SlideShare a Scribd company logo

Navigating Privacy And Spam Compliance In Social Media Advertising

E
eldercomlaw

This presentation provides a general overview of what social media is, the types of advertising and promotional opportunities available to advertisers, and the compliance issues these may raise with resepct to Canadian privacy and anti-spam laws.

1 of 24
Download to read offline
Navigating Privacy and Spam Compliance in Social Media Advertising David Elder Stikeman Elliott September 20, 2011 STIKEMAN ELLIOTT LLP www.stikeman.com
Navigating Privacy and Spam Compliance What is Social Media? ■ Variety of sites, applications and platforms that allow for participating, talking and networking online, including the ability to share information and resources ■ Allow networks of connections to be established ■ Allow users to create, upload and disseminate original written and audio/video content
Navigating Privacy and Spam Compliance Types of Social Media ■ Blogs – e.g. Wordpress, Blogger ■ Wikis – e.g. Wikipedia ■ Social Bookmarking – e.g. Delicious, Digg ■ Social Network Sites – e.g. Facebook, LinkedIn ■ Status Update Services – e.g. Twitter ■ Virtual Worlds – e.g. Second Life ■ Media Sharing Sites – e.g. YouTube, Flickr
Navigating Privacy and Spam Compliance Why Social Media Advertising & Promotion? ■ Large and growing number of users ■ Large portion of online time ■ Facilitates “word of mouth” on massive scale ■ Leverages consumer’s trusted relationships ■ Creates brand loyalty, strong engagement ■ Rich data sets allow for more precise targeting ■ Deep analytics
Navigating Privacy and Spam Compliance Online Advertising Options ■ Display advertising – Minimal targeting – nature of site ■ Contextual advertising – Targeting based on current visit to single site search query ■ Behavioural advertising – Targeting based on profile developed based on history of sites visiting, on-site activity – inferred interests and demographics ■ Social advertising – Targeted based on context and interaction with site, real interests and demographics, activities of connections – Leverages social connections as examples, endorsements
Navigating Privacy and Spam Compliance Social Media Advertising & Promotion ■ Display ads ■ Targeted ads ■ Fan pages ■ Events, groups, ■ Applications – contests, quizzes, games ■ User reviews and discussion fora ■ Social ads, Promoted tweets ■ Like, +1, retweet, etc. ■ Almost any on-net activity can be shared with user networks
Navigating Privacy and Spam Compliance Applicable Privacy Requirements ■ Knowledge & consent required for collection, use & disclosure of personal information ■ Sensitivity of information and reasonable expectations of individual relevant to acceptable form of consent ■ Purposes must be identified at or before collection ■ Can’t require consent as condition of supply or product or service, unless required for legitimate core purposes ■ Collection to be limited to what reasonably required to fulfil purposes ■ Personal information to be retained only as long as reasonably necessary to fulfil purposes ■ Personal information to be accurate and up-to-date ■ Individual right of access ■ Protected by reasonable security safeguards
Navigating Privacy and Spam Compliance Application – So far... ■ OPC has taken expansive view of what constitutes personal information. ■ Can include: – cookies – IP addresses – Online tracking and behavioural data? – Particular concern re mobile data/devices ■ Although may appear in public domain, doesn’t mean it can be used for any purpose
Navigating Privacy and Spam Compliance The Facebook Decision ■ Noted advertising was a legitimate primary purpose for collection of personal information ■ Therefore, opt-out consent OK ■ But social ads “more intrusive”, require enhanced explanations to users ■ App developers access to personal information too open- ended, more specific consents required ■ Opt-out insufficient
Navigating Privacy and Spam Compliance Data Protection & Security ■ Rich and personalized data from social nets and apps are very valuable to identity thieves, fraudsters ■ Hacking is now about organized crime, targeted and well- mobilized ■ Protect user data accordingly ■ Keep only what you need, de-personalize if possible – try to avoid ID theft “keys” ■ Consider https connections, encryption for both stored and transmitted data
Navigating Privacy and Spam Compliance Privacy Concerns ■ 45% of Cdn social network users are concerned about associated privacy risks ■ 83% believe companies should ask permission to track online behaviour and Internet usage ■ 90% showed widespread concern about businesses that request too much personal information, don’t keep it secure, sell it to others, or use it to send spam ■ Majority of social network users feel explanations of use of personal information were vague 2011 Canadians and Privacy Survey
Navigating Privacy and Spam Compliance Children & Privacy ■ No COPPA in Canada, but: ■ PIPEDA requires “knowledge and consent” – higher hurdle for children? ■ Was amendment in C-29 which would have bolstered consent standard: “…reasonable to expect that the individual understands the nature, purpose and consequences of the collection, use and disclosure of the personal information to which they are consenting.” ■ OPC has voiced concern, sees as vulnerable group; focusing on outreach, education ■ Proceed with extreme caution
Navigating Privacy and Spam Compliance Appropriation of Personality ■ Relevant to social ads that use name, likeness of someone in network in association with endorsement, sale ■ Canadian law recognizes tort of misappropriation of personality, but only “old media” cases ■ Similar claims being made in other jurisdictions re social media ads, implied endorsements ■ Important to have clear and unambiguous consent ■ May still be liability if claims relate to fake profiles
