Top Ten Legal Oversights
That Can Shut Down Your Website
by Brett Trout
Although there are many legal problems that can shut down a website,
these are some of the more likely culprits:
10. No Website Disclaimer
Liability: The liability depends on the type of disclaimer
omitted and the resulting damage. Problems arise when a website
reasonably leads someone to believe something that ends up causing them
damage. If the website causes them to forego an opportunity or take some
action based upon information provided on the website, the website owner
can be held liable. Disclaimers typically relate to errors or omissions
on the website, third party links and the website not constituting an
engagement of any kind. While it is a good idea to include all necessary
disclaimers, too many disclaimers can lead to additional problems. In
theory, nearly every legal issue could be the subject of disclaimer.
Including irrelevant, redundant or non-applicable items in disclaimers
can diminish the legal effectiveness of the most important disclaimers.
This type of overkill can potentially destroy the liability insulation
the disclaimers were designed to provide.
Solution: While some websites may not need any disclaimer,
others may need very broad and detailed disclaimers. Determining the
appropriate metes and bounds of the desired disclaimer, without going
overboard is often difficult. Drafting proper disclaimers requires a
thorough review of the information contained on the website, as well as
the circumstances surrounding the collection, distribution and
presentation of information in association therewith.
9. Privacy Breaches
Liability: Failing to properly inform website visitors of the
company’s privacy policy, or using confidential information in a manner
not stipulated in the policy, could lead to severe repercussions.
Although the monetary damage may indeed be high, the majority of the
liability typically stems from the bad publicity surrounding such
breaches. While many privacy breaches go undetected and are, therefore,
not associated with any direct liability, large-scale or egregious
breaches can quickly devolve into a financial and public relations
nightmare.
Solution: Companies must post a detailed privacy policy which
dictates the disposition and security associated with various types of
private information collected from users. As it is very difficult to
retroactively broaden a privacy policy once information has been
collected, it is critical not to adopt a policy which is too restrictive
in scope. A properly worded policy will be sensitive to how the
collected information may be used in the future. Companies must also be
sure that privacy policies comport with all legal and regulatory
restrictions pertaining to the particular type of business, the type of
user providing the information and how the company will use the
information.
8. Intellectual Property Infringement
Liability: Liability for intellectual property infringement
can range from an injunction to a multi-million dollar judgment. Online
infringement of patent, copyright, trademark, trade secret or trade
dress often leads to a website being judicially removed. For a company
that relies on its website for sales and communication, the
ramifications can be catastrophic. If the company becomes aware of an
accusation of infringement and fails to take immediate remedial steps,
the court may award punitive damages and order the company to pay the
intellectual property owner’s attorney fees as well.
Solution: Everyone associated with the company website must be
acutely aware of the proper use of trademarks, copyrighted material and
patentable processes. Companies can assist employees and their website
developer by adopting a detailed policy relating to the use and/or
dissemination of intellectual property. It is critical that all
intellectual property used on the website is owned by the company or
properly licensed. No material should be assumed to be “freeware,” in
the public domain or corporate property without detailed documentation
to that effect. As no policy or documentation can absolutely insure the
provenance of intellectual property, every company must have a
contingency procedure in place. Once an allegation of infringement is
levied, time wasted determining the appropriate course of action can
cause the liability to skyrocket. Informing employees of the appropriate
procedures in advance, can be the difference between simply removing the
infringing material from the website to having the company’s online
operations brought to a grinding halt.
7. Security Breaches
Liability. Lapses in security can translate into damages many
times the value of the entire company. Security breaches may arise from
hackers, who do it for fun or profit. The most common security breaches,
however, result internally from disgruntled or careless employees.
Damages associated with information technology security breaches total
over $1.5 trillion annually.
Solution. As the types of security breaches are as varied as
the types of companies, companies must carefully tailor appropriate
security plans to the particular type of website and its associated
vulnerabilities. Companies must adopt a strict security policy, even if
one is not legally required. Such policies should be detailed, including
flexibility and remedial protocols in the event of a breach.
6. Failure to Protect Intellectual Property
Liability: The primary asset of most online retailers,
software companies and companies with solid brand identity is
intellectual property. Whether it is trademarks, customer lists,
proprietary technology or patents, these companies depend on their
intellectual property to stay in business. Unfortunately, reclaiming
intellectual property that has become lost or moved into the public
domain is not possible. Failure to properly protect these assets could
single-handedly destroy an entire company.
Solution: Due diligence is the first step. Find out what
intellectual property the company thinks it has and collect the
documentation regarding ownership. Many items, such as the design of a
website, are owned by the developer, even though the company dictated
the parameters and fully paid the developer for the time involved in
creating the site. If a company discovers that some of the intellectual
property has been improperly transferred, the company must immediately
execute and file the appropriate paperwork with the appropriate entities
to attempt to secure rights which became lost, or which remained with
the owner after the “transfer.” A well documented intellectual property
portfolio allows easy analysis and access to intellectual property
transfer documentation. Additionally, intellectual property transfer
procedures should also be incorporated into the company’s policy. Most
importantly, appropriate transfer documentation should always be drafted
and executed well prior to any use of intellectual property received
from outside the company.
5. Breaking the Law
Liability: Hundreds of laws govern websites and it is often
difficult to navigate the maze of regulation with any precision. Many of
these laws are industry specific and companies falling under their
purview must follow them to the letter. Failure to comply with federal
legislation, such as COPPA, Graham-Leach-Bliley, HIPAA, or international
conventions such as the EU Directive, could lead to drastic penalties.
