Making it up as they go Featured

10:00am EDT July 22, 2002

For Tom Roberts, it looked like the deal of a lifetime.

A former jazz musician who still peppers his conversation with "cats" to refer to people, Roberts was building a modest reputation for developing and hosting Web sites for a quirky range of clients under the banner of Cleveland-based CM&D. But his larger vision was to position himself amid that crowded field in a less-well-occupied niche, as a Web-based publisher of data-rich material.

Eventually, the biggest opportunity of all arose: In conjunction with a couple of universities, he converted static Ohio public assistance and administrative procedure manuals to electronic formats to be placed on the Web and periodically updated. That would simplify the process by which, say, case workers could distribute food stamps. County governments would each pay him $1,000 a year for the service.

The project was going swimmingly, until Roberts got a call from a Cuyahoga County prosecutor.

To cover his bases, one local official checked with the prosecutor's office before purchasing the service. No doubt influenced by the common notion that all Net information yearns to be free-offered at no cost to users-the law man turned thumbs down in an informal advisory opinion. Things quickly unraveled from there. State officials couldn't bar the use or the sale of Roberts's perfectly legal data, even though some didn't think it passed the smell test. But by warning county officials that they wouldn't be reimbursed for such purchases, they effected a similar outcome.

For Roberts, what had looked to be about $300,000 a year in business quickly evaporated. He lost $50,000 in out-of-pocket development costs, but the toll for opportunity costs was far higher. His tiny staff had spent parts of a year doing the analysis and planning for the massive optical scanning and formatting job and parts of another putting it together. The entire organization was focused almost exclusively on the project for half a year. "It almost put us out of business," he says. "We're still digging out from under that."

Tom Roberts's experience is a cautionary tale for anyone whose business model is substantially built on capitalizing on the World Wide Web and its unstable legal underpinnings. In his case, he ran up against the widespread notion that information is free and thus should have zero cost for preparation or other packaging. "The thing that people have got to understand about the Internet is that information itself may be in the public domain, it may be free," says Roberts. "But providing it is not." Tell that to the newbie prosecutor, who really didn't have any case law upon which to rely.

If tough luck stories such as this aren't enough to give you pause as you chart your company's climb aboard the Web-whether for Web retailing or supply-chain integration or improved customer service or some other purpose-there's plenty more at the complex intersection of cyberspace and the law which should cause you to slow down and do your homework before you leap.

If you're doing direct mail through unsolicited e-mail, for example, there's a price on your head. The Federal Trade Commission has declared war by pursuing a few chronic offenders in court and the consumer movement is trying to stretch the ban on unsolicited faxes to cover unsolicited e-mail. Then there's a host of troubling international issues, growing more complicated by the day. Only weeks ago, the European Union implemented a raft of privacy rules which threaten to complicate sales on the Web, even for companies domiciled elsewhere. Finally, there's an issue which seems to cause mass confusion even among the technically literate: Does domain name equal trademark and vice versa?

Perhaps most troubling is that through simple oversight, you might be one of thousands of companies in this early stage of e-commerce that have effectively given away much of its intellectual property by failing to protect it against being repurposed by a Web designer. So that $15,000 you dropped on putting yourself up could well be turned against you a year later, when that same developer takes much of what they've learned about your industry or even your specific application to develop a competitor's site.

But don't panic. Instead, relax as we take you through these issues one by one and explain how to stay one step ahead of the embryonic law governing cyberspace.

Direct marketing

To some direct marketers, the dawn of e-mail seemed almost too good to be true. Far cheaper than "snail" mail, less invasive than commercial blast faxes (which, in any case, are now closely regulated after a consumer outcry), e-mail solicitation held out the promise of almost no-cost advertising.

Sure enough, it was too good to be true: Consumer groups are making a concerted push in Congress to expand the scope of a 1990 law which regulated unsolicited faxes and telephone cold calls to include e-mail. While that law, the Telephone Consumer Privacy Act, never mentioned e-mail, the broader intent was to bar marketers from shifting their costs to receivers. Thus, consumer groups say, it should apply to newer methods. In May, the U.S. Senate loudly signaled that that argument is gaining ground: It unanimously approved a measure that would allow $15,000 fines for spammers who hide their identities. The Federal Trade Commission also piled on earlier this year, filing its first enforcement action against a high-profile spammer, and warning 1,000 others they might be running afoul of antifraud laws. Giant Internet service provider AOL even got in on the action, suing a spammer who targeted its customers. Message? The world is watching, and very closely.

With that in mind, perhaps the best way to proceed is to adopt the direct-marketing industries' rules of self-governance (crafted with an eye toward staving off tougher government regulation).

Among its online marketing guidelines, the Direct Marketing Association suggests that online solicitations "should be identified in a way that allows recipients to readily recognize them as solicitations" and allows consumers sharing personal information online an easy method for opting out of the disclosure of such data to others.

Where solicitations are posted to common use areas such as bulletin boards, chat rooms and news groups, they should be in conformance with the rules of that forum (which are likely to be unaccommodating if not downright hostile to commercial messages). The DMA urges even more stringent rules for marketing messages directed "primarily" at children, including encouraging kids to get their parents' permission before furnishing any information or making a purchase.

Trademark vs. domain name

This is a topic that seems to confuse even otherwise knowledgeable Web folk. If you remember nothing else from this article, remember this: Domain name does not necessarily equal trademark in cyberspace. A domain name can, of course, also be a trademark or service mark if it's used in concert with the sale of products or services on the Web. The enforcement of disputes is where things get sticky. "One doesn't have too much sympathy if someone takes out the name to sell it to Coke," says Peter Junger, a law professor at Case Western Reserve University's College of Law and an amateur writer of software code. "But if they're Pittsburgh Coke & Steel Company ... it can be a mess."

The rules are changing now that Network Solutions Inc. recently lost its exclusive franchise to register Net domain names. Several other organizations are competing for the right to fill that void, which will only add to the legal uncertainty over their ability to play regulator or even mediator in domain/trademark disputes. "I really don't know that anyone can say what will happen at this point," says David Post, co-director of the Cyberspace Law Institute and a law professor at Temple University Law School in Philadelphia. But one thing is certain: "They'll want to take a hands-off policy with respect to trademark policy, and stay clear of th at dilemma."

International rules and regs

If you're doing international retailing on the Web, chances are extremely good that you're breaking a number of laws. Germany bans all two-for-one offers, for instance. In heavily wired Sweden, a new law essentially bans all publication of information about individuals on the Net. That's the bad news. The good news? It may not matter much in a practical sense.

Professor Peter Swire, who teaches the law of cyberspace at The Ohio State University Law School, has written widely on e-commerce across national borders. He uses the metaphor of elephants and mice when it comes to enforcement of Web law breakers.

On the Web, he has written, elephants-or large organizations-"are powerful and have thick skin, but are impossible to hide. They are undoubtedly subject to a [foreign] country's jurisdiction." Smaller organizations-mice-are nimble and mobile, and thus difficult for enforcers to catch. "In such instances, legal enforcement, to be successful, will focus on someone other than the mice themselves"-that is, service providers or financial intermediaries. Medium-sized businesses domiciled outside their country, he says in an interview, fall somewhere between.

"Usually, some authority in Berlin is not going to go after a U.S. company which caters to two Germans ... so if you violate some technical advertising rules in Europe, practically speaking, you'll probably be okay." But if you have operations based there, or send your sales force there, it could be different, he notes. Other legal experts assess the risks differently. "Having no employees there doesn't necessarily protect you," maintains Jim Troxell, an attorney with Squire, Sanders & Dempsey who specializes in information technology issues. "German interests can sue in the U.S."

If all else fails, says Swire, there's one generally applicable rule of thumb. "If you follow good, standard, U.S. business practices, you're unlikely to get hurt by sales internationally."

Protecting intellectual property and trade secrets

Specialists in e-commerce say this may be the single biggest blind spot for most companies.

As Troxell puts it: "So many businesses are taking their trade secrets and contracts, calling a Web contractor who creates an application," but failing to contractually protect their ideas that went into making that product valuable in the first place. Those key competitive advantages needn't be limited to obvious items: He points to the case of catalogue merchant L.L. Bean, whose genius for sublime customer service is embedded in its method of quickly and automatically dispatching e-mail to anyone who inquires at its Web site.

He uses another example from the legal services field: a firm, or an individual lawyer, takes everything they know about estate planning and pours it into a good Web package that can prepare someone's plan for just $300. "Here's where the problem comes - I fall out of the relationship with my Web developer and find somebody else. Can I replicate that, or by telling him [the first Web developer] how to imbed my ideas in the software, can he then go to another company, say my law firm competitor down the street, and offer it again?" The answer - probably yes, if you haven't thought to include that item in a contract.

With e-commerce, says former NFL linebacker Jim Kovach - a Stanford Law graduate who once worked on intellectual property issues at a Bay Area law firm, and who is now a top executive at the high-profile Cleveland start-up NetGenics - "the goal is to share, without losing the rights to the information. And with the supply chain, e-commerce is demanding that people who never talked before now talk."

The solution, says Kovach, is a high degree of planning and analysis about what the real family jewels of a company are before you launch into e-commerce. "How do you protect a trade secret while doing e-commerce? You have to basically partition what is and is not a trade secret-those things that no one else has [which] make you a better company-beforehand." Then build a moat around those trade secrets with contracts, copyrights, trademarks or whatever other means appropriate.

None of these speed bumps ought to dissuade anyone from dipping their toes into the e-commerce waters. On the contrary, any company which resists at least some involvement, however fledgling, may be signing its own time-delayed death warrant.

With information technology now accounting for about 42 percent of total corporate capital spending, it has begun to vault ahead of bricks-and-mortar issues for many, perhaps most, companies. And for at least the next two years, state, federal and even world governments have essentially granted a tax amnesty (in the U.S. through the Internet Tax Freedom Act and in Ohio through a "safe harbor" provision), pledging not to tax e-commerce until a comprehensive method for doing so can be worked out.

Which constitutes a giant tax incentive to get started, because no one is predicting that taxing authorities will keep their mitts off this ever-growing source of income. As attorney Jim Troxell pithily puts it: "They're just waiting until they can figure out how to skin the cat efficiently."

In the end, though, there's good news for modest-sized organizations climbing aboard the Web. If you're not a large, high-profile company and you're not running an egregious cyberscheme to defraud investors or customers, chances are pretty good you'll be okay for now simply by following generally accepted business practices. "The biggest protection for small businesses," says Professor Peter Swire, "is that enforcers usually are going to go after the biggest players first."

Action points

  • Think globally.

  • Spam carefully.

  • Use and protect your own trademarks. Tread lightly with others'.

  • Respect intellectual property laws.

  • When contracting for services, read agreements carefully and construct them to protect your investment.

  • Treat the Internet as you would any other communication. If it's not appropriate for a memo or office conversation, it doesn't belong on the Web.