The policy is one of the foundations of an effective governance framework. I talked about policies generally in a recent
blog post and will be doing two sessions on social media policies at the
AIIM Social Business Virtual Event on September 8. Today I'd like to dive a bit deeper into Twitter and why you might need a Twitter policy - or not.
That last point first. It's generally not a good practice to have a policy for Twitter, another for Facebook, etc. for a couple of reasons - there are far too many services out there, with new ones coming up all the time, and many of the basic elements will be identical across all the services. The better approach is to have a unified communications, or Internet, or social media policy that is generally applicable across platforms. Where there are specific issues, those could be addressed as appendices, as separate policies, or as part of more detailed guidelines.
The first issue that is unique to Twitter is the idea of endorsement. Since Twitter has an asymmetrical contact model - that is, I can follow you without your following me back - the mere act of following someone carries a bit more weight than it would on, say, LinkedIn. Twitter also has a feature called "Favorite" which lets you bookmark a Tweet. This pretty clearly appears as an endorsement; however, many people use Favorite as a way to bookmark a Tweet, typically with a link, to return to later. And reTweets (RTs) are perceived as endorsement as well. The policy should address the notion of endorsement and may include a statement denying such endorsement for these types of acts.
Direct messages (DMs) allow Twitter to function as a sort of email service - the DMs are private and not part of the public timeline. This can cause problems for two reasons. First, they could circumvent measures to capture content for regulatory reasons. Second, and more importantly, many users think that because DMs are private they cannot be made public. DMs can be cut & pasted just like any other type of content. The policy should address acceptable usage and transparency for direct messages.
Finally, Twitter and many services like it allow other services to use it as an authentication mechanism. On the surface this is great because users no longer have to create new accounts on each new service, remember new usernames and passwords, etc. It also makes it easier to be a latecomer to a service because there can be more than one "Smith Goods Inc." on the service. However, users aren't always as careful as they should be with their account security, and if your Twitter account is compromised it means someone can send all manner of content through it, harming your reputation, your organization's reputation, and even causing legal issues. It could also be used to direct people to a malware-laden site, and they will be more likely to click the link because it appears to have come from a trusted source. The policy should identify security as an issue and be supported with guidelines on what types of services are appropriate to connect to (if any).
There are other Twitter-unique issues to address in the policy; to find out what they are and how to address them, come to the
AIIM Social Business Virtual Event on September 8.