The legal risks associated with running a social networking service are not just of academic interest.
Examples of lawsuits abound:
- The UK’s own Friends Reunited found itself on the wrong end of a defamation claim a full decade ago.
- More recently, during 2011, MySpace was accused of supplying personal information without the consent of users.
- Just two days ago, hard on the heels of Facebook’s massively-hyped IPO, it was reported that the social networking giant was being sued in the US courts for a cool $15 billion over user tracking.
Social media site operators can find themselves in disputes not just with users, but also with others’ whose interests are affected by the actions of users. When users post copyright material owned by someone else, the website owner is at risk of copyright infringement; when users criticise another person, the website owner could be liable for defamation.
In this short post, I’ll outline 6 things you can do as a social networking site operator to help reduce these sorts of risks.
(1) Proper T&Cs
The first thing you should do is make sure you have a decent set of T&Cs drafted, or suitably adapted, for your site. Different social networking sites have different features, different audiences and different risks. One size does not fit all.
(2) Ensure users actually agree to your T&Cs
When users register, you should ask them to confirm that they agree to the T&Cs, e.g. by ticking a box. Ideally, keep a database entry recording each user’s acceptance. If users haven’t agreed to your T&Cs, they are less likely to be enforceable.
(3) Educate users
Users won’t read your T&Cs, so you should summarise the main points somewhere they are likely to read them – e.g. on the page where material is published to the site. Some users might not be aware of the kinds of content that are illegal, and even users who are aware can sometimes benefit from a reminder.
(4) Report abuse notifications
You should incorporate an abuse notification procedure. This can be as simple as a special “report abuse” web form. Make sure abuse reports are quickly reviewed. In some jurisdictions (e.g. the USA) there are special statutory notification requirements that should be reflected in your abuse reporting procedures.
(5) Removing suspect content
If you are notified of content that is or may be legally problematic, remove it promptly. You can always reinstate it if it proves kosher. I’m obviously aware of the possible chilling effects here, but my job is to point out risk. Often, a site operator will not be in a position to judge whether content is actually unlawful. Better safe than sorry, most of the time.
(6) Keeping users informed
Don’t deceive users, and ensure that they know what your doing with their data, who it will be available to, and so on. A clearly drafted privacy policy can help here. Uses of personal data that are unusual or invasive should be flagged on the pages where that information is collected, not merely listed in the privacy policy.
Add a new comment