Two words: Argos, Kodak. Two companies who over the last few years have become well known in the e-commerce industry for high-profile online trading “issues” with the way information is handled on their websites and the design of their online contracting process. There have of course been other cases, notably Shetland Times v Willis (online copyright infringement) and Norwich Union (defamation online).

As the e-commerce industry rapidly moves beyond setting up websites and advertising products over the internet to carrying out transactions online, there are a host of legal issues to consider, ranging from the formation of contracts over the internet, to questions of jurisdiction and security.

This article provides a checklist , which is by no means exhaustive, of the top issues which businesses must consider when deciding whether and how to transact business over the internet.

Copyright, Trade Marks and Passing Off

Copyright may subsist in literary works whether created online or offline. Its primary purpose is to award authors for the creation of original works using independent skill, effort and judgment.

trade mark infringement relates to the utilisation of a party's trade mark without consent. A trade mark is any sign such as a brand name or logo and can include shapes, tunes, colours and even smells which distinguish the goods and services of one business from those of another.

Passing off protects the goodwill (established corporate brand value) of a business and will prevent a competitor from unjustly benefiting from that goodwill. The principle of an action for passing off is to stop a third party from misrepresenting that its goods or services are the goods or services of someone else who has established goodwill or reputation for those goods or services. If a link, for example, creates confusion in the mind of a user then a possible action for passing off may succeed.

So what does that mean for your website? Not only is infringement of intellectual property rights, such as copyright and trade marks, easier over the internet (because they are in digital form) but there are two further considerations. Firstly, it is important to ensure that any material or information which you intend to place on your website has been cleared with the original author. Secondly, it is usually appropriate for the inclusion of a copyright notice on the website (ideally along with any disclaimers and terms and conditions, see below) so that any person accessing the site will know who owns the material on the website and what s/he can and cannot do with that material (for example. reproduction, permanent storage, or retransmission of the contents of the website may be prohibited).

Disclaimers

As the name suggests, a disclaimer is an attempt, through the use of suitable wording, to excuse or disclaim liability for certain events or situations. Often on the web, a site might feature untested opinions, discussion which might be relied upon or other potentially worrisome information which, while useful for a site, could attract liability for the website owner. So, a disclaimer is employed to offset such liability. Any disclaimer wording must be suitably prominent: the general rule of thumb is the more you are seeking to exclude, the more you need to bring the disclaimer to the users attention. As the purpose of a disclaimer is to exclude, or in some instances limit, liability it must be enforceable. However, the enforceability of any disclaimer may be (as is the case in England and Wales) subject to separate rules which are dependant upon to whom (either another business or a consumer) you are trying to restrict your liability. Under English Law, a limitation of liability provision must comply with the Unfair Contract Terms Act 1977 but as the internet is global, care must be taken to ensure that disclaimer/limitations are enforceable outside England and Wales.

Retailers within the EU who offer goods and services via the internet, now have to give careful consideration to their terms of business to avoid being sued by foreign consumers under the Brussels Regulation which, with effect from 1 March 2002, allows consumers within the EU (except Denmark) to have disputes heard in their own country rather than where the retailer is based.

Terms and Conditions

Many websites now set out terms and conditions of use which make it clear to the user that whilst there may be an implied licence to use the website this does not extend to using the website for commercial purposes without first obtaining the website owner's consent. However, in order to make sure that these terms and conditions are enforceable they must be suitably prominent (e.g. "above the fold" so that the user need not scroll down) and contractually binding.

Case law has indicated that it would be better to force the user to have to scroll through the wording and click "I accept" before being able to move forward. This would incorporate the wording properly and would follow the 1997 US case of Ticketmaster v Microsoft which highlighted the importance for businesses to ensure that their terms and conditions are incorporated into all contracts with users. To ensure that users are aware of the terms and conditions and therefore bound by them (even if they are not read), the website should be set up in such a way that the user must scroll through them and click ‘I agree’ before proceeding to make a purchase. This “click-wrap” style of contracting seems logical and follows the shrinkwrap method which has long been employed in the software industry. There is not, as yet, any UK caselaw to support this view.

Some website's require a user to register before being able to access any information contained on the website or purchase any goods advertised. Part of the registration process requires the user to "ö" a box indicating that s/he has read, understood and agrees to be bound by the terms and conditions. However, this may not satisfy the apparent requirement for a user to be forced to scroll through terms and conditions beforehand.

With B2C websites, consideration must also be given to the Distance Selling Directive which places obligations on companies to, amongst other things, notify consumers beforehand of their terms and conditions of business and also give consumers a period in which to terminate or cancel any agreement entered into online. The Directive also deals with unsolicited commercial communications to consumers.

Privacy Statements

Privacy as a concept is increasingly something which people fiercely strive to protect. The Beckhams, model Naomi Campbell and Premiership footballer Gary Flitcroft are probably the most well known celebrities who have fought to protect their privacy. Although the courts have recognised that a degree of privacy should attach to people in the public eye it does not appear that they are willing to give as much weight as they do to private individuals.

A suitably worded and placed statement should be included on the website (with any other legal notices such as terms and conditions) setting out how personal information can be obtained by using the website (e.g., cookies and IP addresses) and what the website owner will do with any such information (e.g., passing information between offices or organisations outside the EEA).

Under the UK Data Protection Act 1998, it is a fundamental requirement that any form of data processing be justified. The most efficient method for companies to justify the processing is to obtain the consent of the individual whose personal data will be processed. Some websites require an individual to "opt in" (as opposed to "opt out") before they are allowed access to services which require collection of such data. A statement that the company may, from time to time, cause personal data to be "exported" electronically outside the geographical boundaries of the EEA is not enough and explicit consent must be obtained. Without explaining to whom the data may be transferred it would be difficult to see how a company will obtain appropriate and enforceable consent.

To summarise, by combining interesting owned or licensed information, with use permissions, disclaimers and other terms and conditions (for data use and contract creation) a website can become legally “compliant” and avoid falling foul of the new and increasing body of legislation and caselaw developing apace with the technology.

Website Legal Compliance Checklist:
  1. do you have sufficient rights to include that text, report, picture etc?
  2. is there anything that might attract liability on your site which might require a disclaimer?
  3. is your disclaimer suitable prominent (hidden behind a link may not do)?
  4. are you selling? If so, on what terms?
  5. are your terms incorporated into the contract formed online?
  6. do your terms allow you to accept/reject an offer to buy?
  7. do you process personal data?
  8. are you compliant with data protection legislation?
  9. does your privacy statement reflect your actual use of the personal data?

Written by Mark O'Conor and Lisa Comber. First published in the May 2002 edition of MIS Magazine.