Start an Internet Business
Over the last decade, the internet has changed the face of business. Before the internet, commerce was, in large part, dominated by those who had the means to open and support “brick-and-mortar” stores or offices. As the internet has gained more and more users, first in our homes, then at our jobs, and now in almost every facet of our lives, the internet has also grown to be more and more acceptable as a platform for commerce.
The relatively low cost and long reach of the internet now makes it possible for anyone with enough motivation and enough business savvy to sell products and services internationally. This proliferation of e-commerce has now become a significant portion of retail sales in the United States. The once dominant brick-and-mortar retailers are now struggling against the low overhead, high profit internet retailers with global reach.
In addition to most of the formalities required to start a traditional business that you may review on the “Start a Business” page, internet businesses must be prepared for the following issues unique to an internet based business:
Internet Advertising Law
There are numerous state laws, federal laws, and regulations that must be considered before advertising an internet based business, especially when the advertising is delivered through the use of internet advertising or e-mail. Because content available on the internet and sent via e-mail may be viewed from anywhere in the world, a California business may be subject to the laws not only of California and the United States, but the laws of the forty-nine other states and the laws of foreign countries. For advertising targeted to specific markets, the laws governing advertisements in those markets should be well understood before advertisements are placed.
Some of the most prevalent laws applicable to online advertising are:
The Lanham Act
The Lanham Act is the federal law providing for registration and infringement of trademarks. Claims for false advertising claims may be brought under the Lanham Act in private causes of action against false advertisers. 15 United States Code § 1125(a)(1).
Keywords used to link advertisements to search results may infringe on a registered trademark. Playboy Enters. v. Netscape Communications Corp., 354 F.3d 1020 (9th Cir. 2004). A domain name that leads to confusion with a registered trademark, especially if both domain names are in the same industry, may also lead to a claim of infringement. SMC Promotions, Inc. v SMC Promotions, 355 F. Supp 2d 1127 (CD Cal. 2005).
The Federal Trade Commission Act
The Federal Trade Commission Act is the federal law that created the Federal Trade Commission (FTC). The FTC has jurisdiction over most internet advertising. The purpose of the FTC Act is to prevent the use of unfair methods of competition and deceptive practices in commerce. 15 United States Code § 45(a)(2). This includes advertising claims. 15 United States Code § 45. Any advertising, regardless of medium, must be truthful and not misleading; misleading advertising includes the omission of information.
Under the Federal Trade Commission Act, advertising claims must be substantiated; sellers are responsible for claims they make about their products and services. Third parties, such as CPC agents, advertising agencies, and website designers are liable for false and unsubstantiated claims if the third party prepares, distributes, or is aware of the misrepresentation. Standard Oil Co. v. FTC, 577 F.2d 653 (9th Cir. 1978).
California Business and Professions Code
Online businesses operating in California must comply with California laws regulating false or misleading advertising. California Business and Professions Code § 17500. In recent years, numerous sections of the Business and Professions Code have been amended to include internet advertising. California Business and Prof, Code § 17538.
The CAN-SPAM Act
The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act) is the federal anti-spam regulation. 15 United States Code §§ 7701-7713, 18 United States Code § 1037. The CAN-SPAM Act preempts most state regulation of commercial emailing, including California’s anti-spam legislation.
The CAN-SPAM Act requires e-mail solicitors to provide an “opt-out” to allow e-mail users to take themselves off of e-mail lists and prohibits using false headers (e-mail content identifying the sender) and other deceptive practices. Those sending commercial e-mail are also required to provide an accurate, physical postal address in each commercial e-mail.
Intellectual Property on the Internet
The soul of an internet based business lies in its intellectual property rights. Not only are the intellectual property rights of an internet-based business useful tools to protect against unfair business practices from the competition, but these intellectual property rights alone may have significant monetary value. The types of intellectual property owned by an internet business and the quality of the protection afforded to the intellectual property rights are often pivotal when an internet based business seeks financing from outside investors.
Some of the most prevalent forms of intellectual property right protections are:
Copyright law in the United States is provided for under Article I, § 8 of the United States Constitution, and current federal copyright laws are established under the Copyright Revision Act of 1976. 17 United States Code §§ 101-1332.
Online commerce frequently involves complex analysis of copyright law to evaluate the use and protection of copyrighted works. More recent legislation, such as the Digital Millennium Copyright Act of 1998, highlights the role copyright law plays in online commerce by establishing protections for copyrighted materials stored in electronic form.
A trade secret is information only known to certain persons and is not in the public domain. Unlike patents, trade secrets do not prevent others from using an idea. Instead, trade secret laws create liability for persons or business entities wrongfully disclosing the trade secret information to an unauthorized third party.
