Social Media Safety
Protecting Client Data and Navigating Risks
Over 2.5 hours for an adult. If you’re a teenager, it’s over 4 hours. This is the amount of time we’re spending on social media daily. (Statista Data Insights)
Let’s face it – it’s consumed us. And social media isn’t just for keeping up with friends and family; it’s a professional tool many of us use daily (yes, sometimes too much). Whether you’re connecting with clients or colleagues, following industry news, or building a brand, platforms like Facebook, LinkedIn, X/Twitter, TikTok, and Instagram are now integral parts of the tax and accounting world.
Social media has allowed us to connect with people with whom we likely never would have before. This proved invaluable during the pandemic; at a time of great isolation, connecting with colleagues and discussing ideas and problems made you feel like you weren’t alone. That’s powerful.
Beyond the social-emotional benefits, the power and increasing popularity of social media has changed the way we present our professional selves and grow our businesses. Running ads, sharing content, and having a social media presence have given us far greater visibility than ever before. Nowadays our networks grow weekly, and we can attract clients far outside our geographical region.
Protecting Clients
With anything new, there come risks. As professionals, we have a legal and ethical obligation to safeguard all client data. This is not merely a suggestion or a best practice, but a requirement. We must also be competent when it comes to social media.
Wondering what this means for your Facebook or X account? Let’s dive into that.
First, never receive PII via social media. Personally, any time a prospective client contacts me via social media, I send them the link to book a discovery call, followed by an invitation to access the secure portal to upload relevant documents. I never answer any questions from prospects or clients via social media and always direct them to the secure portal.
Identity theft is a concern on social media. It can take only minutes for a nefarious individual to create a fake persona or steal someone's identity and create a social media account that looks real. Remember! When communicating with someone online, you may not be talking to who you think you are.
Phishing attempts are also a concern. If someone you know sends you a link, you’re likely to click on it. But in actuality, an innocent-looking link could be one that closely mimics an actual web page and requests you to login in an attempt to steal your credentials or spur a file download that could contain malware and wreak havoc on your system and network.
Always protect your logins with MFA (multi-factor authentication). This reduces the risk of someone gaining access to your account and taking it over. In addition, it’s important to have and adhere to a password policy: use a complex password, and change it often.
What about your WISP? (If you don’t have one, get with us—we can help.) Your WISP should outline what is acceptable use while using a work computer or work network. It is strongly encouraged to not do anything personal on a work device that could compromise security.
Bad Tax Takes and Other Misinformation
How many of us have had a client ask us about a tax matter they heard about on social media? (If this has never happened to you, then you should go buy a lottery ticket!) Most of us hear about various ideas and skims promoted on social media, and—if we’re lucky—clients will ask us about them before they jump on the bandwagon. Recall the infamous “Form an LLC and all of your personal expenses become deductible!” or “How to deduct that Rolex or $5,000 espresso machine!” Outlandish tax-related schemes abound on the internet. This has become such a problem that the IRS has added the following to the Dirty Dozen: “Taking tax advice on social media can be bad news for taxpayers; inaccurate or misleading tax information circulating.” Nevertheless, Circular 230, which governs practice before the IRS, was last updated in 2014 and does not address social media. Many of us agree that it is far past due for an update. It would be helpful if it outlined some guidelines for tax professionals.
(Note: Started in 2002, the Dirty Dozen is not a legal document or a formal listing of agency enforcement priorities, but rather an education effort designed to raise awareness and protect taxpayers and tax pros from common tax scams and schemes, including bad social media advice).
When your clients talk to you about these social media tax schemes, I encourage you to listen to them and answer their questions. While it may be tempting to immediately dismiss their tax “ideas” and roll your eyes, resist this kind of reaction. This can be a great opportunity to prevent them from making a mistake and will also show your value as a tax professional. There are often kernels of truth in some of the social media advice, but you have the ability to clarify misconceptions and help your client avoid internet schemes.
With misinformation rampant on social media, many wonder to what degree the government should get involved. A recent Supreme Court case (Murthy v. Missouri) handed a victory to the Biden administration. While this ruling was procedural, it threw out a lower court ruling that placed significant restrictions on the government's ability to communicate with social media companies about their content moderation policies.
(In the case, the plaintiffs asserted that the White House had bombarded X/Twitter by requesting a streamline process for censorship requests. Justice Barret argued, though, that the record showed no such requests. Rather, on one occasion, a White House official asked Twitter to remove a fake account pretending to be the account of Biden’s granddaughter. Twitter took down the fake account and told the official about a portal that could be used in the future to flag similar issues. In her opinion for the majority, Barrett made clear that the allegations were baseless.)
This will certainly not be the last social media case that makes its way to the high court. There has to be a balance in protecting freedom of speech and the public from misinformation. This is especially important given how quickly information travels via social media.
Privacy
It should come as no surprise that if you aren’t paying for a product or a service, then you are likely the product. Be mindful about what you post—the amount of data harvested from social media is staggering, and nothing is ever truly deleted.
A Final Note
Social media can be a useful tool both personally and professionally. But use caution. Make sure you have a WISP (and that you follow it—just having one isn’t enough). As always, please let us know if you have any questions.
Financial Guardians has partnered with the following industry leaders to bring unique and valued content to their respective communities.
Financial Guardians has partnered with NATP to provide access to our monthly Guardian Tier membership at a 30% discount.
Active NATP members can access the online discount here.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants focused on detailed research and citations - for professionals who want to be better.
Join today at www.incite.tax.
Financial Guardians’ Leadership Team consists of Brad Messner, MBA, CBSA, EA and Joshua Youngblood, EA, CRETS. Brad is a seasoned technologies and finance/tax expert with nearly thirty years of experience in both industries, particularly focused on securing client and confidential data. Josh is an experienced technologist and tax expert with nearly 20 years, focused on unique and efficient use of technology in professional organizations. Find out more about them here: