As the new year unfolds, small business owners face four legal issues that could affect their websites and ultimately their bottom line in 2017. Here is a list of the biggest problems on the horizon, and some solutions:
Communications Decency Act Section 230
Problem: Accusations of Republication of False, Misleading, Defamatory, or Unlawful Content on Your Website
Solution: Have Your §230 Defense Ready
Website operators who host user-generated content face this possibility every day, especially if a user “flames” a competitor or other third party. Fortunately, the federal Communications Decency Act’s Section 230 (47 U.S.C. §230) inoculates such websites from liability, as long as the site does not meet the definition of an “information content provider.” §230 defines “information content provider” as “any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service.”
Yelp used §230 to thwart the plaintiff in Kimzey v. Yelp! Inc. The plaintiff sued because of an unfavorable review received on a Yelp page, but the court found that Yelp’s star-rating system does not result in the creation or development of content by the company. Instead, the rating system was considered a neutral tool soliciting voluntary inputs from users.
The drawback to this decision is that unfortunately, there is very little you can do when someone gives your business a bad Yelp review.
Websites & the Americans with Disabilities Act ("ADA")
Problem: Your Website Is Not ADA Compliant
Solution: Implement Web Content Accessibility Guidelines (WCAG)
2016 saw a rash of plaintiffs' firms issuing cease and desist letters, and in some instances civil complaints, against businesses for providing websites they claim are not ADA compliant, and this trend could continue in 2017.
The Americans with Disabilities Act of 1990 (“ADA”), Title III, makes discrimination against the disabled in their full and equal enjoyment of the goods, services and facilities of places of public accommodation unlawful. When first promulgated, the ADA applied to brick-and-mortar stores. As time went on, court decisions have clarified that in addition to what are traditionally thought of as stores, the ADA may apply where a “nexus” can be found between use of the website and the goods and services offered at the retailer’s physical store.
The problem lies in the fact that currently there are no specific standards for websites under the ADA. Regulations are being developed by the Department of Justice, but they will not be ready until 2018 at the earliest. Despite this delay, the DOJ has emphasized the need for businesses to make websites accessible to the disabled. Rather than waiting to be hit with a cease & desist letter, businesses with websites can take matters into their own hands by implementing the Web Content Accessibility Guidelines (WCAG, 2.0 Level AA). In settlement announcements the DOJ has tacitly acknowledged that compliance with these standards makes websites accessbile under the ADA.
Website Privacy Policies
A myriad of laws pertaining to online privacy exists on the federal and state levels, but a recent development in California puts even more pressure on website and mobile app owners to have compliant and conspicuous privacy policies.
In late 2016, then-California Attorney General Kamala Harris announced the launch of an online tool that facilitates reporting of websites and mobile apps that are allegedly in violation of the California Online Privacy Protection Act (CalOPPA). Under the law, businesses operating websites that collect "personally identifiable information" (for example, email addresses or names) from California consumers must post privacy policies that comply with the law's requirements. Noncompliance can result from failing to cure any defects within 30 days of notice.
- Identify the categories of information collected and any third parties with whom the operator may share that information;
- Include instructions regarding how the consumer can review and request changes to his or her information;
- Describe how the operator notifies visitors about material changes to the policy;
- Describe how the operator responds to “Do Not Track” signals or other similar mechanisms;
- Disclose whether third parties can collect personally identifiable information about the site’s users; and
- Indicate the effective date of the private policy.
Problem: Your Website’s Browse-Wrap Agreement Is Not Enforceable
Solution: Make It a Click-Wrap Agreement, Scrolling Required