Learning Center
Plans & pricing Sign in
Sign Out



									                    TOP TEN LEGAL OVERSIGHTS
                           Brett J. Trout

ALTHOUGH THERE ARE MANY LEGAL PROBLEMS that can shut down a website, these are some of
the more likely culprits:

    10. No Website Disclaimer

    Liability: The liability depends on the type of disclaimer omitted and the resulting damage.
Problems arise when a website reasonably leads someone to believe something that ends up
causing them damage. If the website causes them to forego an opportunity or take some action
based upon information provided on the website, the website owner can be held liable.
Disclaimers typically relate to errors or omissions on the website, third party links and the
website not constituting an engagement of any kind. While it is a good idea to include all
necessary disclaimers, too many disclaimers can lead to additional problems. In theory, nearly
every legal issue could be the subject of disclaimer. Including irrelevant, redundant or non-
applicable items in disclaimers can diminish the legal effectiveness of the most important
disclaimers. This type of overkill can potentially destroy the liability insulation the disclaimers
were designed to provide.

    Solution: While some websites may not need any disclaimer, others may need very broad
and detailed disclaimers. Determining the appropriate metes and bounds of the desired disclaimer,
without going overboard is often difficult. Drafting proper disclaimers requires a thorough review
of the information contained on the website, as well as the circumstances surrounding the
collection, distribution and presentation of information in association therewith.

    9. Privacy Breaches

    Liability: Failing to properly inform website visitors of the company’s privacy policy, or
using confidential information in a manner not stipulated in the policy, could lead to severe
repercussions. Although the monetary damage may indeed be high, the majority of the liability
typically stems from the bad publicity surrounding such breaches. While many privacy breaches
go undetected and are, therefore, not associated with any direct liability, large-scale or egregious
breaches can quickly devolve into a financial and public relations nightmare.

     Solution: Companies must post a detailed privacy policy which dictates the disposition and
security associated with various types of private information collected from users. As it is very
difficult to retroactively broaden a privacy policy once information has been collected, it is
critical not to adopt a policy which is too restrictive in scope. A properly worded policy will be
sensitive to how the collected information may be used in the future. Companies must also be
sure that privacy policies comport with all legal and regulatory restrictions pertaining to the
particular type of business, the type of user providing the information and how the company will
use the information.

    8. Intellectual Property Infringement
     Liability: Liability for intellectual property infringement can range from an injunction to a
multi-million dollar judgment. Online infringement of patent, copyright, trademark, trade secret
or trade dress often leads to a website being judicially removed. For a company that relies on its
website for sales and communication, the ramifications can be catastrophic. If the company
becomes aware of an accusation of infringement and fails to take immediate remedial steps, the
court may award punitive damages and order the company to pay the intellectual property
owner’s attorney fees as well.

     Solution: Everyone associated with the company website must be acutely aware of the proper
use of trademarks, copyrighted material and patentable processes. Companies can assist
employees and their website developer by adopting a detailed policy relating to the use and/or
dissemination of intellectual property. It is critical that all intellectual property used on the
website is owned by the company or properly licensed. No material should be assumed to be
“freeware,” in the public domain or corporate property without detailed documentation to that
effect. As no policy or documentation can absolutely insure the provenance of intellectual
property, every company must have a contingency procedure in place. Once an allegation of
infringement is levied, time wasted determining the appropriate course of action can cause the
liability to skyrocket. Informing employees of the appropriate procedures in advance, can be the
difference between simply removing the infringing material from the website to having the
company’s online operations brought to a grinding halt.

    7. Security Breaches

   Liability. Lapses in security can translate into damages many times the value of the entire
company. Security breaches may arise from hackers, who do it for fun or profit. The most
common security breaches, however, result internally from disgruntled or careless employees.
Damages associated with information technology security breaches total over $1.5 trillion

    Solution. As the types of security breaches are as varied as the types of companies,
companies must carefully tailor appropriate security plans to the particular type of website and its
associated vulnerabilities. Companies must adopt a strict security policy, even if one is not legally
required. Such policies should be detailed, including flexibility and remedial protocols in the
event of a breach.

    6. Failure to Protect Intellectual Property

    Liability: The primary asset of most online retailers, software companies and companies with
solid brand identity is intellectual property. Whether it is trademarks, customer lists, proprietary
technology or patents, these companies depend on their intellectual property to stay in business.
Unfortunately, reclaiming intellectual property that has become lost or moved into the public
domain is not possible. Failure to properly protect these assets could single-handedly destroy an
entire company.

    Solution: Due diligence is the first step. Find out what intellectual property the company
thinks it has and collect the documentation regarding ownership. Many items, such as the design
of a website, are owned by the developer, even though the company dictated the parameters and
fully paid the developer for the time involved in creating the site. If a company discovers that
some of the intellectual property has been improperly transferred, the company must immediately
execute and file the appropriate paperwork with the appropriate entities to attempt to secure rights
which became lost, or which remained with the owner after the “transfer.” A well documented
intellectual property portfolio allows easy analysis and access to intellectual property transfer
documentation. Additionally, intellectual property transfer procedures should also be
incorporated into the company’s policy. Most importantly, appropriate transfer documentation
should always be drafted and executed well prior to any use of intellectual property received from
outside the company.

