Nearly 99% of children in the UK aged between 12-15 are active online, with 57% on Instagram alone, according to the country's communications regulator Ofcom. But how many of us have actually read the terms and conditions and know what we are signing up for? This article will walk you through the fundamental do's and dont's of Instagram and debunk the myths plaguing their terms and conditions.
Who owns the photos you post?
You own the copyright to any original photos or videos you post, Instagram does not claim any right of ownership over your content. By using the service, you grant Instagram a non-exclusive licence to use the content and they can do this at their discretion. You don't need to explicitly accept the terms and conditions, this is already implied by accessing or using Instagram.
Instagram can keep and share your personal information with any company associated with it. This includes your name, contact information, pictures, likes and dislikes, your friends or where you eat, even your private messages.
Perhaps most importantly, by using Instagram you are declaring that you own the content posted and that it does not violate any third-party rights. So, if your friend has taken a great photo at an art gallery that you want to re-post, you need both your friend's permission and the permission of every artist whose work is in the background if their work is still in copyright. Admittedly, most users don't do this and may only tag the photographer as a courtesy, but by making this representation you are liable for any third-party action taken against you, including but not limited to breach of copyright. If you repeatedly infringe other people's intellectual property rights, your account may be disabled.
Does your business collect personal information from under 16's?
Children as young as 12 are on Instagram but did you know the minimum age requirement is 13? With the introduction of the General Data Protection Regulation (GDPR) on 25 May 2018 you should consider who your users are and whether you need to put systems in place to verify the user's age or obtain their parent's consent. The GDPR states that, if consent is your basis for processing the child's personal data, a child under the age of 16 can't give that consent themselves and instead consent is required from a person holding 'parental responsibility' – but note that it does permit member states to provide for a lower age in law, as long as it is not below 13.
Furthermore, like Instagram, most businesses hold information on current or potential customers of all ages. In order to prepare for the implementation of GDPR, you should carefully consider what personal data you hold, or intend to hold in the future, where it comes from, what you do with it, where you keep it, who you share it with and what happens to it when it is no longer needed. Then make sure you put in place the right procedures to protect a breach of data as the penalties will now be considerable