Top
Subscribe to Legal Notes
* indicates required
Back office

Entries in facebook (19)

Monday
Mar122012

Marketers who improperly use company names could face criminal and civil penalties

Anyone running a social media profile on a client's behalf should be very careful when tweeting or posting on the client's behalf. The consequences of careless references to or variations of a company's name could be severe under certain understated provisions of the new Companies Act.

Apollo Director Phillips Monitors Apollo 11 Pre-Launch Activities

The Companies Act's provisions

Section 32 of the Companies Act deals with "[u]se of company name and registration number" and subsections 3 and 5 are the clauses social media practitioners should be aware of:

(3) A person must not—
(a) use the name or registration number of a company in a manner likely to convey an impression that the person is acting or communicating on behalf of that company, unless the company has authorised that person to do so; or
(b) use a form of name for any purpose if, in the circumstances, the use of that form of name is likely to convey a false impression that the name is the name of a company.
(4) …
(5) Contravention of subsection (1), (2), (3) or (4) is an offence.

The term "person" in the Companies Act "includes a juristic person". In our law there are two basic types of "persons". We have natural persons which are human beings and juristic persons which are corporate entities like companies and close corporations.

What this means is that any person who uses a company's name that suggests that the person is communicating on the company's behalf and isn't actually authorised to do that will be committing an offence under the Companies Act. That is fairly straightforward but subsection 3(b) is not nearly as clear although can be even more problematic for careless marketers. It uses the phrase "form of name" which is only used in this sub-section of the Act. The word "form" is defined fairly extensively in the Oxford Dictionary of English, and includes the following definitions:

  • the visible shape or configuration of something
  • a particular way in which a thing exists or appears
  • any of the ways in which a word may be spelled, pronounced, or inflected

It appears that "form of name" includes both variations of the company name (for example, "Pick 'n Pay" as a commonly used variation of Pick n Pay Stores Limited or Pick n Pay Holdings Limited or "Woolies" as a common reference to Woolworths (Proprietary) Limited or Woolworths Holdings Limited – assuming you know which one you are referring to) and it may even include variations of the company's trade marks, such as logos, and other representations of the company's name. Assuming this is how the clause will be interpreted, subsection 3(b) criminalises a variation of a company's name which conveys "a false impression" that the variation "is the name of a company". The idea here may be to ensure that company's names and branding is accurately and reliably conveyed to the public and the risk of confusion minimised.

Section 218 deals with "[c]ivil actions" (as opposed to the criminal offences that a violation of section 32 would constitute) and subsections 218(2) and (3) state the following:

(2) Any person who contravenes any provision of this Act is liable to any other person for any loss or damage suffered by that person as a result of that contravention.
(3) The provisions of this section do not affect the right to any remedy that a person may otherwise have.

These two subsections in section 218 introduce specific liability for any "loss or damage" caused by "[a]ny person" and suffered by "any other person" and doesn't exclude whatever other remedies "a person" may have in law. This clause's scope is pretty broad, may be open to constitutional scrutiny, and opens the door to civil liability in the form of a financial sanction flowing from the contravention of the Companies Act in addition to whatever other remedies may be available.

What does this mean for marketers?

Drawing all of this together, a marketer or other social media practitioner could find him or herself being charged with a criminal offence and sued for monetary damages for either using a company's name in such a way as to falsely suggest the marketer or practitioner is authorised to represent the company concerned or where the marketer or practitioner uses a "form" of a company's name that is not the company's actual name and, instead, falsely creates the impression that it is. This sort of issue could easily arise in the manner in which a brand's Twitter or Facebook pages are operated (both how they are set up and presented to the public, fans and followers as well as what is published in those streams) as well as out of a marketer's or practitioner's efforts to promote the brand.

One specific challenge tweeting under a brand's name without drawing a distinction between the person doing the tweeting and the brand's official communications where the tweeter posts updates that don't fall within the tweeter's mandate (for example, a personal comment that isn't sanctioned by the company). Another is using an unauthorised "form" of a company's name in a Facebook Page update or blog post, for example. These sorts of mistakes can be made but they potentially carry severe consequences (an offence could mean a fine or imprisonment not exceeding 12 months, or both). Given the definition of "person", agencies that operate social media profiles can also find themselves in trouble.

