[GUEST POST] Teresa Cottam on the ethics of image rights

Teresa Cottam / Omnisperience

As an analyst in the famously sedate space of telecoms software, I’ve spent my career writing about customer experience, billing systems, call centres, monetisation strategies and customer onboarding (among other things). And since I can remember when MWC was not called MWC and was not in Barcelona, you can assume I’ve been around my industry for a while.

I have a few war stories and run-ins with vendors, as most established analysts do. Some of the more colourful ones involve actually being kidnapped on yachts in Nice and at the more mundane end is the usual misquotation and misrepresentation. 

This latest tale of AR woes dates from May 2021. A major US vendor asked me to come to a digital analyst event. The invite was well put together, I was in the market for an update and I was ready to sign up. However, signing up required me to agree to their T&Cs. Now here’s a warning to everyone. How many of us just click yes because it’s usually so mundane and boring without reading the fineprint? In this case, the first paragraph was mundane: they’d use my data to tailor my experience (yawn). The second paragraph started off by saying that I couldn’t record anything without their permission. Our job is all about discretion, so of course I know I must carefully check if I’m having confidential information shared with me – no surprises there. It was the second half of this paragraph that made me sit up and pay attention. Let me share this with you:

“You hearby authorise VENDOR to photograph, film, and record you and to use the resulting photographs, films, and recordings, and your picture and likeness, together with any other material, in any manner or media whatsoever (whether now known or hereafter devised) anywhere in the world in perpetuity for the purposes of advertising or trade in promoting and publicizing VENDOR and its products and services. You agree that you shall have no right of approval, no claim to compensation, and no claim arising out of any use, alteration, use in a fictionalized context, or use in any composite form of your picture or likeness. You agree that VENDOR shall be under no obligation to exploit any of the rights granted herein. You also agree that you waive any right that you may have to enjoin or otherwise prevent the exploitation of the rights granted herein. You represent and warrant that you have the full right to grant the rights granted herein.”

I reread this again and then I felt a combination of shock and anger. Let me point out three things about this paragraph. 

  1. This is not GDPR compliant and is illegal and unenforceable in Europe. Your likeness is personal data. While no-one is going to get unduly upset by being caught in the background of a crowd shot – and that is arguably ‘fair use’ – recording someone in their own home (many of us are WAH during COVID) and storing that photograph for re-use crosses the threshold into personal data which is absolutely subject to GDPR. No-one can waive their GDPR rights. You will continue to have the right to delete personal data, to refuse permission for a vendor to store it, and to change your mind. The vendor can only use it for the purpose it was collected and store it for the minimum amount of time required. Photographs and Videos are a grey area, but while a photograph of an anonymous person in the street might be argued as “fair use”, using the image of an analyst is not. Their likeness and name are known and widely identifiable in the community in which they work. That image is also linked to a professional reputation that is very much built on not being biased towards one vendor’s products or another. 
  2. Re-using an analyst’s likeness in a fictionalised context means that the vendor could, at some future date, use their likeness to promote the idea that the world’s top analysts think their product is great. They never said that of course. But the analyst waived their right to object or amend. Their independence was just shattered.
  3. I am not a charity. You want to take something that’s mine and potentially re-use it for your own gain without paying for that privilege. That is not acceptable. Where you have a commercial relationship with an analyst firm you still have to check with them, you cannot assume that you can just take something to benefit you without paying for it.

Lessons to be learned

  1. General T&Cs cannot just be applied to analysts. They can be wholly inappropriate and relationship destroying. AR should check any T&Cs applied to analysts and give their feedback. In this case, Events had applied these T&Cs without considering the impact.
  2. Consult your regional ARs. What is culturally normal in say the US, might be shocking (or illegal) in the UK or another part of the world. Get advice from your regional AR on the appropriateness of communications, including T&Cs, you send out.
  3. When you screw up like this is when you need your ARs the most. The ARs can help you smooth the ruffled feathers, apologise and rebuild the bridges. 
  4. Organisations like IIAR have a valuable role to play in helping you and your peers to discuss this type of tricky situation and share best practice. 
  5. Consent is at the heart of this – even beyond GDPR – do you really want to be portrayed as the type of vendor that takes what they want and removes everyone’s right to object? Think about the inconsistency of boasting about your inclusiveness and diversity only to drive a coach and horses through your image with T&Cs like this. Consent is especially important when it comes to analysts, but is also important to your customers, as well. Consent is really about respect and good communication. 
  6. Big vendors as well as smaller vendors can get this stuff wrong. In my experience they screw up in different ways. But do not fall into the trap of thinking it’s just smaller vendors that make mistakes. (ie “It couldn’t happen to us”.)


This situation was discussed on LinkedIn. Within 24 hours it had thousands of views. I did not name the vendor involved, and I will not publicly name them, because that’s unfair. But imagine if a less reticent analyst had taken issue with this what the consequences could be. Some analysts would just refuse to work with a small or mid-sized vendor that did this. It would certainly render everyone wary of that vendor and destroy years of relationship building.

Comment 1: This is common practice and you should just decide whether to attend or not.
My view: This is not common practice in Europe and, in any case, my job as an analyst is not just to go meekly along with the herd but to point out when something is wrong so that vendors can learn and correct what they do.

Comment 2: The AR probably didn’t even know and doesn’t have any power to change this.
My view: The first part of this comment proved to be true. However, that is not an excuse! Why have an AR team if you’re not going to ensure they check communications going out to analysts? This shows a lack of joined up thinking and processes internally. I have no idea if the second part of the statement is true, but ARs should have the power to influence and advise on all things analyst related. If not, give up the pretence of having a professional AR function and just get marketing to handle it.

Comment 3: You should be able to trust the vendor not to abuse the T&Cs.
My view: Why? My job is essentially not to trust vendors. If I begin trusting too much and stop checking then I’ve become a lazy and useless analyst. Anyway, how can I trust some unknown exec I don’t know somewhere in the future (because I’m being asked to sign away my rights ‘in perpetuity’)

I hope this incident gives you some food for thought. It’s easy to say ‘wow we’d never do that!’ but more constructive to share what you’d do to prevent this type of problem occurring, how to fix it when it does, and what the best practices are around using visual content. On my side of the fence there are also learning points such as:

  • do not get so cosy with a vendor you take things for granted
  • it’s our job to call out things that don’t seem right because that helps vendors get better (don’t be silenced by big names)
  • most people, including analysts, don’t read things carefully
  • be ethical by hating the behaviour but not the individual or the company
  • sometimes we don’t fully appreciate just how much ARs watch our backs!

By Teresa Cottam (LinkedIn, @Teresacottam), Chief Analyst at Omnisperience.

Check the IIAR> Rules Of Engagement

Other posts by Barry

Other guest posts from industry analysts

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: