Uncover Potential Liability with a Website Audit

June 16, 2010
« Next Previous »

By Fred D. Zemel | Websites are used by businesses to increase revenue by expanding visibility in the marketplace. In that regard, businesses devote much time, effort and expense to fine tuning the look, feel and functionalities of their websites. However, since people are frequently unaware that their website is a source of potential liability, they fail to have a website audit performed on their website. A website audit is a legal review of a website (1) to determine how the website may be deficient or problematic from a legal perspective, and (2) to recommend modifications which should be made to the website to resolve those deficiencies or problems. Consider the following: your website is accessible to an endless amount of people through the World Wide Web. You have no control over who views your website, whether they will be damaged as a result of relying on information presented through your website or as a result of damaging code, such as viruses, passed through your site, or whether they will sue you as a result of those damages. In the day and age where litigation is frequently turned to as an avenue of relief and too often juries return verdicts with lottery-type damages, understanding, evaluating and properly addressing the risks created by your website is critical. Moreover, since website audits are typically relatively inexpensive, the cost/benefit analysis leans strongly in favor of having a website audit performed. When website audits are performed, the following are some of the issues primarily reviewed and analyzed:
    • Website Terms of Use
    • Privacy Policy
    • Infringement of Third Party Rights
    • Protection of Website Owner Intellectual Property Rights
  • Review of Contracts for Website Design and Operation
Deficiencies in the areas described above could be a source of significant liability to website owners. By having a website audit performed, website owners are able to identify where they are at risk of liability to end users and determine what remedial action they want to take in order to mitigate that risk. The following is an explanation of the issues presented above and how they are addressed through website audits: Terms of Use A website’s Terms of Use is, in its broadest terms, an agreement between the website owner and end users who access the website. Terms of Use contain the conditions under which end users are permitted to access a website, utilize information posted on a website and use website functionalities. Terms of Use also provide limitations on the rights of end users if they wish to seek damages against a website owner. For example, issues such as Disclaimer of Warranties, Limitation of Liabilities, Applicable Law and Jurisdiction, and Arbitration are usually addressed in Terms of Use. Once a website owner recognizes the importance of Terms of Use, the form of the Terms of Use must be considered. As with other agreements, there is no such thing as “one size fits all” with Terms of Use. Rather, when drafting Terms of Use, it is important to understand the type of information and functionalities contained on a website and the anticipated manner in which end users will rely on that information and use those functionalities. For example, a website which contains gardening information would likely expose the website owner to less risk of significant third party claims than would a website which contains information on medical conditions. Once a proper assessment of a website is made, then Terms of Use tailored to the website can be properly drafted. However, it is fairly apparent that if one were to take Terms of Use which are adequate for a gardening website and apply them to a medical website, the owner of the medical website would likely have failed to properly address or adequately minimize the greater risk created by the medical website. As shown above, having website Terms of Use is an important element in protecting the interests of website owners. Equally important, however, is ensuring that the Terms of Use are properly tailored to the website for which they are used. Privacy Policy A website’s Privacy Policy sets out the parameters under which the website owner intends to use end user data collected through the website. End user data collected through a website may be in the form of personally identifiable information or information which is derived from end users but which does not personally identify the end users. Examples of personally identifiable information include names, addresses, e-mail addresses, phone numbers, social security numbers, and other similar information which can be used to identify specific persons. In addition to the collection of personally identifiable information which is actively provided by end users, website owners may use “cookies” in order to identify end users who have previously visited the website, to extract certain information from those end users, and to gear certain advertising to those end users. Once website owners have end user personal data, the website owner will determine how sensitively (or not) they will treat that data. Will they only use the data to directly communicate to end users regarding goods and services provided by the website owner, or will they permit third parties to use that data to market unrelated goods and services to end users? Due to the fact that end users have varying expectations as to how their data will be used, if an end user feels that those expectations have been exceeded, the end user may sue the website owner for violating the end user’s privacy rights and/or applicable laws. In anticipation of such claims, website owners have the ability to convey to end users through the website’s Privacy Policy how it is intended by the website owner that the end user data will be used. By informing end users of the website owner’s intentions, end user expectations should be set so that the end user is not surprised by the scope of the website owner’s use of end user data. Infringement of Third Party Rights Websites frequently make use of content which is protected by third party intellectual property rights, including copyright and trademark rights. Whenever third party intellectual property rights are involved, it is important that the rights of the owner of those intellectual property rights be considered and proper steps be taken, where necessary, to agree with that owner on the permitted use of the subject matter of those rights. For example, if a website owner intends to reproduce an article written by another person, the website owner must consider whether such reproduction, if done without the author’s consent, would infringe the author’s copyright in the article. Additionally, if a website owner infringes the trademark of a third party, the website owner may be subject to statutory treble damages. In addition to potential infringement of third party intellectual property rights, websites may infringe on the rights of others by linking to other websites without permission. Moreover, the problems caused by unpermitted linking to another’s website are potentially exacerbated when the linking involved is “deep linking,” i.e., linking to a page on a website other than the website’s home page. As noted above, due to the fact that websites are accessible through the World Wide Web, the ability of third parties to access a person’s website is unlimited. When that unlimited accessibility is coupled with the motivation third parties have to determine where their rights may be infringed and the ability of those third parties to take legal action to protect those rights, it is clearly important to assess whether a website infringes the rights of third parties, and if so, what steps should be taken to address that situation. Protection of Website Owner Intellectual Property Rights Identification of how a website may infringe the intellectual property rights of third parties is important. Similarly, determining what intellectual property rights a website owner may have and what steps have been taken to protect those rights is also essential. Those rights may include, for example, trademarks and copyrights of the website owner. Proper protection of one’s intellectual property enables the owner of that intellectual property to prevent others from misusing that intellectual property. Further, if that intellectual property is used in a manner that is not permitted, the intellectual property owner may then sue to collect statutory damages from an infringing party. Since intellectual property is a significant way in which one business effectively distinguishes itself from other similar businesses, the ease with which intellectual property is reproduced and infringed by others is a definite business risk. As a result, it is clearly important that website owners identify what their intellectual property assets are and determine what steps they have taken to protect them. Review of Contracts for Website Design and Operation Usually, website owners have website designers manage their websites in every respect. Website designers will frequently be charged with acquiring the website domain name, designing the website, hosting the website, and providing website maintenance. However, what website owners frequently do not realize is that the website designers may in their “form contract” retain ownership rights in the website, its design, content, and sometimes even in the domain name itself. Moreover, if there is no requirement that the website designer regularly transmit website content and end user data to the website owner, if the relationship with the website designer deteriorates, the website owner may find that they are unable to effectively migrate the website to another website designer/host. The pitfalls and problems typically found in contracts with website designers are frequently not recognized at the time that those contracts are entered. As a result, it is important that website owners assess what problems may exist with their contracts, especially at a time when there is no dispute with the website designer/host. By doing so, website owners are able to approach the website designer/host in an effort to renegotiate the contract. If a website owner is unable to renegotiate their contract, then the website owner is at least able to understand what problems may exist and take independent action to work around those problems. The issues raised above are just some of the ways in which a website audit helps website owners identify and manage risks to their businesses which are caused by websites. For further information regarding website audits and other intellectual property/technology concerns, individuals are urged to contact the Scarinci Hollenbeck attorney with whom they work. Questions can also be directed to the author, Fred Zemel. This Scarinci Hollenbeck Client Alert has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel.