Create FPF "Brand Use & Trademark Policy" document that SD's BUG can point back to

[ninavizz]

Problem

Today there is neither a creative guide to govern how others choose to incorporate the SecureDrop brand into co-branded or standalone artifacts, nor a legal/licensing guide to hold folks accountable for how they use the SD brand & associated trademark(s).

History

In 2019 David began drafting a BUG that seemed to derive from a Trademark Use Guide—as Trevor had secured a lawyer to guide that process. While accountability does need to be a component of a Brand Use Guide, the audience and use of the guide needs to be considered—and creatives operate on goodwill, and how usably/clearly a guide can navigate their use of branded components.

While it may seem counter-intuitive and like more work to create a separate guide, it would honor the creative process and likely user journey of a BUG artifact—which would provide folks with a better experience to use the SD brand within expected compliance guidelines, without getting drawn-down into the legal mud of licensing (that, sorry, creatives just don't care about).

Solution

First, the SD BUG needs to be drafted per #119. Then, a lawyer should be engaged to draft a mostly text-based Trademark Use Guide that points back to the SD BUG as-needed. A BUG should also be drafted for USPFT imho, and an FPF BUTP should cover all FPF governed trademarks—of which SD and USPFT are two (and other retired brands such as Haven, are potentially also covered?).

EFF has a great separation between a BUG and BUTP, and it is my own advisement that FPF follow with how it fulfills the dual need of creative folks getting what they need, and a related document for use in accountability needs or preflight checks for compliance. Yes, it is natural for developers to care about licensing. Not so much, for creatives.

Per the EFF's example above, then, it's my own recommendation that FPF create a Brand Use Trademark Policy page that would live on the FPF website, and a SecureDrop Brand Use Guide that would live on the SD website—but point back to the FPF site's BUTP.

From the BUG ticket:

It is expected that the user journey will begin with "My organization needs to use the SD brand." From there, they need to reference a BUG to generate ideas and to guide solutions. Once they have some solutions in mind, then they should check a Trademark Guideline to ensure compliance. Those processes need to be sequential, not in-parallel, or details will get missed and the goals with both artifacts will be lost. Which is just a reality of how the human brain works.