigier.

Crispin’s lawyers argued that such communications fell under the Stored Communications Act, which prevents providers of communication services from divulging private communications to certain entities and individuals. A magistrate judge rejected the argument and found that Facebook and MySpace were not Electronic Communications Services and therefore not subject to the protections of the Stored Communications Act. Because the magistrate judge thought the websites’ messaging services are used solely for public display, he found that they did not meet this definition.

Judge Morrow of the US District Court for the Central District of California disagreed and laid out some thoughts about the use of the sites and how they relate to civil litigation. (Law enforcement can always use a warrant to get the information, assuming it is related to a crime.)

The Judge noted that the Stored Communications Act distinguishes between a remote computing service and an electronic communications service.

“electronic communication service” means any service which provides to users thereof the ability to send or receive wire or electronic communications (18 U.S.C. § 2510(15)) With certain enumerated exceptions, the Stored Communications Act prohibits an electronic communication service provider from “knowingly divulg[ing] to any person or entity the contents of a communication while in electronic storage by that service.” (18 U.S.C. §§ 2702(a)(1), (b))

“remote computing service” means the provision to the public of computer storage or processing services by means of an electronic communications system (18 U.S.C. § 2711(2)) The Stored Communications Act prohibits an remote computing service provider from “knowingly divulg[ing] to any person or entity the contents of any communication which is carried or maintained on that service.” (18 U.S.C. §§ 2702(a)(2)).

In the end, the decision about whether a particular message is subject to disclosure is dependent on security settings. Different messages in Facebook and MySpace (and other web 2.0 sites) will be subject to different standards.

The judge found that webmail and private messages are inherently private and quashed the subpoena for those messages. With respect to the subpoenas seeking Facebook wall postings and MySpace comments, the decision will be dependent on the person’s privacy settings and the extent of access allowed. If the general public had access to plaintiff’s Facebook wall and MySpace comments then presumably they are subject to discovery in civil litigation.

The Stored Communications Act was passed as part of the Electronic Communications Privacy Act in 1986. This was obviously well before the development of the current internet applications and technology. Courts, including the one in this Crispin case, have found that the application of this nearly 25-year-old statute presents challenges in application to the current use of the internet.

As Facebook changes the privacy settings in its platform, those changes will affect the discoverability of messages in civil litigation.

Sources:

• Crispin v. Audigier Judge Buckley’s Order. 2:09-cv-09509, in the U.S. District Court for the Central District of
  California (hosted on JD Supra)
• Stored Communications Act 18 U.S.C. § 2701
• Electronic Communications Privacy Act 18 U.S.C. § 2510
• e-Discovery Challenges of Social Media by Jaclyn Jaeger in Compliance Week
• The Stored Communications Act: District Court Issues First Opinion on Privacy Protection for Information on Social Networking and Web Hosting Sites an eData lawflash from Morgan Lewis

From Hugh MacLeod of Gaping Void:

“Anyone who has spent a lot of time studying blogs and Web 2.0, will be fully aware of all the blethering hyperbole that comes with it. Every business model that ever came before is DEAD, to be replaced forever by community! YAY!

Well, some dinosaur business models may be more dead than others, however… life still goes on. People still need to make a buck. People are just as governed by the seven deadly sins as they ever were. Some things never change. All is still vanity.”

Like Hugh, I am a great believer in Web 2.0 and Enterprise 2.0. I just think there is too much hype and too many people trying to sell snake oil.

It’s not about making money and marketing yourself. It’s about sharing ideas, collecting information and connecting with people.

Just about everyone with a substantive blog ends up spending some posts on blogging itself. Even the great criminal defense lawyer and blogger Scott Greenfield will publish an occasional post about blogging.

I’m spending some of that self-reflective time next week at the Enterprise 2.0 conference. My session is on Wednesday afternoon when my panel will talk about policy formation, governance and risk management programs as a critical requirement for the internal and external use of social networking and social media.

Once again the hype comes face to face with the reality of legal requirements and risk. Beware of the snake oil.

Snake Oil 2.0 is by Hugh MacLeod

Compliance, ethics, and legal executives at Johnson & Johnson, Best Buy, and The Travelers Companies will provide details on their social media policies, programs, and experiences, focusing on a variety of cultural, legal, and disclosure-related issues.

Featuring:
• Johnson & Johnson Senior Counsel & Assistant Corporate Secretary Douglas K. Chia
• Best Buy Chief Ethics Officer Kathleen Edmond
• The Travelers Companies, Inc. SVP, Chief Compliance Officer & Group General Counsel David Baker
• Compliance Week Columnist; President, Docket Media LLC; Founder and Editor, Securities Docket, the ubiquitous Bruce Carton (moderator)

I introduced Bruce and the rest of this panel. Then I helped to control the rambunctious crowd.

Travelers is using social media for complaints. You make a claim through their iPhone app. They also use it as a tool for customer service and advertising. They will push out an update on Twitter and Facebook when a catastrophe van in the area of a natural disaster.

Doug is active in social media so he can look at how the company could use social media. Currently their prime use is for their retail products. They are going to where their customers are hanging out. They use the JNJ BTW blog to publish current events at Johnson & Johnson. They are using the corporate twitter (JNJcomm) account to push out information from the shareholder meetings.

Doug highlighted a list of legal, compliance, reputational and logistical issues to consider when a company steps into social media.

