• United States



Businesses May be Liable for Employee Statements on Social Networking Sites, says new FTC Guidelines.

Jan 03, 20102 mins
Core Java

New FTC guidelines ( that went into effect on December 1, 2009, may impose liability on businesses for statements their employees make on social networking sites like Facebook, Twitter, LinkedIn, MySpace, personal blogs, and other sites – even if the company had no actual knowledge those statements were being made.  Specifically, if an employee makes comments about the business’ products and services and that employee fails to disclose their employment relationship with the business, the business may be subject to an enforcement action for deceptive endorsements.

The FTC guidelines state that where a connection exists between the speaker and the company selling the products and/or services and that connection would materially affect the weight or credibility of the speaker’s statements, the connection must be fully disclosed.  Although many examples are provided in the FTC guidelines, the following is of particular importance:

An online message board designated for discussions of new music downloadtechnology is frequented by MP3 player enthusiasts. They exchange information aboutnew products, utilities, and the functionality of numerous playback devices. Unbeknownstto the message board community, an employee of a leading playback device manufacturerhas been posting messages on the discussion board promoting the manufacturer’s product.Knowledge of this poster’s employment likely would affect the weight or credibility of her endorsement. Therefore, the poster should clearly and conspicuously disclose herrelationship to the manufacturer to members and readers of the message board.

To reduce the potential for liability for these types of employee statements, businesses should adopt social networking policies that make clear only authorized spokesmen may speak on behalf of the company, that all other employees must avoid making any statements that could be viewed as official communications of the company or endorsements of its products and services, and that the employee must make clear their relationship with the company when making statements online.  For example, “I am an employee of XYZ Corporation.  These comments represents my own opinions and not those of my employer.  I am not a company spokesman.”  The company should also implement procedures to monitor compliance with its policies and the use of its name online.


Michael R. Overly is a partner and intellectual property lawyer with Foley & Lardner LLP where he focuses on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies. He counsels clients in the areas of technology acquisition, information security, electronic commerce, and on-line law.

Mr. Overly is a member of the Technology Transactions & Outsourcing and Privacy, Security & Information Management Practices. Mr. Overly is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information System Auditor (CISA), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified Risk and Information System Controls (CRISC) and Certified Outsourcing Professional (COP) certifications.

The opinions expressed in this blog are those of Michael R. Overly and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author