Navigating Privacy and Spam Compliance Canada’s Anti-Spam Legislation: Summary ■ Prohibits sending commercial electronic messages without express consent (some exceptions) ■ Creates identification, contact and unsubscribe obligations ■ Prohibits the installation of a computer program without express consent (some exceptions) ■ Prohibits the alteration of transmission data or rerouting of messages without express consent ■ Creates detailed disclosure requirements to obtain consent ■ Creates significant monetary penalties for non-compliance ■ Creates private right of action for damages stemming from
Navigating Privacy and Spam Compliance Core Anti-Spam Requirement ■ prohibited to send or cause or permit to be sent to an electronic address a commercial electronic message unless: ■ Have the express or implied consent of the recipient ■ Message is in the prescribed form: – identifies sender/person on whose behalf sent – contact info for sender/person on whose behalf sent ■ No cost, easy unsubscribe mechanism: – Same means as message sent, or other electronic means – Gives Electronic address/web link for unsubscribe – Effective “without delay”, no later than 10 business days
Navigating Privacy and Spam Compliance Key Definitions I ■ “electronic message” means a message sent by any means of telecommunication, including a text, sound, voice or image message. ■ “electronic address” means an address used in connection with the transmission of an electronic message to a) an electronic mail account; b) an instant messaging account; c) a telephone account; or d) any similar account.
Navigating Privacy and Spam Compliance Key Definitions II 1(2) For the purposes of this Act, a commercial electronic message is an electronic message that, having regard to the content of the message, the hyperlinks in the message to content on a website or other database, or the contact information contained in the message, it would be reasonable to conclude has as its purpose, or one of its purposes, to encourage participation in a commercial activity, including an electronic message that a) offers to purchase, sell, barter or lease a product, goods, a service, land or an interest or right in land; b) offers to provide a business, investment or gaming opportunity; c) advertises or promotes anything referred to in paragraph (a) or (b); or d) promotes a person, including the public image of a person, as being a person who does anything referred to in any of paragraphs (a) to (c), or who intends to do so.
Navigating Privacy and Spam Compliance Key Definitions III 6. (1) It is prohibited to send or cause or permit to be sent to an electronic address a commercial electronic message unless a) the person to whom the message is sent has consented to receiving it, whether the consent is express or implied; and b) the message complies with subsection (2) [requirements as to sender ID, contact info, unsubscribe] … (5) This section does not apply to a commercial electronic message a) that is sent by or on behalf of an individual to another individual with whom they have a personal or family relationship, as defined in the regulations; … 9. It is prohibited to aid, induce, procure or cause to be procured the doing of any act contrary to any of sections 6 to 8.
Navigating Privacy and Spam Compliance Not Just for eMail ■ Applies to broad array of electronic messages: instant messaging, SMS, social media ■ Broad application to commercial activity – not just outright sales pitch ■ Generally require express consent to send ■ Could be liable if seen to induce social net user to send commercial message to another without consent
Navigating Privacy and Spam Compliance Anti-Spam Issues for Social Ads ■ Proposed regs define “personal relationship” narrowly ■ Issue with “forward-to-a-friend” – suggesting or enabling forward could attract liability ■ Identification requirements exhaustive, could be particularly challenging in social media space ■ Twitter just announced will be introducing some ads into user’s timelines – can’t opt out
Navigating Privacy and Spam Compliance Best Practices - Privacy ■ Don’t leave it to social net operator or ad aggregator/server ■ Stay on top of Canadian and international laws and trends re privacy, spam ■ Assume the worst; law of unintended consequences --test and test again ■ Transparency re collection, use and disclosure practices ■ Prominent, easy to understand, access – FAQs, layers ■ Get best consent you can – scroll and click ■ Keep records – onus on you to prove
Navigating Privacy and Spam Compliance More Best Practices - Privacy ■ Choose partners carefully ■ Caution re third party sharing ■ Great caution re aggregation with off-net info ■ Extra caution re location information ■ Monitor User Generated Content ■ Robust security – firewall, encryption, limit retention ■ Be aware of perceptions, reasonable expectations
Navigating Privacy and Spam Compliance Best Practices - Spam ■ Don’t spam – and tell users not to ■ Review/modify practices for obtaining/developing target lists, choose vendors/partners carefully ■ Review/modify formats for electronic marketing ■ Ensure effective and timely unsubscribe ■ Review/modify program installations, associated disclosures and consent ■ Ensure consent records are retained and retrievable ■ Engagement of marketing, brand, technical resources to detect issues, ensure compliance
For further information David Elder delder@stikeman.com STIKEMAN ELLIOTT LLP www.stikeman.com SLIDE 24 STIKEMAN ELLIOTT LLP

