Skip navigation

Legal tips for a digital world

Seven sure steps for restaurants to avoid the legal risks of digital marketing

Digital-marketing tools make it easier than ever for restaurants to reach their customers, but these technologies also bring new risks for violating trade and advertising laws, according to Seattle-based law firm Davis Wright Tremaine LLC, whose restaurant practice includes Starbucks Coffee, California Pizza Kitchen and Carlson Restaurants.

In a webinar titled, “Navigating Marketing and Advertising Laws in a Digital Economy for the Restaurateur,” attorney Nancy Derwin-Weiss recommended that restaurant companies involve legal counsel in marketing plans at the outset. With new marketing strategies like social media and group buying regulated by existing Federal Trade Commission statutes, restaurants’ need for clear policies has grown, she said, especially since class-action lawsuits for deceptive advertising have been settled for millions of dollars.

“It’s always better to get [the] legal [department] involved earlier than later,” Derwin-Weiss said. “They can help restaurants structure promotions in ways that are compliant with all the laws … The upside to this environment is that you have a more effective way to target and market to your audience; the downside is that there are more ways to get you into trouble.”

Derwin-Weiss and Davis Wright Tremaine offered the following legal advice regarding marketing techniques:

A privacy policy is a must. Most restaurant brands’ websites aren’t static, Derwin-Weiss said, as brands sometimes interact with customers online and collect personal information. In that case, companies are required by law to have and publish a privacy policy that describes the information it collects and what it does with that data.

Derwin-Weiss said the privacy policy must be customized to reflect exactly what a restaurant brand does online, and that a “less is more” approach to collecting identifiable information safeguards companies.

“You shouldn’t over-promise in your privacy policy,” she said. “Companies want to assure people they’ll never share their information, but that isn’t true. You may have to share it for an investigative reason, or if your company is sold.”

Terms of use are another must, as restaurant brands can protect their intellectual property and require that disputes with customers be settled in arbitration. Derwin-Weiss recommended tying the terms of use to registration for features with a “click-wrap agreement,” which blocks registration until a box indicating acceptance of the terms of use is checked.

Continued from page 1

Limit registration requirements. “Less is more” also pertains to what restaurants require of customers when they register for digital promotions, like a loyalty club, sweepstakes or online ordering, Derwin-Weiss said. If restaurants add website features, like virtual tours, they may want to ask consumers to create a user name and password.

“If you want a more robust user experience, layer registration [requirements],” she said. “But the more information you collect, the more responsibility you have to secure all of it.”

Comply with COPPA, even if kids aren’t crucial to business. Years ago, the FTC passed the Children’s Online Privacy Protection Act, requiring strict guidelines for companies marketing to children younger than 13 years old. If a restaurant is geared toward kids or has a kids’ section on its website, it must comply with COPPA to collect personal information. That sometimes requires parental consent, Derwin-Weiss said.

If the restaurant asks for a user’s birth date, the user’s identifiable information cannot be collected if he or she is younger than 13.

Email-marketing etiquette. The CAN SPAM Act of 2003 lets the FTC regulate email marketing, but it does not ban unsolicited emails. To comply, restaurants must be identified as the email sender, the subject line cannot be misleading, the restaurant’s mailing address must be disclosed, and an unsubscribe link or tool must be included, Derwin-Weiss said.

The most important criteria to comply with CAN SPAM is a suppression list, which keeps track of every request to no longer receive emails from a restaurant.

“Make sure your opt-out link is going to your suppression list … so that the next time you send an email, those addresses don’t receive anything,” Derwin-Weiss said. “It gets tricky when other companies buy distribution lists. If you outsource [email marketing], make sure your vendor is CAN SPAM compliant and doesn’t commingle your data with that of another third party.”

Continued from page 2

The same goes for texting. As with email marketing, third-party marketers often carry out text campaigns, so restaurants need to vet those relationships carefully to ensure compliance, Derwin-Weiss said. Laws require text message advertising campaigns to include a “standard rates apply” disclosure, a tool for customers to specifically opt in, and the functionality to stop messages permanently.

Compliance can be tricky, she said. The Mobile Marketing Association’s guidelines recommend sending a confirmation text message when consumers ask to opt out of a campaign, but such a text was judged to violate the Telephone Consumer Protection Act, resulting in a heavy judgment against professional stock-car racing league NASCAR in a recent class-action suit.

Be prepared to meet the demand. Offers are everywhere, whether they are distributed via daily-deal sites like Groupon or newspaper coupons. Restaurants must not only honor the deal, but plan for increased traffic. Failure to do so could lead to bad public relations and accusations of deceptive advertising practices, Derwin-Weiss said.

Cases are pending against Groupon in several states, she added, and class-action suits have been filed against KFC when it rescinded its offer for free grilled chicken after an appearance on “The Oprah Winfrey Show” created product shortages.

Keep emails, websites and coupons consistent. Coupons and vouchers have crucial requirements, including expiration dates and “one per person per visit” stipulations, Derwin-Weiss said. But it’s also important that all necessary wording appear on the coupons themselves, as well as on promotional copy in emails or online.

“In these cases, social media can be friend or foe, so context is everything,” she said. “A drug manufacturer once created an app for its website, which went viral, and the version of the app that got out there did not have the warnings for the drug.”

Restaurants must disclose if they pay anyone to endorse or discuss a product on a blog, Facebook or Twitter. The brand’s terms of use and privacy policies also must be listed on any promotional websites managed by a vendor partner.

“It all comes down to knowing your vendors when you’re hiring people to develop something for you,” Derwin-Weiss said. “A lot of marketers have friends doing it for them in their garages. Be careful with those guys.”

Contact Mark Brandau at [email protected].
Follow him on Twitter: @Mark_from_NRN

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.