Although there are many legal problems that can shut down a website, these are some of the more likely culprits:
10. No Website Disclaimer
Liability: The liability depends on the type of disclaimer omitted and the resulting damage. Problems arise when a website reasonably leads someone to believe something that ends up causing them damage. If the website causes them to forego an opportunity or take some action based upon information provided on the website, the website owner can be held liable. Disclaimers typically relate to errors or omissions on the website, third party links and the website not constituting an engagement of any kind. While it is a good idea to include all necessary disclaimers, too many disclaimers can lead to additional problems. In theory, nearly every legal issue could be the subject of disclaimer. Including irrelevant, redundant or non-applicable items in disclaimers can diminish the legal effectiveness of the most important disclaimers. This type of overkill can potentially destroy the liability insulation the disclaimers were designed to provide.
Solution: While some websites may not need any disclaimer, others may need very broad and detailed disclaimers. Determining the appropriate metes and bounds of the desired disclaimer, without going overboard is often difficult. Drafting proper disclaimers requires a thorough review of the information contained on the website, as well as the circumstances surrounding the collection, distribution and presentation of information in association therewith.
9. Privacy Breaches
8. Intellectual Property Infringement
Liability: Liability for intellectual property infringement can range from an injunction to a multi-million dollar judgment. Online infringement of patent, copyright, trademark, trade secret or trade dress often leads to a website being judicially removed. For a company that relies on its website for sales and communication, the ramifications can be catastrophic. If the company becomes aware of an accusation of infringement and fails to take immediate remedial steps, the court may award punitive damages and order the company to pay the intellectual property owner’s attorney fees as well.
Solution: Everyone associated with the company website must be acutely aware of the proper use of trademarks, copyrighted material and patentable processes. Companies can assist employees and their website developer by adopting a detailed policy relating to the use and/or dissemination of intellectual property. It is critical that all intellectual property used on the website is owned by the company or properly licensed. No material should be assumed to be “freeware,” in the public domain or corporate property without detailed documentation to that effect. As no policy or documentation can absolutely insure the provenance of intellectual property, every company must have a contingency procedure in place. Once an allegation of infringement is levied, time wasted determining the appropriate course of action can cause the liability to skyrocket. Informing employees of the appropriate procedures in advance, can be the difference between simply removing the infringing material from the website to having the company’s online operations brought to a grinding halt.
7. Security Breaches
Liability. Lapses in security can translate into damages many times the value of the entire company. Security breaches may arise from hackers, who do it for fun or profit. The most common security breaches, however, result internally from disgruntled or careless employees. Damages associated with information technology security breaches total over $1.5 trillion annually.
Solution. As the types of security breaches are as varied as the types of companies, companies must carefully tailor appropriate security plans to the particular type of website and its associated vulnerabilities. Companies must adopt a strict security policy, even if one is not legally required. Such policies should be detailed, including flexibility and remedial protocols in the event of a breach.
6. Failure to Protect Intellectual Property
Liability: The primary asset of most online retailers, software companies and companies with solid brand identity is intellectual property. Whether it is trademarks, customer lists, proprietary technology or patents, these companies depend on their intellectual property to stay in business. Unfortunately, reclaiming intellectual property that has become lost or moved into the public domain is not possible. Failure to properly protect these assets could single-handedly destroy an entire company.
Solution: Due diligence is the first step. Find out what intellectual property the company thinks it has and collect the documentation regarding ownership. Many items, such as the design of a website, are owned by the developer, even though the company dictated the parameters and fully paid the developer for the time involved in creating the site. If a company discovers that some of the intellectual property has been improperly transferred, the company must immediately execute and file the appropriate paperwork with the appropriate entities to attempt to secure rights which became lost, or which remained with the owner after the “transfer.” A well documented intellectual property portfolio allows easy analysis and access to intellectual property transfer documentation. Additionally, intellectual property transfer procedures should also be incorporated into the company’s policy. Most importantly, appropriate transfer documentation should always be drafted and executed well prior to any use of intellectual property received from outside the company.
5. Breaking the Law
Liability: Hundreds of laws govern websites and it is often difficult to navigate the maze of regulation with any precision. Many of these laws are industry specific and companies falling under their purview must follow them to the letter. Failure to comply with federal legislation, such as COPPA, Graham-Leach-Bliley, HIPAA, or international conventions such as the EU Directive, could lead to drastic penalties. Fines and injunctions associated with failure to comply with federal and/or international law are indeed costly. The costs associated with litigating and defending liabilities associated with breaking these laws, however, are often even more costly and burdensome.
Solution: For any company that relies on its online presence for business should have an internal regulatory compliance committee. The committee is responsible for following statutory regulations governing the company and its website. Outlining policies to comport with such regulations far in advance of their implementation deadline dates is critical. Ambiguities inherent in legislation often make strict compliance difficult. It is, therefore, often necessary to enlist the assistance of outside legal counsel to coordinate compliance efforts and respond to government agencies regarding specific laws. Addressing issues early can often avoid crippling compliance issues.
