SMITH SHAPOURIAN MIGNANO PC - SAN FRANCISCO LAW FIRM FOR STARTUPS AND SMALL BUSINESSES
  • Home
  • About Us
    • Teela Crosthwaite Smith
    • Neda Shapourian
    • Lindsey S. Mignano
    • Kelly Lawton-Abbott
    • Amy Carpio-Bruno
    • Jordan T. Lee
  • Services
  • News
  • Blog
  • DEI Policy
  • Contact
  • Home
  • About Us
    • Teela Crosthwaite Smith
    • Neda Shapourian
    • Lindsey S. Mignano
    • Kelly Lawton-Abbott
    • Amy Carpio-Bruno
    • Jordan T. Lee
  • Services
  • News
  • Blog
  • DEI Policy
  • Contact
Search

blog

Website Terms of Service: What it Is, and Why You Need One

12/11/2017

0 Comments

 
Picture
As counsel for small businesses and emerging technology companies, many of whom have websites, we often receive inquiries as to whether website Terms of Service (“ToS”) or Terms and Conditions (“T&C”) are required by law.  While not mandatory per se, we often recommend inclusion for the reasons explained below.

Data Breach

A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so.  Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.1  When users of a website are allowed to visit a website and enter their (personal) data, the company owning the website may be liable for loss of said data.  

We advise our clients to take reasonable safeguards to protect the customer’s data.  However, it is impossible to guarantee 100% failproof security measures.  To that end, companies should disclose in their website ToS/T&C document that they employ reasonable, but not foolproof, measures to protect website visitors’ data.

Breaches may not be the fault of the website owner/provider.  After all, the website owner/provider may have done everything in its power to protect against breach, but his or her efforts were thwarted by third parties.  To that end, we draft our website ToS/T&C documents to outline that remedies only apply when the website owner/provider is at fault/negligent, and/or has breached its contractual obligation to take reasonable security measures.  We typically state that in the event of a breach, the website owner/provider will endeavor to discover the cause of the breach, and employ concrete measures to cure the breach or otherwise limit its effects.

Limitation on Liability

When drafting a website ToS/T&C document, we always include a limitation of liability clause.  This is a clause is that limits the amount of exposure a company can face in the event a lawsuit is filed or a claim is made against the website owner, based on or arising out of its provision of the website and/or its services.  Oftentimes, our clients inquire whether a limitation of liability clause can "cap" the amount of potential damages so that the website visitor cannot recover more than say, for example, the annual subscription fee of the services or product cost.  

Looking at the country as a whole, most courts hold that such clauses do not automatically violate public policy.  However, several states are more protective, and some have enacted legislation, by way of anti-indemnity statutes, that deem such clauses void and unenforceable.  
In California, courts are especially critical when companies try to limit their liability via liability caps.  California courts scrutinize whether the consumer had an opportunity to accept, reject, or modify the limitation of liability clause, which is not often the case in a click-wrapped website ToS/T&C document.  Courts furthermore consider all of the facts surrounding the transaction, including whether the parties were of relatively equal bargaining power and whether it was an arm’s length transaction.

Because of the large-scale damages that can result from a data breach and the way in which California courts scrutinize liability caps, we always advise our clients to consider purchasing cyber security insurance.

Trademark Infringement

Where visitors to a company’s website can post data or images via the website’s public blog or forum, there is the risk that the company can be liable for a visitor’s improper use of the posted material.  For example, a visitor might infringe another party’s trademark or logo, and post it on the company’s website.  Because the website owner/provider hosts the publicly-available forum where the trademark violation occurs, it can also be liable for said infringement.  To that end, when drafting a website ToS/T&C document for our clients, we include a provision that requires a website visitor to verify that any content posted on the website does not infringe a third party’s rights, and an indemnification clause in favor of the website owner/provider in the event that it does.

Smith Shapourian & Mignano, PC is available to answer any questions or concerns you may have regarding the legalities surrounding your business website.

This blog does not constitute solicitation or provision of legal advice, and does not establish an attorney-client relationship. This blog should not be used as a substitute for obtaining legal advice from an attorney licensed or authorized to practice in your jurisdiction. You should always consult a suitably qualified attorney regarding any specific legal problem or matter in a timely manner, as statutes of limitations may bar your claim.

1.    See http://searchsecurity.techtarget.com/definition/data-breach

​
0 Comments



Leave a Reply.

    Archives

    February 2023
    October 2022
    September 2022
    September 2021
    June 2021
    May 2021
    March 2021
    January 2021
    December 2020
    October 2020
    September 2020
    August 2020
    June 2020
    May 2020
    April 2020
    March 2020
    January 2020
    June 2019
    April 2019
    March 2019
    February 2019
    November 2018
    October 2018
    September 2018
    May 2018
    April 2018
    March 2018
    February 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    January 2017
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016

    Categories

    All
    83(b) Elections
    Arbitration
    Benefit Corporation
    Bootstrapping
    Business Name
    Buy-Sell Agreement
    Cannabis
    CBD
    Cloud
    Commercial Lease
    Contracts
    Conversion
    Coronavirus
    Crowdfunding
    Delaware Flip
    Dissolution
    Early Hires
    Employers
    Employment Law
    Entrepreneurs
    Entrepreneur Spotlight
    Financials
    Funding/Financing
    GDPR
    Guest Blogger
    Health Care
    HR
    Industrial Hemp
    Insurance
    IT Solutions
    Joint Ventures
    Litigation
    LLC
    LOEN
    Logo
    Marketing
    Non Profits
    Non-Profits
    Partnerships
    Patent
    Pitch Deck
    Privacy Policy
    Professional Corporation
    Raising Money
    S Corp
    Securities
    Settlement
    Small Business
    Sole Proprietorship
    Startups
    Stock Options
    Tax
    Trademarks
    Website

    RSS Feed


​© 2022 Smith Shapourian Mignano PC.  All Rights Reserved.
Privacy Policy 
Terms of Use
Accessibility Statement

Attorney Advertising 
​Client Reviews & Testimonials

​

  • Home
  • About Us
    • Teela Crosthwaite Smith
    • Neda Shapourian
    • Lindsey S. Mignano
    • Kelly Lawton-Abbott
    • Amy Carpio-Bruno
    • Jordan T. Lee
  • Services
  • News
  • Blog
  • DEI Policy
  • Contact