Managing these risks

Managing these risks and still diligently promoting a brand can be accomplished. Agencies must have clearly defined roles and parameters and these must be effectively communicated to their staff and compliance with these restraints must monitored. This means being specific with clients in agreements and communications regarding the agency's use of a client's brand and the manner in which the agency's staff will communicate with fans and followers on the client's behalf. Agency staff should also draw clear distinctions between posts intended to be associated with the client and its brand, on the one hand, and posts which are not. There should be no confusion between a company or its brand, on one hand, and the people promoting it behind the scenes.

Appropriate risk management steps should be taken from the start and maintained on an ongoing basis, taking into account changing circumstances, instructions and feedback received from the public, the client and other relevant stakeholders. Not making the effort to better manage these risks could result in more serious consequences down the line than the upfront cost of developing and implementing the appropriate framework.

AuthorPaul Jacobson | DateMonday, March 12, 2012 at 12:02PM | | Reference1 Reference CommentPost a Comment
in , , ,
Sunday
Jan152012

Parental involvement in children's Facebook activities is essential

Technically only children aged 13 and older may register and maintain Facebook profiles but, in practice, children younger than this are active on Facebook. Children being active on the Internet poses a number of challenges, especially to their privacy and safety so it is essential that parents supervise their children when they use online services. If you are interested in finding out more, take a look at our post about what parents can do to better protect their children's privacy online.

Mashable published an infographic in a post titled "Most Parents Monitor Kids on the Internet – And Have Their Passwords" which is worth reading.

AuthorPaul Jacobson | DateSunday, January 15, 2012 at 7:48AM | | CommentPost a Comment
in , ,
Monday
Nov142011

Austrian law student's crusade against Facebook highlights users' responsibilities

Sir Archibald Weigall (LOC)Austrian law student, Max Schrems, has embarked on a crusade against Facebook aimed at exposing what he considers to be Facebook's misuse of users' personal information. Schrems has lodged 22 Reclamacións (I understand these to be a form of complaint) against Facebook with the Irish Data Protection Commissioner (Facebook's legal presence outside the US is in Ireland) regarding Facebook practices ranging from its Data Use Policy contents and the effectiveness of consent to the Data Use Policy to Facebook's apparent practice of collecting personal information about or relating to people who are not yet Facebook users.

These complaints raise a number of concerns about the extent to which Facebook has complied with Europe's Data Protection Directives which establish a legal framework to protect European users' personal information and privacy rights. The Irish Data Commission is either about to or is in the process of conducting an audit of Facebook's privacy practices and we should learn whether Schrems' complaints are valid in due course but what this crusade does highlight is users' responsibilities when sharing information and content on Facebook.

Facebook's Data Use Policy is fairly extensive. At one point Schrems mentions that if the Data Use Policy were reproduced with a more readable font it would be close to 20 pages. I reformatted the Data Use Policy with 1.5pt line spacing and size 11 font and it worked out to about 17 A4 pages. It is readable and extensive. The primary reason for the policy's length and Facebook's efforts to explain the policy and privacy settings in different ways is that using Facebook has seriously implications for your privacy. The sharing controls have improved drastically over the last few years culminating in a recent update which exposes publicity controls in every post.

One of the issues Schrems raised concerns about was how much information he found in his downloadable archive of his Facebook profile. Schrems' archive apparently ran to about 1 222 pages of data. I picked up concerns about how much information is contained in the archive (and, therefore, how much personal information Facebook receives and stores) and how much information he felt was not included.

Facebook archive download page

Social media users are slowly coming to the realization that these free services we flock to in the tens and hundreds of millions have a lot of information about us and which we supply to them. Facebook is a great example because of its sheer size. The upcoming Timeline feature will heighten that awareness as it exposes users' profile information and interaction going about as far back as they have been members, possibly even further back if users populate their profiles with historical biographical data. The point we are heading to is that privacy as secrecy is largely a myth on the social Web. If you are active on the social Web, emphasis shifts to the extent to which you have meaningful control over your personal information and this is where Facebook has historically been pretty bad. That said, Facebook's privacy controls and its Data Use Policy have improved dramatically in the last 4 to 5 years. Facebook's anticipated deal with the FTC should firmly place control over users' profile information more in their hands than they have experienced in the past and that is a win for users.

