ECOMMERCE

What is e-commerce?

A very broad definition of e-commerce encompasses all commercial activity negotiated with the aid of electronic devices, including the promotion, marketing, supply, order or delivery of services.  E-commerce isn’t limited to transactions conducted over the Internet and extends to all business transactions perfected electronically involving Electronic Data Interchange.

However the information presented is confined to internet mediated transactions.  Online traders may be entering into contracts for the sale of physical goods and/or services or digital goods (eg software, music files, images, voice or text)

The unique distributed architecture of the internet, it’s packet switching technology,  and communication protocols have given rise to a spectrum of unique legal challenges deserving of a separate body of law known as internet law or cyberlaw.

Is there a separate law of the internet?

Judge Frank Easterbrook’s famous quote “there is no more a law of the internet than there is a law of the horse’,  has been under continual siege with the proliferation of books,   courses and the development of Institutions to deal with the emerging body of cyberlaw.

Cyberlaw, also known as Internet Law or Cyberspace Law, refers to  the body of law which has evolved to regulate cyberspace.  The term encompasses the law of Electronic Commerce, the body of law regulating commercial and consumer electronic transactions.  The Law of Electronic Commerce refers to the collective rules regulating the conduct of electronic ecommerce, including laws regarding the validity of electronic contracts, authentication, digital signatures, electronic payment systems, aspects of intellectual property, consumer protection, privacy, website content regulation and defamation.  It is a composite of ancient legal doctrines such as tort, contract, principles found in equity,  and newly enacted laws to cater for new technologies.

It would be a fallacy to suggest that cyberspace law is a new body of law; over a decade has passed since the advent of the world wide web,  a term often wrongly conflated with the internet.  However cyberlaw is still being established as Courts struggle to retrofit and strain ancient legal doctrines such as the torts of trespass and conversion to solve internet specific disputes.

The unresolved debate as to whether to regulate the internet at a global level, including proposals to establish a World Internet Court, have led some countries such as the US to enact their own special internet laws, one example being the US Anti-Cybersquatting Protection Act . It is perilous for those involved in ecommerce, even without any territorial or personal connection to a country, to ignore cyberlaw particularly given the number of small businesses, including Australian businesses, which have found themselves hauled into US or other nations’ courts.

There are differences in the law applying to online and offline transactions in almost every area of law, with special legislation to deal with some areas such as the  formation of electronic contracts and spam.  However the application of these laws is more problematic, in terms of both its substance and breadth of application; the reality being there is no global uniformity with respect to these cyberspecific initiatives. Courts are still dealing with the enforceability of clickwrap and/or browsewrap agreements or End User Licence Agreements (EULAs)Terms of Service Agreements (TOS) and Acceptable Use Policies (AUP), variously described, all of which have become ubiquitous in software and electronics contracts,  and treated by consumers with varying degrees of reverence and enthusiasm. Tensions are also evident in  dealing with the conflict between copyright and contract.

Numerous legal issues have come to the fore in recent years because of the interaction of copyright and contract, but  the implications of the difficulties that have been generated in that context apply more broadly to a whole range of other contractual issues as well.  Therefore, resolving these issues is not merely going to be a question of sorting out the copyright issues alone.

Importantly, there has been a massive increase in the use of EULAs on the internet, signalling a shift from relationships occurring in a fully negotiated environment to one where users in an online environment are left with the alternative of being bound by the terms of the EULA or rejecting them wholesale.   Yet there has been a lot of legal uncertainty regarding the enforceability of these kinds of agreements, which we tend to just assume are enforceable.  The legal recognition of  this kind of contract grew out of the legal recognition of shrinkwrap contracts which were used primarily in the context of the  sale of computer software. US Courts have, by and large, tended to accept that these contracts are enforceable (see ProCD v Zeidenberg, Hotmail v VanMoneyPie)

The enforceability of browsewrap agreements appears to be less certain, particularly where a user is not given any opportunity to accept or reject them, but is deemed to accept merely by the fact that they are accessing a particular page.  Merely spending time on that page, their browser being deemed  their agent, users have been found to have accepted terms and conditions applying to the use of a particular webpage.  The legal enforceability of these types of contracts is highly questionable.

In the US, due to the growth of EULAs there was a legislative move to legalise them to encourage their enforceability via the enactment of  the Federal UCC 2B which then became the Uniform Commercial Information Transactions Act. (UCITA).  This was intended to be a code which could then be enacted by US states, but has not been a success, with only two US States having enacted it.   Secondly, even though the agreements themselves may be enforceable, as a matter of legal principle, their actual terms and conditions must also be acceptable according to  general law.

In Australia, law review committees have  questioned the enforceability of EULAs  in terms of whether they were excluding rights granted under copyright and other specific areas of law. There appears to be a dichotomy between what EULAs prescribe and how the Courts are viewing EULAs, particularly in the context of cases involving inducement of copyright infringement or authorisation liability. ( See MGM v Grokster and Universal Music v Sharman.)  Although these are copyright cases, they have broader implications  beyond intellectual property and raise the question of whether website operators can merely contract out of intellectual and other legal rights, such as consumer laws, trade practices legislation, privacy and content regulation.

E-commerce – a combination of law, codes and technology

Those engaged in e-commerce understand that nothing less than an interdisciplinary approach is required to come to terms with its practical, technological and legal challenges.    On the internet there are layers of code, rules and law which all interoperate.  The notion of contracting online is not solely limited to legal contracts,  as code can make contracts self-executing because of the nature of the technology itself. One example of this is digital rights management which is built into technology,  and for practical purposes allow owners to enforce contracts by way of the use of code.  This code  modifies the law, effectively trumping it and enforcing contracts by the use of code.

Legal Implications of Ecommerce

There are complex issues which arise in relation to:-

1. jurisdiction, conflicts of laws and the enforcement of foreign judgements
2. the formation and enforcement of electronic contracts
3.  the enforceability at common law of clickwrap or browsewrap agreements
4.  issues relating to identification, authentication and validity of digital signatures
5. the use of secure payment mechanisms
6. spam
7. privacy and transborder data flows
8. content liability
9. cybercrime
10. consumer law

The advent of cloud computing solutions and  emergence of the utility computing and platform-as-a-service offerings, add another dimension fraught with complexities, with a large legal cloud looming over it.

Particularly where multiple clouds start talking to one another, the management and security of sensitive information held by enterprise cloud vendors becomes even more critical for businesses and consumers alike. Cloud computing refers to any kind of subscription-based or pay-per-use service which extends the capabilities of IT over the internet in real time.

Website Development Agreements

As a preliminary matter those engaging in ecommerce will operate through a website and make arrangements for a designer to build a website.

The crafting of a thorough and comprehensive Website Development Agreement will play a significant role in determining not just the quality of an ecommerce website, but it’s suitability for a  business’ specific purposes and level of functionality. Oral agreements can often lead to misunderstandings and difference in parties’ expectations in relation to a project.  A Website Development Contract should set out clearly the rights and obligations of both parties under the Agreement. As with any contract, the terms should be defined comprehensively and precisely within a written contract to avoid  ambiguity and subsequent disputes.  It should also include  provisions governing the rights and obligations of the customer, the  Website Developer and the allocation of risk.

The term ‘website development’ itself may mean something different to the customer and the website professional. Web Developers often have interdisciplinary skills such as web, graphic design, copywriting, editing, security and SEO skills. However amongst web professionals “website development” will typically be regarded as being confined to the non-design aspects of building sites, namely the document production aspect such as the XHTML mark up and coding. It might also include system integration with third party applications such as chat and search engines, ecommerce shopfronts, or extend to backend systems, and the integration of existing customer applications such  as legacy systems.

Key issues in Website Development and Hosting Agreements

Most customers will want to frame their Agreement with a view to asserting the maximum degree of control over the future operation of their website.  The customer wanting to acquire exclusive ownership over a work commissioned by them may meet resistance from a web developer who perceives this as unreasonable. As with software developers, Web Developers often recycle components from project to project, and for convenience, have a uniform set of tools or library (both object and source code) which they apply for clients. These tools may have been independently developed by them or licensed wholly or in part from a third party. Ownership can be the key most contentious aspect of an agreement. Anticipate a developer resisting assignment of ownership over certain aspects of their development efforts; as a practical matter this would preclude them from standardising the web development process. If as a customer you cannot acquire complete ownership in the negotiation process, it is critical that a licence is provided for components of the website post-termination.

It is suggested a well structured Website Development Agreement should provide clauses to deal with the matters listed below, although is not intended to be comprehensive. As with any Contract it should be tailored to the parties’ specific needs and situation and be based on legal advice.

* ownership over what is developed by the Web Developer and/or any Contractor/s engaged in the project development, including clauses dealing with ownership, assignment and licensing of intellectual property
* clear and comprehensive design and performance specifications
* clear, unambiguous development criteria including features agreed upon (eg platform selection, browser optimisation, desired level of security, use of tracking tools, software and technological measures eg dropdown and order devices to minimise exposure to international litigation (see Ward Group Pty Ltd v Brodie Stone and US Zippo minimum contacts test)
* defined milestones, accompanied by a milestone delivery schedule, shadow site acceptance, delivery and launch of the site, with remedies for failure to adhere to same
* clearly and objectively defined measurable acceptance testing criteria
* agreed pricing structure, whether based on retainer or hourly rate, with provision for deferred payments or progress payments, and any additional specified services, eg registering domain names, hosting, SEO, website analytics, link maintenance
* the parties’ respective liabilities for delays
* clauses providing for agreed upon variations or modifications to scope of project
* agreed upon quality assurance standards and tolerance measures in respect of  software bugs, imperfections, and interoperability issues
*  a clause providing for  source code to be placed in escrow in the event that the Developer refuses to supply access to and it is required
* an Intellectual Property indemnity from the Developer for legal action taken by a third party whose intellectual property rights have been infringed. A website developer may equally request a similar indemnity from customers providing IP to be incorporated into a website.
* hosting standards, where relevant, eg accessibility, server response times, bandwith capacity and operation, content control, site backup, site downloads, administrative and technical contact points
* clauses to provide for non-disclosure of confidential information divulged by the customer to the developer for the purpose of the project
* post-termination duties, including maintenance services, if any, to be supplied, such as periodic updates, checking of hyperlinks, provision of support services, agreed procedures for transitioning to a new provider to minimise business interruption
* provision of periodic copies of websites in development to minimise data loss occasioned by an urgent forced transition to another developer
* limitation of liabilities to the extent permitted by law for software quality and performance including monetary risks, data losses, viruses and system security breaches

You should negotiate to maximise your ownership over any software or source code used produced by the Web Developer, or consider an open source solution. The objective should be to assert the maximum degree of control over the ownership of your website, any software programs and code.   As mentioned previously (see copyright) whenever a copyright work is commissioned for valuable consideration, default ownership rules vest ownership in the creator of a work in the absence of an agreement to the contrary,  subject to limited exceptions. To be binding under the Copyright Act such an agreement must be in writing and signed by the parties. S196

Ensure assignments are properly effected in respect of any intellectual property and there are clearances in respect of IP  licensed from third parties. Control of your intellectual property enables you not just to exploit your intellectual property to the exclusion of others, but also to make modifications, and effect minor incremental updates to your website without being at risk of infringing intellectual property rights.

What kinds of Intellectual Property Rights reside in a Website?

A whole host of IP may reside in a website depending on it’s level of sophistication. Websites may comprise not only graphic and textual elements, but also multimedia works in addition to databases and computer programs which hold the website together.  The following are just some examples:

* copyright in the website as a compilation, an original literary work S10(1)
* copyright in any computer programs or compilation of programs as an original literary work (source and object code) S10(1)
* published edition copyright in the typographical layout and presentation  of written material, including the juxtaposition of text, photographs and use of headlines. S88
* Copyright in individual literary, artistic, musical & dramatic works
* Copyrights in various factual compilations (eg charts, price sheets, contact forms, customer databases, sets of links, delivery schedule tables) S10(1)
* Copyright in textual material, including but not limited to content, privacy, affiliate marketing and other policies, terms and conditions.
* Examples of artistic works appearing on websites -  logos, drawings, diagrams, maps, photos, designs, fonts
* Copyright in audiovisual materials & multimedia presentations eg videos, podcasts, vlogs, separate copyrights for sound recordings, including copyrights in any underlying Part 111 works literary, musical, dramatic and artistic works embodied therein
* Patent rights in business methods patents
* Trade Secrets such as customer lists, confidential data, relationships with business partners, eg wholesalers, suppliers, distributors, retailers and agents
* Trademarks and trade dress including the get up, colour schemes and “look and feel”
* Registered Designs
* Licence rights over domain names

A useful preliminary step to developing a website development agreement, and ideally within the business development phase, is to conduct an IP audit to establish an inventory of all IP and related rights pertaining to your business.  Once an IP register is established, databases can be used to maintain and monitor the maintenance and development of existing and newly developed IP, both registered and unregistered. An organisational IP Policy is a useful adjunct to developing and maintaining control over your IP asset portfolio. Clean control over IP maximises and early resolution or prevention of any potential ownership conflicts, enhances your ability to exploit it by entering into licensing agreements with third parties, or exploring franchise opportunities in the context of any short and longer term business objectives. An effective commercialisation strategy relies upon control of IP, and to the extent to which your IP is published online, taking precautions, both legal and/or technological to protect it from misuse.   Building a suite of IP will not only protect your asset base, but assist in attracting investors, Joint Venture partners and monetising your intellectual capital. Ownership of IP is always a history lesson.