January 29, 2024 by Bojana Krstic

Social Media Ediscovery — Employee Misconduct Investigation

Did you know that 52% of employees witnessed harassment or illegal activities at work, with most of it happening over email, social media, or chat apps?

This means that more evidence that companies need to provide to prove or disprove a case will be from these digital channels.

In this article, we’ll give a comprehensive guide on how to use social media evidence in workplace disputes.

Here’s what we’ll cover:

  • What is employee misconduct.
  • What is employee misconduct on social media.
  • How to conduct employee misconduct investigation.
  • How social media ediscovery helps with investigations.
  • Problems with internal HR ediscovery.
  • How archiving and ediscovery software solves the problem.

What Is Employee Misconduct?

Employee misconduct is any act of inappropriate, unethical, or illegal behavior done by an employee, directed against the employer or fellow employees.

Certain instances of misconduct are considered criminal offenses and should be dealt with internally. More serious offenses like fraud, discrimination, or sexual harassment are labeled “gross misconduct” and usually lead to legal action.

Let’s look into the different types of employee misconduct that can occur on socials.

Types of employee misconduct

Social media platforms are diverse and there are many actions you can perform like messaging, commenting, posting, editing or deleting comments and posts. Rogue employees can use them in different ways.

Depending on their intent, employees fall into these two categories:

  • A malicious insider — A person who acts maliciously with intent. Someone who has access to sensitive information (IT staff member, exec, sales admin…) and uses this data for their own benefit or for harming the business. Imagine a Sales Rep who deliberately scrapes customer and prospect information and shares it with a competitor.
  • A non-malicious insider — A person who unintentionally violates data protection and compliance policy. For example, an employee, without any ill intent, might share a post on their personal social media account that includes a photo taken at their workplace. The photo contains sensitive information on the computer screen that’s in the background.

Of course, malicious misconduct is more problematic, but non-malicious employee misconduct cases are much more common and can also be very dangerous.

According to Harvard Business Review, insider threats account for 39% of all data breaches. The actions of someone inside the company can make your business vulnerable, damage your company’s reputation and cost you millions of dollars.

Consequences of employee misconduct

Employee misconduct is a significant threat to a business’s ability to comply with relevant laws and regulations.

Your business is responsible for the actions of your employees and their mistakes or misconduct can affect you if you don’t know how to handle them.

Just some of the consequences of employee misconduct are:

  • Legal consequences — Fraud, discrimination, or harassment can lead to legal cases being filed against you.
  • Financial implications — Stolen data, illegal actions, or non-compliance can lead to huge fines and loss of many business partnerships.
  • Reputation damage — Just one serious case of employee harassment or illegal activity can severely damage the public reception of your business.
  • Operational disruption — Deep investigations into employee misconduct take time, and resources, and can easily stop your business from performing for long periods.

And these are just a few of the damages to your business and the most surprising part is that social media is a huge outlier when it comes to employee misconduct.

Employee Misconduct on Social Media

While employee misconduct can happen anywhere in the workplace, it’s mostly prevalent in the digital world of business communication.

Email is still the most used form of business communication, however, social media gives people much more freedom to communicate and write what they want.

This is a huge concern when it comes to keeping your employees in check and your business compliant and away from lawsuits.

Social media has many actions to keep track of, comments, posts, and messages… and all of them can be used maliciously.

Some of the most common social media risks and employee misconduct are:

  • Discriminatory language — Posting racially, sexually, or crude comments on other people’s posts.
  • Cyberbullying — Harassing colleagues by leaving negative comments on their profiles.
  • Inappropriate photos — Posting explicit photos from work-related events.
  • Unwanted messages — Sending colleagues inappropriate direct messages.
  • Misrepresenting the company — Falsely claiming to be a colleague and providing inaccurate information.
  • Breach of confidentiality — Sharing business-critical information on social media.

All of these actions can be taken from an employee’s social media or in some cases the company’s official social media profile which can bring bad publicity.

When these sorts of misconducts happen your first action should be to minimize their effects and get to the bottom of what happened and who is at fault.

Employee Misconduct Investigation

Employee misconduct investigation is the process of investigating an employee’s actions that might have led to misconduct.

It’s an important part of finding out what a suspected employee did and what the reparations will be for them and your business.

If an employee and their actions are dismissed after misconduct without an investigation, you might be missing crucial evidence that can turn out to be valuable in a potential legal case.

In the past, employee misconduct investigations were much easier, as most actions were done physically. Today, businesses are turning to ediscovery.

Social Media Ediscovery and Employee Misconduct Investigation

HR and legal departments all over the world use social media ediscovery to help them identify employee misconduct.

Social media ediscovery tools allow your business to search through vast amounts of data and find what you are looking for on different social media channels.

This makes it much easier to locate the exact message, post, or comment that an employee might have posted and breached your company’s policy.

However, the process is not without issues.

Problems with internal HR ediscovery

Employee misconduct investigations require HR, legal, and IT teams to work together.

You need to look at an employee’s social media communications to define the pieces relevant to the misconduct and legal case.

But there are 4 main issues that complicate social media ediscovery:

  • Social media is unstructured data which appears in various forms and platforms scattered across your business.
  • The data can be altered, deleted, or impossible to locate if it was previously deleted from your archive per the established retention policy.
  • The data doesn’t provide all the necessary information for a case.
  • Once found, the data is unusable because you can’t prove it hasn’t been tampered with (especially images and screenshots).

All of these reasons make your HR’s job difficult. Luckily, modern ediscovery and archiving solutions are built to make social media ediscovery as easy as possible while allowing you to comply and provide evidence.

How Social Media Archiving Solutions Help Your Misconduct Investigation

Social media archiving solutions are multi-purpose software solutions that let you automate the capture and retention of all social media data. They also allow you to search through the archived data to find sources of misconduct.

In short, they are both archives and social media ediscovery tools — catch-all, tamper-proof solutions that store every single message that goes in and out of the organization in near-real time.

Without archiving software, going through employees’ communication manually would take months and cost thousands of dollars.

Modern social media archiving and ediscovery solutions are equipped to solve all four of the problems of social media misconduct investigations.

Centralized data repository

Each social media platform has some kind of an internal archive.

The problem with those is that they are not designed with comprehensive compliance and legal discovery needs in mind.

You can’t perform complex queries or filter by date ranges, keywords, or user interactions. You can’t capture deleted posts, metadata, or private messages, which can be crucial in legal or compliance scenarios. Exporting such archives in formats that are admissible in court is also not possible. Plus, it can be difficult to prove the integrity and authenticity of the data.

And if your organization uses multiple social media platforms like Facebook, Twitter, Instagram, or LinkedIn, you would end up with separate archives for each.

Third-party social media archiving solutions capture all data from all your platforms and store them in one place.

Solutions like Jatheon also let you combine your email, SMS, Zoom, and social media archives and let you search them all from a single interface.

This gives you easy access to all of your data and a way to search through everything in one place, saving time and costs.

Advanced search capabilities

The core part of social media ediscovery is searching for evidence of employee misconduct and taking advantage of archived data.

Social media ediscovery tools come equipped with advanced search capabilities that give you many different ways to look for critical information.

Search features like:

  • Boolean search — Combine keywords with AND, OR, and NOT operators.
  • Wildcard and proximity operators — Search the archive with partial terms.
  • Fuzzy searches — Accommodate your search for spelling errors.
  • Keyword search — Look for specific terms with a dataset.

Allow you to go through thousands of social media posts, messages, and comments and locate the origin and content of misconduct that you can use as evidence.

Jatheon Cloud Search by Chat Name

Once found, this evidence can be put on legal hold and made sure to be viable for a legal case.

Jatheon Cloud Apply Tags

Social media ESI and metadata

Under the Federal Rules of Civil Procedure, electronically stored information (ESI) includes a wide range of data types stored in any medium.

This means that the scope of social media data is quite broad and requires you to store many types of data as well as appropriate metadata.

This metadata includes the dates when the posts or comments were made, who social media messages were sent to or received from all the conversations, comments, or locations.

Among all the data social media archiving solutions collect, they are also equipped to capture all relevant metadata in its original format.

