Marketing can often feel like a legal minefield. Brands have to carefully navigate laws related to privacy and data collection, intellectual property and copyrights, and anti-spam laws like CAN-SPAM, all of which continue to adapt to the growing concerns of consumers and legislative bodies.
In this #ContentChat, we’re joined by Ruth Carter (@RBCarter), an internet, IP, and business attorney, to discuss the main legal considerations for marketers in 2021. Read the full recap below, where we explore how to legally quote and republish third-party content or visuals, what marketing teams should do following a company data breach, legal concerns for email marketing, and more!
Important disclaimer: Everything in this chat should be considered legal information, not legal advice. Ruth is the only legal expert during this chat, but our community of expert marketers shares their take, too. If you find Ruth’s information useful, consider donating to the AZ Basset Hound Rescue (below).
Please note, while I am a lawyer, nothing I say on Twitter should be interpreted as legal advice, just legal information. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
I tell people to make a donation to the AZ Basset Hound Rescue instead. #ContentChathttps://t.co/DqX5SbOkrG
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Q1: How should brands approach quoting and republishing third-party content? Similarly, how do you ensure you are not violating someone else’s copyright when it comes to using visuals sourced online?
If you quote someone and add your own thoughts or analysis, then it is probably protected by fair use.
A1-1 If you’re quoting someone and adding your own thoughts, analysis, or otherwise building on what someone else said, that’s probably protected by fair use. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
If you want to republish someone’s work in its entirety, ensure you get the appropriate rights and permission (in writing) to do so.
A1-2 If you want to republish the entirety of someone’s content – like an article or infographic, do your homework to make you have or get permission to do so. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Try to only use images and visuals for marketing that you created. If you use someone else’s photo or visuals, get their permission or attain a license to modify or commercialize it.
A1-3 Unless I’m in a clear fair use situation, I try to only use images where I took the photo, I have permission from the copyright holder, or where the image comes with a license to modify or commercialize it. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
OMG, I’ve been saying this to clients for 25 years. Finally, an attorney who says it in public without me having to write a check! You just made this hour worthwhile! #ContentChat
— John Cloonan (@johncloonan) May 10, 2021
This is a point I bring up when clients are reluctant to commission their own photography or to pay for a stock photo account. It’s potentially an expensive mistake to use “free” images you find on the internet. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Been there, been sued for that. #justsayin #ContentChat
— John Cloonan (@johncloonan) May 10, 2021
A1 Purchase your imagery/etc from well-known sources or work up a contract with the owner of the content, do research on where the source got the content, how they pay their creators, be as well-informed as you can on what you’re purchasing and who from
-Alyx #ContentChat https://t.co/BgLo2FfDL3— Charlie & Alyx – Charlie Appel Agency (@ColfaxInsurance) May 10, 2021
A1 I tended to be obsessive about content rights management because we were managing networks of websites so one image getting used could literally go to hundreds of websites (and the fine multiplications that would follow). #ContentChat
— Derek Pillie 🎯 (@derekpillie) May 10, 2021
If you’re ever in doubt, double-check with the content owner to see if they’re comfortable with how you plan to use and attribute their content. The worst they can say is “no,” which is better than a lawsuit.
A1: Always give credit – Tag on photos and captions. Also, when in doubt whether you’re going to get it right, dm them and ask! A lot of it is just being decent and communicating ☺️ #ContentChat
— Jette-Mari Anni (@JetteAnni) May 10, 2021
I get approached occasionally with a request to republish my content, usually by universities as part of content/marketing/social curriculum, and almost always say yes, and agree on a nominal fee. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
There is no copyright protection for facts. So, if you’d like to use the same data as another source to build your own chart or graph, you are likely safe to do so.
Agreed. But… can you build your own chart or graph with the same data as the original and source/link the information? #ContentChat
— Dan Goldberg (@Jonas419) May 10, 2021
There’s no copyright protection for facts. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Attribution is a general legal safety net, but it does not guarantee protection. If you plagiarize someone’s content and then link to it, you are admitting to copyright infringement.
A1: Attribution, Attribution, Attribution. #ContentChat
— 🟣 Jennifer Navarrete (@epodcaster) May 10, 2021
Sometimes giving an attribution is committing copyright infringement and admitting it. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Like when someone rewrote my CMI brand voice article, word for word, section by section, and gave attribution. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Q2: Are there legal considerations companies should keep in mind when it comes to the use of other companies’ logos, slogans, etc.?
You can refer to competitors as a general comparison, like Bing vs Google.
A2-1 It’s ok to refer to your competitor if you’re making comparison – i.e., Bing vs Google ads or generic products that say “compare to ‘Brand X’” on their label. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
You need to differentiate yourself enough as to not confuse your customers. Audiences need to know whose product they’re buying, and you could end up in a legal issue if you brand or align yourself too closely with a different organization’s identity (especially if you do so without their permission).
