An improperly created website can breed lawsuits. It’s not the place to test the limits of the law. Once you put information
out on the Net, it’s there for anybody to see. It’s the ultimate in unrestricted access. You might create a site for
potential customers, but your competitors and enemies get to see it too. A cautious and conservative approach is the way to
go. How cautious you need to be will vary depending on several things. The preventive medicine is a legal audit of your
The precise legal standards for websites aren’t easy to define as the law is in its infancy. The global availability of
the Net and all the differing legal systems throughout the world has exacerbated the problem of establishing the applicable
legal standard. To some extent, you need to be concerned about the laws of every jurisdiction, but complete compliance with
every variation of every law throughout the world is obviously an impossible goal. How you cope with this depends on what you
do and where you do it.
If You Don’t Do Overseas Business
If you’re an American company in a generally unregulated industry, and assuming that you don’t have any overseas
operations, your legal compliance strategy can probably safely center on the United States. In this scenario, your tech
lawyer can guide you on what’s considered “mainstream” compliance.
While it’s true that “mainstream”
compliance doesn’t guarantee complete legal compliance, it’s the only reasonable approach. If you demand a guarantee of
complete legal compliance only your lawyer will make money. There are just too many laws in too many states. Enjoy the
benefits of your generally unregulated status. Accept some risk, enjoy your profits, and deal with problems when and if they
If we change just one variable, the advice changes. If you’re in a generally regulated industry, you must be more
cautious. The starting point in your legal audit is to decide what states may have jurisdiction over your actions. The
analysis will vary depending upon your industry whether its securities, insurance, banking or whatever.
Your website audit will then need to focus on those state and federal laws. Since you’re in a regulated industry, you’re
already used to the need for often fastidious compliance with the laws and regulations of multiple states. In this context,
your website is no different from anything else you do. You can’t just slap up a website while blithely commenting that
nobody regulates the Internet. You’re wrong! In some ways, everybody regulates the Internet.
If You Do Business Overseas
If you do business overseas, you’ll have to be sensitive to the legal requirements of those countries that could have
jurisdiction over your company. Although a computer in the United States may physically host your website, this may not stop
you from being hauled into a foreign court. Worse, it’s conceivable that they could hold your website up against their legal
Whether you think that’s right is not the issue, but it can happen and you need to be sensitive to foreign legal
compliance with your American-based website.
Your website audit needs to consider many things. Some of it is just common sense, but some is uniquely Internet law. Some
is a mixture of the two. Here’s a sample of what I consider in a website audit.
This point is so obvious that I wouldn’t say it except that I’ve heard reasonably astute people say things like, “It
doesn’t count if it’s online.” That statement couldn’t be more wrong.
Defamation and unfair and deceptive trade practices (things like false advertising) are examples of some things that you
can have on your website that can get you hauled into a courtroom. It’s essential that you carefully review information
before it’s posted to the Web.
Copyright and Trademark
Copyright and trademark law fully apply to the Web. If you post someone’s logo on your site, make sure that you have their
written consent. If material is copyrighted, get the author’s permission.
I don’t know why sophisticated business people think that somehow the Internet is different when it comes to intellectual
property because fundamentally nothing changes when you move content from a magazine to a website. The content is just as
protected by intellectual property law online as on paper.
Post Terms and Conditions
With few exceptions, every commercial website should have Terms and Conditions of Website Use posted.
Terms and Conditions of Website Use are a natural evolution of “Shrinkwrap Agreements” which you see every time you buy
new off-the-shelf software. “By installing this software, you agree to be bound by the terms of this agreement” is typical
Shrinkwrap Agreement language.
“By using this website, you agree to be bound by the terms of this agreement” is Web Agreement language.
A well-drawn Web Wrap Agreement can help you to significantly reduce your legal risks. The most basic thing that you
should put in every Terms and Conditions is a limitation of liability clause. So even if you get sued and lose, at least the
maximum damage award against you is nominal. I’ll typically limit damages to something like $50 to $100.
To further insulate you from the claims of users, have them agree that use of the site is at
their own risk and that you disclaim all warranties. Also, include a clause making them liable to you if they upload
things to the site like copyrighted or trademarked material that they don’t have a right to use. This gives you some
protection if a third party sues you for something posted to your site by a user.
My favorite way to discourage my clients from getting sued over nonsense is by including a clause requiring that any
lawsuit be filed in my client’s home state, not the user’s. Using the courts looks a whole lot less attractive as the mileage
Having your website audited is a good example of effective, proactive law. Once you get sued, you can’t require the other
side to come to your home state if you didn’t have the agreement already on the site.
Don’t be like the people that put in the burglar alarm after the burglary. A little preventive law is much cheaper and
less stressful than crisis law. Have your site audited now, not after it causes you a problem.
Mark Grossman is a tech lawyer, business advisor, and negotiator. He is the founder of the Grossman Law Group with offices in Manhattan and South Florida.