-------- Original Message --------
Subject: Blogging policy
Date: Thu, 17 Feb 2005 00:11:01 +0000
From: Simon Phipps <Simon.Phipps@private>
To: declan@private
Hi Declan,
I see you have a correspondent looking for help with a blogging policy.
We've done a fair bit of work on that and our current policy is at
http://www.tbray.org/ongoing/When/200x/2004/05/02/Policy supported by
an internal statement that employees have to consent to in order to get
space on blogs.sun.com. Sun would be happy to help your correspondent -
do feel free to pass on my details.
_____
Simon Phipps, Chief Technology Evangelist, Sun Microsystems
Tel: +1 650 352 6327/USx69758 Web: www.webmink.net, AIM: webmink
[Jim was the first of many to send along the CNN article. --Declan]
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
fromPolitech member [fs]
Date: Tue, 15 Feb 2005 17:27:53 -0500
From: James Maule <Maule@private>
To: <declan@private>
Declan,
Good timing.... yesterday my sister sent me the following URL and
titled her email to me as "be careful what you say....."
Perhaps this is of use to the person making the inquiry and may provide
some research leads:
"Have a blog, lose your job? Workers with Web logs are everywhere, and
they're starting to make corporate America very nervous. "
http://money.cnn.com/2005/02/14/news/economy/blogging/index.htm?cnn=yes
Take care,
Jim
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Tue, 15 Feb 2005 23:06:23 -0500
From: Duncan Frissell <frissell@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
Speaking of Usenet...
Shouldn't a company's "Blogging Policy" be the same as their "Usenet
Policy", their "CompuServe Policy", their "Mailing List Policy",
etc. Since this has been going on for circa 20 years now, isn't it a
little late for a policy?
DCF
-------- Original Message --------
Subject: RE: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Thu, 17 Feb 2005 10:56:31 -0700
From: Colin Anderson <ColinA@private>
To: 'Declan McCullagh' <declan@private>
Serendipity strikes. I was musing on this exact same topic in my blog,
www.edmontonnewhomeviews.com. Every company is free, of course, to set their
own policy, but my personal opinion is that banning them entirely or vetting
every post is a mistake. The best policy outline I have found so far:
http://forrester.typepad.com/charleneli/2004/11/blogging_policy.html
Feel free to post this.
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Tue, 15 Feb 2005 14:29:53 -0800
From: Joe Crawford <artlung@private>
Reply-To: joe@private
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
best thing i've read lately on blogging/work is this:
http://www.dashes.com/anil/2005/02/14/nonblogger_fir
very eloquent on the subject of being "fired for blogging" basically.
i think the best policy would be for people to understand that the
nature of the web is public. a company's policy should cover all
information dissemination and publication, not just blogging.
joe
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 16 Feb 2005 11:35:02 -0500 (EST)
From: Jim Huggins <jhuggins@private>
Organization: Kettering University
To: Declan McCullagh <declan@private>
> I need to get an idea of company policies on blogging. What's the
> current state of thinking in allowing workers to keep blogs and include
> posts about work/worklife?
To the best of my knowledge, my employer (Kettering University) has no
stated official policy on blogs.
On the other hand, there are conventional policies which may partially
apply. For example, the faculty/employee handbook has policies which
state that following are unacceptable conduct:
* unauthorized use of the University name for personal,
commercial, or religious purposes
* publicly presenting personal views as though they are the
position of the University
The list given above is deliberately not exhaustive.
Sanctions are handled under the usual procedures for any other
unacceptable conduct.
While the case of blogs is "new" because of the technology, in some
respects it is perhaps simply a new instance of an older problem.
Disclaimer: this is obviously an academic institution, and the rules in
academia and private business usually differ. Your mileage may vary.
--Jim Huggins, Kettering University, Flint, MI
[P.S. I suppose I'm obligated to point out that the views expressed above
are my own and not necessarily those of my employer :) ]
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Tue, 15 Feb 2005 16:37:58 -0600
From: Steve Stearns <sterno@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
It seems to me that regulation of a person's blog would go well outside
the bounds of a standard employer/employee relationship. Would my job
also require an opportunity to review any letters to the editor that I
might want to send to my local newspaper? What makes a blog such a
unique invention that it needs to be specially considered in the
employer/employee relationship? Though I've never worked for a company
that set up specific rules about blogs, the other rules I've been bound
by cover such things adequately (non-disclosure agreements, etc).
