Key sponsorship trends in the use of technology and data: Part 2 – Legal considerations

The inexorable rise of sponsorship revenues for rights holders continues unabated. Global estimates place revenues from sports sponsorship rising to beyond $45 billion,¹ with a recent example of this upward drive being Chelsea’s new shirt deal with the Yokohama Rubber Company, estimated at $60 million per season over five years (more than double the amount paid by its previous shirt sponsor Samsung).

It is inescapable that sponsors’ deployment strategies must now involve digital activation and the use of new technology: sponsorships are no longer a physical manifestation of a brand, characterised only by billboards, shirt logos and corporate hospitality opportunities. Fan and consumer engagement can (and must) be achieved through non-traditional means and media. Equally, progressive rights holders consider their future commercial success to be allied to their ability to operate as viable digital media businesses, not simply sports clubs.

In recognition of this, this two-part piece examines the most recent trends in the digitisation and technological progression of sports sponsorship, looking at how these valuable partnerships have been deployed, and the legal challenges associated with their deployment.  

Part 1 (available here) explores the latest innovations, including:

• Social media / event apps
• Connected stadia
• Virtual reality
• Facial recognition

Part 2 (below) looks at the legal considerations for rights holders and sponsors arising out of the use of this technology, specifically in:

• Contract
• Data
• The rise of the “E ambusher”
• Advertising codes

Contract

Plainly, the sponsorship agreement should clearly document the rights granted to the sponsor and how these rights can be exploited. However, given the rate of technological change, future proofing an agreement is challenging. It is not uncommon to see an old long-term agreement, which does not address exploitation via social media, and it is incumbent on the parties to achieve sufficient flexibility in the contract to allow the parties to discuss sensibly and adopt the use of new media and technology.

To give but one example, the use of LED perimeter boards in stadia is increasingly prevalent as the means of displaying partner advertising at matches. Rather than a fixed share of physical perimeter board advertising that does not change throughout a match, LED boards offer the possibility of rotating advertising, moving images and entire stadium take-over for sponsors on rotation.

If, as a rights holder, you have offered 6 pitch level perimeter boards in agreed positions for the duration of a match, have you hamstrung your ability to utilise the full range of possibilities afforded by LED boards? Again, flexibility is the answer and the inclusion of a clear process for the parties to agree how the new technology could be used.

Virtual reality is a particularly interesting concept as it involves both a product (the headset) and a service (the experience). If the technology involves overlaying broadcasting footage then a licence from the broadcasting rights holder (typically the event or league organiser as these rights are collectively sold) will be needed.

Existing sponsors would certainly want access to this virtual world but the agreement would also need to address how bespoke, customer specific adverts are displayed and the revenue captured. When considered as a product, existing sponsors who are in the tech field would argue that the devices fall within their exclusive product categories so consent from them may be needed. A kit or apparel sponsor would no doubt make the same argument with regard to wearable devices.

New sponsorship deals need to be sufficiently detailed so that these new sponsorship categories are carved out and, particularly in relation to virtual reality, restrictions should be included so that other sponsors’ traditional rights to activate marketing campaigns though “any and all current and future media” excludes virtual reality.

Back to back agreements should also be in place with third party facilitators (such as Snapchat, Facebook, Twitter etc.) so that fan-created content can be commercially exploited. For a Snapchat “Live Story” (such as Real Madrid’s el clasico Live Story mentioned above), Snapchat’s terms and conditions stipulate that the user,

“grants Snapchat and [their] business partners the unrestricted, worldwide, perpetual right and license to use [their] name, likeness, and voice in any and all media and distribution channels (now known or later developed) in connection with any Live Story”.²

This bespoke content is valuable so rights holders will want to ensure that the right to us it is passed down to them. However, notwithstanding having a clear right to use the content, when personal information is collected, data protection laws impose additional obligations that we will now examine.

Data

Where data is collected or where access to a rights holder’s database is granted, sponsors and rights holders will need to be wary of their responsibilities under the Data Protection Act 1998 (DPA). Getting this wrong could mean a fine from the Information Commissioner’s Office, which could be particularly significant under the incoming EU General Data Protection Regulation.

Due to come into force in early 2018, this will create a new EU-wide legislative framework for data protection. Under the draft proposed by the European Parliament, Data Controllers or Data Processors in breach of the Regulation could be faced with fines up to 5% of annual worldwide turnover or €100m, whichever is the greater.

The relevant Personal Data in question could be obtained from information supplied when a ticket was purchased, from logging into stadium WIFI, from a tweet, from a wearable device or from facial recognition software and will likely take the form of names, addresses (digital and physical), and other identifying features such as individuals’ interests, performance data or facial features.

There are a number of obligations imposed on the Data Controller under the DPA (note the 8 principles in particular³) and the associated good practice promoted by the Information Commissioner’s Office, including the following: 

• Personal Data must be processed “fairly and lawfully”.⁴ The key point here is that individuals will generally need to provide consent to the ways in which their Personal Data are used. At the point of collecting data, rights holders should aim to obtain consent from individuals to allow them to share this information with (limited and carefully selected) third parties, which could include sponsors. The data can then be used for marketing purposes in order to maximise the potential value of their data. Most rights holders do this well, but the clarity of the opt-ins / opt-outs could sometimes be improved and issues more frequently arise in relation to older customer databases which do not have the necessary consents. It is also apparent that it may be more difficult to obtain consent with new means of collecting data. Traditional means of collecting data, such as entering an online competition or purchasing a ticket, give an obvious tick box consent option. How will consent be obtained with facial recognition or performance measuring wristbands handed out to fans?
• The rights holder is required to have a contract with the third party governing the transfer of Personal Data. This contract should set out that the third party will only process the relevant Personal Data in accordance with instructions from the Data Controller.⁵ This will typically sit in the sponsorship agreement which will, therefore, need to include clear drafting on the rights and responsibilities of the sponsor in its use of data. Where sponsors or rights holders are using technology under a licence from a third party, they should ensure that the licence agreement appropriately documents their data protection obligations.
  Personal Data should not be transferred to a country outside the European Economic Area (EEA) unless it is to a country which ensures an “adequate level of protection” in relation to the Personal Data in question.⁶ To the extent that rights holders are transferring Personal Data outside the EEA to countries which the European Commission deem not to have an adequate level of protection for Personal Data (perhaps most notably the US), the Data Controller will have to put measures in place to satisfy itself that there is an adequate level of protection in the particular circumstances. Following a recent decision of the Court of Justice of the European Union,⁷ “Safe Harbor”, a mechanism used by many thousands of EU data controllers, has been deemed an invalid framework for ensuring an adequate level of protection for Personal Data shared between the EEA and the US. If a rights holder intends to transfer Personal Data to a sponsor based in the US (or indeed already transfers data to the US under Safe Harbor), this recent development should be carefully considered. At the time of writing, there is strong political will to approve the draft “Privacy Shield” text published by the European Commission on 29 February 2016⁸; this is likely to provide an alternative solution for transatlantic data transfers in the coming months.
• The rights holder should take particular care in the event they collect the Personal Data of children. While there is no simple definition of what constitutes a child under the DPA, it would be good practice for a rights holder to seek parental consent where proportionate in the circumstances. For example, where Personal Data of an individual under the age of 18 is processed and is likely to result in certain events such as making a child’s contact details publically available, or publicising a child’s image on a publically available website, or the use of a child’s contact details for marketing purposes.
• Performance data and facial recognition data may be sensitive data for the purposes of the DPA if it identifies race or matters of physical health and will need to be treated with particular care in line with the DPA.

While the obligations above most obviously bite on the rights holder as Data Controller, brands should remain alert to the limitations under data protection and marketing laws on their activation plans. Brands may collect data themselves through their marketing activities. In this scenario, the brand will be the Data Controller and therefore subject to the requirements of the DPA imposed on Data Controllers. 

There may also be marketing activity where it is less easy to discern which party controls the data. Joint initiatives, such as the release of a title sponsor branded mobile app for a Tournament (an Aegon Championships app for the annual tennis tournament at Queen’s, by way of hypothetical example), demand clarity in user terms and conditions as to who is the chief operator of the app and, therefore, Data Controller and who is entitled to use the information collected. A member of the public may well only see the name Aegon and not consider that the LTA may also wish to contact them, whereas contrarily between Aegon and the LTA it might be clearly understood that the LTA owns the app and data collected through it. 

Clear and transparent mobile app terms are particularly important from a privacy perspective in light of recent attention given to the area by regulators in a number of countries. Practical advice can be drawn from the Information Commissioner’s Office and the Article 29 Data Protection Working Party (the European advisory body on data protection and privacy),⁹ such as ensuring that end-users are provided with clear information in plain language about their privacy rights, and empowering consumers to manage their privacy preferences in real time.

Monitoring marketing practices is on the Information Commissioner’s agenda.¹⁰ From 6 April 2015, the threshold for tackling unsolicited marketing was lowered. Individuals will no longer need to prove that they have suffered “substantial damage and distress” from unsolicited direct marketing in order for the Information Commissioner to take action.¹¹ If a rights holder is to give rights to a sponsor to target individuals within its databases directly, they will need to be able to rely on the fact that the sponsor will only do so in accordance with their instructions. And likewise the sponsor will need to ensure that it acts appropriately.

All of which means data protection should be a mainstream consideration when structuring a modern-day partnership deal.

The rise of the “E ambusher”

The volume of literature written on ambush marketing could fill Wembley and this section does not seek to add to it. Instead, we simply seek to outline how, in keeping with increasingly tech savvy official sponsors and rights holders, unofficial sponsors are moving their activities online.

Keen observers will have noted that neither the FIFA World Cup 2014 nor the Rugby World Cup 2015 saw any major cases of in-stadia ambushing. This was particularly notable at the Rugby World Cup 2015 where, unlike the London 2012 Olympics,¹² no event specific legislation was passed to give additional protection to rights holders.

Previous major global events have seen numerous examples of unofficial sponsors activating campaigns in stadia, such as Bavaria beer’s infamous use of a group of women in orange dresses at Johannesburg’s Soccer City stadium for the World Cup 2010. It seems event organisers have learnt their lessons and are becoming increasingly savvy in being able to deliver on their promises of providing clean stadia for their commercial partners.

This means the fight has moved online. At the Rugby World Cup, O2 #weartherose, Samsung #schoolofrugby and Lucozade #onlyforthehomenations are good examples of unofficial sponsors who drew associations with the tournament (or at least the sport of rugby itself and participating teams/players) through their wider marketing campaigns in mainstream and digital media.

And who can forget Chris Robshaw’s unabashed confidence in a Beats by Dr Dre advert before the start of Rugby World Cup – “We always back ourselves at home” – as part of Beats’ ‘The Games Starts Here’ campaign, which went viral after England’s untimely exit, registering 7,500,000 views? Was this pure luck or the work of an astute Welsh marketing director?

With regard to the enforcement of intellectual property rights, the traditional approach of a rights holder enforcing its registered trade marks is also less effective in the online realm. Firstly, Twitter effectively shields an infringer from any direct line of communication with a trade mark proprietor who may wish to enforce their rights against them. Enforcement will be difficult for a trade mark proprietor to achieve without details of the infringer’s service address or alternatively an order of the court permitting service by alternative means.

