2.6 eBusiness Law

Like any other business, ecommerce is governed by law and accepted practice. The cross boundary nature of the Internet has added a new layer of difficulty, however, and many issues are still awaiting resolution. The resources below are not exhaustive, and very far from providing adequate summaries of the legal position — which of course varies from country to country. Naturally, even the detailed information provided in these sites does not supersede expert advice, but does show how the law tends to regard the issues, which in turn should help companies to:

1. Keep well within the law in the first place.
2. Know how seriously to take threats of litigation from disgruntled competitors.
3. Prepare the case before seeing their lawyers.

Ethical Issues

The three strands of ethical decisions are:

1. Responsibility: individuals, companies, institutions and governments act as free moral agents, and are therefore responsible for their actions.
2. Accountability: those individuals etc. can be held accountable to others for the consequences of their actions.
3. Liable: those individuals etc. are subject under law (due process) for the consequences of their actions.

Law is a complex matter, but a company venturing into uncharted waters may get some handle on the consequences by grouping questions into these categories:

1. Who or what will be harmed, precisely, and to what extent?
2. What social, ethical and/or political values will be called into question?
3. Who has an interest in the outcome (stakeholders)?
4. What other options are open, and could be sensibly taken?
5. Is this the sort of action that could not be consistently taken by all parties at all times?

Few actions benefit everyone, but a red flag will be raised by:

1. Injuries in category one that are insufficiently outweighed by benefits to them and third parties.
2. Infringement of values in category two that seem likely to damage a company's public standing.
3. Stakeholders in category three who are numerous and/or powerful.
4. Sensible alternatives not been taken in category four.
5. Any action in category five.


Companies expect web designers etc. to honor their contract, and so need to check before signing that all aspects are covered, and that adequate arbitration procedures exist for the disagreements that may arise. The contract should cover:

1. Description of assignment.
2. Timetable and penalties for missed deadlines.
3. Payment schedule.
4. Copyright and data ownership.
5. Warranties: guarantees that site will perform as planned.
6. Confidentiality of information.
7. Non-solicitation agreement.

Large software houses typically make thousands of contracts, sometimes without a proper negotiation that brings together the requisite level of skill, knowledge of the law, market savvy, risk analysis, and sales psychology. {22} Nonetheless, contracts are legally binding promises based on the idea that making commercial promises enforceable is both fair and beneficial to society. Contracts serve two purposes. Firstly, they act as a guidebook for the parties concerned, who periodically consult them to learn their rights and determine what actions are required or optional, allowed or forbidden. Secondly, they act as legal rules for a judge, jury, or arbitrators in deciding a dispute between the parties and awarding legal remedies. As such, contracts can make or break a company, and need to be written intelligently, specifying fully what needs to be specified without locking the parties into fruitless litigation. More detailed treatments {1} will show how very complicated contracts can be, and costly in damages for noncompliance and/or litigation fees. Standard contracts (cheaply available on the Internet) may be an expensive economy.

Consulting contracts deserve special scrutiny, as a 1997 study found that IT managers considered over 60 percent of their IT development projects to be 'unsuccessful'. {22} A great deal needs to be tied down exactly, particularly the warranties and who owns what on project completion. Offshoring to India or China increases the need for caution, fairness, escrow services, assessments, let-out clauses, testing and intellectual property considerations.

Licensing in some areas of software development (e.g. Salesforce) is being replaced by services, requiring yet another form of contract.

Copyright and Intellectual Property

Though more observed in the breach, most material on the Internet is copyright-protected: images, designs, music and video clips. Ideas and information cannot be copyrighted, only their particular expression, but companies will certainly get an attorney's letter if they lift large sections of text from other sites.

Data Protection and Privacy Policy

Companies are responsible for keeping customer credit card information secure if payment is not wholly handled by a credit card processing agency. Equally demanding, and good deal more perplexing, is complying with the data protection legislation that the EEC seems determined to foist on ecommerce merchants. Many UK companies are probably breaking the law, though prosecution seems a long way off.

Domain Names

What happens if the domain name you've crafted your site around turns out to be the trademarked product of someone else? You were granted the domain by the relevant authority, but that doesn't mean you can legally use it. Check trademarks first. Look carefully at domain names similar to yours, particularly those of public companies. You may be able to convince the courts that you had a prior claim, but you won't want the hassle or legal fees. To avoid diluting their Internet name, companies generally acquire the .net and .biz domains as well as the .com.

Privacy Statements, Etc.

Websites need full and accurate privacy statements. Also essential are terms of use, copyright notices, guarantees and/or shipping costs on ecommerce sites, and standards of behavior on blogs, bulletins and chat sites.

Open Source

Open source, an alternative to the proprietary licensing model, is an increasingly popular licensing and distribution method that grants a:

1. License to the source code for a program along with the binary version.
2. License to make derivative works using the source code without paying a license fee.
3. License to make and distribute unlimited copies of the program, including the source code, the binary product, and derivative works without paying a license fee.

Errors and security 'holes' are more easily fixed by this licensing method, and users are less dependent on an original licensing company. Open source is not free of license control however, and this specification of what can and cannot be done with the software (often involved) takes many forms. Terms and conditions need to be read very carefully if companies are to retain ownership of what they built in good faith with such software.


The EEC and UK Government proposals continue to restrict the use of encryption in emails.