Recommended

Turnson Point Risks and Reputation Management presentation
Turnson Point Risks and Reputation Management presentationTurnson Point Risks and Reputation Management presentation
Turnson Point Risks and Reputation Management presentationKerry Rego
 
Social Media and Intellectual Property
Social Media and Intellectual PropertySocial Media and Intellectual Property
Social Media and Intellectual PropertyPrimumMarketing
 
Legal Implications Of Social Media
Legal Implications Of Social MediaLegal Implications Of Social Media
Legal Implications Of Social MediaDaliahSaper
 
Social Media: Implications for Intellectual Property Law
Social Media: Implications for Intellectual Property LawSocial Media: Implications for Intellectual Property Law
Social Media: Implications for Intellectual Property Lawblaine_5
 
The Legal Implications of Social Media
The Legal Implications of Social MediaThe Legal Implications of Social Media
The Legal Implications of Social MediaESI Attorneys LLC
 
Social Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesSocial Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesTommy Hobin
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Shawn Tuma
 
Social media and intellectual property
Social media and intellectual propertySocial media and intellectual property
Social media and intellectual propertyVisual Resources Association
 

Recommended

Turnson Point Risks and Reputation Management presentation
Turnson Point Risks and Reputation Management presentationTurnson Point Risks and Reputation Management presentation
Turnson Point Risks and Reputation Management presentationKerry Rego
 
Social Media and Intellectual Property
Social Media and Intellectual PropertySocial Media and Intellectual Property
Social Media and Intellectual PropertyPrimumMarketing
 
Legal Implications Of Social Media
Legal Implications Of Social MediaLegal Implications Of Social Media
Legal Implications Of Social MediaDaliahSaper
 
Social Media: Implications for Intellectual Property Law
Social Media: Implications for Intellectual Property LawSocial Media: Implications for Intellectual Property Law
Social Media: Implications for Intellectual Property Lawblaine_5
 
The Legal Implications of Social Media
The Legal Implications of Social MediaThe Legal Implications of Social Media
The Legal Implications of Social MediaESI Attorneys LLC
 
Social Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesSocial Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesTommy Hobin
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Shawn Tuma
 
Social media and intellectual property
Social media and intellectual propertySocial media and intellectual property
Social media and intellectual propertyVisual Resources Association
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaShawn Tuma
 
Teen Privacy Online
Teen Privacy OnlineTeen Privacy Online
Teen Privacy Onlinetomasztopa
 
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017FourthAsAService
 
COPPA Compliance
COPPA ComplianceCOPPA Compliance
COPPA ComplianceKegan Blumenthal
 
COPPA
COPPACOPPA
COPPAculturewins
 
The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)WilmerHale
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The InternetMessrs G Owen & Co
 
Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Taylor Van Sickle
 
Protecting Your Professional Reputation Online
Protecting Your Professional Reputation OnlineProtecting Your Professional Reputation Online
Protecting Your Professional Reputation OnlineLegal Media Matters
 
COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for NewbiesKegan Blumenthal
 
Online Reputation Clean-up
Online Reputation Clean-upOnline Reputation Clean-up
Online Reputation Clean-upAlexander Bayliss
 
Internet privacy presentation
Internet privacy presentationInternet privacy presentation
Internet privacy presentationMatthew Momney
 
September 2014 cyber safety presentation
September 2014 cyber safety presentationSeptember 2014 cyber safety presentation
September 2014 cyber safety presentationjaurisch
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...- Mark - Fullbright
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps- Mark - Fullbright
 
Social mediawebinar2013cosn
Social mediawebinar2013cosnSocial mediawebinar2013cosn
Social mediawebinar2013cosnUniversity of Wisconsin - Superior
 