Secondly, the need for an ambusher to use a registered trade mark is significantly reduced by the real time contemporaneous publication of the tweet. For example, Snickers tweeted immediately after striker Luis Suarez bit Giorgio Chiellini “@luis16suarez. Next time you're hungry just grab a Snickers.” Using the same method, after the lights went out at the Super Bowl, Oreo Cookie tweeted “Power out? No problem. You can still dunk in the dark”. These campaigns work extremely well as they are quick, witty responses to major events. There is no need to risk using a registered trade mark (or create an association with the event¹³) because the target audience will know implicitly the context of the tweet.

It may be that in future the term “ambush marketing” is used less frequently to describe the online campaigns noted above. It is perfectly normal for a sports brand, for example, to want to associate itself with interest in a major sporting event. If this is done within the realms of applicable laws and regulations via teams, players or other properties supported by that brand, there seems to be a growing acceptance that this should be considered to be permissible advertising, rather than ambushing.

Advertising Codes

While raising brand profile online offers unique opportunities, brands should be wary that they are operating in a regulated environment and that they should still comply with consumer protection, intellectual property and advertising laws and codes of practice.

In October this year, the Advertising Standards Authority (“ASA”) (the UK’s independent advertising regulator) made three rulings against bookmakers which serve as a timely reminder that the CAP Code applies to online content in the same way as it does print and other media. In these cases, three online bookmakers used images of American golfer Jordan Spieth in various tweets, which because of his age, were in breach of the CAP Code.¹⁴

The CAP Code requires that “marketing communications must be obviously identifiable as such” and “make clear that advertorials are marketing communications”.¹⁵ The ASA has taken a robust approach to the interpretation of these rules (see below). Therefore, where a sponsor is using a sports person’s twitter account to advertise a product, it should be made clear, such as through the use of #ad, that it is in fact an advertisement.

This was aptly demonstrated in a non-sporting context by the following two tweets posted from Gemma Collins' (a reality television star) Twitter account promoting Toni and Guy, Lakeside:

"In @Toniandguylside having such a wonderful time defo got my hair back to good condition 10% off call today and quote #gemma x" and "10% off @Toniandguylside I have the most amazeballs hair colour and condition best salon ever call and say #gemma for discount xx".

The ASA considered that the average Twitter user would follow a number of people and receive a number of tweets each day, which might only be read in superficial detail. In the absence of an identifier such as #ad, it was, therefore, not satisfied that the tweets were obviously identifiable as Toni and Guy marketing communications and ruled them in breach of the CAP code.¹⁶

Final Thoughts

The trends noted above are part of a wider theme of brands being smarter and more innovative in how they use technology and information to target consumers in their sponsorship activation. In, and around an event, brands have a choice whether to do to this as an official or unofficial sponsor. Former Google chief executive, Eric Schmidt, said in 2011 that mobile devices will "do things we haven't begun to think of".¹⁷ With these advances (along with those in the wider tech market), new opportunities will arise for sponsors to continue to challenge traditional approaches.

This is an extract from the ‘Commercial & IP Rights’ Chapter of the Sports Law Yearbook 2015/16 - UK, Ireland and EU, an eBook publication by LawInSport & British Association for Sport and Law.

The Yearbook reviews developing sports law trends in the UK, Ireland and Europe. It contains legal commentary and analysis from over 50 leading sports lawyers and will be of use to students, academics, athletes, coaches, the media, sports business professionals, in-house counsel and lawyers worldwide.

The Yearbook can be downloaded for free by all LawInSport Plus members with an annual subscription. To enjoy all the perks of being a LawInSport Plus member, please register here.

• 2015 Rugby World Cup Advertising Standards Agency (ASA) CAP Code Contract Law Cycling Data Data Protection Act 1998 England EU General Data Protection Regulation European Commission European Economic Area (EEA) FIFA World Cup Football Information Commissioners Office (ICO) London 2012 Olympic Olympic Games Rio de Janeiro 2016 Rugby Rugby World Cup Social Media Spain Sponsorship United Kingdom (UK) United States of America (USA)