It's a courtesy but not a legal requirement to ask permission before adding a link to the home page of another site. If by linking to a specific page and not the home page (i.e. deep linking) a company bypasses information that the website owners regard as vital (e.g. promotions, advertisements, disclaimers) it is essential that the original source remain clear. Ditto for framed pages, or the owners may attempt to sue.

Meta Tags

Companies may be tempted to include a popular site's domain or brand name in their keywords metatag. Don't. It may increase their traffic, but the courts have taken a dim view of this practice.


Owners of websites are generally immune from defamation (libel) suits for user-supplied content in posting such as blogs and chat. {22}


Companies should add a disclaimer to their site if they don't want to be sued in matters beyond their control.

Data Privacy

In general, US companies will be complying with privacy legislation if they:

1. Provide users with the fair disclosure regarding web and Internet collection of personal data.
2. Are honest with Internet users, have an adequate privacy policy, and actually do what they promise.
3. Follow the special (and very strict) laws relating to children under 13.
4. Follow special rules that may apply to regulated industries such as banking and health care.
5. Follow any state laws that may apply.


No representative of an organization can reveal material information to a select audience in violation of rules laid down by Government bodies, which is the SEC (Security and Exchange Commission) in the States. {25} Fairness is the keyword. By 'material information' is meant anything that could affect the organization's financial condition, ranging from quarterly earnings to new product information. When material is disclosed, that material must be disclosed simultaneously in the case of intentional disclosure, and promptly in the case of unintentional disclosure.

International Considerations

Because US companies can be sued in a foreign company for breaches in national legislation, contracts need to be drawn up in cooperation with legal specialists in the countries concerned. VAT and local taxes are usually the responsibility of the purchaser, but licensing arrangements, withholding tax, duties of a sales agent and a host of other matters again need planning and sensible contracts. Export controls may also apply if products:

1. Threaten US national security, e.g. aerospace, defense, nuclear, or robotics.
2. Involve advanced technologies that may have defense or intelligence applications.
3. Include any form of encryption.
4. Are destined for countries where trade sanctions are in force: Angola, Cuba, Cote d'Ivoire, Iran, Iraq, North Korea, Sudan, Liberia, Zimbabwe, Sierra Leone, Syria, and Myanmar.


1. Provide three rules of thumb regarding the law as it applies to the Internet.
2. What should a contract with a web design or programming company cover?
3. Name six areas relating to intellectual property on the Internet.
4. How would you be wise in using any material apparently available for free on the Internet?
5. What do you understand by data privacy, and how does US legislation compare to that of France?
6. Briefly describe the legal considerations that apply to US companies with international business contacts.
7. Provide a checklist that a website is complying with US law.

Sources and Further Reading

1. News You Need To Know About Information Security Laws. About.Com. Short but useful listing of news items.
2. Security legislation. Watson Hall. Links to acts applying to UK, Europe and to some extent the USA.
3. Benedict. Practical copyright information for Internet users.
4. BNA International. Worldwide legal implications of ecommerce.
5. Cyberlaw Encyclopedia. Extensive list of entries under some forty headings.
6. Data Protection Act. Advice on the UK's Data Protection Act.
7. FindLaw. Extensive listing of law sites and resources.
8. Internet and Policy Forum. Promotes ecommerce through discussion and better understanding of cross border issues. Reports from working groups.
9. Internet Law Library. Summaries of court decisions shaping the law of the web: cybersquatting, links, trademarks, defamation, etc.
10. MLMLaw. Definitive legal resource for direct selling and network marketing companies.
11. Law Guru. Worldwide law resources of Internet organized by subject and jurisdiction. Helpful summaries and free legal forms.
12. Legal Pulse. Up to date information on the law affecting UK businesses.
13. Legal Zoom. Online legal documents at lawyer-free prices.
14. Law Research. Largest law library on the web.
15. Nolo. Introductory answers for the DIY lawyer: FAQs for Internet issues.
16. Perkins Coie
. Internet case digests.
17. Small Business Law Center. Articles and resources for the small and the medium-sized baseness.
18. Trust.e. Non-profit organization for customer protection and data privacy.
19. World Law. Advice on business, Internet and international law.

20. Guide to Internet Law. Internet Society. Lists under seven useful headings.
21. The IT/Digital Legal Companion: A Comprehensive Business Guide to Software, Internet, and IP Law by Gene K. Landy and Amy J. Mastrobattista. Syngress. June 2008. A fairly comprehensive guide in plain English.
22. The smartphone patent wars by Marissa Oberlander, Martin Stabe and Steve Bernard. FT. October 2011. Complex chain of lawsuits currently involving 21 companies.
23. Cyberspace Law and Policy Center. CyberLawCenter. News and short papers.
24. Law for Computing Students by Geoffrey Sampson. Bookboon. 2009. 113 page ebook: basics from a UK perspective: free.

25. SEC Disclosure and Corporate Governance: Financial Reporting Challenges for 2011 by Noan Noked. Harvard Law School Forum. March 2011.
26. 6 Key 'Terms and Conditions' for Ecommerce Merchants by Jeff Jacobson. Practical Ecommerce. April 2011.
27. Copyright Trolls Threaten Your Ecommerce Business by Jeff Jacobson. Practical Ecommerce. June 2011.
28. Legal: The Top Ten Risks For Online Businesses by John W. Dozier. Practical Ecommerce. July 2008..