Doing Business on the Internet FAQS

What is E-Commerce?

The term e-commerce or e-business basically means doing business on the Internet. The laws regulating the Internet and doing business online are still evolving.

 What laws govern advertising on the Internet?

Section five of the Federal Trade Commission Act, prohibits “unfair or deceptive acts or practices.” This prohibition covers:

  • Advertising claims;
  • Marketing and promotional activities; and
  • General sales methods

This Act ensures consumer protection online as well as in traditional print, television and other communication modes. In fact, since about 1999, the commission has taken a number of actions to prevent online fraud and deception.

The contents of an advertisement must comply with three basic principles:

  • An ad must be truthful and not misleading. So, if an ad is likely to mislead an average consumer and that misperception influences a customer’s decision to buy or use the product, it is considered deceptive.
  • Advertisers must be able to substantiate their claims. If you’re going to run an ad, you must have support for the claims the ad conveys. For example, if your ad claims that tests show xyz.com is a better search engine than abcd.com, you should have some test results to back that up. If there is more than one reasonable interpretation a consumer can make, the ad has to substantiate each interpretation.
  • An ad cannot be unfair. It’s unfair if, according to the FTC, it causes (or is likely to cause) serious consumer injury that couldn’t have been reasonably avoided, and isn’t justified by the potential benefit to consumers or competition. For example, you must disclose all hidden fees. It’s also considered unfair if you don’t admit that you paid individuals for endorsements.

Make It Clear and Conspicuous:                                                                    

Much of the FTC’s Dot Com Disclosures Guide is devoted to a discussion of what constitutes a “clear and conspicuous” disclosure. The requirements depend on the nature of the advertisement. To determine if your ad complies, the FTC recommends adopting the perspective of a reasonable consumer and then asking yourself if the disclosure is presented in a way that you would both notice and understand.

There are a number of factors to consider, including:

  • Whether a single disclosure is sufficient or whether the disclosure needs to be posted at various points throughout the site;
  • Whether anything on the site distracts attention from the disclosure;
  • The location of the disclosure, including where it is in relation to the advertisement; and
  • The prominence of the disclosure.

            The FTC emphasizes that its rules and guides using the terms “written” or “writing” apply online as well as offline. The FTC also cautions that certain advertisements sent by e-mail may be considered “direct mail advertisements” and thus be subject to certain prohibitions under the direct mail solicitation rules. Ultimately, if you run an ad on your Web site that a reasonable consumer will understand and that will not deceive that consumer, you should be fine. If, however, you run an ad that is even slightly deceptive or somewhat confusing, and you fail to “clearly and conspicuously” disclose, you may have a problem.

What other laws specifically govern E-Commerce?                                                         

A number of new laws have been enacted that pertain specifically to the Internet. For example, federal laws such as the Digital Millennium Copyright Act provide stiff civil and criminal penalties for pirating and other unauthorized use of software. If a licensor brings a civil action against you, for example, it may be possible to obtain an injunction and monetary damages. The licensor may then choose between actual damages, which includes the amount lost because of infringement, plus any profits attributable to the infringement. In addition, the government can criminally prosecute you for copyright infringement. If convicted, penalties can include up to five years in prison and a fine of up to $500,000. Second-time offenders risk 10 years of prison and a $1,000,000 fine.

Many of the transactions conducted online relate to the sale or lease of consumer goods. State and federal consumer protection laws (e.g., Magnuson-Moss Warranty Act) govern these transactions, which regulate advertising, warranties, and disclaimers. These laws also provide consumers with remedies not normally available under common law or the Uniform Commercial Code (UCC). In addition to general consumer protection laws, many states have adopted or are in the process of adopting specific laws directed at electronic transactions to protect consumers.

The Electronic Signatures in Global and National Commerce Act validates contracts executed by electronic signature and serves to protect consumers by requiring consumers to provide adequate consent to an electronic transaction. The Act establishes the validity of certain transactions in or affecting interstate or foreign commerce. Specifically, it provides that a signature, contract, or other record relating to such transactions may not be denied legal effect, validity or enforceability solely because it is in electronic form. A contract relating to interstate or foreign transactions may not be denied legal effect, validity or enforceability solely because an electronic signature or electronic record was used in its formation. The Act defines an electronic record as a contract or other record created, generated, sent, communicated, received, or stored by electronic means. An electronic signature means an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed by or adopted with the intent to sign the record. However, this act only applies to interstate and international commerce. It would therefore only affect transactions between buyers & sellers in different states, or in different countries.

