Saturday, May 30, 2009

From "online reputation" to "conflict of interest": we need to get beyond the "sniff test" and develop some "best practices"

This week Dr. Phil re-aired his “busted online” show (reviewed in the TV blog September 2008) and I caught some more of the disturbing meaning of what has been going on with “online reputation.” As most readers know by now, that has to do, on the surface, with employers checking job applicants online (the “two way traffic” issue) and the so-called “sniff factor” (as “Reputation Defender” CEO Michael Fertik calls it) where employers make snap judgments on first impressions online just as they would with conventional resumes and interviews, and don’t bother (or have the time) to look at context.

Starting as early as the mid 1980s, we offered “ordinary people” the ability to communicate with the whole world with very little “entry barrier”, and, not surprisingly in hindsight, have run into a “sandpile” of perils at one time thought “unthinkable.”

In a general way, the hazards fall into three overlapping areas: security, business conflict of interest, and “reputation defense.” And, also in a general way, the self-broadcasting behavior that has led to a number of these problems has three overlapping purposes: making money (sometimes “too easy” money), self-publication, and (more recently) social networking.

In the 1980s, some dialup user networks started to appear (with few legal problems at first), and by the early 1990s, after the National Science Foundation gave its blessing to turning on the Net, a number of protocols started to shift down to a few basics: email and http. Companies like AOL, Compuserve and Prodigy offered proprietary content and email, and quickly found that they needed to implement “terms of service” and “rules of the road” and then explain these rules in baby language for those not “law literate.” By the mid 1990s, self-publication online became practical, and by the late 1990s search engines were enabling people to be found worldwide at essentially no cost and with little special effort (you really didn’t have to code Metatags on static html files; robots would find you).

I came into contact with these issues from a different direction: desktop publishing, when I wrote my first book and had to learn intellectual property law quickly (and meet with a few lawyers first). I had a special problem: I was going to write a book dealing with “don’t ask don’t tell” because of a traumatic earlier life experience, yet I was working for an insurance company that specialized in selling to military personnel. I dealt with this potential “conflict of interest” with a corporate transfer when the company got bought (for once, a “Wall Street” merger was a good thing for me, but not for everybody). Later, I put a lot of the material online, and found that I had an audience of probably several hundred thousand people worldwide.

I began to see how the “unlimited” self-publication online could present business risks for people already employed at a place. The most obvious risks would be breach of confidentiality or trade secrets. But others were more subtle. If a person who made underwriting decisions about stakeholders or who had direct reports presented herself as “sharp-edged” on “moral” issues online, she find her credibility and effectiveness in the workplace undermined. This was an extension of the “conflict of interest” problem I had already vetted with lawyers over my own peculiar relationship to “don’t ask don’t tell” and employment. (I won’t elaborate further here, but that’s another reason to repeal it.)

Starting around 1999, the media occasionally reported stories of people being fired for off-the-job online activity. This could include nurses or teachers fired for being found engaging in pornography, or for other people setting up sites to trade their employer’s stocks illegally. Then sometimes people did get fired for violating confidentiality with what they published online (even from home), or for creating conflicts, with the most famous incident being the “doocing” of Heather Armstrong (and “dooce” is a real verb now). Around 2001 or so, people started talking about the idea that companies ought to have “blogging policies”, although the idea didn’t catch hold quickly. Typically, these policies included provisions that, besides protecting confidentiality, employees clearly state that they are speaking for themselves.

The next little flap that seemed to provide an existential threat to blogging and self-publication was campaign finance reform. However, in 2005, the FEC was able to promulgate rules that exempted most “ordinary” issue-oriented blogging from being viewed as an “indirect contribution”.

But the media started jumping on the problem of online presence and reputation around the end of 2005, after social networking sites had been around for somewhat over a year. The attention shifted from job holders to job applicants, and the media started reporting that people were being excluded from consideration from jobs when employers (and even grad schools) found unflattering behaviors online, especially from high school and college students. The “two way street” seemed to lack streetlights and double lines; employers could be careless on whether they even identified the right person. Teens or young adults found that others could post undesirable photos or comments about them (especially on Myspace and Facebook), leaving permanent digital records that could haunt them forever. Even just going to a wild party could be dangerous; you never knew who had a camera, and whether bong hits were around. Entrepreneurs like Michael Fertik formed companies to help clients clean up online reputations (there are several of these firms now). As a correlated problem, kids were often giving out quasi-personal information that could sometimes jeopardize their families’ security or their parents’ jobs.

