Web sites that have been up and running for a while tend to get tinkered with by well-intentioned marketing and technical staffs. Although businesses should encourage innovation, many common Web site practices can, if implemented in the wrong way, invite legal problems. Here’s a rundown on five common Web site mistakes.
1. “Guiding” user comments on social networking pages. Web sites generally have immunity under Section 230 of the Communications Decency Act for liability for defamatory statements posted by users on social networking pages of a site. However, recent cases have begun to chip away at that immunity in cases where the Web site has gotten too involved in “shaping” the user-generated content. Too much shaping, and a Web site risks becoming the publisher itself, thereby losing the Section 230 immunity.
2. Testimonials in blogs. Many bloggers are unaware that the Federal Trade Commission has guidelines regarding endorsements and testimonials in blogs. In general, the guidelines require that bloggers disclose any material connections between themselves and the products that they are reviewing or discussing. Similarly, if a blog offers a testimonial, it should state whether its results are “representative” of what consumers will experience from using the product. This area is particularly perilous because the FTC has brought very few enforcement actions and, therefore, it is unclear where the agency may seek to draw lines.
3. Not updating the privacy policy. When was the last time your Web site’s privacy policy was updated? How many changes has the site implemented since then? A Web site’s privacy policy should never be set in stone; it should evolve as practices change. Did the site review its privacy policy when it introduced that exciting new data-sharing tool? Did it make changes when implementing a new “just-in-time” notice? Not all changes on the site require revising the privacy policy. But if evolving Web site practices turn out to conflict with what the privacy policy states, the site could face charges that it is misleading or deceptive.
4. Offering a mobile application without thinking through the data flows. Everyone wants to offer a mobile application these days, often linking to a Web site. Questions are beginning to arise, however, about the information that apps collect and the devices on which they appear, who handles it, and what happens to that data. Knotty legal problems can emerge where these issues have not been vetted.
5. Copyright infringements. Copyright infringement is as old as the Internet. Federal law governing online copyright violations — the Digital Millennium Copyright Act — has been in place for a decade, and the rules are fairly well understood. Nonetheless, pirated material still often appears on Web sites, posted by users. Web sites must maintain their procedures in order to earn the protections of the DMCA “safe harbor.” A Web site that loses its DMCA safe harbor protection due to inattentiveness may face substantial losses.