Facebook is clearly improving its policy language and practices by being more transparent about what personal information it collects from users and what it does with that personal information as well as giving users more meaningful control over what they can do with their personal information and content in the Facebook ecosystem. Users must remember that how well their privacy is protected largely comes down to the choices they make. Failing to familiarize themselves with privacy policies and make proper use of privacy settings made available to them is no longer an option for users concerned about their privacy. If services like Facebook require more than users are comfortable sharing then they should refrain from using those services.

Facebook may have violated Europe's privacy laws as Schrems contends. We will have to wait for the results of the Commissioner's audit to make that determination. We may also discover that Schrems' much publicized campaign amounts to little more than tilting at windmills. Facebook insists that it complies with these laws and will make whatever adjustments are required should the Irish Data Protection Commissioner find it to be acting unlawfully. Hopefully this crusade will remind users just how much they share on services like Facebook and take a little more responsibility for that.

AuthorPaul Jacobson | DateMonday, November 14, 2011 at 1:14PM | | CommentPost a Comment
in , , ,
Monday
Nov142011

What the Facebook settlement will probably mean for you

Facebook privacy1Facebook changed its privacy policy in 2009 to make users' profiles more public by default. The changes came under pretty severe criticism at the time and prompted a complaint to the US Federal Trade Commission, the essence of which was the following:

The basic premise of the complaint is that most users either don't understand the changes they are being prompted to make, or that the changes are so complex that even experienced users are confused by them. (These arguments are supported by numerous quotes from tech gurus around the Web discussing their frustration and confusion with the new settings.) As a result, EPIC believes users are being misled by Facebook into exposing more than they had ever intended. "Absent injunctive relief by the Commission, Facebook is likely to continue its unfair and deceptive business practices and harm the public interest," wrote EPIC.

It seems that complaint is in the process of being resolved. The Wall Street Journal has reported (the full article may only be available to Wall Street Journal subscribers) that Facebook and the FTC are close to a settlement of the complaint. The settlement will likely require that Facebook obtain users' explicit consent before making retroactive changes to their privacy settings. This means that Facebook can't, for example, make "Friends only" posts public without users' explicit consent. While it sounds somewhat outrageous that Facebook would do this, this is pretty much what Facebook did in 2009 and earlier when it changed its privacy policies.

Looking ahead, Facebook will be required to respect your privacy choices and not make unilateral changes to what you are sharing with whom. That said, the settlement will still allow Facebook to introduce new products and services going forward which may require particular sharing settings, and obtain your consent to those changes in some way. That may simply take the form of a consent in future versions of Facebook's privacy policy. This settlement's focus will remain on retroactive changes to your privacy settings, it won't determine how content may be shared going forward. This remains users' responsibility. Users simply must familiarize themselves with Facebook's privacy controls and make informed choices about what they share and with whom. A good starting point is this overview of Facebook's Data Use Policy.

Another interesting feature of the settlement is that Facebook may find itself subject to an FTC 20 year privacy review process. This is similar to one of the conditions of Google's Buzz settlement with the FTC earlier this year.

AuthorPaul Jacobson | DateMonday, November 14, 2011 at 10:15AM | | CommentPost a Comment
in ,
Wednesday
Oct262011

The trouble with online defamation

I frequently receive calls or emails from people asking for help with online defamation, usually on Facebook. The people who contact me are often at their wits' end and want to sue the people defaming them, thinking that will fix the problem. Unfortunately, that can often make it worse. The challenge with online defamation is that the usual legal approach can aggravate the harm being suffered and the better course of action doesn't necessarily fix anything. Dealing with online defamation is often a matter of damage control and this is primarily due to the social Web's nature.