---Steve
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 23 Feb 2005 15:19:30 +0530
From: Devdas Bhagat <devdas@private>
Reply-To: Devdas Bhagat <devdas@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
>
> 2) Is there advice on what NOT to post? (Don't talk
> about proprietary stuff, don't trash your co-workers,
> etc.)
I do believe that this should already be covered in the general corporate
policy about communicating to the outside world. The medium MUST not
matter (email, IM, physical media, things not yet invented...).
I would recommend not allowing blogging from corporate systems, but what
a worker does from her/his home systems is not the responsibility of the
company (essentially, the same policies as personal email).
A blog may just be considered to be a public diary, and as such subject
to the same limitations as keeping any other diary or website.
Corporate secrets and other private information should be private (and
already covered under company policy). Dissing cow-orkers/PHBs
could very well be considered a form of ranting, and really should be
considered off limits to corporate lawyers. If work atmosphere is
getting vitiated, then you need to actually fix the scenario, not just
try and ensure that the blogs are not kept.
>
> 3) What are the processes for requesting removal of a
> post? Dismissal from work because of a blog entry?
The same policies that apply to the release of any other corporate data.
A personal request should suffice, but keep in mind that a blog is not
corporate territory. If any company data is released, then you should be
able to get it pulled, but for any other data, the company should have
no rights to be able to do anything other than make a formal request
that the post be pulled.
Dismissal from work for a blog entry may very well be judged to be
overkill (unless this was the release of a trade secret or something).
Devdas Bhagat
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Tue, 15 Feb 2005 14:38:59 -0800 (PST)
From: Kent Peterson <urquan@private>
To: Declan McCullagh <declan@private>
--- Declan McCullagh <declan@private> wrote:
> 1) Specifically, do workers have to disclose their
> blogs?
I would claim the answer to this should be no. I expect most employers
would feel otherwise though, and policy is theirs to set. Requiring
disclosure is likely to simply force people to be more anonymous though
(which isn't hard).
> 2) Is there advice on what NOT to post? (Don't talk
> about proprietary stuff, don't trash your co-workers,
> etc.)
Yeah, all that. The common sense stuff (that actually is not common
sense until you've been around the block once or twice). Anything
commonly found in an NDA.
> 3) What are the processes for requesting removal of a
> post?
Talk to legal and see if there's grounds. If there's a case, contact
the employee, ask them politely, and explain the consequences if they
don't.
>Dismissal from work because of a blog entry?
Same as dismissal for any other reason. Verbal warning, followed by
written warning and probation, followed by dismissal.
> 4) How is monitoring of blogs done?
Not sure if I'm interpreting this question correctly, but I think the
answer would be regular Googling for the company's name and publicly
known project names, and then keeping track of what you find. You'll
dig up message boards too, but they are fundamentally the same kind of
thing.
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 16 Feb 2005 01:11:48 -0800
From: Hal Murray <hmurray@private>
To: Declan McCullagh <declan@private>
CC: hmurray@private
> I need to get an idea of company policies on blogging.
What's special about blogging?
People were chatting with friends (perhaps over drinks), putting up web
pages, and writing letters to editors long before blogging became a
buzzword.
I'd expect that existing policies should already cover blogging. I'd be
suspicious of a policy that specifically mentioned blogging except as an
example.
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 16 Feb 2005 10:45:14 +0000
From: David Cantrell <david@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
On Tue, Feb 15, 2005 at 05:16:26PM -0500, Declan McCullagh wrote:
> [Anonymous is charged with drafting a blogging policy for their
> employer. I'd be happy to collate and post replies, in that old (and
> useful) Usenet tradition. --Declan]
>
> What's the current state of thinking in allowing
> workers to keep blogs and include posts about
> work/worklife?
I work for a private medical insurer in the UK, and in my work I have
access to some patient data as well as to all sorts of commercially
sensitive information such as the source code that runs some of our
systems.
> 1) Specifically, do workers have to disclose their
> blogs?
Here, no we don't. That said, google discloses my journal for me, and
it's linked from my web site. My web site is pretty much impossible to
*not* find given that it's often linked from the sig in mailing list
archives.
> 2) Is there advice on what NOT to post? (Don't talk
> about proprietary stuff, don't trash your co-workers,
> etc.)