4. No Coordination
Liability: Costly litigation often arises as the result of everyone in the company thinking someone else is handling the problem. Failure of key personnel to coordinate with one another can lead to numerous types of liability. Nowhere is this more of a concern than in the area of online activities. Not only may the company be liable for these failures, but officers and directors may be held personally liable if they were made aware of the problem, but failed to take appropriate action.
Solution: Companies must develop a coordinated chain of command. Written reporting procedures and protocols for addressing IT issues on a timely basis are imperative. Designating a Chief Information Officer (“CIO“) to coordinate directly with the Board of Directors can reduce critical delays and failures associated with online and other information technology issues.
3. Bad Contracts
Liability: Given the time and expense involved with executing appropriate contracts, many companies attempt to cobble together parts from existing contracts or forego written contracts entirely. Most of the time, both parties perform their obligations and bad drafting never comes into play. In the instances where a problem arises, however, the lack of an appropriate contract can bring a company’s operations to a grinding halt. In these situations, inartfully drafted contracts can actually be worse that having no contract at all. Improper assessment of a company’s existing intellectual property portfolio, information technology procedures and existing security policies can have catastrophic consequences. A company can be gutted of its intellectual property and racked with lawsuits relating to its actions or failures to act. Even if an appropriate contract is in place, failure to inform key personnel of important contractual provisions may lead to inadvertent breaches which, in turn, could lead to large liabilities for the company.
Solution: It is critical to coordinate with outside legal counsel to develop comprehensive contractual strategies to prevent any intellectual property from slipping through the cracks. Rigorous review of third party contracts is also essential to ensure the availability of an exit strategy and to prevent overreaching contract provisions from crippling the company. The time and cost associated with drafting appropriate contracts and bringing key personnel into the fold initially may seem burdensome. Over time, however, as templates for particular strategies emerge, the time and costs decrease, and the preparation actually increases, rather than decreases, efficiencies. Compared to the time and costs associated with litigating over misdrafted or absent contract points, proper contract preparation translates into a very minimal expenditure.
2. Losing the Farm
Liability: For many companies, especially information technology companies, intellectual property can be the principal corporate asset. A single patent or trademark may be the difference between a company’s success or failure in the marketplace. A company can lose its intellectual property through inadvisable contracts or simple administrative mistakes. Taking the appropriate steps to protect and maintain a company’s intellectual property is critical. A single misstep could lead to the inadvertent abandonment of a multi-million dollar asset.
Solution: Intellectual property portfolios are as varied as the companies that own them. As such, there is simply no “one size fits all” portfolio protection strategy. To determine the appropriate strategy a company must develop specific plans and policies geared toward its own intellectual property and strategic initiative. In any company, a well conceived portfolio protection plan, developed prior to the acquisition of new intellectual property, reduces the costs, delays and potential hardships associated with attempts at remedial efforts to regain lost assets. A coordinated intellectual property portfolio protection plan is essential. The plan should include, as appropriate, patent protection, copyright and trademark registration, trade secret security and trade dress monitoring. Having a plan in place not only provides for a more streamlined intellectual property acquisition process, but prevents the loss of invaluable corporate assets and provides a significant in terrorem aspect to deter would-be infringers.
1. No Formal Policies
Liability: Many companies float along without any specific written policies regarding website use and appropriate procedures for intellectual property protection. They prefer to keep their heads in the sand until a problem arises. Unfortunately, once a problem does arise, it is often too late to correct it. Furthermore, the lack of existing procedures not only may expose a company to vast amounts of liability, but time wasted determining the appropriate procedures may lead to an irreversible loss of intellectual property or expose a company to punitive damages associated with willful infringement.
Solution: Companies need detailed written policies and procedures before a problem arises. Although appropriate policies will vary from company to company, the foregoing nine issues are a good place to start when constructing a general policy outline. From the outline, a company can incorporate strategies and key provisions, detailing proper reporting and administrative procedures. The company must treat the resulting policy as a living document. The company should periodically review and update the policy to address changes in the corporate information technology structure, as well as changes in the intellectual property portfolio. Enlisting the assistance of a qualified information technology attorney can be invaluable in adapting a policy framework to a particular business and website. A qualified attorney can also assist in continually modifying the policies and procedures to limit loss, increase efficiency and avoid unnecessary litigation.
Brett J. Trout is a Patent Lawyer and founder of Brett J. Trout P.C., an AV-rated law firm servicing clients across the country on issues relating to patent, copyright, trademark and information technology issues. Mr. Trout is also author of the book Internet Laws Affecting Your Company and his website is www.BrettTrout.com