Visual Commerce Permissions: Don’t Shoot First and Ask Questions Later

70% of marketers are planning to increase their use of visual content on their eCommerce sites this year, and more than 75 million people use photo sharing platforms like Instagram on a daily basis. In the face of data like this, it would be absurd to shy away from using customer photos in your marketing strategies.

Yet incorporating user photos into your visual commerce strategy may seem difficult, since your company will be repurposing content generated by your customers and their friends. Don’t be worried, though: we’re here to guide you through the best practices for acquiring permissions for public images on social media!

Rights management is a hot issue at the moment. You may have heard about the actress Katherine Heigl suing the drug store chain Duane Reade for tweeting a photo of her leaving one of their stores. More recently, the artist Richard Prince came under fire for selling prints of other people’s Instagram photos for nearly $100,000 per piece. As a marketer, these news items probably sound concerning, but how do they pertain to you? They bring up the ideas of implicit and explicit permissions, which are rights management terms that are applicable to every business enterprise, from art world superstars to electronics retailers. 

Implicit Permissions

Implicit permissions operate under the assumption that by using your brand’s hashtag, customers consent to your brand reusing their photos. Here are the steps you need to take to use them. The upside, though, of implicit permissions is that they usually facilitate a faster initial process, but their downside is that their management can take up time and resources later on. 

  1. State your terms: Your brand should clearly state your intentions with regard to reusing user photos in your “Terms and Conditions” section of your website. This can be tricky, because not everyone who uses your hashtag has visited your website to read your legal disclosures, and it’s possible that some people won’t even know to what they’re consenting.
  2. Keep images online: Because of the greater ambiguity of implicit permissions, it is not a best practice to download photos obtained with implicit permissions and then to re-upload them onto your servers. It’s much more acceptable to let those images live on your website as links out to Instagram or to whichever other social media site they were uploaded, because implicit permissions only last as long as the photo is available from the original source.
  3. Keep up with users: If a user takes an image down, a company will have to remove the photo too. This is not too much of a problem for live links on the web, since visual commerce software usually contains a way to poll images and ensure that they’re still online. However, this is a much more convoluted process if the images are being used elsewhere, such as in an email or in a printed-out poster. Because permissions cannot be constantly verified in those contexts, we strongly recommend that companies only use photos with implicit permissions online.

Explicit Permissions

Conversely, there are explicit permissions, which dictate that a company outright asks a user before reusing their photo. We recommend using explicit permissions in order to give your customers a very clearly defined message about your rights management policies. Here is the typical user flow for this process:

  • 1: Select the photos you want to use: You can either do this manually or through a curation dashboard, if you’re using visual commerce software.
  • 2: Comment to ask for permission: Certain social commerce software vendors allow you to comment asking for permission directly from your dashboard. If you don’t have an automated process, however, this dimension of explicit permissions can be frustrating and time-consuming. There are two best practices for commenting, depending on which social network you’re using:
    • Instagram prefers that you not write the same general comment on every photo, and instead vary or customize your comments so they don’t seem like spam.
    • Twitter photo permissions requests should include a shortened link to your terms and conditions.
An example of a dashboard that allows you to request permissions through Instagram.

An example of a dashboard that allows you to request permissions through Instagram or other third-party photo sources.

  • 3: User replies: Those who consent will then post some variant of, “#yesbrandX.” The affirmative hashtag is unique to the brand and then can be automatically pulled into the pool of images.
An Instagram user confirms that you may use their photo.

An Instagram user confirms that you may use their photo.

  • 4: Use the photos practically anywhere: The great advantage of having explicit permissions is that they give you the ability to host the images on your own servers and have limited restrictions on what you can do with them. Generally the “terms of use” document on your website covers the extent to what you can do with user data including user pictures.  Consequently, you won’t need to worry about whether or not users take their photos down. 
Some social commerce software products will provide you with a complete history of permissions, or what we call a curation audit trail.

Some social commerce software products will provide you with a complete history of permissions, or what we call a curation audit trail.


COPPA stands for the Chlidren’s Online Privacy Protection Act, which was enacted by the US federal government in 1998. For Visual Commerce purposes, the following excerpt from COPPA’s FAQ section is important:

“The Rule requires operators to make reasonable efforts, taking into account available technology, to ensure that a parent of a child receives direct notice of the operator’s practices with regard to the collection, use, or disclosure of personal information from children, including notice of any material changes to practices to which the parent previously consented…

The amended Rule considers photos, videos, and audio recordings that contain a child’s image or voice to be personal information.  This means that operators covered by COPPA must either (i) prescreen and delete from children’s submissions any photos, videos, or audio recordings of themselves or other children or (ii), first give parents notice and obtain their consent prior to permitting children to upload any photos, videos, or audio recordings of themselves or other children.”

In short, this means that your company must explicitly state its privacy policy with regards to children under 13, which is something your lawyers have hopefully already told you. Beyond this, if you want to use a photo of a child, it is in your company’s best interest to obtain explicit permission from the parent. While some companies get away with implicit permissions, they’ve come under fire for doing so. If you want to really simplify things, then just abstain from using images of children in your Visual Commerce displays.

If you keep these best practices in mind, you should have no issues implementing visual commerce for your ecommerce or omni-channel shop. After all, consumers love authenticity and engaging with brands, especially when those brands treat them with the utmost respect.



Related Posts

Submit a Comment:

Your email address will not be published. Required fields are marked *

Contact Us

Request Demo

What are you interested in?

[White Paper]
[White Paper]