Social media is a powerful tool that nonprofit organizations can use to quickly, cheaply and personally engage with funders, volunteers and clients. But while the benefits of using social media are vast, challenges and legal risks exist.
The following are tips and traps to keep in mind and discuss with your lawyer if you have any questions.
Politics + NonProfits = Risky Business
To maintain tax-exempt status, 501(c)(3) organizations are prohibited from participation in political campaigns. Linking to a candidate’s website or material that supports or criticizes a candidate poses risk, as does using your social media space to host an online forum or allow candidates to respond to questions unless the links or questions are neutral and all candidates are included equally or given an equal opportunity to participate.
This political prohibition extends to your employees. While the IRS permits nonprofit employees to advocate for or against candidates on their own time and dime, in social media the lines are easily blurred, e.g., if an employee is posting to their personal Twitter or Facebook account during business hours on a work computer, or if you encourage your employees to help spread the word about the organization’s activities and they also post personal political views. If they will be posting about candidates on their own time, employees could be asked to include a disclaimer stating that their opinions are solely their own.
Employees in senior leadership positions need to be especially careful about commenting on candidates online, as they could be viewed as speaking for your organization even when they do not intend to represent it.
If your website or social media presence allows non-employees to post, you might consider including a disclaimer (e.g., on your site’s Terms of Use) stating that any endorsement or criticism of a political candidate reflects the views of the individual poster, and not those of the organization. Or take it a step further and inform users that posts supporting or opposing candidates can jeopardize your status and may therefore be removed in the organization’s discretion. If you are going to monitor and remove posts, however, be sure you do so in an evenhanded manner.
Nonprofit Employees
Employee social media use raises a host of other issues for you as a nonprofit employer. Major concerns include protecting the organization’s confidential information and intellectual property, protecting client confidences for organizations serving individual clients, dealing with employee disparagement of the organization or other employees, and dealing with on- or off-duty harassing, racist, sexist or otherwise inappropriate behaviors.
Many nonprofits now address social media conduct in their employee handbooks and technology policies, or draft a separate social media policy.
The Perils of Posts
If your organization creates a social networking space for a certain client population, your staff might choose to participate in the conversations taking place, but they should refrain from offering specific legal, medical or psychological advice. Instead, offer referrals or invite users to come in for an appointment. Also consider including a disclaimer that your forums are not intended as a source of professional advice, but are for informational purposes only.
You should also be prepared to respond if the conversation on your site or social network turns harassing, threatening or defamatory. Generally, websites are protected from liability as a “publisher” or “speaker” for the posts of their users, but if you substantively edit user-generated content, your website could be exposed to liability for that content. Make clear in your terms of use that you have the right to remove posts that are lewd, harassing or “otherwise objectionable.” And if you allow your users to flag content as inappropriate, it is important to regularly review and evenhandedly respond to complaints.
Intellectual Property
As your website can be exposed to liability for infringement if your users post copyrighted or trademarked material, your Terms of Use should warn that the unauthorized posting of such content is prohibited. You should also clearly explain what a content owner must do to give notice of alleged infringement. Under the federal Digital Millennium Copyright Act, a website can qualify for a “safe harbor” for copyright violations if it registers with the U.S. Copyright Office to receive notices of infringement and then complies with the Act’s takedown provisions.
If you set up your social networking platform through a third-party service such as Facebook, they should have their own DMCA agent — but you should still allow users to contact you with such complaints.
You also need to think about protecting your own intellectual property. If you own a trademark, you could actually lose protection if you don’t actively monitor and control its use. Unlike the commercial world, where intellectual property misuse is often aggressively addressed, a nonprofit might want to be more sensitive to the situation, especially if the inappropriate use is coming from well-intentioned employees, volunteers, clients or funders that the organization does not want to alienate. But you must still take the necessary steps to protect your intellectual property, even via gently phrased “cease and desist” requests that aim to educate rather than threaten.
Charitable Solicitations
Most states have registration, disclosure and reporting requirements for organizations that solicit contributions, electronically or otherwise, within the state. Fundraising campaigns involving Facebook, Twitter or other social networking are relatively new, and state officials have not yet answered the question of to what degree user-propagated or viral campaigns trigger these requirements. However, the current treatment of website and email solicitation provides some guidance, and in response, the National Association of State Charities Officials (NASCO) has adopted informal, non-binding registration guidelines known as the “Charleston Principles.”
Under the principles, if your nonprofit is specifically targeting a state’s residents by affirmatively advertising or sending messages to them, or if you receive substantial or frequent contributions from a state’s residents, you should register in that state. And keep in mind that fundraising can spread across state lines with the simple click of a “share” button. Some states, such as Florida and New York, have even taken the position that a nonprofit with a “donate now” button on its website is soliciting contributions from anyone with Internet access in their state and consequently is subject to the state’s registration requirements.
The Multi-State Filer Project summarizes the various state registration requirements and provides information about the Unified Registration Statement, a common registration form accepted by many states.
Privacy Concerns
Most states have enacted laws governing the collection of personal information from individual Web users. These laws often govern areas such as how the data must be protected, opt-out availability, and what steps an organization must take in the event of a data breach. Children’s privacy is even more highly regulated.
If your nonprofit is collecting personal information from people in multiple states, you need to comply with the laws of all of those states. It is generally advisable, and sometimes required, to post a privacy policy on your website, explaining exactly what personal data you collect and how you use it — although if you’ve got a policy and you don’t follow it, your risk of exposure may be increased. If you share or sell personal information, such as donor lists, you should disclose this fact.
That about sums it up. Remember, you can stay legal while being social! If you have any questions about these general tips, ask your lawyer.
Social Media
See all Social Media