Tag Archives: Policy

Top 36 Items to include in Government Social Media policies

Post by: Kim Stephens

Lea Shanley, (or @geodatapolicy on twitter) alerted me to an article entitled The Rules of Social Media Engagement. The author had a great list of the “top 25 best practices for drafting policies and guidelines”. The list is interesting, but it really applies more for folks in the business community. This prompted me, however, to think about a list for gov types and I consulted this blog’s bibliography for inspiration.

The article by Jana Hrdinova, et al:  Designing Social Media Policy for Government: Eight Essential Elements proved a great place to start. It was written May, 2010 by researchers at the Center for Technology in Government at the State University of New York. These researchers reviewed multiple government social media policies with the objective of answering the question: What are the core elements of  a government social media policy? They came up with eight: employee access, account management, acceptable use, employee conduct, acceptable content, security, legal issues, and citizen conduct (see their appendix for a great list of gov social media policies).

I’ve used these elements as framework and have expanded on each of them. What has resulted is the list below of about 36 items government agencies should include in their social media policy. I’m sure I’ve missed many, but I’ve linked to some great resources so you can add your own. Remember–you are not alone!

Employee Access

  1. Define which employees will officially represent your agency’s interests through social networks.
  2. Define authorization process for employees wishing to create an account.
  3. Define employees access for professional interests, even if not the “official voice”.
  4. Define whether or not employees can access social networking sites for personal use during business hours. (Some agencies do, in line with checking personal email accounts).
  5. Define when and how their personal use (even at home) intersects with your agency’s interest: Think OPSEC!
  6. Define disciplinary actions (which can include dismissal) based on legal precedent. (See Privacy, Safety and Security case-law from IACP center for social media.)

Account Management

  1. Define who will set up the social media accounts.
  2. Define procedure[s] for establishing an account.
  3. Define who will track those social media accounts and how (e.g. domain names, administrator names, names of all employees with access, etc.)
  4. Define who will close social media accounts (e.g. due to lack of public interests–“myspace”).

Acceptable Use and Employee Conduct:

  1. Define which acceptable use policies apply to social networking sites from already existing online communications policies (e.g. such as email). (Best example: See North Carolina‘s policy).
  2. Define what can and cannot be stated on social media platforms in an official capacity (e.g. political views).
  3. Define why and how employees should present themselves and your agency on social media platforms in an unofficial capacity. (Best example: Orange County California Participation Guidelines).
  4. Define how conduct reflects upon employees. Good policy example from Indiana State Police: “Don’t say or do anything you wouldn’t be proud to have your mother see or hear.”
  5. Define disciplinary actions if inappropriate usage occurs. (See also Orange County California  Policy Compendium.)

See this article: “Police Lesson: Social Network Tools Have 2 Edges.” For an example of why social media policies need to be clear and why employees need to have training on those policies.

Acceptable Content

  1. Define purpose and scope of presence on social media platforms. (See Model Policy by IACP).
  2. Determine which office or individual will be the “gatekeeper” regarding what is acceptable and what is not. (Most use Public Affairs Office for this role.)
  3. Clearly state how communications will reflect upon your government agency.
  4. Define what can and cannot be shared (e.g. confidential info):
  5. Define when it’s appropriate for employees to post an opinion (see US Air Force’s handy chart for an example).
  6. Define disciplinary action if inappropriate content is posted.

Security: (best resource: DOD Social Media Hub)

  1. Define who will hold usernames and passwords for social media accounts.
  2. Provide information on what constitutes personally identifiable information.
  3. Define and provide training on how employees can establish privacy settings on social media platforms.
  4. Define who will be responsible for overall security to include developing and delivering training (most often occurs in IT department).
  5. Define geo-tagging and appropriate usage.
  6. Provide awareness and protections against phishing scams and viruses.
  7. Describe and define what will happen if a security breach does occur.

Legal Issues.

  1. Define what and how public records law’s and freedom of information act applies to usage.
  2. Define who (or what office) will be responsible for maintaining records. (great example: State of California).
  3. Define and write disclaimers to be used on all content regarding laws that apply to usage.
  4. Define how freedom of speech/1st amendment rights apply to content.
  5. Define applicable privacy laws for dealing with information from the public.
  6. Define and address user accessibility rights.
  7. Define Terms of Service or Terms and Conditions outlined by the third-party platforms. Be sure to include new government exemptions and policies. (e.g. those negotiated with facebook by the National Association of State Chief Information Officers).

Citizen conduct.

  1. Outline expectations of citizen conduct.
  2. Write and post comment policy including when comments will be removed.
  3. State what will happen with removed content (e.g. records retention).

Related Articles

Here’s what I learned at the SMEM camp: March, 2011.