What work-related stuff I post in my journal (or my web site, or Usenet,
or mailing lists, or in a book) is regulated by the normal contractual
bits n' pieces like commercial confidentiality and treating colleagues
with respect. This, I think, is key. "Blogging" (and I hate that ugly
word!) is no different from any other kind of publication, and is
already covered by any sane contract of employment as well as laws
regarding things like libel, trade secrets etc.
> 3) What are the processes for requesting removal of a
> post? Dismissal from work because of a blog entry?
No different than if I had written the same stuff in a book. I don't
expect to ever be asked to remove anything from there by my employer
because I don't slag them off in there. If I have any problems with
work, better to discuss them with my boss than to moan behind his back!
> 4) How is monitoring of blogs done?
I've noticed that my boss has looked at my journal a couple of times,
but there's no regular monitoring.
--
David Cantrell | Benevolent Dictator Of The World
Deck of Cards: $1.29.
"101 Solitaire Variations" book: $6.59.
Cheap replacement for the one thing Windows is good at: priceless
-- Shane Lazarus
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 16 Feb 2005 14:40:06 +0200
From: Steven Karas <steven.karas@private>
Reply-To: Steven Karas <steven.karas@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
Specifically in response to number 2:
Keep in mind that a blog kept by a worker is the same as one kept by
anyone else, and that it is (theoretically) publically available to
everyone in the world. As such, don't write anything in a blog that
you wouldn't say in a busy restaraunt in a loud voice.
A note on number 3:
There's been a lot of discussion about the various freedom of speech
issues in relation to blogs and the workplace. A quick and easy way to
write it up would be to remind everyone that as long as they follow
number 2, they'll never have to deal with number 3(and can thus safely
ignore it).
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 16 Feb 2005 08:45:40 +0100
From: Matthias Leisi <matthias@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
Hi Declan & Anonymous,
> 2) Is there advice on what NOT to post? (Don't talk
> about proprietary stuff, don't trash your co-workers,
> etc.)
One thing to remember from a security point of view: The digital
footprint one leaves behind may serve as valuable information for a
social engineering attack or may reveal sensitive information not by
itself, but when correlated with other information.
-- Matthias
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Wed, 16 Feb 2005 00:08:10 -0700
From: Mike Blessing <gunssavelives@private>
To: Declan McCullagh <declan@private>
References: <421274BA.1090000@private>
Declan McCullagh wrote:
> [Anonymous is charged with drafting a blogging policy for their
> employer. I'd be happy to collate and post replies, in that old (and
> useful) Usenet tradition. --Declan]
>
> ---
>
> Hello Declan,
>
> I need to get an idea of company policies on blogging.
> What's the current state of thinking in allowing
> workers to keep blogs and include posts about
> work/worklife?
>
> 1) Specifically, do workers have to disclose their blogs?
I haven't to my employer, but since I don't talk about the job on my
blogs, I'm not really afraid to. I just prefer to keep my on-the-job
time separate from my personal time.
So I'm not going to hide it from my boss, but I'm not going to
volunteer unsolicited information, either.
> 2) Is there advice on what NOT to post? (Don't talk about proprietary
> stuff, don't trash your co-workers, etc.)
All of these are good suggestions about topics to avoid.
Also don't talk about things that happen on the job that could cause
bad publicity for the employer, or about that last customer who was a
"total asshole."
Even if you don't put your workplace's name on the post, things still
have a way of getting back to you. You tell a co-worker about the
funny thing you posted there about ______, that goes through the
rumor mill a bit, gets exaggerated some, and next thing you know, the
boss has you front-and-center at his desk wanting to see exactly what
the uproar is all about.
> 3) What are the processes for requesting removal of a
> post? Dismissal from work because of a blog entry?
>
> 4) How is monitoring of blogs done?
First, does your employer know that the blog exists? Chances are they
won't run periodic Google searches on you just to see what you're up
to. They have more pressing matters - firing the people who steal
inventory or always call off on Fridays for the three-day weekend - to
bother with this.
Final note - unless the blog is part of the job, why are you posting
stuff from the job there in the first place?! Blogs-for-fun are the
LAST place to post that kind of stuff. Fer Chrissakes, get a life!
