More Articles like this in:
  • Communications & Media Law
  • Intellectual Property Law
  • Science & Technology
  • Starting a Business

    e-Risks

    Author: Simpson Grierson       

    Many of the risks associated with communication by electronic means (by e-mail, an intranet, or the Internet) are simply extensions of usual business risks. While the risks of infringing intellectual property, breaching the Fair Trading Act 1986 or publishing defamatory statements are not new to businesses, there are specific "e-risks" and liabilities you need to consider when you become involved in e-business. The risks outlined below apply to any business that uses the Internet or any intranet in its day to day activities. These include ISPs, businesses that trade on the Internet, businesses that use the Internet as a means of advertising and disseminating information to the public, and those businesses which simply use the Internet as a research tool or use an intranet to communicate with their staff.

    The key e-risks are:

    1) infringing a third party's intellectual property directly or
    authorising infringements;
    2) making or publishing defamatory content;
    3) breaching consumer protection law; and
    4) not having adequate risk management strategies in place to
    protect it from such exposures.

    Breaching Copyright

    As a user of copyright works owned by others, your business is at risk of directly infringing or authorising infringements of copyright works. Materials such as text, pictures, films, music and computer software programs are easily accessible over the Internet. Most of these materials will be copyright protected works. Digital technology has made reproduction of such materials easier than ever. However, the ease with which these materials can be reproduced does not mean that they are freely available for everyone to use. Downloading or reproducing such materials without express or implied authorisation is an infringement of copyright. Copyright may also be infringed by putting copies of articles and other printed matter on an internet or intranet site. In addition, each time the material is viewed, printed or downloaded by a user of the sites your business may also be liable for authorising additional infringing copies. Placing materials on an internet or intranet site or distributing by e-mail allows you to communicate quickly, widely and with little cost. However, by reaching a wider audience, your business faces an increased risk of the copyright owner detecting an infringement and of your business being liable for damages for multiple infringements.

    Trade Marks

    The fact that your business has registered a domain name in New Zealand or elsewhere does not guarantee smooth sailing. Registration and use of a domain name which is identical or deceptively close to a third party's trade mark (whether registered or non-registered) may contravene trade mark and passing off laws or breach the Fair Trading Act 1986. The risk of this happening in New Zealand is reduced if the domain name is your business or brand name. However, in other countries your domain name (and business or brand name) may infringe local trade marks. In addition, using other's trade marks on your business' website may amount to a trade mark infringement both in New Zealand and elsewhere, contravene passing off laws or breach the Fair Trading Act (or equivalent laws overseas). Your business may also be at risk of trade mark infringement from your customers' activities. Rolex recently filed an action against eBay's German subsidiaries for trade mark infringement and unfair competition in relation to the sale by eBay's customers of counterfeit Rolex watches through eBay's German auction site. Rolex is seeking an order forbidding sales of Rolex watches on the site and damages.

    Hyperlinks - more than they seem

    Providing a hyperlink to another website on your business' internet or
    intranet site or in an e-mail may infringe copyright where the hyperlink
    itself contains a graphic or wording which is the whole or a "substantial"
    part of a third party's copyright work. Your business may also be liable
    for authorising copying when a website, which contains copyright
    material, is accessed via a hyperlink provided on your business' internet or intranet site, because the material is duplicated on the user's screen or because the user makes further unauthorised use of the material after viewing it. Although a publicly-posted website would be considered to have impliedly allowed at least duplication of material on a users' screen, that implied permission would be considered revoked if the website had an express prohibition on hyperlinking. Providing a hyperlink may also contravene trade mark and passing off laws or breach the Fair Trading Act. Under the Fair Trading Act and the law of passing off, a hyperlink containing a registered or non-registered trade mark could misrepresent that there is an association, endorsement, sponsorship or approval between the owners of the two websites being linked. Hyperlinking could also breach the Commerce Act 1986 if the two websites being linked have contractual or collaborative arrangements (e.g. Referral fees, royalty payments) and the linking amounted to anti-competitive behaviour.

    Defamation

    The content in an e-mail sent from your business or appearing on your
    business' website or intranet site could expose your business to a
    defamation claim. Any person who publishes a defamatory statement
    (for example forwarding the statement or a link to it by e-mail) or the
    person controlling the site on which a defamatory statement appears
    may be liable in defamation, not just the maker of the defamatory
    statement. The ease with which defamatory statements can be spread
    by e-mail and through the Internet can significantly raise the level of
    damages that may be awarded to the claimant. There have been
    relatively high profile examples in New Zealand and overseas of defamatory statements spreading quickly and "uncontrollably" via the Internet. Businesses or other 'deep pockets' are often attractive targets for claimants. Even ISPs have been the subject of claims for defamatory statements posted anonymously on bulletin boards. In New Zealand, the Defamation Act 1992 provides defences for persons who innocently distribute or process defamatory statements. So, the potential liability of your business for defamation often depends largely on how much control your business had over the defamatory statement.

    Confidential information and security

    The risk of confidential information being disclosed has increased with the use of electronic communication. The risks to the security of information that can be accessed via the Internet are greater than those to information held internally. With the Internet, a wouldbe hacker does not need proximity to your business to access your business systems or communications. In addition to risk of your business' confidential information being disclosed, your business may be liable for disclosure of other's confidential information where such information is disclosed as a result of a security breach of your system. If your business can show that it took adequate steps to maintain security such as use of encryption and authentication procedures, its liability should be reduced.

    Compliance with other laws and regulations

    Cyberspace may be a world with no boundaries but it is not a wild west. E-business activities must comply with the rules and restrictions that apply to bricks and mortar businesses. In New Zealand, the Fair Trading Act prohibition against misleading and deceptive conduct and false representations and the guarantees under the Consumer Guarantees Act 1993 for "consumer" goods and services apply with equal force to e-commerce. Similarly e-businesses must also comply with the requirements of the Privacy Act 1993 in relation to personal information. E-businesses often overlook the fact that they may also need to comply with local laws in countries where they are offering their goods and services.

    Risk Management

    Having a risk management and risk transfer strategy
    in place is key to reducing the risks faced by your
    business. This should involve:


    - Identifying areas where your business is at risk by conducting an audit of the areas where your business communicates by electronic means. For example, if your business conducts business via a website you will need to review your current website policies and procedures, website content and how it is managed, adequacy of your website disclaimers, notices and terms and conditions of use and website security.

    - Putting in place policies and procedures that minimise risk including obtaining necessary internal or legal "sign offs", using checklists, legal compliance manuals, written procedures, and a staff training and education programme.

    - Considering which of the remaining risks can be borne by your business and which should be transferred and finding the insurance solution which meets your business' e-risk needs.

    This is a general summary only and should not be taken as a substitute for specific advice.

    Contacts

    Michael Sage, Partner, Michael.Sage@simpsongrierson.com
    Earl Gray, Partner, Earl.Gray@simpsongrierson.com
    Jan Kelly, Partner, Jan Kelly@simpsongrierson.com
    Lianne Young, Senior Associate, Lianne.Young@simpsongrierson.com

    Simpson Grierson lawyers
    Web site: Simpson Grierson

    May 2001

    July, 2001