Fines and injunctions associated with failure to comply with federal
and/or international law are indeed costly. The costs associated with
litigating and defending liabilities associated with breaking these
laws, however, are often even more costly and burdensome.
Solution: For any company that relies on its online presence
for business should have an internal regulatory compliance committee.
The committee is responsible for following statutory regulations
governing the company and its website. Outlining policies to comport
with such regulations far in advance of their implementation deadline
dates is critical. Ambiguities inherent in legislation often make strict
compliance difficult. It is, therefore, often necessary to enlist the
assistance of outside legal counsel to coordinate compliance efforts and
respond to government agencies regarding specific laws. Addressing
issues early can often avoid crippling compliance issues.
4. No Coordination
Liability: Costly litigation often arises as the result of
everyone in the company thinking someone else is handling the problem.
Failure of key personnel to coordinate with one another can lead to
numerous types of liability. Nowhere is this more of a concern than in
the area of online activities. Not only may the company be liable for
these failures, but officers and directors may be held personally liable
if they were made aware of the problem, but failed to take appropriate
action.
Solution: Companies must develop a coordinated chain of
command. Written reporting procedures and protocols for addressing IT
issues on a timely basis are imperative. Designating a Chief Information
Officer (“CIO“) to coordinate directly with the Board of Directors can
reduce critical delays and failures associated with online and other
information technology issues.
3. Bad Contracts
Liability: Given the time and expense involved with executing
appropriate contracts, many companies attempt to cobble together parts
from existing contracts or forego written contracts entirely. Most of
the time, both parties perform their obligations and bad drafting never
comes into play. In the instances where a problem arises, however, the
lack of an appropriate contract can bring a company’s operations to a
grinding halt. In these situations, inartfully drafted contracts can
actually be worse that having no contract at all. Improper assessment of
a company’s existing intellectual property portfolio, information
technology procedures and existing security policies can have
catastrophic consequences. A company can be gutted of its intellectual
property and racked with lawsuits relating to its actions or failures to
act. Even if an appropriate contract is in place, failure to inform key
personnel of important contractual provisions may lead to inadvertent
breaches which, in turn, could lead to large liabilities for the
company.
Solution: It is critical to coordinate with outside legal
counsel to develop comprehensive contractual strategies to prevent any
intellectual property from slipping through the cracks. Rigorous review
of third party contracts is also essential to ensure the availability of
an exit strategy and to prevent overreaching contract provisions from
crippling the company. The time and cost associated with drafting
appropriate contracts and bringing key personnel into the fold initially
may seem burdensome. Over time, however, as templates for particular
strategies emerge, the time and costs decrease, and the preparation
actually increases, rather than decreases, efficiencies. Compared to the
time and costs associated with litigating over misdrafted or absent
contract points, proper contract preparation translates into a very
minimal expenditure.
2. Losing the Farm
Liability: For many companies, especially information
technology companies, intellectual property can be the principal
corporate asset. A single patent or trademark may be the difference
between a company’s success or failure in the marketplace. A company can
lose its intellectual property through inadvisable contracts or simple
administrative mistakes. Taking the appropriate steps to protect and
maintain a company’s intellectual property is critical. A single misstep
could lead to the inadvertent abandonment of a multi-million dollar
asset.
Solution: Intellectual property portfolios are as varied as
the companies that own them. As such, there is simply no “one size fits
all” portfolio protection strategy. To determine the appropriate
strategy a company must develop specific plans and policies geared
toward its own intellectual property and strategic initiative. In any
company, a well conceived portfolio protection plan, developed prior to
the acquisition of new intellectual property, reduces the costs, delays
and potential hardships associated with attempts at remedial efforts to
regain lost assets. A coordinated intellectual property portfolio
protection plan is essential. The plan should include, as appropriate,
patent protection, copyright and trademark registration, trade secret
security and trade dress monitoring. Having a plan in place not only
provides for a more streamlined intellectual property acquisition
process, but prevents the loss of invaluable corporate assets and
provides a significant in terrorem aspect to deter would-be infringers.
1. No Formal Policies
Liability: Many companies float along without any specific
written policies regarding website use and appropriate procedures for
intellectual property protection. They prefer to keep their heads in the
sand until a problem arises. Unfortunately, once a problem does arise,
it is often too late to correct it. Furthermore, the lack of existing
procedures not only may expose a company to vast amounts of liability,
but time wasted determining the appropriate procedures may lead to an
irreversible loss of intellectual property or expose a company to
punitive damages associated with willful infringement.
Solution: Companies need detailed written policies and
procedures before a problem arises. Although appropriate policies will
vary from company to company, the foregoing nine issues are a good place
to start when constructing a general policy outline. From the outline, a
company can incorporate strategies and key provisions, detailing proper
reporting and administrative procedures. The company must treat the
resulting policy as a living document. The company should periodically
review and update the policy to address changes in the corporate
information technology structure, as well as changes in the intellectual
property portfolio. Enlisting the assistance of a qualified information
technology attorney can be invaluable in adapting a policy framework to
a particular business and website. A qualified attorney can also assist
in continually modifying the policies and procedures to limit loss,
increase efficiency and avoid unnecessary litigation.
Brett J. Trout is a Patent Lawyer and founder of Brett
J. Trout P.C., an AV-rated law firm servicing clients across the country
on issues relating to patent, copyright, trademark and information
technology issues. Mr. Trout is also author of the book Internet Laws Affecting Your Company and his website is
www.BrettTrout.com
|
