Social media policies are stupid. But your company still needs one.

Posted on July 2nd 2010

Back in mid-January, Thomas Nelson Publishers CEO Michael Hyatt wrote a blog post titled “Five Reasons Why Your Company Doesn’t Need a Social Media Policy.”

I didn’t disagree with a single one of Hyatt’s points, but I walked away from the article still convinced that companies need social media policies (or, at least, guidelines). Earlier this week, HubSpot’s Michael Volpe wrote a similar post—“Why a Social Media Policy is Stupid”—that focuses on just one of the points Hyatt made. Volpe wrote

No single channel of interaction is more important than others.  Social media is not something weird or different, it is just one of many ways your company interacts with people.  Giving social media its own policy implies that phone, email and in-person interactions are not important or less important.

Hyatt came at the argument from a slightly different perspective:

I honestly don’t understand all the fuss about social media. It’s just one more way to communicate. Do you have a “phone policy”? an “email policy”? a “fax policy”? Technology is neither good nor bad. It’s what people do with it that is the issue. And honestly, I don’t care if people are updating their Facebook status “on company time.” (Is there really such a thing any more?) Instead, I prefer to focus on the results the employee delivers and let them manage their time.

Hyatt’s and Volpe’s points are right on, and Hyatt goes one step further, tying the argument to open employee access to social channels. And Hyatt makes four other sound, reasonable points:

  • Your people can be trusted
  • More rules only make your company more bureaucratic
  • Formal policies only discourage people from participating
  • You probably already have policies that govern inappropriate behavior

I wish most organizations were in a place where Hyatt’s and Volpe’s dead-on arguments could be applied. Sadly, that’s just not the case. For most businesses, social media is still a cesspool of lost productivity, danger of network infection and risk of damaging employee disclosures or misbehavior. That’s why, according to the widely-cited Robert Half study, 54% of companies still block employee access to social networks. I see a direct causal relationship between that 54% of companies that restrict access and the 75% (or so) that don’t have policies in place.

In her book, “Open Leadership,” Altimeter Group Founder Charlene Li writes:

The new relationships you create with openness and social technologies need structure. Remember, you are building relationships that have not existed before. Most of us understand the rules and etiquette of social neteraction…But in these new open relationships, the power shift is such that we are not quite sure how we should be acting, and it sometimes feels like we are looking in on some alien world with its own language and social mores.

Li recasts the idea of a policy as a “sandbox covenant,” to govern how organizations will enter into the new relationships unique to social media. (Her overview of the elements of social media policies is the best I’ve read.)

It’s not just the nature of the relationships that are new. The social forum for comments is unlike the local pub, the church parking lot or the PTA meeting. What employees say in these venues is ephemeral (unless someone is standing nearby with a recording device). What employees say on Facebook and Twitter is archived and searchable forever. Hiring smart people—a solution both Hyatt and Volpe advocate—doesn’t automatically mean employees know every compliance issue that could come back to bite the company. Many of those compliance issues are unique or have special applications to the online world.

Hyatt argues that policies can discourage people from partricipating. Writing policies that avoid the “don’t” approach can address that problem. But without knowing the rules, employees can be inhibited from saying anything about the company since they don’t know what can and can’t get them fired. There have been more than enough tales in the media of people losing their jobs over something they didn’t know was a termination-worthy offense to make employees cautious.

Well-crafted guidelines also provide guidance for dimensions of online communication that are unique to the social media space. IBM’s guidelines, for example, include this pearl of wisdom:

Be aware of your association with IBM in online social networks. If you identify yourself as an IBMer, ensure your profile and related content is consistent with how you wish to present yourself with colleagues and clients.


What other policy covers that point? And surely smart employees who may be new to the social media space wouldn’t necessarily know to ensure their profiles on networks where they participate for non-work-related purposes could have an impact on their company.

Then there’s this IBM guideline:

Find out who else is blogging or publishing on the topic, and cite them.


Again, no existing policies or guidelines cover this kind of guidance.

Policies (or guidelines) also give the organization an opportunity to ask employees to reflect specific company values in their work-related interactions. Telstra, the Australian telecommunications company, uses an online training module to convey its policies, which are wrapped in the 3 Rs of social media engagement: representation, responsibility and respect.

There are other good reasons to have a social media policy in place. As Li points out in her book, even smart employees may have a different view from the company about what is right. You can default to the popular “don’t be stupid” policy, but who defines what is stupid? Smart people with good intentions can take action that company leaders might find objectionable.

And how often do organizations communicate or reinforce general communication or behavior policies? Some organizations require an annual signature from employees acknowledging that they’ve reviewed the policy, but most employees sign off without actually having read anything. In social media’s early days, a policy alone is inadequate. It needs to be continually communicated and best practices recognized and rewarded in order to embed the right behaviors into the organization’s culture.

One day, when the newness has worn off social media, the policies that govern its use will be inherent in an overall communication or behavior policy. Volpe’s on the right track when, in response to some comments to his post, he asks, ‘Do you have a phone policy, email policy or an in-person conversation policy?”

No, most companies don’t. But they did when they were new. I remember email policies when email was first rolled out in the organization where I worked, and I remember reading a number of other companies’ email policies. And I also recall a friend from ExxonMobil sharing a page from a Humble Oil employee magazine, circa 1930ish, introducing the policies that governed employee use of the telephone.

While a technology is new, highlighting the dos and don’ts makes sense. Best Buy’s policy, for one, acknowledges that social media applies “whether you’re Twittering, talking with customers or chatting over the neighbor’s fence.” Yet it’s still a discrete “Best Buy Social Media Policy.”

If more companies craft positive policies that encourage employee participation, we can probably whittle down that 54% of companies who block because they’ll feel more comfortable with their employees interacting in these channels.

Let’s check back with this in 10 years. I would hope by then the business world will be ready to embrace Hyatt’s and Volpe’s position, as they eventually were with email and the telephone.


Shel Holtz

See Full Profile >


Posted on July 3rd 2010 at 12:12AM

Balderdash! There's no need for a policy as such. Simply incorporate common sense SM guidelines into your existing new employee training/orientation. Done and done!


No need for a Big List of Rules and fueling misapprehension on the part of corporate executives who really want to control every word and action that comes from an employee as if that employee were property of the corporation. The policy isn't for the people; it's for the misguided old-world executive who thinks s/he can control everything and everyone.


Enlightened leaders aren't afraid of staff and don't need a policy. A quick common sense reminder/introduction for new employees is all that's required. Well, that and a fairly large leash to allow employees to be themselves.

Posted on July 3rd 2010 at 5:24PM

policy and restrictions are being decided everyday by IT managers. The security of company networks are at stake but the potential for innovation using social media is a large enough carrot for the discussion of how to properly utilize the medium continues. Palo Alto networks came up with a whitepaper,, which will explore the issues surrounding social media in the workplace. It is important to not only understand the immediate benefits of doing business how one lives, but the threat it presents to a company's greater ROI and productivity when it comes to the server's safety and security.

Posted on July 3rd 2010 at 5:25PM


Posted on July 5th 2010 at 3:29PM

Policies are not only useful when they are new,but also will be helpful when the need arises.But you have to follow the policies of your company and make it consistent and whenever needed make the changes which will not make the employees and partners sufffer.

Posted on July 6th 2010 at 10:49AM

Great article.  I must admit that most policies are written in the "DO NOT" tone of voice while it should be more in a collaborative, sharing and constructive manner.   We should try make employees the ambassadors for the company and not the criminals under constant watch.


Mic Adam (Vanguard Leadership)