The Uniform Computer Information Transactions Act (UCITA) was proposed for state adoption to eliminate the requirement for tangible writings and signatures in the purchase of “computer information”. Unfortunately, only about 2 states have actually enacted a version of this proposed act.  Most state legislatures are not expected to create or adopt a version of that law; therefore, it is not likely to provide much of a uniform solution.

The Uniform Electronic Transactions Act (UETA) was proposed for amendment of  state commercial codes to eliminate the requirement for tangible writings and signatures in the purchase and sale of “goods”. Some version of this legislation has been adopted in 47 states and the US Virgin Islands. Even if it is adopted in all 50 states, it will only govern transactions for procurement of goods, and not services or computer information.

UCC Article 2B revisions, as proposed for adoption by National Conference of

Commissioners for Uniform State Law, would change some of the requirements for a writing and a signature. Contracts formed electronically would therefore be enforceable. It will be years before that recommendation is universally adopted and incorporated into state commercial codes.

I understand that certain types of contracts must be in writing to enforceable. How does that affect the enforceability of making contracts on the Internet?

You are correct. The law does require that certain contracts must be in writing in order to be enforceable by a Court.  The state statutes that require certain contracts to be in writing are called statutes of fraud.  Statutes of fraud require that either the contract itself be in writing and signed by both parties or there must be a sufficient memorandum of the agreement signed by the party being sued for breach of contract.

  • The statute of frauds normally does not apply if it is possible under the terms of the agreement to perform the contract within one year.  If no time for performance is specified in the oral agreement and the performance will not necessarily take more than one year, the statute of frauds would not apply. 
  • An agreement that cannot be performed within one year after the agreement is made must be in writing.   
  • Contracts involving the sale of land must be evidenced by a writing.  
  • Another type of contract that must be in writing is the promise to answer for the debt of another person. 
  • A promise by the executor or administrator of an estate to use personal funds to pay a debt of the estate must be in writing. 
  • A promise made in consideration of marriage must be in writing.  An example of this would be a prenuptial agreement. 
  • If a contract provides for the sale of goods with a price of $500.00 or more, it must ordinarily be in writing.

It is uncertain how the applicable law will be applied in the context of online agreements since there is no clear guidance as to whether a purely electronic transaction will constitute a writing for purposes of the statute of frauds. Part of the uncertainty is attributable to the definition of writing contained in the UCC. Writing includes printing, typewriting, or any other intentional reduction to tangible form. The UCC’s definition did not contemplate a technology in which data is stored in a computer memory and not on paper. An argument can be made that data stored in computer memory is not considered sufficiently tangible to satisfy the statute of frauds. However,  the data can be printed at any time. If storage in a computer’s memory is not sufficiently tangible, the electronic information can be produced in tangible form by simply printing it. In addition, electronic transactions are really no different than telegrams and telexes, both of which have been held to satisfy the writing requirement of the statute of frauds.

Once it has met the standards for a writing, the online agreement must meet the subscription requirement. The subscription (signature) requirement of the statute of frauds can be satisfied by a single writing or by a series of writings. For purposes of the statute, if one of a series of papers relating to the same matter is signed by the party to be charged, that is sufficient, as all the papers are to be considered together in evidencing one contract or memorandum. The UCC has no formal requirements for a signature, only that it appears for the purpose to authenticate the writing. Instead of a name, the signature arguably can be an initial or a symbol.

If an e-mail is sent, the sender identification in the header of an e-mail will be sufficient to show authentication. However, will use of the individual’s initials or name at the end of the message satisfy the signature requirement? E-mail software can create a signature that includes name, job title, and phone number.

Proposed Article 2B of the Uniform Commercial Code will likely resolve many of the issues surrounding the statute of frauds in online contracts regarding the sale of good. Originally designed to address only software licenses, Article 2B has grown to include online licenses, subscription agreements, and other forms of electronic contracts.

Other Acts that will provide some relief from the statute of frauds and which are discussed above are:

  • The Electronic Signatures in Global and National Commerce Act;
  • The Uniform Computer Information Transactions Act; and
  • The Uniform Electronic Transactions Act.