Canadian Consumer Handbook
Canadian Consumer HandbookCanadian Consumer Handbook
Canadian Consumer Handbook- Mark - Fullbright
 
Learn internet governance initiative child online safety by shreedeep rayamaj...
Learn internet governance initiative child online safety by shreedeep rayamaj...Learn internet governance initiative child online safety by shreedeep rayamaj...
Learn internet governance initiative child online safety by shreedeep rayamaj...Shreedeep Rayamajhi
 
Staying Secure Electronically
Staying Secure ElectronicallyStaying Secure Electronically
Staying Secure ElectronicallyJennifer Ellis, JD, LLC
 
Phishing website method
Phishing website methodPhishing website method
Phishing website methodarelyf_7
 
The Wide Net of Canada\'s New Anti-Spam Legislation
The Wide Net of Canada\'s New Anti-Spam LegislationThe Wide Net of Canada\'s New Anti-Spam Legislation
The Wide Net of Canada\'s New Anti-Spam Legislationeldercomlaw
 
Privacy Breaches: Legal Risks, Obligations & Best Practices
Privacy Breaches: Legal Risks, Obligations & Best PracticesPrivacy Breaches: Legal Risks, Obligations & Best Practices
Privacy Breaches: Legal Risks, Obligations & Best Practiceseldercomlaw
 

More Related Content

What's hot

Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaShawn Tuma
 
Teen Privacy Online
Teen Privacy OnlineTeen Privacy Online
Teen Privacy Onlinetomasztopa
 
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017FourthAsAService
 
The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)WilmerHale
 
Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Taylor Van Sickle
 
Protecting Your Professional Reputation Online
Protecting Your Professional Reputation OnlineProtecting Your Professional Reputation Online
Protecting Your Professional Reputation OnlineLegal Media Matters
 
Internet privacy presentation
Internet privacy presentationInternet privacy presentation
Internet privacy presentationMatthew Momney
 
September 2014 cyber safety presentation
September 2014 cyber safety presentationSeptember 2014 cyber safety presentation
September 2014 cyber safety presentationjaurisch
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...- Mark - Fullbright
 
Learn internet governance initiative child online safety by shreedeep rayamaj...
Learn internet governance initiative child online safety by shreedeep rayamaj...Learn internet governance initiative child online safety by shreedeep rayamaj...
Learn internet governance initiative child online safety by shreedeep rayamaj...Shreedeep Rayamajhi
 
Phishing website method
Phishing website methodPhishing website method
Phishing website methodarelyf_7
 

What's hot (20)

Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social Media
 
Teen Privacy Online
Teen Privacy OnlineTeen Privacy Online
Teen Privacy Online
 
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
Online Privacy - What everyone should know - Full Sail Hall of Fame Week - 2017
 
COPPA Compliance
COPPA ComplianceCOPPA Compliance
COPPA Compliance
 
COPPA
COPPACOPPA
COPPA
 
The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The Internet
 
Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?
 
Protecting Your Professional Reputation Online
Protecting Your Professional Reputation OnlineProtecting Your Professional Reputation Online
Protecting Your Professional Reputation Online
 
COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for Newbies
 
Online Reputation Clean-up
Online Reputation Clean-upOnline Reputation Clean-up
Online Reputation Clean-up
 
Internet privacy presentation
Internet privacy presentationInternet privacy presentation
Internet privacy presentation
 
September 2014 cyber safety presentation
September 2014 cyber safety presentationSeptember 2014 cyber safety presentation
September 2014 cyber safety presentation
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps
 
Social mediawebinar2013cosn
Social mediawebinar2013cosnSocial mediawebinar2013cosn
Social mediawebinar2013cosn
 
Canadian Consumer Handbook
Canadian Consumer HandbookCanadian Consumer Handbook
Canadian Consumer Handbook
 
Learn internet governance initiative child online safety by shreedeep rayamaj...
Learn internet governance initiative child online safety by shreedeep rayamaj...Learn internet governance initiative child online safety by shreedeep rayamaj...
Learn internet governance initiative child online safety by shreedeep rayamaj...
 
