Getty Images Holdings (GETY) Risk Analysis

We own trademark registrations and applications for the name "Getty Images." We use "Getty Images" as a corporate identity, as do certain of our subsidiaries. We refer to these trademark registrations and trademark applications as the "Getty Images Trademarks." Pursuant to the Restated Option Agreement (as defined below) and the Fourth Amendment to the Restated Option Agreement, in the event that one or more third parties not affiliated with Getty Investments acquire a controlling interest in us, for so long as Getty Investments, Mark Getty, The October 1993 Trust and The Options Settlement (collectively, the "Getty Family Stockholders") (together with their respective successors and any permitted transferees) beneficially own more than 27,500,000 shares of Class A common stock (the "Ownership Threshold"), Getty Investments has the option to acquire, for a nominal sum, all rights to the Getty Images Trademarks. If the Getty Family Stockholders (together with their respective successors and any permitted transferees) fall below the Ownership Threshold, their option referred to herein will terminate. After an exercise of the option, we would be permitted to continue to use the Getty Images Trademarks for 24 months, and thereafter we would have to cease such use. Getty Investments may also exercise the option if we cease all use of the Getty Images Trademarks. We may not sell, transfer or encumber the Getty Images Trademarks, or any interest therein, without the prior written consent of Getty Investments. In addition, we may not use the Getty Images Trademarks for any direct-to-consumer sales beyond an incidental and limited level. The loss of rights to the Getty Images Trademarks could have a material adverse effect on our business, results of operations and financial condition.

To remain competitive, we must continue to add substantial quantities of the most relevant content desired by our customers. Our ability to ingest such content is directly related to the ease of access, sophistication, protections and reliability of the technology relating to our ingestion tools. Our failure to address deficiencies could result in a decrease or inability to ingest enough new content, thereby causing customers to seek other sources, which could materially and adversely affect our results of operations and financial condition. Even if we can ingest sufficient new content, we must also add new functionality and features to our websites to allow customers to search for the relevant content we offer. A significant component of our technology strategy is the improvement of the compatibility of our websites with third-party search engines that direct traffic to our site and, specifically, to content that reflects searched key words. The search algorithms developed by third-party search engines are typically not publicly known and are subject to unanticipated changes, which could significantly affect the number of new customers we attract to our sites. In addition, we continually seek to improve search functions within our site to enable customers to locate the most relevant and appropriate content for their particular use. If we do not address any current or future deficiencies with respect to potential or existing customers' ability to search for content on the internet or on our websites, we may be unsuccessful in acquiring and retaining customers and ultimately licensing the most relevant content, which could materially and adversely affect our results of operations and financial condition. In addition, the expansion and improvement of our systems and websites may require us to commit substantial financial, operational and technical resources, with no assurance that our business will improve.

Existing or future laws and other regulations that may materially affect our business include, but are not limited to, those that govern or restrict: - privacy and biometric issues and data collection, processing, retention and transmission;- data and cybersecurity;- subscriptions practices, including automatic contract or subscription renewal, billing and cancellation;- credit card fraud and processing;- consumer protection;- advertising, marketing and sales of our content and services;- pricing and taxation of goods and services offered over the internet;- website content, or the manner in which products and services may be offered, paid for and/or marketed over the internet;- sources of liability for companies involved in internet services or e-commerce;- piracy and intellectual property rights;- the development of AI models, including training data;- use of AI generated content;- internet neutrality and internet access;- controls on overseas suppliers and other similar anti-terrorism controls, anti-bribery and anti-corruption conduct and policies; and - outsourcing, contracting and employment. For example, we are subject to numerous laws and regulations at the international and United States national and state level, including the following: - The United States Foreign Corrupt Practices Act and the U.K. Anti-Bribery Act (and similar global legislation), which prohibits corporations and individuals from engaging in specified activities to obtain or retain business or to influence a person working in an official capacity. Under these acts, it is generally illegal to pay, offer to pay, or authorize the payment of anything of value to any foreign government official, government staff member, political party, or political candidate in an attempt to obtain or retain business, or to otherwise influence a person working in an official capacity. - The U.K. Modern Slavery Act, which prohibits corporations and individuals from engaging in the trafficking of or facilitation of trafficking of humans. Under this Act, it is illegal to engage in or do business with any individual or entity that engages in such trafficking and obligates companies and individuals to put in place appropriate controls to mitigate against such risks. - OFAC regulations, under which all U.S. individuals and businesses are prohibited from engaging in transactions with countries subject to comprehensive trade embargoes (such as Cuba and Iran) unless a specific exemption from the regulations exists (such as those for information, all materials and people-to-people exchanges) or a license is obtained from OFAC. Transactions with persons, groups or entities designated as terrorists or as their supporters or associates are also prohibited. A list of Specially Designated Nationals consisting of "drug kingpins," terrorists and others considered a danger to the United States, is maintained by the Treasury Department's Office of Foreign Assets Control. Known as the "OFAC List," it contains over 5,000 names and is updated often. No U.S. person, individual or business in the United States, or, in some instances, the foreign subsidiaries of U.S. companies, may conduct any kind of business with anyone on the OFAC List, and companies are expected to keep track of all changes to this list. Penalties for violations of these rules can be severe, including having the violator's assets frozen or forfeited and up to $250,000 or twice the transaction value per violation in fines. - The CCPA, CPA, CTDPA, FDBR, MTCDPA, OCPA, TDPSA, UCPA, VACDPA, DPDPA, ICDPA, NDPA,NHDPA, NJDPA, TIPA, MCDPA, MODPA, INCDPA, KCDPA, and RIDTPPA each regulate the collection and processing of personal data of residents of their respective state, and grant such residents certain rights in connection with such collection and processing. - The BIPA regulates the collection, use, safeguarding, and storage of "biometric identifiers" by private entities. While the statute specifically excludes photographs from its scope to date there has been no dispositive judicial interpretation of that language. - The H.B. 1493, which oversees the collection, use and storage of "biometric identifiers," which include fingerprints, voiceprints, eye retinas, irises and other unique biological identifiers or characteristics used to identify a specific individual, while specifically excluding photographs from its scope. - The CUBI regulates the capture, receipt, possession, sharing and retention of "biometric identifiers," which include retina or iris scans, fingerprints, voiceprints, or records of hand or face geometry. - Several foreign jurisdictions and U.S. states have adopted, and other jurisdictions are expected to enact, statutes that regulate the collection, use, transmission and storage of personal data and require reporting certain breaches of the security of personal data. - Several jurisdictions, including the United Kingdom and the United States, are in the process of adopting or reforming or expected to adopt or reform legislation that impacts the content we distribute, including the E.U. Copyright Directive, the Copyright Act, the Digital Millennium Copyright Act, and various statutes and regulations impacting rights of publicity for those depicted in imagery. - Several foreign jurisdictions and U.S. states have adopted, and other jurisdictions are expected to enact, statutes that purport to void or substantially limit automatic renewal provisions of certain free or discounted trial incentives. - Several jurisdictions have adopted, and other jurisdictions are expected to enact legislation or regulation, that governs AI and the development and use of AI, including the E.U. adopting the E.U. AI Act and U.S. states, including Colorado and California, adopting laws, rules and regulations directly relating to the use of AI or extending the application of existing laws, rules and regulations to AI systems and outputs. We currently license content to customers in virtually every country in the world, excluding Sanctioned Countries, and the different laws that apply in each of those foreign countries may be more or less restrictive than those that apply to companies operating solely within the United States, creating tension in compliance obligations across borders. The adoption, modification or interpretation of laws or regulations in any of these countries relating to our business could adversely affect the manner in which we conduct our business or the overall popularity or growth in use of the internet. Further, the current legislative and regulatory landscape regarding the regulation of the internet is subject to uncertainty. For example, the position of the Federal Communications Commission ("FCC") on so-called " net neutrality" has changed in successive administrations. Net neutrality policies attempt to prevent internet service providers from blocking certain content, slowing down specific sites, or charging companies to make their websites load faster. Most recently, net neutrality regulations promulgated by the Biden Administration were struck down by the U.S. Court of Appeals for the Sixth Circuit, which held that FCC lacked authority to regulate the internet like a public utility. California and Washington have enacted net neutrality laws, and other states like New Jersey and New York have guidelines that can influence the conduct of internet service providers to varying degrees. We cannot predict the actions the FCC may take, whether any new FCC order or state initiatives regulating providers will be modified, overturned, or vacated by legal action, federal legislation, or the FCC itself, or the degree to which further regulatory action - or inaction - may adversely affect our business. Users who access our marketplace through devices such as smart phones, laptops, and tablet computers must have a high-speed internet connection, such as Wi-Fi, 3G, 4G, or 5G to use our services. Currently, this access is provided by telecommunications companies and internet access service providers that have significant and increasing market power in the broadband and internet access marketplace. If the repeal of net neutrality remains in effect, these providers could take measures that affect their customers' ability to use our products and services, such as degrading the quality of the data packets we transmit over their lines, giving our packets low priority, giving other packets higher priority than ours, blocking our packets entirely, or attempting to charge their customers more for using our products and services. To the extent that internet service providers implement usage-based pricing, including meaningful bandwidth caps, or otherwise try to monetize access to their networks, we could incur greater operating expenses and customer acquisition and retention could be negatively impacted. Furthermore, to the extent network operators were to create tiers of internet access service and either charge us or their customers for availability of our services through these tiers, our business could be negatively impacted. In addition, the rapid growth of the internet and the proliferation in the use of content therein has created tensions and instability in the application of traditional intellectual property law concepts to such uses. Recently, the E.U. has introduced a new regulation applicable to certain types of AI and the data used to train, test and deploy AI (the "E.U. AI Act"). The E.U. AI Act entered into force in August 2024, and its requirements will become effective on a staggered basis, with the majority of its provisions being implemented by August 2, 2026. The E.U. AI Act will impose material requirements on both the providers and deployers of AI, with infringement punishable by sanctions of up to 7% of annual worldwide turnover or €35 million (whichever is higher) for the most serious breaches. In the United States, at the federal level, government agencies, bureaus, and offices are publishing guidelines and rules regarding the application of their authority to regulate AI tools. At the U.S. state level, states such as California, Colorado, Utah, and Tennessee (among others) have enacted laws regulating aspects of AI tools. The scope, interpretation, and standards of enforcement of the laws that are or may be applicable to us are often uncertain and may be conflicting, particularly with respect to foreign laws. As a result, it is not possible to predict all of the legal, operational or technological risks related to the use of AI tools. Such uncertainty in the legal regulatory regime relating to AI tools, such as evolving review by agencies including the SEC and the U.S. Federal Trade Commission (as well as regulators abroad), may require significant resources to modify and maintain business practices to comply with U.S. and non-U.S. laws and regulations, the nature of which cannot be determined at this time. Compliance with new regulations or legislation or new interpretations of existing regulations or legislation could cause us to incur additional expenses, lose the ability to transact business in the way we have historically done or, make it more difficult to renew subscriptions automatically, make it more difficult to attract new customers or otherwise require us to alter our business model, or cause us to divert resources and funds to address government or private investigatory or adversarial proceedings. Any of these outcomes could have a material adverse effect on our business, financial condition or results of operations.

