It will only be a matter of time (if it hasn’t happened already), until someone gets his/her employer in trouble for using Twitter, the latest social networking and “microblogging” craze.  (Does it ever end?)  As if the well-known dangers of e-mailing haven’t been documented enough over the years—and have been a boon to litigators—Twitter may soon up the ante.

The issues are really no different than those that have already surfaced with e-mails.  Issues involving privacy, confidentiality, defamation, sexual harassment, discrimination, and copyright infringement (to name a few potential problem areas) have been well-litigated over the years.  By now, most employers hopefully have a formal e-mailing and internet usage policy in place for their employees to follow.  Instilling a healthy sense of fear never hurts.  

So how much harm can someone do with 140 characters or less on Twitter?   As a lawyer, I’ve learned never to underestimate the ability of clients to get themselves in all sorts of trouble.  As with texting, it’s only a matter of time before we all read about some clueless employee who gets him/herself fired and puts the employer in legal hot water.  And of course, it’s only a matter of time before lawyers start subpoening these types of electronic communications also.  Just because a message is only a few characters long doesn’t mean that it won’t be stored and saved—possibly forever.

But as noted by one commentator in the article linked-to above, Twitter messages are “quick sound bites and instantaneous” and “aren’t the most well-thought out.”  Someone who is upset, angry, or frustrated could easily use poor judgment and—in a few characters or less—wreak all sorts of havoc on his/her employer.  And once it ends up in the Twitter universe, it’s there for all to see . . . again and again and again.

Needless to say, an employer’s e-mail and internet usage policy should be specifically updated to account for services such as Twitter.  Employees must understand that even very short messages (designed for the inner ADD child who seems to live in all of us these days) can create liability.  Not that it will stop everyone, but it will stop some people.  And the ones it doesn’t stop?  Well, I’m just a “tweet” away!   

Just a quick follow-up to a post I wrote a few weeks ago about “Spam King” Sanford Wallace.  Wallace had been defaulted by a federal district court in California in a suit brought by MySpace for running a spamming and phishing scam on the site.

The court recently awarded MySpace $230 million against Wallace in what is apparently the largest spam award yet.  Of course, chances are that MySpace will never see a penny of that money—or if they do, it will be a miniscule fraction of the award.  Of course, no one will shed a tear if MySpace drives Wallace into bankruptcy.  It won’t stop him anyway.

And MySpace doesn’t need the money.  But it’s a symbolic victory and a great public relations plug for the company.  It gives MySpace bragging rights to its users, attorneys general of all 50 states, and the federal government that it takes these issues seriously and doesn’t waver—even though getting a default judgment is not all that difficult to do.  Hopefully, MySpace will pursue it further and try to actually collect on the award.

According to a new survey by Forrester Research, 41% of large companies (those having at least 20,000 employees) either read or analyze the contents of outbound e-mail.  They’re either paying other employees to read them or presumably using any number of commercially available software programs to analyze them. 

44% of the companies surveyed investigated a confidential data breach involving e-mail in the past year, while 26% said they fired an employee for violating the company’s e-mail policy.  Companies also expressed concern over employees leaking information on message boards, blogs, and other electronic media.

Quite frankly, I’m surprised only 41% of large companies are doing this (although it depends on the industry).  I would have expected it to have been much higher given the daily parade of data and privacy breaches in the news.  After all, it’s large companies that have the financial and human resources to implement widescale e-mail monitoring systems.  Smaller companies may be in a much different situation.

Of course, many employers find it distasteful to engage in this type of monitoring.  It can, if not handled properly, be destructive to employee morale and have lasting effects.  Nevertheless—for better or worse—many employees are slowly coming to grips with their employers’ monitoring efforts.  It’s just becoming a fact of life. 

But the truth is, I’ve had clients whose employees have e-mailed confidential and sensitive company data.  Some workers do it without thinking about it, while others are far more malevolent in their intentions.  This is especially the case when employees leave their companies on bad or poor terms.  So it’s a very real problem for employers that has very real consequences.  Thus, like it or not, monitoring will only continue to increase. 

Bottom Line:  Be careful.  You don’t have any right to privacy when you’re at work.  So don’t think that anything you send—whether to a spouse, boyfriend, girlfriend, doctor, stockbroker, or anyone else—is private.  Even if you have to send it and it can’t wait until you get home, an employer is within its rights to read your e-mail, no matter how private the subject matter.  Of course, what it does with that information is another matter.

It’s always refreshing to see companies take affirmative steps to try and protect users from malicious programs that can be inadvertently downloaded onto their computers.  Yahoo and McAfee are joining forces to unveil a new security feature designed to warn Yahoo users about potentially dangerous links to software such as adware, spyware, keystroke loggers, and other malicious programs.  Yahoo users will see a red exclamation point and a warning next to any links that McAfee has identified as containing harmful software.

It’s a good start and is one more weapon in the fight against increasingly sophisticated hi-tech criminals.  However, it’s only a matter of time before this new service becomes the target of lawsuits by companies who are identified as “false positives.”  That is, legitimate companies whose links are mistakenly identified as being malicious.

Remember the “real-time blackhole list (“RBL”)?”  This was a Mail Abuse Prevention Service (MAPS) which published lists of ISP addresses which were known to be associated with spammers.  A network could then filter out any questionable e-mail traffic and it would disappear in a metaphorical “black hole” and never reach its destination.

This prompted lawsuits from companies (who called themselves “e-mail marketers”) against RBL providers who claimed that they were being defamed by being erroneously or improperly included on these lists.   (They also included “false light” and restraint-of-trade claims.)  While most suits were dismissed or unsuccessful, they were designed to target and harass RBL providers who devised an otherwise sensible solution to an evergrowing spam problem.

It’s only a matter of time before some disgruntled company sues Yahoo and/or McAfee for being falsely identified to users as a provider of malicious software.  (Due to the Yahoo Terms of Service agreement, users will be unable to successfully sue if some malicious links or sites slip through.)   Still though, despite the threat of lawsuits, Yahoo and McAfee should be commended for trying to develop a solution—however temporary or imperfect—to this problem.  Of course, if any of my clients end up being falsely identified as providers of malicious software, then those companies will hear from me.  Until then, the battle continues.