Staying Secure Electronically
Staying Secure ElectronicallyStaying Secure Electronically
Staying Secure Electronically
 
Phishing website method
Phishing website methodPhishing website method
Phishing website method
 

Viewers also liked

The Wide Net of Canada\'s New Anti-Spam Legislation
The Wide Net of Canada\'s New Anti-Spam LegislationThe Wide Net of Canada\'s New Anti-Spam Legislation
The Wide Net of Canada\'s New Anti-Spam Legislationeldercomlaw
 
Privacy Breaches: Legal Risks, Obligations & Best Practices
Privacy Breaches: Legal Risks, Obligations & Best PracticesPrivacy Breaches: Legal Risks, Obligations & Best Practices
Privacy Breaches: Legal Risks, Obligations & Best Practiceseldercomlaw
 
We Really Don\'t Know Clouds at All: Challenges to Privacy Compliance
We Really Don\'t Know Clouds at All: Challenges to Privacy ComplianceWe Really Don\'t Know Clouds at All: Challenges to Privacy Compliance
We Really Don\'t Know Clouds at All: Challenges to Privacy Complianceeldercomlaw
 
A Year in Privacy: Highlights for the Courts and the Commissioner
A Year in Privacy: Highlights for the Courts and the CommissionerA Year in Privacy: Highlights for the Courts and the Commissioner
A Year in Privacy: Highlights for the Courts and the Commissionereldercomlaw
 
Abusive Content & Privacy/Security Breaches: Best Practices for Response ...
Abusive Content & Privacy/Security Breaches: Best Practices for Response ...Abusive Content & Privacy/Security Breaches: Best Practices for Response ...
Abusive Content & Privacy/Security Breaches: Best Practices for Response ...eldercomlaw
 
Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012
Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012 Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012
Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012 eldercomlaw
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad ReviewsGlassdoor
 

Viewers also liked (7)

The Wide Net of Canada\'s New Anti-Spam Legislation
The Wide Net of Canada\'s New Anti-Spam LegislationThe Wide Net of Canada\'s New Anti-Spam Legislation
The Wide Net of Canada\'s New Anti-Spam Legislation
 
Privacy Breaches: Legal Risks, Obligations & Best Practices
Privacy Breaches: Legal Risks, Obligations & Best PracticesPrivacy Breaches: Legal Risks, Obligations & Best Practices
Privacy Breaches: Legal Risks, Obligations & Best Practices
 
We Really Don\'t Know Clouds at All: Challenges to Privacy Compliance
We Really Don\'t Know Clouds at All: Challenges to Privacy ComplianceWe Really Don\'t Know Clouds at All: Challenges to Privacy Compliance
We Really Don\'t Know Clouds at All: Challenges to Privacy Compliance
 
A Year in Privacy: Highlights for the Courts and the Commissioner
A Year in Privacy: Highlights for the Courts and the CommissionerA Year in Privacy: Highlights for the Courts and the Commissioner
A Year in Privacy: Highlights for the Courts and the Commissioner
 
Abusive Content & Privacy/Security Breaches: Best Practices for Response ...
Abusive Content & Privacy/Security Breaches: Best Practices for Response ...Abusive Content & Privacy/Security Breaches: Best Practices for Response ...
Abusive Content & Privacy/Security Breaches: Best Practices for Response ...
 
Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012
Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012 Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012
Cloudy with a Chance of Privacy Compliance - Reboot Ottawa 2012
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad Reviews
 

Similar to Navigating Privacy And Spam Compliance In Social Media Advertising

Anti-Spam Presentation
Anti-Spam Presentation Anti-Spam Presentation
Anti-Spam Presentation Miles Williams
 
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPCanada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPMiles Williams
 
Wishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationWishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationMiles Williams
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk Endcode_org
 
Legal Issues For Online Communities - David Deakin
Legal Issues For Online Communities - David DeakinLegal Issues For Online Communities - David Deakin
Legal Issues For Online Communities - David DeakinFeverBee Limited
 
LEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdf
LEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdfLEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdf
LEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdfRegineManuel2
 
Internet Liabilities Presentation
Internet Liabilities PresentationInternet Liabilities Presentation
Internet Liabilities PresentationShannon Evans
 
Online-safety-security-ethics-and-etiquette.pdf
Online-safety-security-ethics-and-etiquette.pdfOnline-safety-security-ethics-and-etiquette.pdf
Online-safety-security-ethics-and-etiquette.pdfmarissaramos007
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxHarishParthasarathy4
 
Using Social Media Ethically
Using Social Media EthicallyUsing Social Media Ethically
Using Social Media EthicallyJack Pringle
 
Wishart Law Firm LLP - CASL/Anti-Spam Seminar
Wishart Law Firm LLP - CASL/Anti-Spam SeminarWishart Law Firm LLP - CASL/Anti-Spam Seminar
Wishart Law Firm LLP - CASL/Anti-Spam SeminarMiles Williams
 
