Issue link: https://epubs.iltanet.org/i/43390
THE SOCIAL SIDE OF INFORMATION GOVERNANCE network layer. It also allows for the potential to capture social media interactions without assent or approval of employees, assuming policies already exist that cover monitoring or collecting information stored or transmitted on corporate devices and networks. Inside-based interactions might also include internal collaboration systems, which some companies are now exploring and adopting for knowledge workers in particular. Moderated Interactions: These interactions occur on corporate-maintained social media sites such as a corporate Facebook or Twitter account. In this instance, the organization itself is in essence the "owner" of the page and associated interactions. Specific individuals might exercise control on behalf of the business, and these employees are presumably doing so with full knowledge of the organization. This category grants to the organization, as opposed to employees directly, the right to establish governance mechanisms. Outside-Based Interactions: These interactions occur outside of an organization-controlled device or network. For those businesses maintaining a policy that permits employees to engage in this conduct, they have two options in how these interactions can be governed and monitored: • Solutions that support the ability to allow individuals to "opt-in" or register a particular social media account. Although each site differs slightly in supported capture methods, registering the account grants the governance application the authority and credentials to see and capture content. This approval is often done on a site-by-site basis for the reasons stated above. This method works well since interactions from any device will be captured, and the governance application is talking directly to the social media site. • Solutions that can monitor aggregated feeds of publically available information, such as Twitter feeds, public LinkedIn and Facebook sites, blogs, forums, third-party websites and news sites. This allows companies to see if individuals are discussing their firm, their people or their products. It can provide another layer of surveillance and monitoring to see what other types of interactions or conversations might be occurring outside of authorized channels. At the end of the day, capturing social media is a distinct technical challenge, though merely capturing it for the sake of collecting it has limited value. Similar to when email became required from a regulatory perspective and organizations worried about storing it somewhere to meet their obligation, social media is at a comparable stage. However, as we come out of the credit crisis, insider-trading cases and some of the legal cases noted earlier, it's clear that lawyers and regulators are focused less on the form a piece of information takes — they care far more about what it actually means. Therefore, the right solution for managing social media will allow counsel to not only collect and monitor it, but categorize and manage it in real time according to established policies. Focus on solutions that can establish what something means, and understand how it relates to potential risk for an organization. There are few, if any, organizations today looking for www.iltanet.org Corporate Law Departments 17