• Legal Considerations for E-Commerce Businesses
  • April 8, 2014 | Authors: Robert F. Parr; Armand J. (A.J.) Zottola
  • Law Firm: Venable LLP - Washington Office
  • Nearly all companies now use online or mobile websites and/or social media network pages to promote their businesses, sell goods or services, conduct business transactions, and connect and communicate with customers, clients, or other businesses. While these "e-commerce businesses" confront a variety of the same legal issues faced by traditional brick-and-mortar companies, they also must manage other challenges that are unique to conducting business operations and transactions in an electronic environment. The range of legal issues to consider and manage continues to grow, and ignoring this reality could lead to financial liability, regulatory penalties, or unauthorized exploitation of company intellectual property. Set forth below is a non-exhaustive list of potential legal issues to consider in connection with minimizing the risks associated with operating an e-commerce business.

    Consider Agreements with Online Service Providers
    Negotiate carefully all written agreements with contractors that provide website design, hosting, advertisement, or other related online services. Consider the use of provisions that address intellectual property ownership, third-party rights clearance, information security and confidentiality, and search engine optimization practices.

    Consider Domain Name Selection
    Consider carefully any third-party trademark rights that may attach to a particular URL in order to avoid using a domain name that violates third-party trademark rights.

    Protect Website Content
    Protect content and materials appearing on proprietary websites or social media pages from unauthorized commercial exploitation by users. Consider using a ™, ®, and/or © symbol in connection with prominent placements of trademarks and copyrights and register important intellectual property with the applicable authorities to perfect ownership and obtain enhanced rights and remedies. In addition, provide notices and conditions for any use or display of the intellectual property by third parties, and review publishable material before display or launch to ensure that no confidential proprietary information has been inadvertently disclosed.

    Create Enforceable Online Contracts
    Traditional contract principles apply to transactions conducted online. This means that each online contract requires an offer, acceptance, and consideration (i.e., a bargained-for exchange of detriments and/or value). Ensure that contracts that appear on proprietary websites (e.g., terms of website use and terms of sale) satisfy the foregoing requirements.

    Utilize Appropriate Protective Provisions in Online Terms of Use
    Prominently post on a proprietary website or social media page properly customized notices to help mitigate legal risks. For example, prohibit users from posting content defined as inappropriate, disclaim responsibility for user-generated content or third-party advertisements, limit the company's liability for harm to users resulting from website or webpage use, and reserve the rights necessary to maintain website or webpage security.

    Seek Available Immunity for Copyright Infringement
    Given the ease with which material can be obtained and posted online, avoiding copyright infringement based on the use, display, reproduction, or distribution of content posted on social media pages or proprietary websites will always be a concern for e-commerce businesses. The federal Digital Millennium Copyright Act of 1998 (DMCA) lays out certain safe harbors for Internet service providers that could provide protection from such claims. Become familiar with the safe harbor requirements and consider taking the steps necessary to obtain available immunity from claims of copyright infringement.

    Avoid Trademark Infringement
    Unlike under the DMCA, there are no statutory safe harbors for trademark infringement claims. Care must be taken to avoid misuse of third-party marks by seeking consent to use marks and demonstrating a good faith effort to prevent unauthorized use by implementing and following a takedown policy.

    Seek Available Defamation Protection
    The federal Communications Decency Act of 1996 offers providers of interactive computer services safe harbor protection from civil liability for defamation (and certain other) claims where the provider is not the content provider. As with the DMCA, implement a policy for acceptable content and utilize a takedown procedure for harmful or offensive material posted by third-party users.

    Remember the Rights of Privacy and Publicity
    Privacy laws, including laws designed to protect medical records, financial information, and information about children or teenagers, apply to information collected online. To avoid punitive action from state attorneys general and/or the Federal Trade Commission, prominently post on the website a carefully drafted privacy policy that accurately explains collection practices for personally identifiable information in accordance with applicable laws at the state and federal levels, and strictly comply with any such policy. Similarly, the exclusive right to exploit one's likeness for commercial gain applies to content available online. Procedures should be implemented to control the unauthorized use or disclosure of such protected data and images without permission.

    Remember the Impact of Agency Liability
    Remember that actions taken by individuals online (even without the approval of management) can implicate an entity. In particular, actions of employees can expose the company to liability under certain circumstances. Adopt guidelines governing employees' permissible use of company websites, social media pages, and computer equipment and the content that can be displayed or published.

    Provide Information Security
    Implement an information security program consistent with the standard generally recognized under federal law and any applicable industry-specific or unique state law requirements in order to protect sensitive data accessible or stored in connection with online websites. Ensure data handling procedures align with any practices described in a website privacy policy.

    Be Mindful of Jurisdiction
    Because electronic transmissions through the internet reach parties throughout the world, businesses may become subject to the laws of many different countries or states within the United States when engaging in e-commerce activities. Consider refining the scope of jurisdiction to the extent possible by stating the governing law, venue, or forum and limiting online activities to only those jurisdictions in which the e-commerce business is prepared to comply with applicable laws and regulations.

    Know Taxation Obligations
    Whether online transactions and sales are subject to state taxes varies among the states. While certain states have enacted laws that impose obligations on resident businesses or businesses with in-state physical facilities to pay such taxes, others do not currently have a similar requirement. Be aware of those states in which taxes must be collected for online sales and transactions, and keep in mind that any such obligation may change at any time.

    Consider Insurance
    E-commerce businesses should consider obtaining insurance coverage in order to limit their financial exposure for information security breaches, online tort and intellectual property right infringement claims, and certain website-specific practices such as hyperlinking, framing, using metatags, and banner advertising.