Social Media: Ownership Disputes

Organizations Face Social Network Management Challenges

By , August 19, 2013.
Social Media: Ownership Disputes
 

As more organizations use social media to grow their online presence, questions of ownership become an increasing concern, says Alan Brill of Kroll, who advises organizations on how to mitigate the risks.

See Also: Digital Identity Verification for Fraud Mitigation

Here's a scenario: An employee is tasked with setting up and growing a company's social media presence. Over time, as the social network grows, it attracts thousands of followers. Once that employee leaves your organization, who owns that network?

"There have been a number of cases where those who have developed a social media site leave the organization and take it with them," says Brill, senior managing director at Kroll, in an interview with Information Security Media Group [transcript below].

"They say it's theirs; they're not giving it back and that they're the registered owner," he says.

These incidents often lead to litigation, where organizations and ex-employees dispute who owns that asset, Brill explains.

"It's very difficult to go in and fight these disputes if there's no agreement," Brill warns.

The best place organizations can begin to mitigate the risk is by taking inventory of all social media relating to their company, and then having contracts and agreements built with the employees who manage them, Brill says.

"This is not magic," he says. "It's a matter of doing it and keeping it up-to-date."

In an interview about social media risk management, Brill discusses:

  • Risk to organizations from social media ownership disputes;
  • How organizations can mitigate these risks;
  • Where to begin.

Brill is senior managing director for Kroll Advisory Solutions. He consults with law firms and corporations on investigative issues relating to computers and digital technology, including the investigation of computer intrusions, Internet fraud, identity theft, misappropriation of intellectual property, internal fraud, data theft, sabotage and computer security projects designed to prevent such events. He has worked extensively on developing methodologies for collecting evidence from corporate information systems. With more than 33 years of consulting experience, he has assisted firms with a wide range of technology security issues.

Protecting Social Media Assets

TOM FIELD: Just to jump right in here, there has been a lot of recent litigation and discussion about protecting corporate social media assets and ownership. My question for you is: Protect them from what?

ALAN BRILL: That's a great question to start with. It's the not understanding that has led to so many of the problems and the litigation that we're seeing now. Essentially, the way that I think you can look at the problems involving the ownership of social media that corporations use is just a form of identity theft. Here's what I mean. The company over time, as they come to use social media more and more, learn to use it more and more effectively. They build up hundreds or thousands or tens of thousands of people who like them on Facebook; thousands of followers on Twitter; huge numbers of links on sites like LinkedIn. The number of social media sites including those that are more specialized to an industry has grown exponentially; we all know that. The companies are really enjoying the use of social media, but the problem comes in when, for example, the employee who set up the site for you or has been running it for you, or the contractor that is doing it, decides to leave or is let go for whatever reason, and suddenly the company discovers that the password to that social media site has changed and they don't know it. They check with the person and they say, "Well, you know, it's interesting. I established the site and it's actually registered in the name, and you don't have any ownership interest and I'll use it for whatever I want to."

Follow Jeffrey Roman on Twitter: @gen_sec

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Why POS Malware Still Works

New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every...

Latest Tweets and Mentions

ARTICLE Why POS Malware Still Works

New, advanced point-of-sale malware dubbed "Poseidon" can exfiltrate card data directly from every...

The ISMG Network