2020/NO.27 - Many of us decide to use social media platforms as one of our main and regular methods of communication. Following on from our recent piece ‘To Record or Not To Record’' we decided to look deeper in to what GDPR means in relation to social media. A hot topic in recent years, especially concerning the UK which saw two major privacy milestones in the first six months of 2018 alone; March 2018, the Facebook Cambridge Analytica scandal broke which was soon followed by the EU General Data Protection Regulation (GDPR) implementation in May of the same year. The Cambridge Analytica scandal captured the focus and outrage of the media, general public, politicians and regulators worldwide. It demonstrated that yes, people do indeed care when it comes to violations of their privacy.
One thing to bear in mind when using social media is that it can potentially be disclosed in court proceedings through evidence of the following types; posts, comments, and ‘private’ messages.
The social media items listed above potentially fall within the definition of what is considered to be a ‘document’... “anything in which information of any description is recorded”. Emails and other electronic communications fall within this definition and could potentially be disclosed too.
Confusion can surface with the content of Facebook exchanges. GDPR does apply to Facebook despite it being a very public forum. IP addresses, phone numbers and all individual data including personal opinions are considered as ‘personal’. Do not think you can do what you like with any and all Facebook exchanges. You definitely cannot!
Personal data is defined as “relating to an individual”. This could be both at home, or in a place of work. There is nothing to stop anyone viewing Facebook content.
The dividing line is crossed if you as a person outside a specific Facebook exchange, home, work or business, it doesn’t matter, want to use the information for a purpose not intended in the original participants. Consent must be obtained PRIOR to any intended third party different use of the information. It is how the data is used, not the content.
In recent case law, The Northern Irish case of “Martin v Giambrone ” the Judge stated that “anyone who uses Facebook does so at his or her own peril”. This case went on to explore that material posted on the social media platform was not confidential. Even if a party intends for that post or message to be read only by a closed group or select friends, they do so with knowledge that the post or message can be shared with whoever the friends or closed group decides to. Not so private or confidential now!
So why are we talking about this? We would not want any of our clients, or followers, to be ‘caught out’ posting something sensitive online about an ongoing case, or dispute, that may be used against them. Some may wish to post strong opinions their Pub Co or landlords online, whilst at the time it may feel like a you have gotten something off your chest, it may come back to bite you. We are well aware of private Facebook groups dedicated to tenants and lessees only that have unfortunately seen a few Pub Co reps and BDMs sneak their way in. Watch out, these moles will be looking for anything to latch on to that will allow direct feedback to a colleague further up the hierarchy and get in their ‘good books’. Serves them well for any hopeful future promotion. Even we at Morgan & Clarke are not immune to this, our newsletter and website is well read and subscribed to by Pub Co employees and reps. Not that it matters one jot because we take great care not to be libelous.
Take this as a friendly warning.