As with any hot new web site or service, issues seem to crop up all over the place.  Now it’s image copyright issues with Pinterest.  We had similar issues with Facebook in the past (read here and here and here)

Today, I had SandwichINK, one of my followers, contact me via Twitter regarding an article on how your business could get sued using Pinterest.

So I go over and read the Boston Business Journal article.  The gist is they are concerned that if you share any images, you could get sued; because of terminology in Pinterest’s Terms of Service where they state they can sell your content.  Specifically they are referring to this paragraph on the Terms of Service page:

Member Content

We may, in our sole discretion, permit Members to post, upload, publish, submit or transmit Member Content. By making available any Member Content through the Site, Application or Services, you hereby grant to Cold Brew Labs a worldwide, irrevocable, perpetual, non-exclusive, transferable, royalty-free license, with the right to sublicense, to use, copy, adapt, modify, distribute, license, sell, transfer, publicly display, publicly perform, transmit, stream, broadcast, access, view, and otherwise exploit such Member Content only on, through or by means of the Site, Application or Services. Cold Brew Labs does not claim any ownership rights in any such Member Content and nothing in these Terms will be deemed to restrict any rights that you may have to use and exploit any such Member Content.

The Boston Business Journal did not quote the very last sentence in the above paragraph which states that Cold Brew Labs doesn’t claim ownership right, nor restrict rights we have to use Member Content.

I view the above Terms of Service quote to mean because we are adding content to the Pinterest web site, they have the right to backup and store those images, they have the right to use them within their service or software to make them available for everyone to see on their site.  Should stand to reason we are using their site to do this, that means we’re utilizing their software to make these images publicly visible, and would have to make copies and/or backup the site.  So they are storing the images to some capacity.

Note this segment of the above TOS:  ”…Member Content only on, through or by means of the Site, Application or Services.”  I view this to mean exactly what I just said above, because we’re using their service, they may have to make copies of the images as part of providing us use of their site and service.

As I state in the video above, if you visit a web site, and they have social sharing buttons on the site – you can share the content.  That’s the whole purpose of having those buttons.  Sharing does not constitute you claiming ownership.

If you read Pinterest’s own What is Pinterest? page, it specifically states:

“Pinterest lets you organize and share all the beautiful things you find on the web. People use pinboards to plan their weddings, decorate their homes, and organize their favorite recipes.”  *(emphasis mine)

Pinterest was designed and created for you to share pictures of things you find on web sites and to pin them to boards on their site to share with others.  It says nothing about you having to have created those images yourself; or that by sharing you are stating the images are yours.

Pinterest’s Copyright Policy clearly states they respect intellectual property rights; and will respond if copyright violations are reported to them.  As they should!

But again, I state:  sharing images via pinning is no different than sharing a site link via Digg, Stumbleupon or any other social sharing.

If, however, you are sharing your own blog posts or web pages, and you are using images on those posts/pages that you do not have permission to use, and you are pinning those images on Pinterest, yep – you could get into trouble.

You could get into trouble just for using them on your site without permission; pinning them to Pinterest could simply get you caught quicker/easier.  Just make sure you have permission to use any images you are inserting into your own site content, before you use it and ultimately pin it.

If you are a member of a membership site, or any site you have to log into with a password to gain access to the content, do not share any of the content!  It would be considered proprietary or intellectual property and obviously is for paid members only.  That’s just common sense.

I am quite sure we’ve not heard the last of this.  Until then, continuing pinning. Be mindful of images you use on your site and make sure you have permission to do so.  Then all is good.

To YOUR Success,

If you are not technically inclined… would you pay a small monthly fee ($10 per month or less) to be able to view tech training videos AND ask tech questions to have a specific training video made to show you how to do it?

(Tech = anything to do with web sites, blogs, autoresponders, hosting, domain names, plugins, etc….)

Just last week I spoke at Kelly McCausey’s Hot Seminar Series about WordPress security and the need to keep your sites up to date, remove unused plugins, themes, etc…  I shared lots of great tips on how to protect your WordPress sites from being hacked.