2013-01-10 Attorney Advertising Update
2013-01-10 Attorney Advertising Update2013-01-10 Attorney Advertising Update
2013-01-10 Attorney Advertising UpdateD. Todd Smith
 
Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235brendaylo
 
e-Marketing Policy-Building Workshop
e-Marketing Policy-Building Workshope-Marketing Policy-Building Workshop
e-Marketing Policy-Building WorkshopMatt Vernhout
 
How to safe online (presented by abhinav pathak)
How to safe online (presented by abhinav pathak)How to safe online (presented by abhinav pathak)
How to safe online (presented by abhinav pathak)Abhinav Pathak
 
Digital defamation presentation
Digital defamation presentationDigital defamation presentation
Digital defamation presentationMelfi Associates
 

Similar to Navigating Privacy And Spam Compliance In Social Media Advertising (20)

Anti-Spam Presentation
Anti-Spam Presentation Anti-Spam Presentation
Anti-Spam Presentation
 
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLPCanada CASL Anti-Spam Presentation - Wishart Law Firm LLP
Canada CASL Anti-Spam Presentation - Wishart Law Firm LLP
 
Wishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam PresentationWishart Law Firm Anti-Spam Presentation
Wishart Law Firm Anti-Spam Presentation
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk
 
Legal Issues For Online Communities - David Deakin
Legal Issues For Online Communities - David DeakinLegal Issues For Online Communities - David Deakin
Legal Issues For Online Communities - David Deakin
 
Social Networking and E-discovery
Social Networking and E-discoverySocial Networking and E-discovery
Social Networking and E-discovery
 
LEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdf
LEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdfLEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdf
LEGAL, ETHICAL AND SOCIETAL ISSUES OF.pdf
 
Internet Liabilities Presentation
Internet Liabilities PresentationInternet Liabilities Presentation
Internet Liabilities Presentation
 
Online-safety-security-ethics-and-etiquette.pdf
Online-safety-security-ethics-and-etiquette.pdfOnline-safety-security-ethics-and-etiquette.pdf
Online-safety-security-ethics-and-etiquette.pdf
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptx
 
Using Social Media Ethically
Using Social Media EthicallyUsing Social Media Ethically
Using Social Media Ethically
 
Wishart Law Firm LLP - CASL/Anti-Spam Seminar
Wishart Law Firm LLP - CASL/Anti-Spam SeminarWishart Law Firm LLP - CASL/Anti-Spam Seminar
Wishart Law Firm LLP - CASL/Anti-Spam Seminar
 
Protect Your Identity During Social Networking
Protect Your Identity During Social NetworkingProtect Your Identity During Social Networking
Protect Your Identity During Social Networking
 
2013-01-10 Attorney Advertising Update
2013-01-10 Attorney Advertising Update2013-01-10 Attorney Advertising Update
2013-01-10 Attorney Advertising Update
 
Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235Brandon + Eddie users guide phi 235
Brandon + Eddie users guide phi 235
 
e-Marketing Policy-Building Workshop
e-Marketing Policy-Building Workshope-Marketing Policy-Building Workshop
e-Marketing Policy-Building Workshop
 
How to safe online (presented by abhinav pathak)
How to safe online (presented by abhinav pathak)How to safe online (presented by abhinav pathak)
How to safe online (presented by abhinav pathak)
 
Digital defamation presentation
Digital defamation presentationDigital defamation presentation
Digital defamation presentation
 
Facebook
FacebookFacebook
Facebook
 
Are you safe enough on Social Media?
Are you safe enough on Social Media?Are you safe enough on Social Media?
Are you safe enough on Social Media?
 

