Monthly Archives: July 2007

Website development contracts: The “handshake deal” can cost you.

Under  U.S. copyright laws, the developer of a website owns the intellectual property and copyrightable elements of the website.  The copyrightable elements of a website include the text, graphics, scripts, code, and the “look and feel.”  Unless there is a contract to the contrary, the website developer’s client only obtains a non-exclusive license to utilize the intellectual property that it paid to develop.  Even the copyright notice on the client’s website applies only to the contents that were developed by the client and not to the contents that were created by the developer.

This means that under the default scenario, your business’ website developer can create a very similar website for your competitors.  Furthermore, at the end of your business’ relationship with the website developer, the website developer can also demand that you stop using its intellectual property and copyrightable contents.  If you refuse, you may find yourself as the defendant in a copyright infringement lawsuit.  Even worse, your website developer may refuse to facilitate your business’ transition to a new developer.  If your business depends on its website, it may never recover from this website hijacking scheme commonly applied by some unscrupulous website developers.

You should be aware of the risks associated with the absence of a carefully drafted website development agreement and should consult with an Internet Attorney before hiring others to develop your website.

Cyber Lawyer, Domingo J. Rivera, is an attorney specialized in Internet Law, handling cases throughout the United States. 

Your website’s Privacy Policy: Draft carefully and always abide by it.

Almost every e-Commerce website collects personal identifiable information from its users.  Personal identifiable information includes name, address, e-mail address, phone number, social security number, date of birth, age, gender, income, occupation, browsing patterns, etc.  Many websites have a posted privacy policy explaining what information is collected from the users of the website and how the information is used. 

Once a company posts a privacy policy on its website, it will be held legally liable for its failure to abide by the policy.  For example, Geocities’ website contained the statement “we will never give your information to anyone without your permission.” However, when it appeared that Geocities sold and disclosed the information to others, the FTC accused Geocities of misrepresenting its reasons for collecting information from adults and children.  The matter eventually settled.

So with such a big risk, why should companies even post a privacy policy at all?  After all, it is impossible to violate a privacy policy that does not exist.  However, some jurisdictions require websites to have posted privacy policies. 

For example, the California Online Privacy Protection Act requires websites to 1) identify the categories of information collected and with whom the information may be shared; 2) describe how to review and change the personally identifiable information; 3) explain how to find out about changes to the privacy policy; and 4) indicate the effective date of the privacy policy.  Additionally, websites that collect information from children are subject to the requirements of the Children’s Online Privacy Protection Act (COPPA).  The European Union also imposes privacy protection requirements for websites who operate in or have customers in the European Union. 

Therefore, if your website obtains business from California residents, children, or the European Union, you must have a carefully drafted privacy policy and must abide by it.  

Cyber Lawyer, Domingo J. Rivera, is an attorney specialized in Internet Law, handling cases throughout the United States.