Sie sind auf Seite 1von 3

A Short Legal Guide to Auditing Your Web Site

As you may be aware, the body of law relating to Internet websites continues to evolve at
a rapid rate. This happens whenever a judge issues a ruling which is inconsistent with
past practice, or when a new issue is decided for the first time, or when a State, Federal or
international body enacts a new law. Recent changes have been coming so frequently
that we thought it would be prudent to send a checklist to our clients highlighting the
areas where changing legal realities are most likely to cause an impact.

The list below is set up in Q and A form. While it is not exhaustive, it should permit you
to perform a quick self audit to determine whether action of some sort on your part may
be necessary. If you do find such an area, or if you have any questions, please contact
one of the attorneys at LGU with whom you work, and we will be happy to assist you.

1. Do you deliberately or incidentally collect personal information from visitors to your
site? This may include information as innocuous as IP addresses (which many site traffic
software packages automatically record), to more overt requests for names, addresses,
and demographic information. If so, you should:

Consider posting a written privacy policy that informs users about the kind of
information that is collected and its anticipated uses. However, privacy policies
that are needlessly overbroad can place undue restrictions on future uses of this
potentially valuable asset, especially in the case of merger, acquisition or
Comply with the Children's Online Privacy Protection Act (COPPA), particularly
if you collect date of birth information or design portions of your site for children.
Note that these rules can apply to you even if children are not your intended
Comply with the Health Insurance Portability and Accountability Act (HIPPA) if
your site involves personal medical or health-related information.

2. Do you sell goods or services on your site? If so, you should:

Use an adequate, correctly placed license agreement that covers such issues as
disclaimers of liability, choice of law/venue provisions for dispute resolution, and
taxes. If you resell products from others, ensure your reseller agreements do not
restrict your use of the Internet as a distribution mechanism.
Consider the applicability of laws and regulations generally applicable to mail
order sales (such as requirements to notify customers of delayed filling of orders).
Consider whether it is advisable to use alternative dispute resolution procedures
for disputes with customers.
Determine whether state sales taxes need to be charged.
Obtain appropriate insurance coverage, arranged by a broker familiar with e-
commerce issues.

3. Do you use your site as a business-to-business "e-commerce site" (that is, do you enter
into agreements with other businesses over the Internet)? If so, you should:

Ensure that your Internet-based contracts do not conflict with paper invoices and
purchase orders that may originate with your company or your customer (these
may override your web-based agreement terms).
Consider whether you would benefit from taking advantage of the relatively new
Electronic Signatures in Global and National Commerce Act (E-SIGN), by
contracting electronically.

4. Did an independent contractor develop or contribute to your site? If so, you

Have or obtain an appropriate agreement with the contractor to determine your
rights in the content. Absent such a written agreement, the contractor may
actually own the intellectual property you thought you had paid for. Often, for
example, a web site developer will only grant a limited license to the developed
content, making it difficult and expensive for a company to subsequently update
its own web site.
Ensure that the developer obtained all necessary permissions to use any third-
party content contributed to your site. Without the proper contractual language,
your company may be liable for the developer's failure to obtain these

5. Does a third party host your site? If so, you should have or obtain a written agreement
that provides, if possible, specific measurable criteria for performance (a "service level
agreement"), and entitles you, if you fail to receive adequate support, suffer unreasonable
down time, or if the ISP or provider goes bankrupt, to:

Gain access to all electronic material you need to swiftly redeploy with another
Control your URL(s), so that traffic goes to your new site, and not the old.
Be able to terminate on short notice, and without monetary penalties.

6. Does your web site use or refer to the intellectual property of others? If so, you
should :

Properly acknowledge the use of trademarks, service marks and copyrighted
material of other parties, to provide greater protection against infringement
Exercise caution when framing or linking to other web sites. Depending on the
circumstances, these practices may give rise to liability.
Consider whether quotations, excerpts and reviews comply with the "fair use"
doctrine and any applicable licenses before incorporating them into content on
your site.

7. Do you permit other parties to post information on your site (creating a risk of
copyright infringement or defamation by the posters)? If so, you should:

Take advantage of a safe harbor provision in the Communications Decency Act
(CDA) by notifying customers of commercially available parental control
Maximize your protection under the Digital Millennium Copyright Act (DMCA)
by registering an agent with the Copyright Office and observing the "notice and
take down" provisions of this law.
Implement a carefully-crafted "Terms of Use" acknowledgement, which defines
your right to remove postings or terminate a user's account.

8. Have you taken reasonable measures to secure the information on your site? Failure
to do so may result in liability to persons for disclosure of their information, or loss of
control of your information on the site.

9. Is your website directed to users outside the United States? If so, have you considered
how the laws of other countries may impact your activities? For example:

Europe's privacy laws are much more sweeping than those in the U.S. You may
benefit by certifying compliance with certain privacy principles and registering
under a "safe harbor" administered by the Commerce Department.
Europe also recognizes far greater intellectual property rights for databases, which
are largely unprotected in the U.S. Certain steps can be taken before making your
database publicly accessible on the Internet to take advantage of this fact.
European laws may permit you to be sued in Europe based on your website
activities, even if you have no physical presence there.

10. Does your website contain substantial original content at risk of being illegally
pirated? If so, you may wish to consider registering all or part of the site or its contents
with the Copyright Office. Some copyright rights (such as the right to sue infringers)
require registration, and others (such as the right to collect certain kinds of damages) are
waived if a work is not registered in a certain timeframe.

11. Are you a public company, or a private company involved in raising funds from
investors? If so, have you considered the impact of statements on your website on
fundraising activities, including whether statements made may influence investor
decisions about your company? Statements on websites concerning fundraising may be
characterized as generalized solicitations, which could disqualify you from using certain
exemptions under securities laws.