Post by Kim Stephens,

The SMEM community chats on Fridays at 12:30EST, we share daily on the SMEM hashtag articles and info,  but this week marked the first time this community came together, in person, in the style of a crisis “camp”.  I was describing how the camp came to be to one of the participants and I kept using the word “we” and “us”.   “We” organized the breakouts; some of “us” approached NEMA to allow for the day in conjuction with their National Conference; “we” will be organzing other similar events. A particpant stopped me and said: “Who is WE?” So, if you are wondering the same thing, here’s how “we” have defined ourselves on the CrisisCommons wiki page:

SMEM is an open community with participants from federal, state and local crisis management entities and those who support domestic incident response systems including private sector, non-government organizations (NGO), technology volunteer communities and individuals.
In November 2010 a group of people coalesced around this idea, established the #SMEM hashtag and a theme “bridging Social Media and Emergency Management”.#SMEM seeks to build a common understanding and “experience exchange” to support the use and inclusion of social media, public data and technology innovation to support mission objectives of emergency management to prepare for, respond to, recover from and mitigate against disasters.

Why does this group feel compelled to volunteer their time, effort and often personal expense (particularly when traveling this week) in order to advance this agenda? I think this one tweet might say it all. If 500,00 people are going to social media platforms in a crisis in the first 24 hours, we, as the emergency managment community need to be prepared to comunicate in that medium.

So what did this meeting accomplish? The stated goal was simply: “To discuss social media and new technology’s integration into the disaster continuum, in public, private and non-governmental organizations; to examine issues, opportunities, and challenges surrounding this new form of communications; and to lay the foundation for the development of solutions to questions and concerns raised by the emergency management community.”

Lea Shanley and I were responsible for the session on policy, “Perceived barriers and proposed solutions”. I think we really addressed the latter part of that objective “questions and concerns”.  The thing I found the most fascinating was how limiting these barriers really can be. One local government representative told our break-out group that they engage in social media at all times–expect during a crisis. Here’s how she described it: “Let’s say, we tell people they should evacuate because we heard through social media channels that a fire had shifted and was now headed in their direction. But then, the fire shifts while they are evacuating and now they are in harms way. We could be liable for giving them wrong information.” So instead of having to worry about how to monitor social media and how to put out timely information, they shut it off altogether. That was very interesting and a little depressing, frankly, to hear.

The other impression I got from some of the attendees in my session was that for some organizations, it’s just too hard. They described the barriers as too high. These barriers include: how to protect personal privacy data; how to archive the information; how to keep the public from using it as a 911 system; how to keep out the trolls that add horrible information to your page–e.g. they are uncomfortable with the “social” aspect altogether; how to treat the information as a record; how do we write all of these policies with limted staff/resources. I think the overarching theme could be summarized as follows: How do we keep from getting sued? However, despite these seemingly impassable obstacles, we  were able to walk away with a sense that amongst all of this anxiety, there is opportunity.

3 Opporunities to move past these perceived barriers:

1. Engage senior leaders to discuss benefits of social media as another means of communication. If an organization’s senior leaders, to include the political leadership, can understand the importance of engaging the community through these social platforms, then and only then, will they be willing to put effort into overcoming these barriers. Furthermore, by taking the mystique out of the medium, senior leaders might better understand why it’s important (e.g. people kept referring to how these barriers had to be overcome when email was introduced). The folks in attendance did think that overall, it can be demonstrated that the pros of social media do outweigh the cons.

2. Demonstrate value through examples in other cities, counties and states and get a mentor to help you through the process. Best practice examples are always a great way to demonstrate value, but I think Shayne Adamski from FEMA, made a great suggestion in his final summary at the end of the day. He said, find a mentor from another city to guide you. The camp was the first step in that mentoring process, but more people can actively search out mentors from the SMEM hashtag. There’s always comfort in knowing that someone else is doing this, and learning from their experiences.

3. Find example policies and guidelines. Regarding policies in particular, there are many policies that have been written by other EM agencies (local or state). These can be used as a starting point in order to reduce the amount of effort an Agency’s legal team would need to devote to development. Many resources already exist, and attendess of the camp, now know where to find that information. I’ll list a few resources here: sm4em.org, my bibliography, and IACP Center for Social Media.

On a personal note, I have worked with the people on the SMEM tag since last November, and I knew how devoted and dedicated these people were already. But, having the pleasure to meet them in person was an amazing experience. This is most professional and committed group of people I have ever been associated with-ever.

Is content generated on a social media platform a government record?

Logo of the United States National Archives (t...

Image via Wikipedia

Post by: Kim Stephens

I have gotten comments on this blog from citizens engaged in social media who are very disappointed about local government’s inability to “jump in the social media pool.”  These technologies are very simple to use, 13 year olds are proficient, so why not?  Of course, the government is not a private citizen and is required to follow some very onerous rules and regulations. I’d like to address two questions in particular that give some local governments pause: (1.) Does content generated on a social media platform constitute a government record? and (2.) Does citizen-posted content constitute freedom of speech?

At the Federal level, the National Archives and Records Administration released a bulletin on Oct. 20 that addresses records management for content generated on social media platforms. Although this is a Federal document, quite a few states have similar requirements. In order to determine if content is a record, and therefore needs to be maintained, NARA encourages Agencies and Departments to ask themselves these “non-exhaustive” questions:

  • Is the information unique and not available anywhere else?
  • Does it contain evidence of an agency’s policies, business, mission, etc.?
  • Is this tool being used in relation to the agency’s work?
  • Is use of the tool authorized by the agency?
  • Is there a business need for the information?