Pro-abortusdemonstratie / Pro abortion demonstration

Social networks like Facebook, Twitter and Google+ empower their users to express themselves on a scale typically not seen before the Web became social. This has shifted power dynamics in profound ways. We recently saw how Facebook and Twitter played important roles in the Arab Spring in Egypt and other countries in the Middle East. It is important that the social Web remain as free and accessible as possible because a free social Web is a powerful tool for freedom generally. At the same time, the social Web, like most tools, has darker applications and defamation online is one of those applications.

Of course, that is an oversimplification. A form of expression can be defamatory and be justifiable and permissible if, on its face, it harms its target's reputation and yet its publication serves a legitimate purpose. When people contact me about defamation online (the term they often use is "slander"), the published material is often not justifiable and is motivated by malice.

The typical legal response to this sort of defamatory material (or any defamatory material, for that matter) is to demand its removal and that the publisher take some form of remedial action to address the harm caused. The problem is that adopting this approach to defamatory statements or material published online can aggravate the situation far more than the person harmed could have anticipated.

Two case studies illustrate this phenomenon well. The first and older case study involves the performer, Barbara Streisand, and her efforts to stop photographs of her coastal home from being published after it was photographed during a coastal survey. Despite her most efforts, photographs of her house were published online, repeatedly. This case study gave the phenomenon its name: the Streisand Effect. A number of subsequent stories validated and reinforced the Streisand Effect including the 2007 Digg-AACS Encryption Key controversy and, more recently, the 2011 Ryan Giggs-UK "Superinjunction" controversy. Both of these more recent case studies illustrate the challenge of adopting a classic legal approach to a social Web problem. In the 2007 Digg controversy, Toshiba's attorney at the time, Michael Avery, summed up this challenge as follows:

If you try to stick up for what you have a legal right to do, and you're somewhat worse off because of it, that's an interesting concept.

When it comes to defamation online, particularly on social networks like Facebook, defamatory statements' harmful impact may only be exacerbated by adopting a traditional legal approach. This isn't to say that the defamation isn't unjustifiable, harmful and actionable but the very real possibility that addressing this misconduct like a conventional legal problem could drastically inflame the situation, and the resulting harm, is an important consideration when planning a response. What is required is a more flexible approach having regard to the specific dynamics involved as well as the platform used. There is no single approach which will be appropriate for all cases.

So what can be done? From an organizational perspective, implementing an Online Reputation Management solution may make a lot of sense. Companies may be defamed too and this defamation frequently results in reputational harm. Simply monitoring keywords and phrases is part of the process which should also include a more detailed strategic plan for dealing with negative and positive sentiment as well as legal input throughout the process to anticipate and cater for potential legal issue which may arise. From an individual perspective, responses may include reporting abuse with the platform's proprietor; laying criminal charges; engaging directly; not taking any active steps for the time being and, when left with little choice, having an appropriately worded demand letter prepared and sent to the culprits.

There are other challenges facing online defamation cases which can be similarly difficult to overcome. One concern is that defamers may be publishing under a pseudonym and are effectively anonymous. This presents a fundamental difficulty because you can only really take action against a known party and if the culprit has used pseudonymous handles and names for his or her profiles, email addresses and other identifiers, suing will be a practical impossibility. Another, very real, concern is the cost of legal action relative to the harm suffered. In the case of individuals, litigation costs are frequently prohibitive; potential damages generally less than they may expect and costs recoveries are cold comfort after a protracted and expensive campaign. Costs are less of an issue for companies which tend to be more able to afford these costs but the challenge here is that taking action may lead to a disproportionate increase in the harm suffered making legal action more of a "principle" based decision which is rarely the ideal motivation for legal action.

A lawyer's role in these sorts of case is less to rush in, guns blazing, and more to get a handle on the situation and help shape responses while anticipating the worst and preparing as much as is possible for a formal dispute. In between there is usually considerable scope for a multi-faceted approach to defamation and the resulting reputational harm where lawyers still play a role. They're just not necessarily the cavalry anymore.

AuthorPaul Jacobson | DateWednesday, October 26, 2011 at 4:59AM | | CommentPost a Comment
in , ,
Page 1 2 3 4 ... 4 Next 5 Entries »