One of the biggest benefits an internet business has over brick and mortar competitors is the ability to sell products and services across a large geographic area (e.g. across the whole world) without the expense of setting up retail locations or offices in thousands of cities. While a brick and mortar store located in a shopping mall might rely on walk-in business as a part of its sales, the likelihood that a consumer will find the website of an internet-based business is founded, in large part, on the name and domain name of the internet business. This makes selecting, establishing, and protecting an appropriate trade name and internet domain name extremely important for internet businesses.
Trademark protection, which may be afforded at both the state and federal level, creates liability for any person or business entity that does business using the trademark of another or uses a name or device so similar to that of another that it is likely consumers will be confused as to the source of the products and/or services being offered for sale.
Contracts and Licensing
The basic concepts of Uniform Commercial Code (UCC) sales, common law sales, product licensing, and intellectual property licensing apply to transactions conducted online via e-commerce websites run by internet based businesses. While the concepts may remain unchanged, the execution of such transactions may take on an added dimension of complexity when executed electronically.
The most common contract and licensing issues for e-commerce are:
Web Software Licensing
The software that provides the form and functionality of a website as a user interface is often derived from third party developers. An internet business may need to sublicense to end users the right to utilize that software to make the whole of the website available for viewing and fully usable by the end users.
Failing to ensure that the software delivering content is properly licensed prior to making the website available on the internet may expose an internet business to liability based upon the theory of piracy or copyright infringement; this carries statutory damages of $150,000 per infringement. Website designers are technically skilled individuals, but they may not be experts in software licensing matters. Therefore, reliance upon the website developer to ensure that all software utilized in the creation of a website was properly licensed is not advisable.
Web Content Licensing
Once the structure of a website is designed, the content to be delivered by the website must be integrated before going live on the internet. Issues of ownership involving the content delivered by a website is another common source of liability for an internet-based business.
Unless every word of text and every multimedia file was written or created by the owner of the website and delivered to the website designer for use in the website, proper licenses or permissions of the third party who wrote the text or created the multimedia file must be secured to avoid the possibility of creating a liability based upon the violation of the intellectual property rights of another.
Usually, obtaining a proper license or permission to use the intellectual property of another is relatively inexpensive and easy to procure. However, writers, photographers, videographers, and other artistic people are often quick to file lawsuits against those who they believe have copied and stolen their work.
As discussed on the “Intellectual Property” page of this section, the intellectual property rights of an internet-based business have monetary value. Just as writers, photographers, videographers, and other artistic people profit from the licensing of intellectual property rights they own, an internet-based business may use its intellectual property to create a revenue stream without losing its rights over the intellectual property by properly licensing its copyrights, patents, trade secrets, and trademarks to others.
Careful emphasis must be placed on the phrase “properly licensing,” as some forms of licensing will cause some types of intellectual property rights to be lost. Furthermore, the term of most licensing agreements is greater than one year, meaning the license agreement must be in writing to be enforceable.
Internet Privacy Law
In addition to the regular information privacy laws which apply to all businesses, internet privacy regulation is beginning to develop. Internet privacy laws balance the protection of personal and financial information of online shoppers with the data collection and storage requirements of online businesses.
Privacy laws are important to e-commerce because they assuage the fears and concerns of identity theft in the minds of consumers. The success of an online business depends, in large part, on how comfortable consumers feel about sharing their information with the website of that online store or business. As such, online businesses should endorse online privacy laws and, if accurate, should prominently promote compliance with online privacy laws.
Federal online privacy regulations have been a popular topic of conversation for quite a while, and those conversations are now resulting in the passage of the first online privacy laws. As more of these conversations turn into bills, which in turn become federal laws, internet businesses will be required to track these dramatic changes in internet privacy laws and conform to those standards.
While the federal law is rapidly developing, California enacted the California Online Privacy Protection Act of 2003 that requires commercial website operators and online services to develop and post privacy policies. California Business and Professions Code §§ 22575-22579.
Internet Liability Issues
Internet businesses must protect from several special sources of liability that do not concern brick and mortar businesses.
The robbery of a business might be readily detectable either because the perpetrator is seen committing the crime while the business is operating or leaves evidence of the crime committed after-hours. However, the theft of client information or the spoofing of the website triggering the delivery of goods without payment will not leave a broken window, smashed display case, or missing physical files.
While a safe or a locked filing cabinet may be sufficient to protect cash and sensitive information in a store or office, extremely sophisticated and technical measures must be employed to protect transaction and client information transmitted, received and stored on an internet website.
A few of the most common special liability issues confronting internet businesses are:
Types of Cyber Attacks
Increased popularity, and the resulting increase in website and infrastructure complexity needed to support that popularity, will make cyber attacks more likely to occur. The worldwide nature of e-commerce and other online business websites coupled with the treasure trove of information stored on e-business websites make them prime targets for the efforts of hackers mounting cyber attacks against a business. The tools of cyber attack include:
A virus is a computer program or code that is introduced onto a computer or server without the system operator’s knowledge or consent. The virus resides in a computer’s memory and uses that memory to replicate itself and travel to other computer hosts while at the same time modifying, deleting, or copying and broadcasting the files of the computer on which it resides.