The bulletin states: “As agency records officers and social media managers consider what web 2.0 content will be record material, they should identify which components or features of the content should be included….Even if agencies determine the content is not a Federal record, they still have management responsibilities for non-record content. For more information on how to manage non-record content, see 36 CFR 1222.14 and 1222.16.”   The bulletin also states that all Federal agencies must include records management guidance in their social media policies and procedures.

In looking at local government policies, I highly recommend Orange County California’s website which has one of the most comprehensive list of local policies I’ve seen regarding the use of social media and the web in general. With regard to record’s management they have a simple statement which defers to the State law: “Agency/Department use of social media shall be documented and maintained in an easily accessible format that tracks account information and preserves items that may be considered a record subject to disclosure under the California’s Public Records Act or required to be retained pursuant to the Government Code.”

The Orange County document also addresses the other question I mentioned: Does citizen posted content constitute freedom of speech? Their answer is no…. “It is not intended to use social media sites in a way that guarantees the right to protected free speech (emphasis added). Each agency/department is responsible for monitoring postings, and taking appropriate action when necessary, to protect general site visitors from inappropriate or technically harmful information and links.”

  • Sites that allow public comment shall inform visitors of the intended purpose of the site and provide a clear statement of the discussion topic introduced for public comment so that the public is aware of the limited nature of the discussion and that inappropriate posts are subject to removal, including but not limited to the following types of postings regardless of format (text, video, images, links, documents, etc.):
  • comments not topically related;
  • profane language or content
  • content that promotes, fosters or perpetuates discrimination on the basis of race, creed, color, age, religion, gender, marital status, status with regards to public assistance, national origin, physical or mental disability or sexual orientation;
  • sexual content or links to sexual content;
  • solicitations of commerce;
  • conduct or encouragement of illegal activity;
  • information that may tend to compromise the safety or security of the public or public systems;
  • content that violates a legal ownership interest of any other party.

I’m sure there are other issues that serve to discourage local governments from engaging the public through social media platforms. If you have an example of a perceived problem, please post your comment. But in general, looking to other states or agencies that have written fairly comprehensive policies is a good place for any locality to start. I’m also sure there are lawyers in your state or locality who will want to weigh in…

Social Media and Web 2.0 Standard Operating Procedures: Guidance Material

Since the use of social media and or Web 2.0 (we really need a better lexicon here) is so new, some organizations might not yet have standard operating procedures developed regarding either implementation or overall strategy. Some of those procedures may include: workflow, managing comments, managing content,  statements of purpose, measures of success/metrics, or even which new media to engage in.

However, if you are responsible for implementing new media and not sure where to start, I recommend the blog Social Media Governance which has put together a wonderful database of social or new media policies (currently 154 total). The list includes government/non-profit policies from the American Red Cross to Walker Art Center; but the list also includes policies from businesses, the healthcare industry, as well general guidelines and templates. You can search for a policy related to your industry with the handy pull-down menu.

There are even policies from international agencies, for example there is a handy Social Media 101 guide from Australia. And although some of the information would not apply in the U.S. (e.g. government codes of conduct) there are a number of helpful tips that are universal.

The General Service Administration’s Social Media Handbook can also be found there and is quite useful, however, local governments might find information from “The County of Orange, California” more applicable.

Most policies will deal with pushing information, if you know of any organization that has policies regarding receiving info from the public through social media, please let me know.

I also want to highlight the recent GAO Report: Challenges in Federal Agencies’ Use of Web 2.0 Technologies, July 22, 2010. The report summary:

Federal agencies are using Web 2.0 technologies to enhance services and support their individual missions. Federal Web managers use these applications to connect to people in new ways. As of July 2010, we identified that 22 of 24 major federal agencies had a presence on Facebook, Twitter, and YouTube.

They then list the challenges federal agencies have faced regarding use of Web 2.0 technologies:

Privacy and security:

Agencies are faced with the challenges of determining how the Privacy Act of 1974, which provides certain protections to personally identifiable information, applies to information exchanged in the use of Web 2.0 technologies, such as social networking sites. …

Records management and freedom of information.

Web 2.0 technologies raise issues in the government’s ability to identify and preserve federal records.

The use of Web 2.0 technologies can also present challenges in appropriately responding to Freedom of Information Act (FOIA) requests because there are significant complexities in determining whether agencies control Web 2.0-generated content, as understood within the context of FOIA.

Federal agencies have begun to identify some of the issues associated with Web 2.0 technologies and have taken steps to start addressing them. For example, the Office of Management and Budget recently issued guidance intended to (1) clarify when and how the Paperwork Reduction Act of 1995 applies to federal agency use of social media and Web-based interactive technologies; and (2) help federal agencies protect privacy when using third- party Web sites and applications.

Of course this was written for the federal government, however, some of the information is probably applicable to states and localities.

Related Articles