A2-2 What you don’t want to do is look like you’re trying to ride your competition’s coattails. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A2-3 The purpose of trademark laws is to prevent consumer confusion. You don’t want your audience to be confused about whose product they’re buying. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
You can see some intentionally misleading landing pages sometimes, that make it seem like a product is an official or sanctioned subset of a larger company when it entirely is not. The geek merchandise sphere runs into that a lot. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Startups can often have a “don’t ask for permission, ask for forgiveness” mentality. Remember that the cost of a lawsuit and the damage to your brand could quickly destroy your company.
This was a bug bear of mine w/ startups. In corporate sector, people respect there may be repercussions if using logos, names in press releases, etc. without permission. Startups love “don’t ask for permission, ask for forgiveness.” They’d often get away with it too. #ContentChat
— Caroline (@CAZJAMES) May 10, 2021
A lot of people take that approach. They assume they’ll get a cease and desist letter at the worst, but they could get hit with a lawsuit as the opening volley. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
And lose that business, plus gain negative word of mouth for a decade. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Beyond the legal side of using other brand icons, John advises you to assess the business implications. His team was once disqualified from a pitch because they used the company’s logo on their presentation.
A2: In addition to LEGAL considerations about using others’ brand icons, also consider the BUSINESS implications. I once got thrown out of a presentation to an F100 company because their logo appeared on our presentation – even though we were presenting to them.#ContentChat
— John Cloonan (@johncloonan) May 10, 2021
Ouch! Having worked for two big companies that were very serious about the use of their name and logos, it’s hard to know when a company will appreciate you tailoring a presentation to them, versus being upset for you using their logo and colors in it. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
I’ve worked at enough big companies to know that you should never assume you have permission. You always have to ask. If the company is a big enough brand, unfortunately, you often will receive a no. #contentchat
— Martin Lieberman (@martinlieberman) May 10, 2021
Q3: Your company’s data has been compromised. What is marketing’s next step? How do you respond publicly, and what should you do internally to address the issue?
First, review the situation and identify the cause of the breach. Assess what data got out and the potential impact for your key audiences.
A3-1 Review the situation and determine the cause of the breach, what data got out, and what’s the worst-case scenario for affect persons. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Be transparent about what happened and what actions your team is taking.
A3-4 Be transparent about what happened and what you’re doing so it doesn’t happen again. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
I worked for a company that had a laptop with NPI on it stolen from a cafe table. Even though the data on it was encrypted, and we had good security protocols, we immediately let anyone whose data was affected know, and shared our plans to prevent it. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
A3 First, get out ahead of it. Better to play offense than defense. Be as transparent as possible with those who were affected. #contentchat
— Martin Lieberman (@martinlieberman) May 10, 2021
Ensure that a breach like this does not happen again.
A3-2 Internally, take steps to ensure that a breach like this doesn’t happen again. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
And review the type of data that your team collects. Remove any personally identifiable information that you don’t actually need.
A3-3 Remove personally identifiable information from your system that you don’t need for your business. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
There is often a ton of personal data companies collect that they don’t use to personalize the customer experience or make it more secure. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
It’s super common – companies ask all kinds of stuff they don’t really need and stick it in their CRM. Horrible practice. #ContentChat
— John Cloonan (@johncloonan) May 10, 2021
Right? It also annoys your customers. “They already know XYZ about me so why do they send me these generic emails?” #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Data breaches are an unfortunate reality in our distributed world. Always be prepared for a breach. Plan your response and create a playbook that you can activate as soon as a breach happens.
…always helps to be transparent, have a plan and safely-securely execute it! #ContentChat
— Shruti Deshpande (@shruti12d) May 10, 2021
It’s surprising how often companies wait for the inevitable bad things to happen before having a crisis response plan in place! That employer was the one place we did annual updates to a whole slew of such plans. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Q4: Why should a brand have a data custodian, and what is their role when it comes to marketing?
A data custodian can help protect your company data. A data custodian limits what information the company keeps and deletes any data that is no longer necessary.
A4-1 A data custodian is responsible for keeping the information entrusted to your company safe. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A4-2 A data custodian strives to limit what information the company keeps and deletes the information it no longer needs. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Your marketing team should partner with your data custodian to highlight how the company is keeping its data safe.
A4-3 Marketing can point to this person to highlight what the company is doing to keep its audience’s information safe. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Depending on your organization and resources, the data custodian may serve as a point of contact for any marketing data requests.
Would that person also be the conduit for marketing data requests in most organizations, or would they be solely focused on governance? #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
I guess it would depend on the company, but if they have the bandwidth for both, then that would make sense. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Q5: What are the primary legal concerns surrounding email marketing?
Privacy and spam are the primary legal concerns surrounding email marketing. Marketers should be aware of GDPR and CCPA (Ruth has free cheatsheets available, see Q7).
A5-1 The big issues are related to privacy and spam. There are so many different laws to be aware of – GDPR, CCPA, etc. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
CAN-SPAM is nothing compared to GDPR. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
The various laws inform how you can use personal data, including whether cookies are allowed.