Then, just two days after I spoke, my husband mentioned that my old web design site had some ‘issues’.  There were odd looking characters in the page titles; and remembering back, a client had contacted me end of last year telling me the same thing. I just upgraded the site, so assumed it was an incompatibility within either the theme or the plugins.  Since I do not actively do business via that site (and I was really busy), I didn’t stop to go have a look.

My mistake.

When I logged in the dashboard to see where those odd characters were coming from, I deleted those and then thought to have a look at the html coding within the page; WOW! hidden backlinks had been inserted to porn sites and all sorts of things.

Ugh! Had I only discovered this before my talk, I could have done a video on what I found and shared it. Learn from my mistakes, so you don’t have to go through the pain of dealing with it.

Ultimately, because this site is not actively used; I chose to first, change my password; then to delete all the posts and pages, and put up a minimal notice on the site for those older clients of mine who still contact me. Most know to email me, and don’ t go through the site, but still…. needed to address this issue.

So how did I get hacked?

I’m not sure I’ll ever know for sure, but my site was running WordPress version 2.8 – so not the latest version; but not horribly out of date. I did update the site periodically.

But this is a perfect example of why you need to keep up with what’s going on with your sites. If you’re like me, you have many, many sites, and it can be time consuming to go to everyone to up date them; but it’s necessary.

So if you have a niche website that you’ve setup and it’s either bringing in money and in ‘auto mode’; or you are letting it sit and age or for whatever reason – and you are not regularly logging into your WordPress dashboard, then take heed and go right now and make sure all your web sites are up to date and nothing funky is going on.

My active sites that I have, are always kept up to date, as I’m in there a lot; but I do have a few that I have setup, but for a variety of reasons, haven’t been to in awhile… they too will be getting checked.

This was a stealth hack – there wasn’t any obvious issues, other than the weird characters in the titles. My home page wasn’t hijacked redirecting site visitors to another site or anything like that. They inserted their code for hidden backlinks directly within posts and pages.

So learn from my experience; go right now today, and do these things to protect your web sites from being hacked.

Hack Prevention Action Steps

1. Change your password.  This is critically important! I started using Roboform a few months ago. I absolutely love it, as I can use really long, difficult passwords and it stores those securely for me.
2. Remove any themes and plugins that you are not actively using. If you want to log into your site via FTP and download those to save them to your computer for future use – that’s fine; but then delete every single one that you do not have activated and are not using.
3. Update your WordPress installation to the latest version. I highly recommend using the WP Automatic Upgrade Plugin to make this process complete. It will do all the required steps for you (i.e. backing up your files and database, downloading the latest WordPress version, deactivating plugins, puts the site in maintenance mode, installs/upgrades, reactivates plugins and removes site from maintenance mode). The built-in upgrade function within WordPress will upgrade your installation to the latest version, but even it fails to do all the steps that WordPress themselves recommends when upgrading your site.  I have no clue why they would offer a built-in function that doesn’t do everything it should – so get the WP Automatic Upgrade plugin and problems solved.
4. Upgrade any plugins and your WordPress theme, if an update is available. After you’ve upgraded your WordPress install to version 3+, you’ll find the Updates area under the Dashboard tab in the left column. Click that to see if you have any plugins and/or themes that need upgrading. Yep, the 3+ version of WordPress will upgrade your plugins and your themes! Sa-weet!
5. One final bit of advice:  check the Users that are registered for your site to make sure that there are no questionable users registered. I personally have the registration feature turned off on my blogs, so no one can register. I do know that on my hacked blog, at one time, I did have that feature turned on and I saw several user accounts listed and that could have been one possibly way they gained access to my site. (I deleted all user accounts except for my own). So if you do not have need of folks registering on your site, then turn off that function within your settings and thoroughly check any registered user accounts for your blog, paying particular attention to what their permission/user level settings are.

That’s it. Again, I’m clearly not perfect and let one of my sites slip into dormant status and the result was I left it open and vulnerable and a hacker got in. So when I talk about WordPress security, and the steps needed to protect your blog, you know that I have first-hand experience.

To YOUR Success,

Traci

P.S.Have you ever had your blog hacked? What did you have to do to fix it?