The Times today carries a story of the names and telephone numbers of up to 170,000 of Shell employees and contractors being sent by email to human rights groups and environmental activists, supposedly by a group of disaffected staff who were pressing for changes within the company.

I’d say the truth around this story has yet to be established, however regardless of whether this represents, as reported, the actions of a group of disaffected staff seeking change (which feels very unlikely!), or the actions of a single rogue ex-employee it will probably be a while before we know.

The story interests me primarily because it is a timely reminder to those who argue that social media should not be allowed in the workplace because of the increased risk of intentional or accidental reputational damage.  The same arguments were widely articulated in the early days of email – and who could seriously suggest these days that email has no place in business and commerce?

This is not a technology issue. Today’s story illustrates how the means of spraying information around the globe in minutes has been with us for donkey’s years. Social media technologies may speed up the spray from minutes to seconds, but this makes no real difference to the outcome. And security measures merely provide a way of mopping up after the damage has been done. They will never prevent such occurrences from taking place.

No – this has nothing to do with technology and everything to do with human behaviour. Last Friday’s Twitter storm involving Vodafone UK was very interesting. The storm turned very quickly into a storm in a tea cup and went on to illustrate to me the enormous potential that social media has in enhancing and protecting corporate reputations.

Had the employee sent his homophobic comments in an email to 8,000 people the story would have gone viral over a period of days and weeks and it would have attracted far more mainstream press coverage. Because this took place on Twitter the whole world knew about it in minutes – but they got over it in hours.

In my opinion Vodafone handled the incident magnificently. They could have gone quiet and said nothing (the route favoured by far too many corporate media relations departments) or maybe spun the story by blaming hackers or technology failure.

But no – they swiftly identified the issue as one of human behaviour and apologised openly and elegantly and as a result the story no longer has legs. In my opinion Vodafone controlled the incident beautifully by demonstrating agility, openness and a touch of humility.

I think there are lessons for us all in there somewhere.