This gives you even more evidence and a clear timeline of misconduct, and you can be sure that all the necessary data is there if it comes to court.

Proof of data integrity

Some social media records (like images) can be manipulated or changed. This is why most such evidence doesn’t hold up in court.

However, modern social media archiving and ediscovery solutions keep two copies of all social media data.

The first copy is made when the data is stored and is compared with the data in the archive which gives us proof that the data was tampered with.

Proving the found data is valid with an integrity check gives you indisputable evidence in court that the misconduct evidence wasn’t fabricated on your end.

Related: Social Media Archiving Tools Comparison


Employees need to be aware that their actions on social media like sharing business secrets, inappropriate posts/comments, and harassment have consequences.

Social media ediscovery solutions are amazing tools for your business to identify incidents of misconduct and act on them to keep employees safe and the whole business compliant.

However, businesses also need to make sure they:

  • Preach corporate accountability
  • Communicate what constitutes social media misconduct clearly
  • Create and implement a social media policy
  • Insist that staff read the employee handbook and confidentiality agreements
  • Notify employees that their online landscape is being monitored and archived

Pairing these actions with a social media ediscovery solution is the best way to enjoy all the benefits of having social media in your business while keeping everyone safe.

Solve all of your email archiving and ediscovery needs with Jatheon’s cloud archiving solution built for businesses of all sizes. Stay compliant, speed up your ediscovery, and retain all of your business data in one easy-to-use solution.


Read Next:

Legal Hold Explained – The Critical Part of Email Archiving

How to Prepare for eDiscovery with Email Archiving

Ediscovery and Email Archiving: Is Your Organization Ready?



What are the challenges of social media investigations?

The volume of social media content complicates extracting useful insights. Plus, widespread misinformation adds challenges to open-source investigations.

What is the process of misconduct investigation?

The employee misconduct investigation process includes preliminary assessment, planning, collecting and assessing evidence, decision and action. If misconduct is confirmed, appropriate action is taken, which may include disciplinary measures, policy changes, or other corrective steps.

Who can be held liable for an employee’s harassing social media postings?

Liability for an employee’s harassing social media posts depends on several factors ( the context of the posts, the employment relationship). In most cases, the employee themselves are liable, but if the harassing posts were made during work hours, using company resources, if the posts are related to their job, or if they were harassing a coworker, then the employer can be vicariously liable.

What constitutes employee misconduct on social media?

Employee misconduct on social media can include actions that violate company policies, are detrimental to the company’s image, or breach confidentiality agreements. Examples include sharing sensitive company information, posting discriminatory or harassing content, or engaging in activities that conflict with the organization’s values and ethics.

How can an employer legally monitor an employee’s social media activity?

Employers must respect employee privacy right, although there may be a need to monitor social media for misconduct. It’s legal to review publicly available social media content. The monitoring should also comply with relevant laws and regulations, as well as privacy laws. It’s best to establish clear social media policies and ensure employees are aware of them.

What steps should be taken when investigating suspected misconduct on social media?

When investigating misconduct, it’s important to document the misconduct in a defensible format, involve legal or HR departments to ensure compliance with laws and company policy, and take appropriate disciplinary action if necessary.

Can an employee be disciplined for social media activity outside of work hours?

Yes, an employee can be disciplined for social media activities outside of work hours if these activities breach company policies, negatively impact the company’s reputation, or break laws.

How can companies prevent social media misconduct?

Companies should establish social media policies that outline acceptable and unacceptable behaviors, provide regular training on confidentiality and respect, and encourage a positive company culture that reflects the values and behaviors expected on social media.

About the Author
Bojana Krstic
Bojana Krstic is the Head of Content and SEO at Jatheon and an experienced writer on topics like data archiving, ediscovery, and compliance. When AFK, you’ll find her hiking, discovering new music, or road-tripping.

See how data archiving can simplify compliance and ediscovery for your organization

Book a short demo to see all the key features in action and get more information.

Get a Demo

Jatheon is a “Trail Blazer” in The Radicati Group’s 2024 Information Archiving MQ

Share via
Copy link
Powered by Social Snap