______________________________________________________________________
- Mike Blessing / http://profiles.myspace.com/users/6016165
Phone - 001-505-453-4532 / Yahoo IM - mikewb1972
My email blog - http://groups.yahoo.com/group/mikes_place
New Mexico Liberty Online - http://groups.yahoo.com/group/nmliberty
Freedom, Immortality, and the Stars!
Keep your kids off drugs - teach them to shoot!
Who owns you? Who runs your life? Who should - you or someone else?
______________________________________________________________________
-------- Original Message --------
Subject: Outlet for Workers Afraid of Blogging
Date: Wed, 9 Feb 2005 11:37:18 -0500
From: George M. Ellenburg <george@private>
To: Declan McCullagh <declan@private>
Hi Declan,
Here's something that would probably be appropriate for Politech'ers
list as it ties right in line with free-speech (and lack thereof) in
light of new technology.
In light of increasing reports (1,2,3) of employees being fired by
their employers for commenting about their workplace, I was compelled a
while ago to launch the following website, and would like your help
getting the word out:
http://www.novoice.org/
A forum for the American worker who, unless (s)he is under contract or
union, really has no voice in today's workplace.
I haven't done much with it, as I myself was a little paranoid of
getting fired by my employer if they ever found out that I was behind
it, but now I'm not so worried anymore.
Considering that 22 of our 50 states are Right-to-Work States, and most
employees are employed "at-will", workers are becoming increasingly
harassed, vilified, and persecuted for their personal views not only in
their personal lives, but when discussing their work lives, as well.
To protect posters, logs are kept for only 24 hours, and are
subsequently deleted.
Posters can choose to be as anonymous as they want, and are strongly
encouraged to use services such as CoTSE, The-Cloak, and Anonymizer to
help protect their online identity.
I hope that this forum will once again provide workers with "A Voice."
To be able to speak out on the injustices which plague many workers
across all industries, and to help force companies to become
accountable for their actions (and subsequent inactions).
Best regards,
George M. Ellenburg
---
References:
(1) http://tinyurl.com/5t6jz
(2) http://tinyurl.com/4rtd4
(3) http://tinyurl.com/6hvup
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
fromPolitech member [fs]
Date: Wed, 16 Feb 2005 10:12:38 -0500
From: James Maule <Maule@private>
To: James Maule <Maule@private>, <declan@private>
More on this topic....
Declan, this is a blerb from BNA with a link to a subscription site.
The person looking at this issue might want to try to track down this
article. ---Jim
EDUCATION, COMMUNICATION ARE FIRST LINES OF DEFENSE FOR
BLOGGING WORRIES
Lawyers seeking to keep their clients ahead of the
technology curve say that education and clear communication
are the best ways for companies to address liability and
competitiveness concerns raised by the proliferation of
employee blogs. Blogging raises issues not addressed in
existing computer use policies, they say, and employers
should move cautiously when imposing discipline or limiting
employees' blogging activities; employee writings may be
protected speech, either under the First Amendment or under
federal and state whistle-blower statutes. . . . Page 134
http://pubs.bna.com/ip/BNA/eip.nsf/is/a0b0j7w7f1
-------- Original Message --------
Subject: Re: [Politech] Creating a blogging policy? Request for help
from Politech member [fs]
Date: Tue, 15 Feb 2005 19:29:02 -0500 (EST)
From: Dean Anderson <dean@private>
To: Declan McCullagh <declan@private>
CC: politech@private
Blogging "for" the employer is no different that making a website or any
other form of corporate communications and interactions with public on
behalf of the employer. If they work on their blog at work, then the
usual rules apply: If the employer notifies the employee that the
communications at work are subject to being monitored, their
communications can be monitored.
Personal blogging _about_ the employer is no different from email or
personal written or verbal communications about the employer. All are
subject to the employee's non-disclosure agreement and other policies they
agreed to follow. Yes, they can usually be terminated for violating those
agreements or policies. Although, there are limits to what the employer
can do to get access to this information. A relevant court case is Konop
V. Hawaiian Airlines. Konop, a pilot with H.A. wrote a password protected
web site about H.A. A manager at H.A. managed to get a password (without
authorization), accessed the site, and fired Konop for what was on the
site. The Court ruled that H.A. violated the ECPA by accessing
communications without authorization.
Its always amazing to me that people think a new form of communication is
somehow not communication, subject to the previous rules about
communication.
--Dean
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Wed Feb 23 2005 - 22:30:03 PST