Navigating Privacy And Spam Compliance In Social Media Advertising

  • 1. Navigating Privacy and Spam Compliance in Social Media Advertising David Elder Stikeman Elliott September 20, 2011 STIKEMAN ELLIOTT LLP www.stikeman.com
  • 2. Navigating Privacy and Spam Compliance What is Social Media? ■ Variety of sites, applications and platforms that allow for participating, talking and networking online, including the ability to share information and resources ■ Allow networks of connections to be established ■ Allow users to create, upload and disseminate original written and audio/video content
  • 3. Navigating Privacy and Spam Compliance Types of Social Media ■ Blogs – e.g. Wordpress, Blogger ■ Wikis – e.g. Wikipedia ■ Social Bookmarking – e.g. Delicious, Digg ■ Social Network Sites – e.g. Facebook, LinkedIn ■ Status Update Services – e.g. Twitter ■ Virtual Worlds – e.g. Second Life ■ Media Sharing Sites – e.g. YouTube, Flickr
  • 4. Navigating Privacy and Spam Compliance Why Social Media Advertising & Promotion? ■ Large and growing number of users ■ Large portion of online time ■ Facilitates “word of mouth” on massive scale ■ Leverages consumer’s trusted relationships ■ Creates brand loyalty, strong engagement ■ Rich data sets allow for more precise targeting ■ Deep analytics
  • 5. Navigating Privacy and Spam Compliance Online Advertising Options ■ Display advertising – Minimal targeting – nature of site ■ Contextual advertising – Targeting based on current visit to single site search query ■ Behavioural advertising – Targeting based on profile developed based on history of sites visiting, on-site activity – inferred interests and demographics ■ Social advertising – Targeted based on context and interaction with site, real interests and demographics, activities of connections – Leverages social connections as examples, endorsements
  • 6. Navigating Privacy and Spam Compliance Social Media Advertising & Promotion ■ Display ads ■ Targeted ads ■ Fan pages ■ Events, groups, ■ Applications – contests, quizzes, games ■ User reviews and discussion fora ■ Social ads, Promoted tweets ■ Like, +1, retweet, etc. ■ Almost any on-net activity can be shared with user networks
  • 7. Navigating Privacy and Spam Compliance Applicable Privacy Requirements ■ Knowledge & consent required for collection, use & disclosure of personal information ■ Sensitivity of information and reasonable expectations of individual relevant to acceptable form of consent ■ Purposes must be identified at or before collection ■ Can’t require consent as condition of supply or product or service, unless required for legitimate core purposes ■ Collection to be limited to what reasonably required to fulfil purposes ■ Personal information to be retained only as long as reasonably necessary to fulfil purposes ■ Personal information to be accurate and up-to-date ■ Individual right of access ■ Protected by reasonable security safeguards
  • 8. Navigating Privacy and Spam Compliance Application – So far... ■ OPC has taken expansive view of what constitutes personal information. ■ Can include: – cookies – IP addresses – Online tracking and behavioural data? – Particular concern re mobile data/devices ■ Although may appear in public domain, doesn’t mean it can be used for any purpose
  • 9. Navigating Privacy and Spam Compliance The Facebook Decision ■ Noted advertising was a legitimate primary purpose for collection of personal information ■ Therefore, opt-out consent OK ■ But social ads “more intrusive”, require enhanced explanations to users ■ App developers access to personal information too open- ended, more specific consents required ■ Opt-out insufficient
  • 10. Navigating Privacy and Spam Compliance Data Protection & Security ■ Rich and personalized data from social nets and apps are very valuable to identity thieves, fraudsters ■ Hacking is now about organized crime, targeted and well- mobilized ■ Protect user data accordingly ■ Keep only what you need, de-personalize if possible – try to avoid ID theft “keys” ■ Consider https connections, encryption for both stored and transmitted data
  • 11. Navigating Privacy and Spam Compliance Privacy Concerns ■ 45% of Cdn social network users are concerned about associated privacy risks ■ 83% believe companies should ask permission to track online behaviour and Internet usage ■ 90% showed widespread concern about businesses that request too much personal information, don’t keep it secure, sell it to others, or use it to send spam ■ Majority of social network users feel explanations of use of personal information were vague 2011 Canadians and Privacy Survey
  • 12. Navigating Privacy and Spam Compliance Children & Privacy ■ No COPPA in Canada, but: ■ PIPEDA requires “knowledge and consent” – higher hurdle for children? ■ Was amendment in C-29 which would have bolstered consent standard: “…reasonable to expect that the individual understands the nature, purpose and consequences of the collection, use and disclosure of the personal information to which they are consenting.” ■ OPC has voiced concern, sees as vulnerable group; focusing on outreach, education ■ Proceed with extreme caution
  • 13. Navigating Privacy and Spam Compliance Appropriation of Personality ■ Relevant to social ads that use name, likeness of someone in network in association with endorsement, sale ■ Canadian law recognizes tort of misappropriation of personality, but only “old media” cases ■ Similar claims being made in other jurisdictions re social media ads, implied endorsements ■ Important to have clear and unambiguous consent ■ May still be liability if claims relate to fake profiles
