Read: Developing A Social Media Policy
While writing this post, I’m also following the oral arguments against the cybercrime law at the Supreme Court and reviewing my materials for tomorrow’s digital policy and cybercrime prevention session for a Japanese firm.
I was wondering how many entrepreneurs and HR practitioners from a non-ICT company are following the developments on “Republic act 10175 or the Cybercrime Act of 2012”? Are they aware of section 9 that stipulates corporate liability for cybercrime committed by an employee?
The purpose of this post is to create awareness of the need for an online philosophy and social medial policy to bring the online intelligence of both decision-makers and employees on the same page, and set up a mechanism that protects the company from both direct and indirect consequences of a rogue employee behavior, either online or offline.
The “Carabueno” Illustration
Though his behavior on the road has nothing to do with his internet behavior, after his video hitting an MMDA enforcer went viral, the cyber lynch dug his online profile and dragged his employer along the way.
The “Mai” Turning Point
One thing I liked about the present government is its ability to adapt and use social media as a productivity tool. But this is not without learning valuable lessons along the way. In one of PNoy’s official trips to, Vietnam to be specific, one of his USEC, a former speechwriter began tweeting personal observations to the point of insulting their host. Her online behavior seemed innocent but her action affected her boss and the PH government in general. This incident could have been avoided if social media posting guidelines were available.
The “Abusadong Professor” Saga- A Great Equaliser
Companies should take note that the advancement of technology and social media in a democratic space like the Philippines has encouraged citizen journalism. An employee can take a video of an abusive officer or a scenario that is potentially damaging to the company, and share it for the world to judge.
The Singapore Airlines Round-up
In 2010, Singapore Airlines reacted strongly against employee discussions about work conditions over Facebook. Employee rantings, when done on the social web, can damage the reputation of a company.
In a nutshell, below is a matrix of the risks and impacts of employee misuse of social media to a company.
Section 9 of Republic Act 10175 or the Cybercrime Prevention Act of 2012
The most important reason IMO, to have a digital policy in section 9 of the Cybercrime Prevention Act.
For example, if an employee
is sending mass email for marketing purposes (or spamming) which is illegal per section 4 (c) (3), or downloaded a piece of music or movie in a file-sharing site via your computer network, then the company is co-liable
Section 9. Corporate Liability. –
When any of the punishable acts herein defined are knowingly committed on behalf of or for the benefit of a juridical person, by a natural person acting either individually or as part of an organ of the juridical person, who has a leading position within, based on:
(a) power of representation of the juridical person provided the act committed falls within the scope of such authority;
(b) an authority to make decisions on behalf of the juridical person. Provided, That the act committed falls within the scope of such authority; or
(c) an authority to exercise control within the juridical person, the juridical person shall be held liable for a fine equivalent to at least double the fines imposable in Section 7 up to a maximum of Ten million pesos (P10,000,000).
If the commission of any of the punishable acts herein defined was made possible due to the lack of supervision or control by a natural person referred to and described in the preceding paragraph, for the benefit of that juridical person by a natural person acting under its authority, the juridical person shall be held liable for a fine equivalent to at least double the finds imposable in Section 7 up to a maximum of five million pesos (P5,000,000).
The liability imposed on the juridical person shall be without prejudice to the criminal liability of the natural person who has committed the offense.
To close this post, I would like to share the SMS conversation I have with a fellow consultant. He lamented that he cannot read the thread we had on Facebook because internet access is not allowed by his client. His situation is reflective of more or less 60% of organizations.
While internet access can be blocked in a company, Management should also realize it cannot block the 21st Century. A digital policy and cyber wellness program are needed to safeguard the organization.