    5. Breaking the Law

    Liability: Hundreds of laws govern websites and it is often difficult to navigate the maze of
regulation with any precision. Many of these laws are industry specific and companies falling
under their purview must follow them to the letter. Failure to comply with federal legislation,
such as COPPA, Graham-Leach-Bliley, HIPAA, or international conventions such as the EU
Directive, could lead to drastic penalties. Fines and injunctions associated with failure to comply
with federal and/or international law are indeed costly. The costs associated with litigating and
defending liabilities associated with breaking these laws, however, are often even more costly and

     Solution: For any company that relies on its online presence for business should have an
internal regulatory compliance committee. The committee is responsible for following statutory
regulations governing the company and its website. Outlining policies to comport with such
regulations far in advance of their implementation deadline dates is critical. Ambiguities inherent
in legislation often make strict compliance difficult. It is, therefore, often necessary to enlist the
assistance of outside legal counsel to coordinate compliance efforts and respond to government
agencies regarding specific laws. Addressing issues early can often avoid crippling compliance

    4. No Coordination

    Liability: Costly litigation often arises as the result of everyone in the company thinking
someone else is handling the problem. Failure of key personnel to coordinate with one another
can lead to numerous types of liability. Nowhere is this more of a concern than in the area of
online activities. Not only may the company be liable for these failures, but officers and directors
may be held personally liable if they were made aware of the problem, but failed to take
appropriate action.

     Solution: Companies must develop a coordinated chain of command. Written reporting
procedures and protocols for addressing IT issues on a timely basis are imperative. Designating a
Chief Information Officer (“CIO“) to coordinate directly with the Board of Directors can reduce
critical delays and failures associated with online and other information technology issues.

    3. Bad Contracts

    Liability: Given the time and expense involved with executing appropriate contracts, many
companies attempt to cobble together parts from existing contracts or forego written contracts
entirely. Most of the time, both parties perform their obligations and bad drafting never comes
into play. In the instances where a problem arises, however, the lack of an appropriate contract
can bring a company’s operations to a grinding halt. In these situations, inartfully drafted
contracts can actually be worse that having no contract at all. Improper assessment of a
company’s existing intellectual property portfolio, information technology procedures and
existing security policies can have catastrophic consequences. A company can be gutted of its
intellectual property and racked with lawsuits relating to its actions or failures to act. Even if an
appropriate contract is in place, failure to inform key personnel of important contractual
provisions may lead to inadvertent breaches which, in turn, could lead to large liabilities for the

     Solution: It is critical to coordinate with outside legal counsel to develop comprehensive
contractual strategies to prevent any intellectual property from slipping through the cracks.
Rigorous review of third party contracts is also essential to ensure the availability of an exit
strategy and to prevent overreaching contract provisions from crippling the company. The time
and cost associated with drafting appropriate contracts and bringing key personnel into the fold
initially may seem burdensome. Over time, however, as templates for particular strategies
emerge, the time and costs decrease, and the preparation actually increases, rather than decreases,
efficiencies. Compared to the time and costs associated with litigating over misdrafted or absent
contract points, proper contract preparation translates into a very minimal expenditure.

    2. Losing the Farm

    Liability: For many companies, especially information technology companies, intellectual
property can be the principal corporate asset. A single patent or trademark may be the difference
between a company’s success or failure in the marketplace. A company can lose its intellectual
property through inadvisable contracts or simple administrative mistakes. Taking the appropriate
steps to protect and maintain a company’s intellectual property is critical. A single misstep could
lead to the inadvertent abandonment of a multi-million dollar asset.

    Solution: Intellectual property portfolios are as varied as the companies that own them. As
such, there is simply no “one size fits all” portfolio protection strategy. To determine the
appropriate strategy a company must develop specific plans and policies geared toward its own
intellectual property and strategic initiative. In any company, a well conceived portfolio
protection plan, developed prior to the acquisition of new intellectual property, reduces the costs,
delays and potential hardships associated with attempts at remedial efforts to regain lost assets. A
coordinated intellectual property portfolio protection plan is essential. The plan should include, as
appropriate, patent protection, copyright and trademark registration, trade secret security and
trade dress monitoring. Having a plan in place not only provides for a more streamlined
intellectual property acquisition process, but prevents the loss of invaluable corporate assets and
provides a significant in terrorem aspect to deter would-be infringers.

    1. No Formal Policies

    Liability: Many companies float along without any specific written policies regarding
website use and appropriate procedures for intellectual property protection. They prefer to keep
their heads in the sand until a problem arises. Unfortunately, once a problem does arise, it is often
too late to correct it. Furthermore, the lack of existing procedures not only may expose a company
to vast amounts of liability, but time wasted determining the appropriate procedures may lead to
an irreversible loss of intellectual property or expose a company to punitive damages associated
with willful infringement.
     Solution: Companies need detailed written policies and procedures before a problem arises.
Although appropriate policies will vary from company to company, the foregoing nine issues are
a good place to start when constructing a general policy outline. From the outline, a company can
incorporate strategies and key provisions, detailing proper reporting and administrative
procedures. The company must treat the resulting policy as a living document. The company
should periodically review and update the policy to address changes in the corporate information
technology structure, as well as changes in the intellectual property portfolio. Enlisting the
assistance of a qualified information technology attorney can be invaluable in adapting a policy
framework to a particular business and website. A qualified attorney can also assist in continually
modifying the policies and procedures to limit loss, increase efficiency and avoid unnecessary

To top