I got an email from Fred von Lohmann of the Electronic Frontier Foundation yesterday. It began, "Half the companies you blog about have copyright or privacy legal issues simmering just under the surface. Since most of them are thinly capitalized, when they get into trouble, they're likely to call EFF for legal advice. Several already have."
I called von Lohmann right away, since I've had a nagging feeling for months that too many of the interesting products I've been seeing were legally shaky. So I talked with him to come up with this list: 9 Fun Ways Web 2.0 Startups Can Commit Legal Suicide.
For more information than can fit in a blog post, you might want to check out the EFF's upcoming Compliance Bootcamp on Oct. 10 in Mountain View. I told von Lohmann I'd link to the event in exchange for this preview.
1. Ignoring the rules of Safe Harbor Many media sharing sites, like SimplifyMedia
, exist in a narrow legal framework carved out of the DMCA. But you can't take advantage of the Safe Harbor provisions of the DMCA if you don't register as a "copyright agent." All that's required is filling out a form and paying an $80 fee. You can't get protection without registering. As von Lohmann said, "The difference between you and Napster might be this form."
2. Ignoring the Terms of Service chain This applies to sites that collect or aggregate data--like Mint
, which collects its users' financial information. The sites where the data are coming from may have terms of service that prohibit their users from sharing them with third parties. Sites that collect this information may be seen as encouraging breech of contract, which is a legal exposure.
3. Falling for a sob story If you're collecting personal information from or about people, there will be other people who want it. They may call up your company and give someone there a convincing story to get it. If your team falls for this "pretexting," or social engineering, users can sue you for exposing their information.
… Read more