Associate
It's not that simple though, because it's 2019 and not posting stuff on social media is no longer a choice
Work icebreaker activity
- Thread starter Bassmansam
- Start date
It's not that simple though, because it's 2019 and not posting stuff on social media is no longer a choice
![[FnG]magnolia](/styles/overclockers/avatars/9.png){kind=avatar}
Caporegime
The only icebreaker I'm interested in is car keys in a bowl on the coffee table.
AMIRITE LADS?
AMIRITE LADS?
Deleted member 66701
D
Deleted member 66701
Fixed
Soldato
No, because my old Twitter account would have gone me fired in a heartbeat, so no-one that I’ve ever worked for or with has known who I am online.
Soldato
It was only information available to his boss, other colleagues he may not want to see such a picture which could be for any reason. 9 times out of 10 people aren't going to care but GDPR etc is there to protect those edge cases.
Something as simple as a person's child being in a photo that was intended only for friends to see and was restricted from sharing but that child was at risk from an estranged parent who may have maltiious reasons to track them down. Someone may identify and inform someone and it could have been preventable. Sensibly in that situation you just wouldn't put the child in the public domain full stop but it's the simplest example off the top of my head.
The HR expect sat next to me basically says they would have to take a complaint seriously if someone had one in this situation and advise against such things. It's a bit dodgy in a work environment. But you get people doing this for people retiring and leaving a workplace as a bit of a presentation and a laugh without issue, but you sort of expect that.
Something as simple as a person's child being in a photo that was intended only for friends to see and was restricted from sharing but that child was at risk from an estranged parent who may have maltiious reasons to track them down. Someone may identify and inform someone and it could have been preventable. Sensibly in that situation you just wouldn't put the child in the public domain full stop but it's the simplest example off the top of my head.
The HR expect sat next to me basically says they would have to take a complaint seriously if someone had one in this situation and advise against such things. It's a bit dodgy in a work environment. But you get people doing this for people retiring and leaving a workplace as a bit of a presentation and a laugh without issue, but you sort of expect that.
So are we.
No it is not. If I for whatever give you a copy or access to my photos, it doesn't suddenly become public domain.
That is why privacy settings exist on sites like facebook.
Yes it is, it is literally how Facebook works - this is part of the basic functionality of the site, it is moot though as apparently it isn't the profile picture that was used.
I didn't say anything about becoming public domain, the privacy setting don't affect the profile picture - the profile picture is always public - that was what I commented on.
Well, you'd be wrong.
It's very simple, if the OP reports the manager, they would be in trouble in any large company.
Even information and photos the company gained legitimately on employees are subject to fairly strict GDPR rules. Nevermind information only provided to someone in a private capacity outside of work (and has nothing to do with work).
If the ice breaker for example was done in a presentation, or saved anywhere that will be personal data subject to GDPR. A subject access request for example should be able to identify that information and the company must be able to demonstrate a legitimate reason for holding that data.
I have tried looking it up and all I can see are articles relating to marketing, nothing about internal use by teams within companies.
I was more wondering do people have to give their social media information when they get a job these days? I've heard some companies ask for it. I wondered if the OP's company did and then used that information in the work ice breaker?
GDPR defines what personal data is and what is lawful collection of that data and then what is lawful use of that data.
https://gdpr.eu/article-6-how-to-process-personal-data-legally/
https://gdpr.eu/article-7-how-to-get-consent-to-collect-personal-data/
Then there is a whole block on the rights of a data subject.
A lot of this isn't actually new and was covered by the Data Protection Act.
edit:
Here is for example how Facebook comply. What is the OP's employers rationale?
Last edited:
I think that it is a little more nuanced than you are suggesting though.
https://ico.org.uk/for-organisation...t-is-personal-data/what-is-personal-data/#pd1
If the photos are freely available on the internet, you haven't provided them as part of any sort of business ongoing with them, so the company doesn't have any duty of care regarding said "data".
I think the distinction will come down to whether or not you provided your social media information (the above link does refer to social media handles) as part of the application process for the role ie. in an official capacity. If you didn't provide it and they just found it or if you just shared it socially (not as part of any company process) it then it doesn't appear to be covered under GDPR. If you provided the social media information as part of an official process and they misused it then it may be covered under GDPR.
So in theory if someone off their own back went on Facebook and found the person's photos and they were not hidden behind any privacy settings then I don't think it would be covered by GDPR because Facebook provided the photos not the company.
The manager and the company are one and the same. The manager is an agent of the company. A company cannot do this and expect GDPR not to cover it.
Companies can farm publicly available data if they want, but it is subject to GDPR, although the consent side is slightly different. There still needs to be a lawful use of that data (six categories available in article 6). The closest the manager could argue would be a "legitimate interest" for the company to collect and use that information (article 6 1.f).
https://gdpr.eu/article-6-how-to-process-personal-data-legally/
https://gdpr.eu/Recital-47-Overriding-legitimate-interest/
That would be really difficult to argue in my opinion.
In this case, this isn't public data anyway but information only available to the manager in a private capacity. So the consent side of this blows everything away anyway.
Man of Honour
Sounds like the manager wasn't clued up on GDPR, which means the business is fully liable for not passing down the necessary information to train its workforce. I deal with GDPR in my line of work and my current workplace has rolled out various education and training materials via eLearning that all colleagues have to complete which is then logged. Also the manager doesn't sound like a good manager in the first place. If that's the kind of "ice breaker" they come up with then they're not fit for that role and need better experience and/or training.
I have done a bit more digging and it appears that you are correct, GDPR is much broader than one would expect.
Permabanned
Unless it was for a disciplinary purpose (as others have noted) there seem no obvious grounds for violating T & D (training and dev) principles of:
1. No forced disclosure
2. Not provoking, providing or stimulating unsolicited feedback
3. Role isolation being restricted to the learning task
At least that is how Australian university trained professional training designers and group facilitators are taught by the country's leading experts. The known consequences of the alternative are distrust.
1. No forced disclosure
2. Not provoking, providing or stimulating unsolicited feedback
3. Role isolation being restricted to the learning task
At least that is how Australian university trained professional training designers and group facilitators are taught by the country's leading experts. The known consequences of the alternative are distrust.
Last edited:
Soldato
Love my job, but ******* detest 99.9% of the cretins I'm forced to work with.
Have to say I'd consider it a bit off if someone at work did something like that without at least asking permission before hand (even though I don't publish anything to social media I'd be worried about being public) - we have fairly strict policies what can and can't be done work wise with people's social media for instance contacting someone via social media over a work matter is frowned on unless it is an emergency or a simple update rather than a conversation and taking photos from an employee's social media for work use without first getting permission i.e. even for stuff like work Christmas dos or pub runs would raise eyebrows.