From time to time, we may become subject to various legal and regulatory proceedings relating to our business or otherwise. For example, see the discussion of lawsuits brought against us by former warrant holders of the Company and other litigation in "Note 11 - Commitments and Contingencies" of the notes to the financial statements and "Item 7. Management's Discussion and Analysis of Financial and Results of Operations – Liquidity and Capital Resources". Due to the inherent uncertainties of litigation and regulatory proceedings, we cannot determine with certainty the ultimate outcome of any such litigation or proceedings. If the final resolution of any such litigation or proceedings is unfavorable, our financial condition, results of operations and cash flows could be materially affected.

Our future success depends in large part upon the continued service of the members of our executive management team and key employees. All members of our executive management team are subject to employment agreements. In addition, our success also depends on our ability to attract and retain qualified technical, sales and marketing, customer support, financial and accounting, legal and other managerial personnel, as well as high quality photographers for our product line covering entertainment, sports and news ("Editorial"). The competition for skilled personnel in the industries in which we operate is intense. Our personnel generally may terminate their employment at any time for any reason. We may incur significant costs to attract and retain highly skilled personnel, and we may lose new employees to our competitors before we realize the benefit of our investment in recruiting them. As we move into new geographies, we will need to attract and recruit skilled personnel across functional areas. Some of our employees in Brazil, Germany, France, Italy, and Spain are subject to collective bargaining agreements and employees in other jurisdictions may unionize. If we fail to attract new personnel or if we suffer increases in costs or business operations interruptions as a result of a labor dispute, or fail to retain and motivate our current personnel, we might not be able to operate our businesses effectively or efficiently, serve our customers properly or maintain the quality of our content and services.

We rely on independent third parties to provide certain services for our Company. The state of the law regarding independent contractor status varies from jurisdiction to jurisdiction and is subject to change based on court decisions and regulation. For example, on April 30, 2018, the California Supreme Court adopted a new standard for determining whether a company "employs" or is the "employer" for purposes of the California Wage Orders in its decision in the Dynamex Operations West, Inc. v. Superior Court case. This standard was expanded and codified in California via Assembly Bill 5, and became effective as of January 1, 2020. The Dynamex decision and Assembly Bill 5 altered the analysis of whether an individual, who is classified by a hiring entity as an independent contractor in California, has been properly classified as an independent contractor. Assembly Bill 5 was amended to include exclusions for photographers, videographers and editors where specific requirements are met. In addition, independent workers have been the subject of widespread national discussion and it is possible that other jurisdictions may enact laws similar to Assembly Bill 5 or that otherwise impact our business and our relationships with independent third parties. As a result, there is significant uncertainty regarding the future of the worker classification regulatory landscape. From time to time, we may be involved in lawsuits and claims that assert that certain independent contractors should be classified as our employees. Adverse determinations regarding the status of any of our independent contractors could, among other things, entitle such individuals to the reimbursement of certain expenses and to the benefit of wage-and-hour laws, and could result in the Company being liable for income taxes, employment, social security, and withholding taxes and benefits for such individuals. Any such adverse determination could result in a material reduction of the number of subcontractors we can use for our business or significantly increase our costs to serve our customers, which could adversely affect our business, financial condition and results of operations.

More than a majority of our revenue is derived from customers who have licensed content from us in the past. We are also increasingly seeing the mix of revenue shift to committed revenues from annual subscription products. We must ensure that existing customers remain active customers and that we are successful in renewing our committed content agreements, including Premium Access agreements and iStock annual subscriptions. Our future performance largely depends on our ability to attract new and retain existing customers. We employ various customer experience, content, marketing and pricing strategies to incentivize customers to seek and use our content. Our customer experience strategies may be unsuccessful, due to lack of available and desirable content, the depth and breadth of our current and future product offerings, lack of differentiated content, a decline or failure in the quality and accuracy of our search algorithms, the features and functionality of our websites, payment systems and effectiveness of our sales support. As new and emerging platforms and content distribution systems continue to emerge, including but not limited to generative AI generated content and services powered by generative AI, including open-source generative AI, our customers may no longer want to source content from distributors such as us. In addition, our marketing strategies may not attract new customers, our content strategies may not attract relevant content from a suitably diverse network of suppliers and our pricing strategies may discourage purchases. To the extent that we are unable to attract new customers, our costs to acquire and retain customers increase, or our existing customers do not continue to license content from us for these or any other reasons, our results of operations and financial condition could be materially and adversely affected.