As our online and offline personas increasingly converge, the spotlight is being shone on law firms and the online behaviour of their members. The SRA has recently updated its guidance, warning “the same ethical obligations of professional conduct apply in an online environment”. We take a look at what this means in practice and how law firms can ensure compliance today.
What online behaviour is offensive?
The SRA has experienced a significant increase in the number of complaints concerning inappropriate communications, including the use of social media inside and outside of practice. The regulator expects professionals to “behave in a way that demonstrates integrity and maintains the trust the public places in you and in the provision of legal services”. Examples of the type of behaviour they have investigated (and referred to the SDT) include hate and discriminatory behaviour, the use of derogatory language, sexually explicit comments and abusive comments directed towards other firms or clients. The list goes on.
Who is at risk?
Managers of firms hold the responsibility to ensure that their members do not cross these lines. SRA-regulated firms “must take all reasonable steps to ensure that the firm complies with [our] regulatory arrangements”, including “identifying, monitoring and managing all material risks to the business”.
If a member of your firm sends or posts an inappropriate or offensive communication, it not only puts you at risk under the SRA Principles, but it also has the potential of causing significant reputational and financial damage. For example, if clients react by withdrawing their business or are deterred from instructing your firm. In some circumstances, you could also be liable for your employee’s actions if the communication amounts to victimising or harassing a third party.
How can you ensure compliance and mitigate risk now?
1. Put a social media policy in place
There is no one-size-fits-all approach here. You should ensure you have a policy that feels in line with company culture as well as ensuring compliance and best practice. Also, consider the nature and size of your firm to determine whether you need to put further systems or controls in place.
2. Only identify business-related risks
Only posts that fall within agreed risk categories should be captured and reported on, which would typically include issues such as racism, sexism, illegal activity, or anything that could bring the firm into disrepute. By ensuring a robust approach to checks it will now be easy to ensure that new hires, promotions and scheduled reviews can all be screened quickly and any risks will be highlighted without becoming intrusive.
3. Make use of technology and trusted third parties
Here technology can help. Don’t spend significant time internally trying to monitor as you will not be efficient or compliant and will undoubtedly review content that you don’t want or need to see. A trusted third party will save you time, ensure you only see business-relevant information and will deliver an auditable, robust process that will meet the Regulator’s expectations.
4. Beware of online pseudonyms
As the SRA points out, “anonymity is not guaranteed; material which you post under a pseudonym may still be traced back to you”. The technology goes far beyond a simple name check and we routinely identify multiple online aliases tied to one individual. Having a very corporate account on Twitter for example and a second “angry” account under a different username does not mean that the rules won’t apply.
As the regulator and the press are increasingly picking up on conduct issues, social media best practice and online reputation screening becomes critical in mitigating the risk for firms.
If you’d like to know more about how to quickly implement a compliant and cost-effective approach to help protect your firm and its members, please give us a call on 0208 090 2622.