What are the legal requirements for creating a Web page?                          

 There are really very few legal requirements in creating a Web page. The first thing you have to do is to secure the rights to use the domain name that you choose. This requires registering the name with a domain administrator. There are a number of domain name registration services around the world. The one you use should be accredited by the Internet Corporation for Assigned Names and Numbers (“ICANN“). ICANN is a nonprofit corporation that has been delegated responsibility by the U.S. government to coordinate Internet technical functions, including management of the Internet domain name system.

Once you are able to secure domain name registration, the process of starting an e-commerce business will be much the same as any other business enterprise. For example, you may want to incorporate your business. You will also need to enter into numerous contractual relationships in order to secure the services and products that are required to get the business up and running. You should pay close attention to any contracts that you are asked to sign, as they may have long-reaching effects. You should also be very careful about the scope and extent to which you use various products.

You also have to be very careful about intellectual property rights. One question to ask yourself, for example, is whether or not it is appropriate to incorporate source code into your Web site that you have taken from a commercial software company. It is oftentimes contemplated by a software license that the user is allowed to reproduce and distribute a software product as part of its own product, provided that usage is adding significant and primary value to the underlying software, along with numerous other limitations and restrictions.

Licensing your business can also be problematic. Wherever you have a home office, it is almost a certainty that you will need to obtain a business license. There may be other requirements in the locale where you are located. You must also undertake due diligence to see what requirements may be on the other end where your customers are. This is sometimes called part of the “fulfillment” process, which could be exceedingly complex depending upon the nature of your business and where your customers are located.

Once your business is up and operating, compliance issues are ongoing. A business activity that is illegal in one medium is not going to become legal simply because you are doing it over the Internet. Given the lack of restrictions in accessing and using the Internet, it is also sometimes easier to fall into traps for the unwary. Examples would include posting unauthorized materials on a Web site, infringing upon intellectual property rights, or engaging in unlawful solicitations (for example, spamming). In some instances, it is also much easier to get ripped off over the Internet by, for example, sending money to someone via an online auction to purchase an item that is never sent to you.

What legal restrictions are there on the use of e-mail in business?           

Much like everything else involving the Internet, the restrictions on use of e-mail in connection with e-commerce are still largely undefined. E-mail has clearly taken hold as an e-commerce tool, which gives rise to lots of legal issues relating to its use or misuse. Potential legal issues include:

  • Spamming (unlawful or inappropriate solicitation in a business context);
  • Misuse of e-mail by employees, creating vicarious liability for the employer; and
  • Communications giving rise to civil or criminal liability (e.g., securities laws violations);

As an employer, it’s extremely important to control the use of e-mail in your business. You should have a policy regarding its use. It should also be made clear to employees that your e-mail and computer system are property of the employer and that the employer has the complete and total ability to control its usage. It should further be made clear that employees have no privacy rights with respect to communications involving company e-mail and that the employer has the right at all times to monitor and inspect such e-mail. Any communications generated on the e-mail should likewise be the property of the employer. It should be made clear to employees that they cannot use e-mail for unauthorized purposes.

What are the penalties for computer hacking?                                                 

Many people look at hacking as being a hobby and a way to have fun, not as a business of cracking into or penetrating a computer system for financial gain. Regardless, engaging in “hacking” activities that are illegal can result in severe civil and even criminal penalties. For example, the Digital Millennium Copyright Act provides for stiff civil and criminal penalties for pirating and other unauthorized use of software. The government could elect to criminally prosecute a hacker for copyright infringement. If convicted, penalties can include up to five years in prison and a fine of up to $500,000. Second-time offenders risk 10 years of prison and a $1,000,000 fine.

If a software company or any other business brings a civil action against a hacker, it may be possible to obtain an injunction and monetary damages. The suing party may be able to choose between actual damages, which includes the amount lost because of infringement, plus any profits attributable to the infringement. In addition, punitive damages can be awarded for any wrongdoing that is intentional. Thus, there is an increased possibility that punitive damages can be awarded against a hacker in a civil case since, by definition, hacking is an intentional act.

Can I copy software code, articles or other information off the Internet without first getting permission?     

