Risky Social Behaviors

Management (the practice not the people) is, to a large extent, about risk avoidance. Managers spend a lot of their time managing risks. Through a combination of experience and knowledge, managers mitigate market, financial, technology, and legal risks in order to provide a positive outcome for their organization. That’s a big chunk of the job.

Given that, I’m amazed at how many managers and professionals don’t understand the risks of social media. Whenever I talk to managers about these risks I hear the same refrain – It’s new! Sorry, that’s no excuse. It is not an excuse because it is an electronic communication like any other. For risk management purposes, social media is no different than email or a website.

The legal risks of electronic communication are well known. They can roughly be summarized as risks associated with:

• eDiscovery – why would anyone think that social media including Twitter or Facebook is not discoverable? If search results, websites and email are then so are these. The same rules apply including the FRCP in United States. Keep in mind that Electronic Communication is not defined as email but as electronic records of all sorts. This includes private accounts in the same way that private email accounts may be discoverable.
• Privacy – people forget that a lot of social media, especially Blogs and Twitter, are public forums. You don’t have an expectation of privacy in an open forum. If you wouldn’t stand in a crowded room and shout it out, don’t Tweet it. The same goes for Facebook if you don’t set your privacy controls to kill. Leave them wide open and you are publishing to the world.
• Defamation – public speech that is intended to harm is not protected speech in most countries. If you call someone a thief or a liar on Twitter you may as well have put up a billboard. Trash a competitor’s product in your blog? You had better be able to back up what you say.
• Agreements – a recent story about a lawsuit that accused an ex-employee of using LinkedIn to solicit another employee to leave garnered a lot of attention. So what? Solicitation is solicitation. The media is irrelevant. Social media does not give you a pass on sticking to contracts and other agreements including non-competes.
• Misrepresentation, Spam, Phishing etc. – again, the rules don’t change here. If you are NOT who or what you say you are or you are a scummy spammer you are acting legally or ethically by using Twitter or a Blog comment instead of email.

What is different is the ease of which one can fall into legal or ethical traps. We have been trained to think before we send the email. Social media with it’s quick, short, rapid fire bon mots encourages impulsive behavior. For the manager the real risk is that things can happen without people thinking about it. And these comments last for a long time. For the average corporate drone, the danger zone is in not remembering that these are not private communications. If you Tweet that your boss is an idiot, the boss can fire you it. It’s no different from taking out an ad in a newspaper. You are likely violating part of your employment agreement (folks, you really should read those before signing them) and giving cause to terminate you.

Use of social media does represent special marketing risks. Most of these risks are derived from a fundamental misunderstanding of social media – that it’s open. Twitter, for example, is a broadcast media. From a marketing perspective you can think of it like television and radio. Some obvious risks are:

• Forgetting you are talking to the world – I got into this on Twitter some months back. I objected to the use of swearing on Tweets by my alma mater. I was concerned what it would say about my school when they write posts like that. Clearly, they forgot that they were not talking to just a small group of like minded people. Full disclosure: people who know me will tell you I can swear like a sailor, though never in business situations. The risk to my school’s brand was my complaint not the words themselves.
• Not reaching for the shut off valve – legal risks aside, trashing competitors and individuals in public irritates people. Even worse is the back and forth that a lot of techies engage in. Sorry but no one wants to hear that. It’s one thing to point out your competitors shortcomings in person. It’s quite another to scream it all over the Internet. Playful poking is one thing as is thoughtful discussion. Trash-fests turn people off and make them stop listening.

Here’s a few tips and reminders to guide you through the social media forest.

• Remember, it is eCommunication and media like any other. The same rules apply.
• Do not assume privacy exists just because you want it to. If someone can see it, it’s in the open no matter what your intentions were.
• Think before you Tweet or post.
• You are publishing. Act like you are publishing even if it’s so you don’t annoy your friends.
• Remember that you can be punished, socially or legally, for thinks you say. Social media is a form of saying.
• Managers, be clear on what you expect and where the boundaries are. You can’t exert total control over your employees lives outside of work nor should you try. Just make sure they know how to keep private thoughts private.
• become proficient with privacy controls and use them appropriately. Parents, this goes especially for your kids. School administrators do trawl around in Facebook for threats and inappropriate behavior.
• No innuendos or in jokes. You lose the wider audience and annoy people. In the same vein, don’t trash talk.
• Don’t mix personal and business communications. If you usually Tweet about your cat I will not expect to hear about your company’s new product. I might care about one or the other but probably not both in the same context. That means I’m not listening when I should.

Above all else remember that social media allows you to tap into a wide community of people. Don’t be a jerk and don't’ be creepy. People will treat it as if you acted like that in person. That can’t be good.

EMC Pacmans Kazeon. Mmmm. Good.

More news on the storage M&A front and once again it's about EMC. EMC announced that they are acquiring Kazeon a self avowed “leader in eDiscovery” tools. Stripped of all the eDiscovery hoopla, Kazeon makes a decent indexing and classification rules engine. In that space, it is a very useful thing indeed.

What Kazeon does is catalog and index your data and run the information past a rules engine to generate additional metadata. Again, that's good but only as good as the rules. They also layer on some analytics which is all the rage in eDiscovery. Analytics are also only as good as the data and metadata and, in my opinion, overemphasized in the eDiscovery market. But that's just me...

Kazeon is a hand in glove fit for EMC. For many years now EMC has looked to get past selling just hardware and has wanted to sell systems to store and manage data. That's a great strategy since it creates new value but sticks to their knitting. Kazeon is another value added tool that EMC can add to their toolbox.

The Kazeon acquisition also gives them some eDiscovery street cred. They have been trying to play in the eDiscovery sandbox for years, mostly through their Documentum offerings. Nothing wrong with that since the majority of eDiscovery work is about workflows anyway. However, automated tools for tracking data also are important not only to discovery during litigation but also to insure compliance with in-house data retention rules. And by retention I mean destruction. But you knew that didn't you...

The dirty secret about data retention is that no one can really comply with their own internal rules without knowing where and what all their data is. Knowing where all your data is is a really hard problem to solve. That's where Kazeon comes in. They create catalogs of vast amounts of data that allows you to better comply with discovery rules, a preservation and legal hold, and internal data retention policies.

So, Kazeon is an obviously good thing but why is it good for EMC? Actually, there are two (probably more) reasons why this works so well. First, it adds value. If I buy tons of EMC storage, the Kazeon/EMC products will help me to know what I have on it. Second, those catalogs of information and metadata need, you guessed it, more storage. It's the reason Documentum was such a good deal for EMC. It lets you get more value from your stored data and makes you store more data. A twofer for EMC.

EMC will now be able to deliver, by itself, one of the most comprehensive information management systems available. By combining Documentum, Kazeon, and all the other tools EMC has at its disposal, plus hardware, they will be able to deliver an information management solution that will make lawyers squeal with delight.

That's not to say it's perfect. Kazeon can't help you if someone dumps their files onto a flash drive or emails a smoking gun document to their Gmail account. Smartphones and PDAs are also a challenge that Kazeon will not help with. Still, they hit all the high notes and do better than what most companies do - which is nothing!

As an aside, Kazeon also has an intellectual property (IP) management component to their systems. IP management and eDiscovery are very similar problems – you need to know what data you have where, in order to comply with rules and regulations. EMC has often touted Documentum as an IP management tool. They haven't gotten too far with that since it takes so much effort to set up Documentum to do IP management. Unless you are already committed to Documentum across the company, there are better out of the box IP solutions. Kazeon will give them some more heft in that space. It will allow EMC to automate many of the sticky tracking and classification tasks associated with IP management, especially in preventing leakage. It's not there yet, but getting better.

I don't know if EMC is full yet after eating up so many companies. Kazeon is quite a tasty and healthy morsel for them though. It makes good, strategic sense. I wonder if they left room for dessert.