E-commerce Basics
Dec 11th, 2006 by admin
Publishing, performing or selling on-line is different from the traditional models of commerce on the one hand, but identical on the other. Potential damages are large and immediate, and remedies may be illusive. But the law of e-commerce involves the laws of any other commercial medium, and never in our history has the cost of interacting with an individual, interest group or market been so low. These are the competing interests for those entering the online world.
Because of the amplification of legal exposure from the Internet, class actions may be more likely (e.g, Chavez v. Netflix), as is the potential theft of property. The following is a general review of some legal considerations that may assist those who need to understand their risk exposure in electronic commerce whether promoting goods, services, software, art or music. E-commerce participants should not forget that the law is applied to allocate freedoms and responsibilities, regardless of the medium.
1.0 General Areas of the Law
A typical e-commerce legal practice involves torts, contracts and the assertion of intellectual property rights, the First Amendment and perhaps criminal matters. Most questions that arise speak to a basic lack of knowledge on the areas of the commercial law. A comprehensive review would take volumes, however, a primer on e-commerce law invariably involves a discussion of torts, contracts, commerce and assertion of intellectual property rights.
1.1 Torts
Among the most common online torts are the “privacy torts”, such as defamation. Defamation usually has four elements to build a prima facie case: false statements, an unprivileged communication, fault, and damages. Before one vents about a former employer or partner online, prudence is better path.
Business related torts also include tortuous interference with contract, and tortuous interference with business expectancy. These torts involve interference with an existing contract and a pending contract, respectively. While the potential liabilities for online torts are significant, most e-commerce operators remain primarily focused on commercial and intellectual property laws.
1.2 Contracts Generally: E-Commerce Contract Laws
Our commercial laws evolved primarily around the sale of goods and services - only relatively recently in human history have protections in intangible rights like intellectual property (copyright, trade secret, trade mark, patent and moral rights) evolved. However, a basic understanding of contract law is required to grasp the focus of many risks in e-commerce. Contract law varies with the jurisdiction and subject matter. Additionally, because new laws involving one’s online existence are created or interpreted every day, it is often unclear where practitioners can look to find current information economy law.
In the United States, various factors may undermine the enforceability of a contract. The contract may be so unfair that it is against public policy or unconscionable. The relevant issues include procedural matters, such as the way the contract was entered into (e.g., being induced to an online rebate and having to click through endless screens to get the rebate); or substantive matters, including the terms of the contract (e.g., a service offering to sell stolen property). Contracts may be invalidated even when you are not dealing with a wrong-doer.
In every contract, a duty of good faith is implied. This means the parties to the contract will act honestly and perform the contract pursuant to the reasonable commercial standards of fair dealing for that industry.
Any remedy offered must be adequate to limit the risk of the parties. Otherwise, the contract may “fail in its essential purpose.” For instance, if there is breach, does the non-breaching party receive the benefit of the bargain? Alternatively, if the contract is not performed, can the performing party get what they bargained for returned?
Many contracts include “penalties,” which are generally unenforceable. But liquidated damages clauses that reasonably approximate the actual damages, are permitted. The issue with having unenforceable provisions in a contract is that they may eviscerate the contract as a whole and a judge may prefer to say that no contract exists rather than to “blue-line” or remove the offensive provisions. Also, if the judge does blue-line the offending provisions, the contract may not be worth enforcing to one of the parties. These issues are generally cured by good drafting practices.
While damages at law involve making the harmed party whole through money, in some circumstances, money may be inadequate. In these cases, a remedy at equity is required to right the wrong. Equity demands an action is taken, such as restraining someone from disclosing a trade secret. Other equity concepts include construing a contract against the drafter, holding a contract invalid if a party is coerced into the transaction, holding a contract invalid if made under duress, and holding a contract invalid if entered into by mistake or fraud. The concept of estoppel is an equitable device where a position taken by a party earlier in time cannot be changed later, as the opposing party may have relied on the first party’s earlier action.
1.3 E-Commerce Contract Law Sources
The primary contractual issue in e-commerce is one of contract formation. Can the parties be bound and enforce the contract? And the relevant areas of contract law primarily include the following: the common law of contracts (non-UCC contracts and services); UCC Article 2 for sales of goods, and UCC Article 2A for leases of goods; and consumer protection laws promulgated by the various states and the Federal Trade Commission. Finally, there are various electronic contracting statues based on the Uniform Electronic Transactions Act (UETA) in the states and the E-Sign act on the federal level. The Uniform Computer Information Transactions Act (UCITA) is also applicable, but only in the two states in which it was enacted (Maryland and Virginia) or if that forum is chosen or used as persuasive authority.
These laws cover what is reasonable for contracting parties to expect. For example, the right to maintain a record of the transaction, to print out the terms and conditions, electronic errors correction policies (which may be similar to “scriveners” errors), assent (e.g., electronic signatures) and notice requirements. Generally, people have a right to review a contract and the right to print it at the time of the disclosure of the right being granted or alienated.
1.4 Acceptance: The Online Intent to be Bound
Acceptance in contract law involves the intent of the parties to be bound by an agreement. For online transactions, one must ask what objective manifestation do parties on-line display? Perhaps clicking “I Agree” is sufficient. There are various areas of the law that are helpful in defining what we look to in order to show acceptance. UCC Article 1 defines what is meant by “sign”; generally, “signed includes any symbol executed or adopted by a party with present intention to authenticate a writing.”[2] The Electronic Signatures in Global and National Commerce Act (“E-Sign Act”) includes broader tolerance for what it means to sign something: “an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.”[3]
E-commerce companies must create a trail of evidence demonstrating that customers intend to be bound by contract. Intent can be formed with knowledge, so this means consumers need knowledge of the transaction. Some companies attempt to trick visitors to assent to terms without having them click “I Agree” or a similar overt act. However, the E-Sign Act is clear in this respect: the parties are “intentionally engaging in conduct with reason to know that the other party or its electronic agent may infer from the conduct or statement that the person assents to the record or term.” [4] The parties must be informed that the contact is being made. Unfortunately, many approaches will fail, and lack of an off-line signed writing will not be persuasive in trying to defeat the existence of a contract.
1.5 Higher Scrutiny: Healthcare and Financial Data
Certain transactions require greater scrutiny as a matter of law and public policy. If they are important rights being given away, attention must be given and assent made to those individual contract clauses. In some cases, the purchaser may be required to check each box by the clause requiring more attention.[5]
The knowing failure to reveal something of material importance is ‘deceptive’ within the Consumer Protection Act.[6] That is because a practice is unfair or deceptive if it induces contract through deceptions, even if the consumer later becomes fully informed before entering into the contract. Deception or lack of knowledge at time of the contract is the issue in this family of laws.
Issues involving health care have very high scrutiny, not only the restrictions on disclosing private information in the Heath Insurance Portability and Privacy Act, but also when educating consumers on drugs, under the rationale that “advertisements for certain products, such as prescription medications, may not be appropriate for wireless devices at all because the necessary disclosures are so lengthy”[7] and cannot be seen on a 3cm screen of a cell phone (mobile phone) clearly. Other terms that must be conspicuous include those that involve valuable property transfers, software with kill-switches, warranty disclaimers, indemnity obligations, and liability limitations.
2.0 Intellectual Property and Intangible Rights
An e-commerce proprietor may start by using its own labor (owners and employees) or may contract someone to build or maintain the site. This will be done by a contract. Written contracts are generally superior to oral, and may be required to be enforceable. A robust web development and maintenance contract is required to ensure that ownership, control and custody of the elements that make up your website can be managed in the event the contractor becomes insolvent or is in breach of its obligations. Most companies get involved in various aspects of the web site development and must manage a constellation of contracts.
2.1 Domain Name and the Trade Mark Nexus
One of the first rights one obtains when going on-line is the domain name. The largest problem many people come in contact with is trademark infringement. If one sells a good or service that someone else also sells under that mark, or a similar mark, a trademark infringement action may result. There are various dispute resolution process, including the Uniform Domain-Name Dispute-Resolution Policy ("UDRP"), however, the application of this regime is limited and the results often are unsatisfactory.
Among the problems with trade mark online is inconsistency of use, even registered marks. Selecting a trade name, trade mark and business name should be viewed as different tasks and serious considerations should be made before one builds a web presence based on a mark or business name that may confuse customers. Additional legal issues surround unfair trade practices, which is essentially trading on the good name of another, with a resulting likelihood of confusion for consumers.[8] Likewise, using the name of another person should also be avoided.[9]
2.2 “Content”
2.2.1 Origin of Title
Those in the web business must know the origin of each and every piece of content on your site. This includes copy written materials, patent functionality and trade marks. If someone gives you content, they should warrant they own it, indemnify the buyer if the buyer is sued and be insured to cover costs of litigation.
2.2.2 Circumvention
If the website may potentially assist users in violating intellectual property rights of others, one should determine if your policies fit into the Digital Millennium Copyright Act safe harbor provisions.[10]
2.2.3 Sweepstakes and other unique considerations
The states regulate sweepstakes and compliance with each jurisdiction’s laws is required for every state in which the sweepstakes, giveaway or lottery operates. Many federal agencies have their regulatory overlay in hundreds of areas. Operators need to know who they are regulated by. Special areas of the law that require more scrutiny include: (1) Consumer Advertising; (2) Insurance; (3) Tax Issues; (4) International and export laws; (5) Privacy; (6) Children; (7) Collections; (8) Medical; (9) Corporate Securities; (9) Disable Access; and (10) Loans.