When GDPR was announced, I changed my recipe blog’s setting so my analytics cookies are opt-in since it gets a good amount of EU traffic. Very few people opt-in. It really changes how we approach our content marketing. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
I have a page on my website that says if you send me an unsolicited pitch, you’re expressing a willingness to send $20 to the charity of my choice.https://t.co/gpJVSHmxJ4#ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A5: For EU firms, send server location matters. #contentchat
— Chris (@chris_byrne) May 10, 2021
Email list members must subscribe to the list. Do not add anyone to your email list without their consent. If someone unsubscribes, remove them immediately.
A5-2 The best way to stay on the right side of the law is to never add anyone to your email list. Make people add themselves to your list. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A5 Permission, permission, permission. And also: Unsubscribes. Don’t send to people who haven’t opted in. Don’t. Do not. And if someone has opted out, remove them immediately. #contentchat
— Martin Lieberman (@martinlieberman) May 10, 2021
A5 Like calling someone on the DNC list, don’t email people not on your list
Never hurts to have it so people have to add themselves to the email list, and you don’t add anyone yourself
-Alyx #contentchat https://t.co/VCLskNW796— Charlie & Alyx – Charlie Appel Agency (@ColfaxInsurance) May 10, 2021
I get so many unwanted, unsolicited sales calls on my cell. And I end almost every one of them with a request to be put on the DNC list and expressing that I never gave them permission. #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
Be clear about what you will use someone’s email for. If someone provides you an email to receive a confirmation receipt, you should not assume they want to join your marketing email list.
Similarly, providing an email address to receive a receipt for something ordered online is not the same as “Yes, I would like to join your marketing email list” #ContentChat
— Erika Heald | Founder @ErikaHeald (@SFerika) May 10, 2021
It is helpful to enlist an expert who can advise your team on the rules and best practices.
As a result it is often best to have someone incharge of keeping up with all these, at all times – no more guess work! #ContentChat
— Shruti Deshpande (@shruti12d) May 10, 2021
Q6: Are there some tools or resources for marketers who want to ensure they are creating content legally?
Ruth wrote a book on the legal side of blogging. Grab your copy here:
A6-1 I wrote the book, The Legal Side of Blogging: How Not to get Sued, Fired, Arrested, or Killed, which addresses many of issues related to content marketing. https://t.co/UkgI2IhWxT #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Review your contracts with third-party content creators to ensure that you won’t be liable if the creator violates someone else’s rights in your content.
A6-2 Doublecheck your contracts with third-party content creators to make sure that you won’t be responsible if they violate someone’s rights via your content. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Per John, it’s best to create original content and imagery to avoid any legal mishaps.
There are three I like…
1. The writing utensil of your choice.
2. The still image capture device of your choice.
3. The moving picture capture device of your choice. #ContentChat
— John Cloonan (@johncloonan) May 10, 2021
Q7: In the coming year, what are some things marketers should be aware of, such as changes around the use of cookies, etc.?
More states are passing privacy laws. Review your privacy policy and practices against these changes at least once a year.
A7-1 Privacy is still the hot topic as more states are passing privacy laws. Regularly review your privacy policy and practices against what these various laws require – at least once a year. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Ruth has cheat sheets for GDPR and CCPA—email them to get yours!
A7-2 I have cheat sheets for GDPR and CCPA that I give away for free – no strings attached. Just send me an email: ruth@carterlawaz.com. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A7-3 I’ll have a cheat sheet for CPRA and other state laws as the dates get closer to those laws going into effect. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A7: & if vendors “exchange” data, CCPA Art 1798.140 applies. Once exchanged, makes it difficult to comply with GDPR #contentchat pic.twitter.com/1ZYHBqhGbo
— Chris (@chris_byrne) May 10, 2021
For cookies, a simple “OK” button to agree to a site’s terms is acceptable (for now).
Question for @rbcarter – how do you weigh in on website cookie acceptance? Is it ok to just say you agree to our terms with an “OK” button, or does it need to be more explicit? #ContentChat
— Dan Goldberg (@Jonas419) May 10, 2021
I haven’t seen anything more extensive required than that, but the law is always evolving, so what’s permissible today may not be tomorrow. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
A rainy day fund should be much more than $1,000.
the @DaveRamsey rule is 3 to 6 months or 1,000 in emergency fund
— Craig “App Man” Caruso (@craigcaruso) May 10, 2021
This is the rainy day fund that my clients will be relying on if they get sued. $1,000 won’t cut it. Companies with only this much in their fund can’t risk getting sued.
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
For more legal tidbits, check out Ruth’s YouTube channel:
If you’re ever looking for useful legal tidbits, check out my YouTube channel: https://t.co/06YIHxTXLx. #ContentChat
— Ruth B. Carter | Lawyer, Speaker, Author, Geek (@rbcarter) May 10, 2021
Leave a Reply