  • 14. Navigating Privacy and Spam Compliance Canada’s Anti-Spam Legislation: Summary ■ Prohibits sending commercial electronic messages without express consent (some exceptions) ■ Creates identification, contact and unsubscribe obligations ■ Prohibits the installation of a computer program without express consent (some exceptions) ■ Prohibits the alteration of transmission data or rerouting of messages without express consent ■ Creates detailed disclosure requirements to obtain consent ■ Creates significant monetary penalties for non-compliance ■ Creates private right of action for damages stemming from
  • 15. Navigating Privacy and Spam Compliance Core Anti-Spam Requirement ■ prohibited to send or cause or permit to be sent to an electronic address a commercial electronic message unless: ■ Have the express or implied consent of the recipient ■ Message is in the prescribed form: – identifies sender/person on whose behalf sent – contact info for sender/person on whose behalf sent ■ No cost, easy unsubscribe mechanism: – Same means as message sent, or other electronic means – Gives Electronic address/web link for unsubscribe – Effective “without delay”, no later than 10 business days
  • 16. Navigating Privacy and Spam Compliance Key Definitions I ■ “electronic message” means a message sent by any means of telecommunication, including a text, sound, voice or image message. ■ “electronic address” means an address used in connection with the transmission of an electronic message to a) an electronic mail account; b) an instant messaging account; c) a telephone account; or d) any similar account.
  • 17. Navigating Privacy and Spam Compliance Key Definitions II 1(2) For the purposes of this Act, a commercial electronic message is an electronic message that, having regard to the content of the message, the hyperlinks in the message to content on a website or other database, or the contact information contained in the message, it would be reasonable to conclude has as its purpose, or one of its purposes, to encourage participation in a commercial activity, including an electronic message that a) offers to purchase, sell, barter or lease a product, goods, a service, land or an interest or right in land; b) offers to provide a business, investment or gaming opportunity; c) advertises or promotes anything referred to in paragraph (a) or (b); or d) promotes a person, including the public image of a person, as being a person who does anything referred to in any of paragraphs (a) to (c), or who intends to do so.
  • 18. Navigating Privacy and Spam Compliance Key Definitions III 6. (1) It is prohibited to send or cause or permit to be sent to an electronic address a commercial electronic message unless a) the person to whom the message is sent has consented to receiving it, whether the consent is express or implied; and b) the message complies with subsection (2) [requirements as to sender ID, contact info, unsubscribe] … (5) This section does not apply to a commercial electronic message a) that is sent by or on behalf of an individual to another individual with whom they have a personal or family relationship, as defined in the regulations; … 9. It is prohibited to aid, induce, procure or cause to be procured the doing of any act contrary to any of sections 6 to 8.
  • 19. Navigating Privacy and Spam Compliance Not Just for eMail ■ Applies to broad array of electronic messages: instant messaging, SMS, social media ■ Broad application to commercial activity – not just outright sales pitch ■ Generally require express consent to send ■ Could be liable if seen to induce social net user to send commercial message to another without consent
  • 20. Navigating Privacy and Spam Compliance Anti-Spam Issues for Social Ads ■ Proposed regs define “personal relationship” narrowly ■ Issue with “forward-to-a-friend” – suggesting or enabling forward could attract liability ■ Identification requirements exhaustive, could be particularly challenging in social media space ■ Twitter just announced will be introducing some ads into user’s timelines – can’t opt out
  • 21. Navigating Privacy and Spam Compliance Best Practices - Privacy ■ Don’t leave it to social net operator or ad aggregator/server ■ Stay on top of Canadian and international laws and trends re privacy, spam ■ Assume the worst; law of unintended consequences --test and test again ■ Transparency re collection, use and disclosure practices ■ Prominent, easy to understand, access – FAQs, layers ■ Get best consent you can – scroll and click ■ Keep records – onus on you to prove
  • 22. Navigating Privacy and Spam Compliance More Best Practices - Privacy ■ Choose partners carefully ■ Caution re third party sharing ■ Great caution re aggregation with off-net info ■ Extra caution re location information ■ Monitor User Generated Content ■ Robust security – firewall, encryption, limit retention ■ Be aware of perceptions, reasonable expectations
  • 23. Navigating Privacy and Spam Compliance Best Practices - Spam ■ Don’t spam – and tell users not to ■ Review/modify practices for obtaining/developing target lists, choose vendors/partners carefully ■ Review/modify formats for electronic marketing ■ Ensure effective and timely unsubscribe ■ Review/modify program installations, associated disclosures and consent ■ Ensure consent records are retained and retrievable ■ Engagement of marketing, brand, technical resources to detect issues, ensure compliance
  • 24. For further information David Elder delder@stikeman.com STIKEMAN ELLIOTT LLP www.stikeman.com SLIDE 24 STIKEMAN ELLIOTT LLP