A Trojan horse is a malicious computer program hidden inside an innocuous computer program. Once on a computer or server, the malicious program runs and damages, deletes, or copies and broadcasts files or allows a third party access to the computer or server and all the files contained therein.
A logic bomb is a computer code or a computer program that is maliciously placed on computers to lie dormant until the happening of some event, at which time the code or program damages, deletes, or copies and broadcasts files.
Denial of Service Attacks
Denial of service attacks are intended to disrupt a targeted business by taking its internet services offline. This is done in several ways, including exploiting server operating systems, exploiting network firmware, or overloading websites with bogus data that the servers attempt to process.
Responding to Cyber Attacks
Cyber attacks usually occur unexpectedly and without warning. How a business responds to a cyber attack, in large part, determines how evidence of the attack is preserved. This evidence may be used by an online business to sue the perpetrators of a cyber attack for financial damages; by an online business to defend itself from privacy, negligence and other litigation brought by clients and customers of the business; and by law enforcement for criminal prosecution of the cyber attack perpetrators.
Advance planning regarding how to manage a cyber attack is critical, as there will not be time to make such a plan once an attack is underway. The question of damages is always an important issue, and an affected business should carefully document all expenses and losses arising from a cyber attack for evidence of damages at trial.
Jurisdiction is the power of a court to assert authority over the person or things involved in a case presented before that court. In order to have the jurisdiction required to decide a case, a court must have both personal and subject matter jurisdiction over the case. This is important to an online business because, although an internet business might be headquartered in California, conduct all its shipping and receiving in California, and house all its servers in California, the international nature of the internet may subject an online business liability to jurisdictions outside of California.
To establish jurisdiction over persons, where persons are also defined to include business entities, courts use the minimum contacts test to determine personal jurisdiction. International Shoe Co. v. Washington, 326 U.S. 310 (1945); Boschetto v. Hansing, 539 F.3d 1011 (9th Cir. 2008); Pebble Beach Co. v. Caddy, 453 F.3d 1151 (9th Cir. 2006). To deal with online interactions, courts use a passive-active online interaction test to determine if sufficient minimum contact with a business through its website is sufficient to allow a court personal jurisdiction over a case brought before that court. Cybersell, Inc. v. Cybersell, Inc., 130 F.3d 414 (9th Cir. 1997); Zippo Mfg. v. Zippo Dot Com, 952 F. Supp 1119 (W.D. Pa. 1997).
Even if personal jurisdiction is not found in a case, in rem jurisdiction may still subject an online business to liability in states other than California. In rem jurisdiction is a court’s power to adjudicate the rights of specific property within the jurisdiction of that court, even if the owners of that property are not subject to personal jurisdiction by that same court. Inventory, equipment, domain names, and other property located outside of California but owned by an online business headquartered and operating in California may be subject to the jurisdiction of a court outside of California under in rem jurisdiction.
The subject matter jurisdiction of a court deals with that court’s authority over the type of case being brought for adjudication. Under Article III, § 2 of the United States Constitution, federal courts have limited jurisdiction over civil and criminal matters, with state courts retaining the bulk of the subject matter jurisdiction. The two main types of federal jurisdiction for civil cases are federal question jurisdiction and diversity jurisdiction.
Federal question jurisdiction gives federal courts the sole power to adjudicate cases arising from the United States Constitution and federal statues such as the Digital Millennium Copyright Act, the Copyright Revision Act of 1976, and the Federal Trade Commission Act.
Diversity jurisdiction gives federal courts the power to adjudicate cases between citizens of different states where the good faith amount in controversy is greater than $75,000.00. 28 United States Code § 1332.
State courts have general subject matter jurisdiction over any matter that is not the exclusive province of the federal courts.
Online Tort Liability
Internet businesses that provide certain services to clients and/or the general public are exposed to tort liability for content that is defamatory or amounts to an inappropriate utilization of the right to publicity of another, as well as criminal liability for child pornography and other criminal offenses.
According to Forrester Research1, e-commerce accounted for 5% ($125.1 billion USD) of retail sales in 2008 and is expected to account for 8% ($211.7 billion USD) by 2012.
With the proliferation of the internet and foundation of e-commerce also came a large body of statutory and common law to dealing with e-commerce. Not only must an internet business conform to all the laws regulating traditional commerce, but internet businesses must also adhere to the laws and implications concerning e-commerce.
This section of the website is almost entirely devoted to discussing some of the special e-commerce laws that apply to business conducted over the internet. These laws apply to any business conducting e-commerce, either as the whole of its business or as an online component to augment the sales of a larger “brick and mortar” business.
Where to Start
Contact San Diego Corporate Law for a consultation, to discuss your current business situation, and to receive personalized suggestions for your business situation.