As any nonprofit leader knows, volunteers serve vitally important functions in many nonprofit organizations. What happens when volunteers create original works for their organizations? Generally speaking, the volunteers will own the works absent any specific agreements otherwise, and whether the volunteers or the organizations realize it or not. Nonprofits therefore should take proactive steps regarding copyright issues, such as through ownership and licensing agreements. These measures may become especially important if the created works later become financially valuable, if disputes arise regarding the work, or if the nonprofit wants to transfer or alter the work.
U.S. organizations transmitting personal information across the Atlantic can breathe a sigh of relief – sort of. The U.S. and E.U. agreed this month to a new framework designed to protect the online privacy of E.U. citizens and to mitigate legal exposure for U.S. entities transmitting personal information across the Atlantic. The agreement, known as Privacy Shield, replaces Safe Harbor, a fifteen-year-old privacy agreement, was ruled illegal by the Court of Justice of the European Union (“CJEU”) - the highest EU court, last October.
This developing area of the law is often not on the radar of nonprofit organizations. In fact, many nonprofits are not eligible to participate in Privacy Shield and its Safe Harbor predecessor. However, as discussed below, Section 501(c)(6) trade associations and certain other nonprofit entities should qualify to enjoy the legal protections available under these legal frameworks. Since the abrogation of Safe Harbor, many eligible nonprofits have faced uncertainty regarding the legal status of their transatlantic data transfers. The new replacement Privacy Shield promises to both protect E.U. citizens’ personal information and shelter U.S. qualifying nonprofits and other entities who comply with its terms.
It may be too soon to celebrate, however. Specific terms and conditions of Privacy Shield have not yet been disclosed. Furthermore, it is not clear that the new agreement will pass legal muster with E.U. Data Protection Authorities (“DPAs”) once the details are published. Until this occurs, U.S. organizations conducting transatlantic transfers of personal information remain in murky legal waters. During this time of uncertainty, U.S. organizations should continue to implement alternative legitimization mechanisms (discussed below).
With the new year upon us, our hope is that all of our nonprofit clients will thrive in 2016, fulfilling their organizational mission and impacting their communities. As attorneys, we understand the importance of legal compliance for an organization’s mission, governance, and success. The following is a list of ten critical legal areas that may impact nonprofit organizations in 2016. Resolve to address them throughout the year, especially any deficiencies that warrant further action.
2. Use Social Media Well. Social media is a powerful tool for many nonprofits. Continual improvements can help promote an organization’s mission and nurture its good reputation. Unfortunately, many nonprofits fail to take the time to understand how copyright and trademark laws govern their use of photos, videos, or other media in their posts. In using social media, nonprofits need to teach their workers how to identify and comply with applicable copyright or trademark restrictions, for which a license or other protection may be needed. Nonprofits should also consider individual privacy interests related to posts and obtain consents or provide other disclosures as warranted prior to posting information about beneficiaries, donors, or others. Finally, nonprofits should take steps to protect their reputations by developing a procedure or policy that ensures employees and volunteers refrain from using the organization’s social media for disparaging comments or to express views contrary to the mission.