Kathleen created her blog to help educate her workforce about what could get you fired. Retail companies have a huge employee turnover. The industry average is close to 100%. If someone is going to tell her story, she wants to be the person to tell it.

Best Buy has lots of social media outlets: Twelpforce, CEO’s Whiteboard, CEO’s Twitter, CMO’s Twitter, CMO’s blog.

She also used internal social media to help develop policies. She used an internal wiki to get feedback on potential policies and issues. She thinks feedback from employees is important in developing good, enforceable policies.

There is the fear of litigation. What you say could cost you and subject you to a lawsuit. Of course, if it’s effective it can save you lots of money by avoiding the bad situations.

It’s tough to work in a conservative company when facing something as innovative as social media.

One company assemble a social media task force to draft a social media policy. They managed to create a user reference manual to give detailed guidelines to the employees.

The audience expressed some concern about the improper disclosure of company information. The panel pointed out that social media is merely a newer avenue for disclosure. People have been able to improperly disclose information for years.

One of the panelists stated that they do block access to social media sites. Another pointed out that employees could just go to their mobile phone or find other ways to waste time.  It seems silly to block access to the sites if you are using the sites to market your company.

An interesting audience question was whether a privacy failure at a social media site would impact the company. Could you be tainted by a Facebook failure. It seems remote.

How do you manage the boundaries between personal and professional uses of social media. Make it clear that you are not stating the company position. Don’t use the company name in your handle or profile name. It’s @dougchia, not @J&JDougChia.

Materials:

David Baker:

• Powerpoint Presentation

Doug Chia

• Powerpoint PresentationPublic Comments to FDA Rule
• Ground Rules for Live Tweeting from Company Events
• Tweets from Shareholder Meeting

Kathleen Edmond

• Powerpoint Presentation – Social Media session

Lexis-Nexis gave a sneak peak of some upcoming changes to their Martindale- Hubbell Connected social network site for lawyers.

They cleaned up the user interface, with new colors, improved navigation and improved searching.

The current Connected site has been a disappointment. I have a lot of hope for the site because it has the financial backing of Lexis-Nexis and the ginormous content repository of Lexis-Nexis.

They are trying to better combine the public lawyer directory from Martindale.com to the Connected social network. That means they are also redesigning Martindale.com

One surprise was the inclusion of third party advertising. There was an ad for the  Cadillc SRX prominently on the page during part of the demonstration. (I wonder what Paul Lippe would think about placing advertisements in Legal OnRamp.)

They are also creating a subscription model so that you need to pay for access to the full features of the site. It sounds like you get full access to Connected if you have a subscription to Martindale. They were dodgy on the details during the demo. You need to be a premium member to create a group and to send messages to people that you are not “connected” to.

The site will try to push content to you based on you interests. Supposedly the more complete your profile, the better focused the information that will be pushed to you.

They added a “Diversity Information” section, sponsored by the Minority Corporate Counsel Association.  (Unfortunately, there is not much there for a white guy like me.)

The Martindale Peer Review gets a prominent display and lots of detail on how the rating was compiled. That may resuscitate lawyers’ interest in paying for that AV or BV rating.

They are continuing the emphasis on groups within the community. They went a step further and allowed for subgroups within groups. Personally, I think the use of groups is over-emphasized, merely leading to fragmented content. Groups are great for focusing an filtering information. You only need to filter when there is a big flow of information. Connected has too little information flowing to need many filters. LinkedIn had groups for a long time that merely acted as profile badges. Even now that LinkedIn groups can have substantive discussions, most are filled with self-promotion and spam.

They are also changing the privacy, allowing non-members to see the content in public groups and allowing Google to index the public groups. (I’m not sure there is much content to index.)

The redesign is scheduled to be deployed on June 2.

My social media policies database is now up to 162 policies. I troll the internet periodically to add new policies as they become public.

If you are looking to draft your own social media policy, the policies in the database are a good place to start.

Currently they are organized into these industries

• Education (5)
• Financial (2)
• Government (40)
• Healthcare (17)
• Law Firm (3)
• Media (18)
• Non-profit (11)
• Professional services (16)
• Retail (10)
• Sports (3)
• Technology (24)
• Utility (1)

Plus, there are a 10 generic templates.

Clearly, government is over-weighted in the database. Is it because government bodies are ahead of private industry when it comes to creating social media policies? I doubt it. I think they are just more likely to publish the policy or otherwise make it publicly available.

If you want to contribute a policy to the database, you can use the form below.

Social media bandwagon image is by Matt Hamm under a creative commons license.

.

The folks at Mitratech were nice enough to send me to Miami to talk at their annual Interact 2010 conference to talk about social media and compliance. This was the session description:

Governing Social Media: How to Monitor, Manage and Make the Most of Employee Use of Social Media

• Doug Cornelius, Chief Compliance Officer, Beacon Capital Partners, LLC (that’s me)
• Kathleen Edmond, Chief Ethics Officer, Best Buy
• Scott Giordano, Director, Product Marketing, Mitratech
• Janice Innis-Thompson, SVP & Chief Compliance Officer, TIAA-CREF

Corporate Communication takes on a whole new meaning in a world of social media, where employees can freely post their views and spread documents, photographs and even videos across the globe with a click of a mouse. Companies that are ahead of the curve not only have established policies regarding use of social media sites by their executives and employees, but also are finding ways to use social media to their competitive advantage. Join our panel to hear about the risks and rewards that a well managed approach to social media can bring.

Here is the slide deck from our panel discussion: