When people launch websites, they usually think about technology, marketing, and financials, but they rarely give much consideration to potential legal issues… and that can cause serious problems!
In this post, I’m going to discuss a few of the key legal issues affecting websites. I’ll discuss mainly US law, with a few comparisons to other countries. The purpose of this post is to alert you to issues that you should consider.
I am not a lawyer and I am not offering legal advice, so you should discuss these issues with an attorney specializing in Internet law, or cyberlaw. Note that this body of law is made up of specific legislation, as well as precedents set by judges attempting to adapt and apply existing law to the Internet. As such, it is changing rapidly, and there are many gray areas.
A trademark is a collection of words or symbols that uniquely identifies the source of goods or services. For example, when we talk about Kodak® film, we are identifying the Kodak brand as the source of the film.
In the United States, trademark rights are acquired through using the mark in commerce. Additional rights are secured by registering the mark with the US Patent and Trademark Office, but that is not required. The point here is that there are literally tens of millions of trademarks, registered and unregistered, in use in the US alone. When you launch your website, there is a good chance that you might be conflicting with someone’s trademark.
That’s why, before investing in a domain name and marketing for your brand, you should contact an attorney to conduct a trademark search. You can do a very basic trademark search yourself by using the search feature on the USPTO website, and also using Internet search engines to find unregistered brands. But if you are serious about building your business, you should invest in a professional search, rather than risk a lawsuit just as your site starts to take off.
You should also discuss the merits of registering your trademark, in the US and possibly other countries. (Each country has its own trademark registration process.)
When you create original content for your website, it is automatically protected by copyright law. You can strengthen those rights by registering your copyright with the US Copyright Office, but that is not necessary to secure your basic rights. Unlike trademarks, copyright protection is worldwide; you don’t need to register your copyright in each country. If you are operating a content-rich website, you should be familiar with the basics of copyright law. You should also conduct periodic searches for violations, in order to protect your rights.
Bear in mind that copyright protection also protects other websites. Material that you find on the Internet is protected by copyright (with some exceptions that we won’t discuss here). You can’t simply copy someone else’s work because you “found it on the Internet.”
Your website may allow 3rd parties to post content, in the form of a social network, a discussion forum, comments, or ratings and reviews. If a user posts something on your site that violates copyrights, you could be held liable.
You can avoid this liability by complying with the takedown provisions of the Digital Millennium Copyright Act (DMCA). Briefly put, you must provide a way for copyright owners to file a takedown request if material on your site violates their copyrights. (You, as the site operator, may contact the party who posted the content to ask if he or she wishes to contest the copyright claim.)
Provided you follow the DMCA process, and remove infringing material from your site, you cannot generally be held liable for damages. Note that this safe harbor protection is not absolute. For example, if it is determined that your site systematically encourages copyright violation as a core part of its business, then complying with the DMCA will not protect you from liability.
Libel and the Communications Decency Act
In most of the world, if a user commits libel by posting false and damaging allegations on your site, you could be held responsible, and sued or even prosecuted. But in the United States, your site is protected from legal liability by Section 230 of the Communications Decency Act of 1996 (CDA). Section 230 also protects the website from liability for other types of user-posted content… even criminal acts!
However, you could still be sued in another country… perhaps Canada or the United Kingdom, where anti-libel laws are much more stringent, and you are not protected by Section 230. In that case, you may well lose the overseas lawsuit. But when the plaintiff attempts to have the judgment against you enforced in the United States, their claim will be denied. Under the terms of the Securing the Protection of our Enduring and Established Constitutional Heritage (SPEECH) Act of 2010, foreign libel judgments cannot be enforced unless the suit would also be valid under US law.
Section 230 has been called the most important Internet legislation ever enacted; it has made possibly the proliferation of social networks, discussion sites, review sites, and more. However, the law is under attack. A number of state attorneys general have petitioned congress to amend the law to exclude certain types of user-supplied posts.
Even under current law, states have tried to hold websites responsible for user-generated content. For example, several states have threatened to prosecute Craigslist.org over ads for prostitution posted by users of the site. Despite the protection of Section 230, Craigslist ultimately bowed to the pressure and blocked the ads for sex services (at least the most blatant ads).
In addition, some judges have ignored Section 230 protections because they simply don’t agree with a law that provides such blanket immunity.
Because of the ongoing pressure, this body of law could change in the future, so it’s important to be aware of the ongoing discussions.
Privacy has become a major concern for many people, and as a result legislative bodies are moving quickly to enact privacy protections, in particular for children; see the Children’s Online Privacy Protection Act (COPPA).
Currently some of the most stringent requirements can be found at the state level, notably in California, Connecticut, and Delaware. Privacy laws in the European Union are general much stronger than those in the US.
Common provisions include:
- Limitations on collecting and storing certain information such as social security numbers and credit card numbers.
- Requirements for parental permission before minors can participate in online communities.
- Requirements to allow content posted by minors, and data collected from minors, to be deleted from the website.
- Limitations on good and services that can be marketed or advertised on sites targeting or directed at minors.
Although there are legal precedents upholding both browsewrap and clickwrap agreements, courts have been more willing to recognize clickwraps as valid contracts, while showing skepticism about browsewraps.
In addition to the various special laws affecting websites, Internet businesses are subject to the same general laws as traditional businesses. Examples include truth in advertising laws, commercial codes, and tax laws.
In other words, when launching a web business, legal issues are as important as technology, marketing, and financial considerations.