Unless the information is in a protected format, you can copy almost anything off the Internet. Whether or not it is legal to do so is a separate question, the answer to which largely depends on why you are copying the information. If you are copying the information for your own personal use, it may be okay. However, if it is for use in your business or otherwise for financial gain, you may be faced with potential liability exposure.

Under the general heading of intellectual property, and without regard to the Internet, the law affords protection to copyrights, patents, and trademark.

A trademark is a word, design or combination used by an individual or a business to identify its goods or services. In some cases a trademark can also be a sensory mark–a sound, a color or a smell. Marks identifying services rather than goods are technically referred to a “service marks.”

 A copyright offers protection for original works of authorship. The word copyright can be defined as a property right in an original work of authorship (such as a literary, musical, artistic, photographic, or film work) fixed in any tangible medium of expression, giving the holder the exclusive right to reproduce, adapt, distribute, perform, and display the work.

 A patent is a grant of a property right by the Government to an inventor. The United States Constitution gives Congress the right to provide for patent protection in legislation in order to encourage useful inventions. The patent itself provides a detailed description of the invention, and how it is used or how to make it. Federal statutes give an inventor the exclusive right to use, sell, and market his invention. The types of things that can be patented are things that are new, useful, and not obvious to those in the business to which the invention relates.  An invention also may be a process, a new chemical or even a new type of plant.

 Being able to access and copy or reproduce information so easily over the Internet has given rise to many new legal issues. As a consequence, new legislation has been adopted, including the Digital Millennium Copyright Act of 1998. This Act provides stiff civil and criminal penalties for pirating and other unauthorized use of software. If a licensor brings a civil action against you, for example, it may be possible to obtain an injunction and monetary damages. The licensor may then choose between actual damages, which includes the amount lost because of infringement, plus any profits attributable to the infringement. In addition, the government can criminally prosecute you for copyright infringement. If convicted, penalties can include up to five years in prison and a fine of up to $500,000.

Can I be held liable for spreading a computer virus?                                          

 If you spread a virus on purpose, you can certainly be held liable, on both civil and criminal charges. From the standpoint of civil liability, you could be sued by any number of interests ranging from ISP’s to individual users. Your liability would be damages you caused by willfully spreading the virus. In addition, you could be held liable for exemplary or punitive damages for an intentional wrongdoing. Such liability may not be dischargeable in bankruptcy. With regard to potential criminal liability exposure, intentionally spreading a computer virus could be characterized as a crime under any number of circumstances.

You may not even have to be the one who spread the virus to be held accountable. For example, you may created a virus program or let someone use your computer in spreading it. In such situations, there are ways that a prosecutor could try to hold you responsible. You might be deemed a co-conspirator, or someone aiding and abetting the commission of a crime.

It is not clear whether someone could be held liable for negligently spreading a virus. In most situations, it would probably be a stretch to find liability where an end-user innocently spread a virus by unwittingly doing something like opening up an e-mail. In order to establish such liability, it would have to be shown that the user acted unreasonably and thereby fell below the standard of care of a reasonable computer. However, there are presently many “anti-virus” programs on the market that are able to detect and filter out infected e-mails and other communications, so it may only be a matter of time before claims will be brought on the basis that a user fell below the standard of care by not using a virus scanner.

How enforceable are the boilerplate provisions that companies always force people to accept in order to use or access their Web sites?                                                               

Such provisions can be held enforceable. The logic is that by accepting terms of participation, a user has entered into an enforceable contract. In simple terms, an enforceable contract requires only that there be a proposal in the form of an offer that is accepted, with some “consideration” exchanged in the process.

Can Web sites or Internet service providers be held liable for crimes or other wrongful acts committed online by their users?                                                                              

Under the proper circumstances, it may be possible to find liability.  Case law so far has generally ruled in favor of ISP’s and Web sites on legal challenges that have tried to hold them liable for the transmission or posting of information of third parties. And protection has also been given to some degree under the Digital Millennium Copyright Act of 1998. For example, the Act generally limits the liability of ISP’s for copyright infringement liability for simply transmitting information over the Internet. However, they’re expected to remove material from users’ web sites that appears to constitute copyright infringement.

