The internet has been life-transforming. Recent advances in technology have opened up further channels of communication via chat rooms, blogs and social networking sites. In fact, our social lives have been so dramatically transformed that we hardly need to move from the comfort of our own homes to connect with our friends. However, most of us still have to step outside our front doors to go to work and earn a living. It is increasingly obvious that making our private lives very public over the internet can be problematic for both employees and employers in the workplace.

Research conducted at the beginning of this year estimated that there were some 60 million people worldwide registered with the social networking site, Facebook, with a further two million joining every week. With seven million of those users coming from the United Kingdom, there is a high chance that the statistic will include several of your employees who may, it is said, spend three or more hours a week on social networking sites during work time. If you haven't yet considered the effect of this on your business, then now would be a good time.

Firstly, a workforce that spends time uploading photos onto MySpace or chatting with friends on Bebo between the hours of 9 am and 5 pm is not a productive workforce. Many hours of work time can be lost to these semi-addictive pastimes. The threats to a company's network security and the possibility of infiltration of viruses are also unlimited as a result of employees accessing social networking sites from their work computers, risking already overstretched IT resources.

Secondly, blogs create an open forum in which anyone can post their opinions or air their grievances. There is enormous potential for bloggers and, in particular, networking groups that comprise disgruntled current or former employees, to intentionally or unintentionally cause damage to the reputation of their Employer or clients through disclosure of confidential information, trade secrets, or employees' personal data. This may go so far as to make you liable for their actions in connection with anything from defamation to copyright.

Your liabilities may not end there. Our anti-discrimination laws also allow for employers to be held liable for the actions of their employees in respect of discriminatory conduct carried out in the course of their employment, even if it is done without their knowledge or consent. It is anticipated that, in this context, Employment Tribunals will interpret "in the course of their employment" widely so that derogatory or offensive comments about fellow workers made in blogs may be included even if the blog were written outside of work time or on an employee's personal computer. Unless you can prove that you took all reasonable steps to prevent the conduct in question, you could be held liable in claims of discrimination or harassment subsequently brought in the Employment Tribunal. The same may also apply to claims for constructive dismissal brought by employees who have been the subjects of offensive comments in their colleagues' blogs.

While the threat of such liability may loom large and seem impossible to control, there are some relatively simple steps you can take to safeguard your business against the risks. As a priority, you may wish to deny your employees access to social networking sites altogether during work time. However, if that seems draconian, it is possible to monitor your employees' access to blogging sites during work time in order to evaluate the time spent accessing the sites and the content of them, subject to the strict criteria set out in the Regulation of Investigatory Powers Act 2000 and by the Information Commissioner. The level of monitoring must not be disproportionate to what you're trying to achieve and you must inform your employees that monitoring may take place and the reason for it.

The balance is a difficult one and you may find it just as effective to amend your IT and disciplinary polices as well as the confidentiality clause in your contracts of employment by setting out clearly what you expect of your employees in terms of confidentiality and their use of these sites.

And finally, don't be caught out yourselves! Be aware that using the content of prospective employees' blogs or networking sites as a recruitment tool to check their background or interests should be approached with extreme caution. Researching an applicant's internet reputation, or "netrep", is a practice that is becoming increasingly common due to the current trend towards very brief, factual references. While there's nothing unlawful in doing this, two potential legal issues arise:

• If you use information you have obtained from a blog or networking site, such as an applicant's marital status or religion, as the basis for not offering them a job, then this will constitute direct discrimination.
• If you print off and keep any information you obtain from someone's blog or networking site, you may be in breach of your obligations under the Data Protection Act which governs the processing of personal data.

The "data" often recorded in such sites, such as information about sexual orientation or personal beliefs, would constitute "sensitive personal data" under the Act which accordingly imposes more onerous obligations upon those storing such data without that person's consent