Social networking policy

The Cost-Benefit Knowledge Bank relies on social networking media to build a community of practice around applying cost-benefit analysis in criminal justice. Interested participants are encouraged to use and explore social networking tools to engage peers in discussions that share experiences, tools, and knowledge.

This social networking policy outlines five good practices for using the social networking tools employed by the Cost-Benefit Knowledge Bank. Following these practices will minimize risks to security and privacy that are inherent in any kind of communication. These guidelines suggest methods users of the Knowledge Bank can employ to meet record retention requirements and avoid copyright infringement and other legal risks. This policy also articulates the Terms of Service that users agree to when using the Knowledge Bank web site and its official outposts on other social networking services.

Good Practices for Online Social Networking

  1. Know and follow your own organization’s policies and guidelines.
  2. Maintain an authentic online identity.
  3. Treat all online activity as public activity.
  4. Use strong passwords for your social media accounts.
  5. Make a weekly transcript of your official social media activity.

1. Know and follow your own organization’s policies and guidelines.

Find out if your employer has issued a policy for using online social media and networking sites, and make sure to follow those policies in your participation in the Knowledge Bank.

A number of state governments, including Massachusetts, Delaware, and North Carolina have issued policies specifically addressing use of online social media, as have government agencies at the federal, state and local levels, some nonprofit and educational institutions, and many companies[1]. Most organizations, however, have yet to promulgate such policies.

If your organization does not have any explicit rules to guide your participation in online social networks, consult your organization’s employee handbook, human resources or legal department for guidance on external communications and ethical standards. Even if your organization has adopted a social media policy, it may address only one form of social networking, or it may be primarily focused on using social media in relations with the public and the press, so you will still need to look to your employer’s more general policies as a guide for your participation in the Knowledge Bank.

2. Maintain an authentic online identity.

Your participation in online media gains credence and accountability when you are transparent about your true identity and your professional role and responsibilities. Be clear in your communications whether you speak for your employer or for yourself. Present yourself and the organization you represent honestly and openly. Healthy and positive functioning of online social networks and communities relies on authentic onymity of participants.

Make sure your identity can be verified in your contributions to online social networks. When you create accounts on social networks, include a link in your profile that leads to a web page with information about you, such as a staff listing or C.V. and update those pages with links back to your social network profiles. These reciprocal links validate your contributions and help promote accountability within the community. They also help prevent your or your organization’s identity from being hijacked by a third party.

In representing yourself online, avoid exposing personally identifiable information (PII). Many social networks allow messaging within the network so you do not need to reveal your e-mail address or telephone number. If you choose to make your e-mail address or phone number public, make sure to use an official, work-related e-mail address and phone number.

If you represent yourself with a picture in an online profile, use a small, low-resolution photo, no more than 144 pixels in width and height. You do not want to use a high resolution photo that could be used by someone else to create fake identity credentials.

For further information, see the “Guide to Protecting Confidentiality of Personally Identifiable Information” at http://csrc.nist.gov/publications/drafts/800-122/Draft-SP800-122.pdf

3. Treat all online activity as public activity.

Regardless of whether you are using a password-protected online environment or not, you should consider any contribution to a social network to be a public activity. Comments on web sites, ratings and recommendations, referrals, the information in your public profiles, Facebook updates and Twitter messages – these are all forms of communication you should remember are public. You should take care with private e-mail messages, as well.

Anything online can be copied and shared with others very easily. Even if you share something within what you believe is a closed network, it can be copied and shared by any other person in the network to people outside of that network. Make sure that anything you say online is something you would be comfortable sharing in public.

If you stick to your areas of expertise, are polite and constructive in your contributions, and maintain an authentic online identity, you will be able to safely participate in the Knowledge Bank community online.

4. Use strong passwords for your social media accounts.

A strong password is essential to maintaining your authentic online identity and safeguarding your and your organization’s privacy and reputation. Strong passwords are:

  • 8 or more characters in length;
  • are composed of a mix of letters, numbers, and non-alphanumeric characters;
  • do not include or mimic words that may be found in a dictionary; and
  • are different for each account you create. (If one of your accounts is hacked, none of your others are at risk.)

Write down your passwords for different accounts on paper and keep this paper in a safe place only you can see, such as your wallet. It is a bigger risk to use weak passwords you can remember and not write down than to use strong ones that are written down in one place.

Avoid using public or friends’ computers to log in to password-protected services. You do not control the settings and security of those computers, and cannot know how safe or secure those computers are. There is a risk of logging in to a site from an unsecure computer that your password could be stolen by a “malware” program even the owner doesn’t realize has infected their computer.

You should avoid using unknown wifi networks for similar reasons[2].

5. Make a comprehensive weekly transcript of your official social media activity.

Your organization’s record retention requirements very likely apply to your participation in online social networking services. If that is the case, it is recommended that you save copies of your contributions to the Knowledge Bank. Copy and paste your comments, recommendations, e-mails, or other written activity on the Knowledge Bank site to a document (such as a Microsoft Word document) on your computer once a week. Alternately, you may use services such as Backupify to automatically archive your social networking contributions.

See Also

The following examples of social media policy and guidance will provide you with a range of perspectives on how to engage in social media in an official capacity.

Department of Defense Official Policy on New/Social Media. http://www.slideshare.net/DepartmentofDefense/dtm-09-026 (accessed 2/26/2010)

Mass.gov Social Media Guidance and Best Practices. Blogging Toolkit, Twitter Toolkit, and Legal Guidance Toolkit. http://www.mass.gov/itd/socialmedia (accessed 3/10/2010)

Representing EPA Online Using Social Media. http://yosemite.epa.gov/OEI/webguide.nsf/socialmedia/representing_epa_online (accessed 3/10/2010)

American Red Cross: Social Media Handbook for Local Red Cross Units. http://sites.google.com/site/wharman/social-media-strategy-handbook
(accessed 3/10/2010)

American Red Cross Online Communications Guidelines. http://sites.google.com/site/wharman/social-media-strategy-handbook
(accessed 3/10/2010)

IBM Social Computing Guidelines. http://www.ibm.com/blogs/zz/en/guidelines.html (accessed 3/10/2010)

Shift Communications: Top 10 Guidelines of Corporate Social Media Policy. http://www.shiftcomm.com/downloads/socialmediaguidelines.pdf (accessed 3/10/2010).


Endnotes

[1] For examples of social media policies see the Online Database of Social Media Policies: http://socialmediagovernance.com/policies.php

[2] See “Business Travelers Beware: Free Wi-Fi Scam Strikes at Airports” at http://www.bbb.org/us/article/business-travelers-beware-free-wi-fi-scam-strikes-at-airports-714