For businesses, an effective online presence is now expected as a matter of course. Successful websites can provide a potential wealth of new customers and opportunities. However, alongside such benefits, a website can generate risks which need to be attentively managed. This note explores some of the key legal issues a business should consider when creating and maintaining its website
The ownership of a website, including all content, is a key preliminary consideration. This question goes further than the registration of the website’s domain name or an agreement with a provider to host the site.
Intellectual property rights (IPRs) subsist throughout the entire content of the website (including all text and images), principally through copyright protection. All content used within the website must be owned by the business or licenced for use under agreed terms with the IPR owner.
Website terms and conditions should clearly set out the ownership of all IPRs used within the website and list the terms on which website visitors may or may not use such content.
Evidence of such terms is likely to prove valuable in the event of a dispute relating to IPR infringement.
Website terms should also set out rules relating to a visitor’s use of the website. Some provisions are required by law – such as the requirement to state a company’s name, company number and full registered office address – whereas other terms are implemented to offer protection in the event of a dispute relating to the use of the website. For example, although it is best practice to ensure all website content is accurate and up to date (with regular reviews), website terms often set out that content may change at any time and no liability is accepted for a user’s reliance on the accuracy of such content.
It is important that effective mechanisms are in place to ensure that website users actively accept the website’s terms. On registration to the website, it is good practice to require a user to tick a box confirming they have read and agree to its terms. If a user does not indicate agreement to the terms, it will be difficult for the business to argue that the user was bound by them.
If users are able to contribute to a website (e.g. by posting messages) there should be clear guidelines of the kind of content and behaviour deemed acceptable. These rules are usually contained in an ‘acceptable use’ policy. This policy should additionally set out the remedies available to the website if a user breaches those standards (e.g. removal of content or suspension of the user’s account).
Guidelines often state that users must not upload defamatory, illegal (e.g. uploading a third party’s copyrighted material) or threatening and abusive content. Defamatory content in particular should be dealt with expeditiously, as the website can be held legally responsible as a publisher of the material.
If the business intends to use data for the purposes of a direct marketing campaign (e.g. by email), best practice dictates that users should actively consent to this use by ticking an opt in box.
This note sets out in general terms the key policies a website should consider implementing, however, terms and policies should always be tailored to the individual circumstances of the business. For instance, if a website is used for sales, it should have a separate set of terms setting out how any sales contract with a customer will be made (including terms specifically set out in the Consumer Contracts Regulations). Equally, if the website can be accessed through a mobile application (App), separate policies should be implemented for this purpose.