2.2.4 Data Extraction.
If protecting the site from data extraction is important, one should consider using “no trespass” notices to protect data from extraction by spiders and crawlers. In the eBay, Inc. v. Bidder’s Edge, Inc. case, the court noted evidence to the effect that early robots were careful to check “the robots.txt file on every site and desist if asked,” and that “well-behaved robots are still expected to check the robots.txt file.”[11] Requesting that others not archive or index your site should be done with meta-tags and txt files. Some forms of data may be subject to robust protections under various laws.
While some forms of property rights may be protectable online, others may not (such as trade secrets). Some properties that may not fit into the goods and services buckets but may have protections including those in the following table:
| Property |
Potential Protection Strategy |
| Domain | Trade mark |
| Information |
Trade Secret , copyright (if sufficiently “expressive”) |
| Data |
Copyright, trade secret |
| Ideas |
Trade Secret |
| Software |
Trade Secret, copyright, patent |
| Mask works |
Copyright, trade secret |
| Music |
Copyright |
| Text |
Copyright, trade secret |
| Images |
Copyright, trade secret |
| Sounds / Music |
Copyright, trade mark, patent |
| Ideas | trade secret |
| Look and feel of site or trade dress | Trade mark |
| Utility of Site | Patent |
| “Content” | Copyright, trade secret, patent, trade mark, moral right, third party licenses, other entity licenses © Martin Medeiros 2006 |
3.0 E-Commerce Contracts
There are many contracts involved with e-commerce and a brief overview of some contracts is important for those with or contemplating an online presence.
3.1 Terms of Use.
Terms of Use included on a website is your contract with the visitors of your site. Carefully consider what you want to allow people to use, how you want to protect the information (e.g., registered copyright, creative commons license, etc.) The level of agreement and exposure to terms of use may impact their enforcement.
Do you want people to use “Frames” in your content? How do you use cookies? This is your opportunity to let the public know if you want to exert more or less control over your site. For example, in addition to requesting browsers not to archive or index your site in meta-tags, you must also be sure this preference is stated in your terms of use. Consider deep linking preferences.
3.2 Privacy Policy
This is a contract and notice to users how you will use their information. Operators need to be clear how you use cookies, information you collect via e-mail or input screens. Are they “opting in” to a solicitation scheme or is that the default? Various jurisdictions, including the European Union have strict controls and well developed policies on privacy.
3.3 Order form / Shopping cart
There are many companies that work on an independent contractor basis that provide catalog and web development services to e-commerce companies. The nexus of this is an order form or, dynamic order form called a “shopping cart.” This is the first “writing” one requires to consummate an order. This allows a customer to actually order products over the Internet. Whether or not you have a static order form or dynamic shopping cart depends on the nature and quantity of products that you offer. Various companies, like Godaddy.com and Yahoo.com offer full service contracts and aggressive pricing to get e-commerce functionality that allows the users to update product catalogs.
3.4 SSL Certificate Contract
A secured socket layer (SSL) certificate is a digital “key” that enables your website to have encrypted communications with the customer’s web browser. If one collects credit card or other sensitive information, this is required. Financial data is one of the areas that legally requires higher scrutiny in its protection. Certificates are issued for a fixed period of time, usually 1, 2 or 3 years by certificate authorities, such as GeoTrust and Verisign. There are two basic types of certificates:
3.4.1 Authenticated – the merchant verifies that the certificate is actually purchased by the company that owns the web site; and
3.4.2 Unauthenticated – no verified ownership by the certificate company.
While there is no substantive difference in the encryption capabilities of these certificates the level of security is higher in that authenticated limit risk by doing some background search. The authenticated certificates are slightly more expensive, and require you to provide proof of identity (e.g., Articles of Incorporation, Dunn and Bradstreet information, etc). Start-ups try to save money by obtaining unauthenticated certificates, as most end users are unaware of or ignore the authentication function or capability. However, this dynamic is changing and certification may increase ranking order with some search engines.
3.5 Payment Gateway Contract
When shopping brick-and-mortar retailers, we have all seen the little box with keypad and display that our credit card is swiped through (these are integrated into modern cash registers, such as those you find at Starbucks coffee shops). This unit, called a merchant point-of-sales (POS) terminal, contacts a credit card processing network and validates the transaction. Various different offers on the terminal leasing are offered, some contractual terms to financing these are draconian.
The payment gateway is the Internet equivalent of the POS terminal. It provides your web site secure access to a credit card processing network and allows the credit card transaction to be verified in real time. The two leaders in the Internet payment gateway market are Authorize.Net and the Verisign PayFlow service. Many banks also offer their own payment gateway. Your merchant account will determine which payment gateways are available to you, as this is a result of contractual relationships between the different merchant accounts.
3.6 Merchant Account Contract
A Merchant Account contract is an important part of going online. A merchant account is what allows you to accept credit cards. This is a branded network of financial service providers. The basic process works as follows: first, a credit card transaction is approved through a POS terminal or payment gateway; second, the day’s transactions are “settled” into a batch at the end of the day; and third, typically 2 or 3 business days later, the batch total is deposited into your checking or savings account. Each month, the merchant account provider will withdraw their fee for the transactions that you have run from this same bank account. Basic merchant accounts usually allow you to accept only Visa and Master Cards. You will need to arrange for accounts directly with Discover and American Express if you want to accept those cards. The same payment gateway would be used for all transactions.
Most banks offer merchant accounts, but because of the nature of the fees charged, it is difficult to make a comparison between accounts. These are highly negotiable in some cases – one need only register a business to be inundated with dozens of mailers offering various merchant account deals. Typically there are 3 basic fees involved:
3.6.1 a monthly fee, sometimes called a statement fee,
3.6.2 a fixed charge-per-transaction, called a transaction fee, and
3.6.3 a percentage of the transaction, called the discount rate.
Choosing a merchant account is the first critical decision you must make when determining what contract is best for you. For example, if you have a large number of small transactions, an account with a higher discount rate and lower per-transaction fee might be better, while the reverse is true if you have a small number of large transactions (this analysis may be similar when choosing a taxing forum regarding sales, Value Added and other taxes – a separate discussion requiring a tax specialist). The rates offered will depend on the history of your transactions (or an estimate of your transactions if you have no history), better rates should be re-negotiated and adjusted over time. it is also fairly easy to change merchant accounts if you find a better deal, however, large application and account transfer fees are not uncommon. Merchant accounts are often at different banks from one’s business checking account. Sometimes gateway and merchant account “packages” are offered and savings are possible.
3.7 Hosting
A critical contract involves hosting. That contract provides for bandwidth and storage for the data that makes up your website. The critical component is the broadband connection. Many Internet Service Providers offer hosting services which essentially includes disk space on a server and the bandwidth to get to it. These companies offer e-mail services. All these transactions should contemplate the control of your website and e-mail during a contingency and what guarantees are built into your information technology infrastructure.
3.8 Web Site Development
Most often, contractors are hired to provide development services and to build the website. This contract is important as it may assist or protect you by ensuring you own the content on your site or receive some liability shield between you and the content on your site. This can be small contracts or highly complex.
E-commerce done well, involves managing a series of contracts and relationships. Among the most important realizations is that every web presence has a different footprint. The optimization of that footprint while reducing risk allows you to successfully navigate and utilize this great liberator of trade and consumer choice. Whether you are a pianist wanting to make a living at playing the piano or a distributor of software, success is the product of sustained, multi-year effort. While, there are success stories of those fortunate enough to do well with minimal legal protections, at some point all e-commerce operators must attain a level of sophistication.
[1] Martin Medeiros is a partner at Swider Medeiros Haver LLP, a Portland, Oregon based law firm that is focused on the business of the creative and innovative classes. Martin is a member of the Oregon and Washington State Bars. [2]See, e.g. R.C.W. § 62A.1-201(39). [3] 15 USC §§ 7001; See also, Specht v. Netscape Communications Corp., 306 F.3d 17(2nd Cir. 2002)(case involving disclosure of copyright and privacy protections or policies but not contract). et. Seq. [4] See id. [5]Robinson v. Avis, 106 Wn.App.104 (2001) [6]15 U.S.C. § 45(a)(1) [7] FTC Public Workshop 2002. [8]The equivalent of an intellectual property attorney’s Swiss Army Knife is § 43(a) of the Lanham Act. [9] "[a]ny person who registers a domain name that consists of the name of another living person . . . without that person’s consent, with the specific intent to profit from such name by selling the domain name for financial gain to that person or any third party, shall be liable in a civil action by such person." 15 U.S.C. Section 1129(1)(A). [10] DMCA § 512(b) a service provider shall not be liable for monetary relief … for infringement of copyright by reason of the: intermediate temporary storage of material on a system or network controlled or operated by or for the service provider [11] eBay Inc. v. Bidders Edge, Inc. 100 F. Supp. 2d 1058 (N.D. Cal. 2000)