As a website operator, am I accountable for untrue statements posted by users? Can I be held responsible for users’ defamatory acts?
Under United States law, Internet service providers, Web hosts and interactive computer services are federally protected from third-party defamation liability via Section 230 of the Communications Decency Act. Case law is strong on the matter, and even though a couple of such cases have won in trial court (i.e., Sarah Jones v. TheDirty.com), they were overturned on appeal.
My site sells products geared for adults. How do I protect my company from liability if minors lie about their age and purchases an item from my site?
Age verification has always presented an obstacle to businesses with an online commercial presence. Operators worry: “How is it possible to keep minors off a site? If I fail, will I be held responsible for something I tried to prevent?”
Thankfully, lawmakers do understand the predicament faced by websites that don’t want to cater to users under the ages of 13, 16, 18 or 21 because they don’t want to worry about various age-related federal online privacy regulations. That said, websites that truly don’t want minors interacting or making purchases via their platforms must have certain elements in place to convince a legal body that they took precautions to limit their sites’ appeal to minors.
Online venues that want to discourage underage use of their sites should:
- Be aware of design considerations. The Federal Trade Commission considers a website’s aesthetics when investigating “unfair and deceptive” marketing cases. If your site uses graphics that would appeal to a younger audience, it could be – and has, in the past been – considered an underhanded method to attract minors.
- Make sure your disclosures are clear and conspicuous. If you genuinely don’t want people under a certain age making purchases from, or interacting with, your site, implement an acknowledgement step. Before any security or check-out process, make sure there is a page in the checkout process that users must acknowledge via an “I agree” click, which clearly states the age policies of the site.
How can I get rid of inaccurate, misleading online posts about my business? Are there actions I can take against the person making the false posts?
As digital-dependency grows, online reputation attacks are also growing more prevalent. To gain a competitive edge, some businesses hire smear trolls to bad-mouth competitors across the Internet. But doing so is a violation of civil law. Hiring reputation assassins who spread false statements of fact, about either a person or business, with the intention of driving clients to themselves, is defamatory, and pecuniary redress is achievable in some cases. But, to win a business defamation or trade libel lawsuit, in a United States court, plaintiffs, at the very least, must prove:
- That the Defendants made a negligent, false, unprivileged statement of fact that caused material or reputational harm.
- That the statements were about the plaintiffs.
- The defendants’ actions can’t be deemed defamatory unless claimants can prove that their detractors acted at least, negligently, or at best, with actual malice.
Another common tactic used to mitigate the effects of false and negative online press is to get pages de-indexed from search engines.
Am I obligated to provide information on my site about me? I’ve been told that all websites must provide personal information about the owner.
Rules and regulations regarding required website policies is a field of law in a constant state of flux. As such, there are many caveats and exceptions. The best thing to do – especially if you run a commercial website – is to have a contract drafted, by an Internet lawyer, specific to your operation. Because remember, not only do you have to worry about state and federal laws, but if you allow users in Europe to makes purchases from – or interact with – your platform, you must adhere to E.U. regulations, too.
That said, at a minimum, here’s a list of contracts and policies you should probably have on your website.
- Legal Disclaimer. It’s a good idea to include a legal disclaimer on your website – especially if you’re marketing or selling a product or service via your website. To learn what types of marketing disclosures you need to add to your online privacy policies, consult the links below.
- Dot Com Disclosures: This link will take you to a list of blog posts about the Federal Trade Commission’s online marketing bible – the Dot Com Disclosures.
- COPPA: The Children’s Online Privacy Protection Act is the only U.S. Federal online privacy law. It’s important that marketers understand COPPA parameters, as they do have an effect on how digital marketing campaigns are structured and distributed.
- Gramm-Leech-Bliley: Regulations regarding banking records and any other monetary data must always be respected. E-commerce websites – a.k.a., “commercial websites” – should consult with an Internet law attorney, before launch, to ensure that the site’s policies are correct.
I have installed the latest encryption systems into my site to protect visitors when they make a purchase. If my site is hacked, and personal information is stolen despite the implemented protections, will my company be held liable?
Over the past two decades, federal legislators have passed several regulations regarding the collection of personal and financial digital data. They’ve also green lit measures designed to curb online hacking and Internet espionage.
The two main federal laws affecting hacks and their aftermaths are:
- The Computer Fraud and Abuse Act: Amongst other things, this is the main law used to prosecute people involved in unauthorized digital breaches – a.k.a., hacking incidents.
- The Gramm–Leach–Bliley Act (GLBA): Also called the Financial Modernization Act, the GLBA includes a section about safeguarding personal financial data. In the event of a hack, certain GLBA provisions may apply. Consult with an Internet lawyer who understands legal breach parameters, and can walk you step-by-step through the post-hack notification process.
In addition to the federal statutes, states have various laws governing digital security breaches and their aftermaths. For example, click here to read about Arizona’s data breach notification law. Best practice advice: have a privacy officer in your corner before anything happens. Establish legal counsel you can contact in the wake of discovering a data security breach. There’s a good chance that having a privacy officer on your side may mitigate resulting government penalties.
Contact Kelly Warner’s Internet Law Attorneys
Since hanging up the shingle, Kelly Warner has concentrated on Internet law. And we didn’t jump on the tech bandwagon because it was the “in thing” to do.
Instead, we grew up with computers and started programming before we learned to drive.
Like you, we’re wired entrepreneurs and we have invaluable insight into how the e-commerce ecosystem operates.