What is an online “reverse auction” and is it legal?                                             

A reverse auction in simple terms is where bids are accepted from sellers rather than from buyers. The way such an auction typically works is that someone who desires to buy a product or a service will post a request online. Prospective sellers of the product or service are then afforded the opportunity to submit bids for a predetermined length of time and the lowest bidder wins. Beyond this, the rules vary. Sometimes, for example, the bidders will be able to see competing bids. Sometimes, there may also be rules designed to prevent someone from sneaking in at the last minute with the lowest bid. For example, a last second bid may have to be at least some percentage less that the previous one or, in the alternative, a last minute bid may cause the bidding time to be extended.

As with doing any kind of business on the Internet, the laws regulating online auctions are still evolving. But many of the fundamental legal requirements for conducting online auctions will be the same as with any kind of auction business. In large part, the rights of participants as between each other and the auction site itself will be defined by their contractual relationships and will be governed by contract law.

Are there any legal restrictions governing online privacy and confidentiality?                                                                                                     

Yes, and the chances are that there will be even more restrictions as time goes on. Federal law has already been enacted that is called the Children’s Online Privacy Protection Act of 1998. Under this law, any person who operates a Web site located on the Internet or an online service, and who collects or maintains personal information from or about users or visitors, is generally prohibited from collecting such information from a child. The Act can be enforced by the Federal Trade Commission or by state regulators.

Efforts are also continuing to expand the law in the area of privacy. For example, proposed legislation was introduced that would have been known as the Online Privacy Protection Act of 2001. This Act would have required the FTC to prescribe regulations to protect the privacy of personal information collected from and about individuals who aren’t covered by the Children’s Online Privacy Protection Act of 1998, to provide greater individual control over the collection and use of that information, and for other purposes.

What is “spamming” and is it illegal?                                                                    Spamming can take on many forms and is difficult to precisely define. Generally speaking, though, it consists of mass posting or cross-posting of unsolicited e-mail for commercial purposes. Under federal law, it’s unlawful to send junk mail by facsimile, with the possibility of civil liability of up to $500 per copy. Efforts have been made to extend this law to spam sent over the Internet, but isn’t clear if this law applies to spamming.

Some states like California have gone further. Under legislation approved in September 1998, unsolicited commercial e-mail messages must include opt-out instructions and contact information. An opt-out request must also be honored. Certain messages must also be identified in their subject lines as being advertisements. A service provider may also sue a sender of unsolicited commercial e-mail for violating the provider’s policies if the sender has actual notice of such policies and if the spam is sent out through the provider’s facilities located in California. Other states make it illegal to provide falsified routing information.

What legal action can I take to stop spamming?                                            

While an ISP or a Web site can take action to terminate relationships with spammers, it can be a frustrating experience for an individual user to stop someone from spamming his or her e-mail address. The best thing you may be able to do is to take advantage of “opt out” provisions that are required in certain states. There is the line of thought, though, that by making an “opt out” request, you are only verifying for the spammer that your e-mail address is good.

Contacting your ISP may not be a bad idea, either. There are also various private or public spam reporting agencies where you may be able to file a report. Taking legal action on your own accord, though, would rarely be a good idea, as it could consume huge amounts of your time and it may be an expensive proposition. However, there may someday be more cost-effective ways to pursue legal action in this arena. Someone may also get creative enough someday to bring a class action lawsuit on spamming.

Is it legal to link a Web site to another Web site without first obtaining permission?                                                                                                            

The answer to this question is really going to boil down to the facts and circumstances of each situation. Linking happens all the time and there are usually not a lot of complaints about the linking itself. Thus, the chances of there being liability exposure for a casual link in probably minimal. However, problems are more likely to occur are in situations where linking of a Web page is being commercially exploited without the consent of the owner of that Web page.

Theories of liability are usually premised on copyright violations. However, companies have become very creative in finding ways to protect their turf. For example, liability has attached with regard to a Web site taking unfair advantage of information on another site by using “deep links” that allow a user to bypass the home page of the linked site. The argument here is that such a deep link is misleading because the user may not understand that he or she is has been linked to proprietary information on a different Web site.

Similarly, Web sites have been found liable for linking on the basis of trespass where the intent of the link was, in effect, to use information over from the linked site to use on its own site. Before linking, the safest thing to do is to comply with the linking policies that may be posted on the linked site, or otherwise to obtain the consent of the site before putting the link up.


Inside Doing Business on the Internet FAQS