All the sudden, a communications mechanism that had been intended to promote freedom of expression can be used as a test for social conformity. That’s the “sniff test” problem that Fertik talks about. Many jobs are predicated on “getting business” and employers feel that, even if they don’t “care” personally about off-job behavior, they’re afraid that clients will. In the midst of all this, there are some special problems: sexual orientation (especially for someone in the military).

It is certainly true that many jobs require one to represent an employer’s views to the public, not just one’s own. That may be OK for a college graduate who wants to work as a political operative and is already psychologically committed to a particular party’s or interest group’s objectives, or it may be all right for someone who wants to specialize in some area (like intellectual property rights or the DMCA) where it’s pretty clear cut how he should behave online. (Consider how a trial lawyer or prosecutor should behave online.) But for someone with a much longer list of life experiences (me), being tied to representing someone else’s interests is an unwelcome proposition.

It’s also true that some jobs, especially in journalism or the “established media” require public objectivity (and require signing of a public morals clause). That might make my own style of “gonzo journalism” off limits – or it might not, depending on how I played things.

Where does all of this leave us? It’s not easy to parse all this into any consistent outline of what the future portends.

I can, for example, think of some very negative developments that could happen:

For example, require all bloggers to have insurance, to cover the “systemic risk” that they create. (That would considerably raise the “barrier to entry”). Or, require bloggers to demonstrate financial results (but that encourages people to develop scams). With proposals like these, one is trying to force bloggers (under “free entry”) to cover the unpredictable “systemic risk” that their "almost famous" goals subsume with some legitimate capital (rather like the banks!). Or, require bloggers to write only about areas that actually pay their mortgages (but then they really would have to be cleared by their employers anyway, taking us all the way back to the world of professionalism and eliminating “amateurs” from the debate, dumbing debate down and confirming established "power structures"). There may be calls to weaken the downstream liability limitations of Section 230 of the 1996 Telecommunications Act.

The “free entry” system certainly enriches our communications and democratizes our political debate. It certainly provides a valuable counterweight to lobbyists and special interests (something all conservatives want to see). It also comes with a lot of systemic risks – yes, Joshua Cooper Ramo and his “unthinkable” sandpile. There is no simple answer to these problems, but leadership in a number of areas would help.

First: Provide intellectual property education in public schools. Kids need to learn about copyright, privacy, reputation, libel, and all of these concepts. (I think a lot of teachers and administrators need to learn them, too.) And schools need to take on cyberbullying (and all bullying) with zero tolerance – even when from home. Major Internet-oriented corporations must step in and help schools do this. . Many educators feel that excessive media exposure reduces the ability of kids to relate to and particularly empathize with “real people” but they have been saying this since television came into general use in the 1950s. (Note: June 3: EFF has an article by Tim Jones, "Taking Copyright Education Seriously", here.)

Second: The human resources world must help employers develop “best practices” and inform job applicants (and sometimes current associates) just how online “reputations” will be checked. Measures must be taken to ensure that people are properly identified. The corporate world has learned to deal with diversity and discrimination issues in other areas, and Internet expression is a “quasi-private” area (despite the fact that it is public) that deserves the same consideration, for the public good. The Obama administration should jawbone the corporate world and HR world on this. Corporate America can learn to do this fairly. If voluntary measures don’t work, Congress could consider measures later. The “best practices” idea might need to extend into other areas, like housing and zoning.

Third: We do need a system for lenders to use to perform due diligence in identifying consumers properly. I’ve developed this on another of my blogs.

Fourth: The Obama administration has taken some steps in centralizing the control of “existential” threats to our cybersecurity.

Fifth: Bloggers and “small” webmasters need to develop comprehensive “business privacy policies” as I discussed May 25. And individuals will probably eventually be expected to have “coherent” presence on the web, rather than multiple “separate lives” (which I have done since I was always an “individual contributor” at work), although anonymity will always be fought for as a right.

Sixth: Understand this paradox: the Internet, by bringing us so much awareness of the systemic problems people face, has, while developed to promote freedom, may make us come to view “personal responsibility” and accountability to others, beyond the usual parameters of “choice” – with a lot more subtlety.

Last – repeal “don’t ask don’t tell”!

And note -- I don't think the photo here can hurt anyone's "reputation."

Understand: it may “say more” to throw a temper tantrum and have no web presence at all, than be coerced into crafting one’s own personal expression and “reputation” to meet the ends determined by others.

Related post (6/9/2009) about "personal branding on my trademark blog is here.

No comments: