Employers struggle with the challenges of social media platforms that allow employees to post information, complaints, and even disclose confidential company information on an anonymous basis. Often, the information is false or misleading – but employers usually find little recourse, as we’ve discussed in a previous post, Employee Warning – GlassDoor Posts May Not Always Be Anonymous (in which we discuss the rare case where the employer triumphs). This week, CNN Money reported on another new app, “Blind,” for employees to make these anonymous postings.

The app has various message boards. Employees who have “verified” work emails can write anonymously on company-specific message boards, if there are more than 30 registered users with that company email. These message boards are private to individuals within that company. Users can also access app-wide threads that are “public”—meaning, that anyone who signs up for the app can view the threads. The topics range from workplace harassment and #MeToo, to compensation, to career advice, to work visas, to even a section called “relationships.” (One of the “relationship” posts posed the question of whether sending flowers to a co-worker would be appropriate for Valentine’s Day. No, I am not making this up.)

Because anyone in the company can sign up, it is possible that supervisors and managers could access company-specific message boards to see what company employees are posting. Companies can also monitor the public boards. However, companies need to make sure that they are careful in reacting to employee discussions about the terms and conditions of employment (like the harassment, compensation, and work visa threads referenced above), because those are likely protected by the National Labor Relations Act – even for non-unionized employees, and no matter how offensive the employer finds the discussion.

But what if the employer sees false or malicious information – or even worse, trade secrets (!!!) – posted? Well, all is not entirely lost! I found an interesting wrinkle to the supposed anonymity of the user. Interestingly, the app requires employees to use their work email address to sign up. According to Blind, the work email address is needed because it is the only “fool-proof” way to verify employment, prevent multiple users/devices, and allow the removal of “flagged” users (individuals using the app inappropriately) or users who have left their jobs.  The app claims that user information is anonymous, even to the administrators of the app itself.

In the interests of research (really!), I signed up for the app. Blind sent me two emails to my work email address to verify that email address before allowing me to create an anonymous profile.

Most employers have IT policies that make it clear that company email is the property of the company, and that it is not private and will be subject to monitoring.  With the proper IT policy in place, a company could set up a search mechanism that flags the receipt of the authentication emails from Blind and then stores the information about who within the company signs up for the app. While posting may be anonymous, if a specific trade secret or confidential information is divulged, the company could look at the list of employees it knows has the app and cross-reference it against those employees in the company that could have such knowledge. This gives the employer a tremendous leg up in any internal investigation.

Any investigation, of course, will be subject to state law restrictions.  Many states have passed laws that prohibit employers from asking for an employee’s user name and password for private social media accounts, like Blind. However, many of these laws also include exceptions for employer investigations into employment-related misconduct, such as when trade secrets are posted on social media accounts. And there are those rare occasions, as we previously mentioned, where courts may even order the disclosure of user identities.

So Blind is maybe not so blind after all…