- Email: [email protected]
Employers and the internet: Legal woes and concerns
Computers
& Security,
18 (1999) 303-306
Employers and the Internet: Legal Woes and Concerns August Bequai Legal Editor 7922 Jones Brad
Drive,
Suite 133, M&an,
LA 22102,
I:SA
Introduction
Intellectual Property
No one country, government agency, or business owns or exerts total control over the Internet; nor is it likely that this will become a reality in the foreseeable future. This lack of a centralized authority has served to foster diversity in both the content and user community of the Internet. Likewise, no one individual or business entity can be held legally liable for a failure to police transmissions over the Internet.
Words, pictures, music software and other modes of intellectual property, are all subject to the copyright laws. To the extent that doing business over the Internet involves the transmission of words, pictures, music or software, the copyright laws could pose a legal hurdle for many users.
Yet the legal woes and concerns that permeate the Internet, do not differ significantly from those that permeate the traditional vehicles of commerce. For example, an area of special legal concern with regard to the Internet, involves disputes over proprietary data. The existing intellectual property laws, while both broad and comprehensive, have not been well defined when applied to individuals, businesses, and government agencies operating over the Internet. However, given the global nature of the Internet, with many political and private entities vying for some form of control, there does exist a degree of uncertainty as to how intellectual property and related laws will find application over the Internet. While some discernible trends have appeared, the outcome is far from assured.
0167-4048/99$20.00
0 1999 Elsevier Science
The copyright laws provide safeguards for original works of authorship fixed in any tangible medium of expression; giving the holder of the copyright exclusive rights over the work in question. For example, the right to copy or reproduce a copyrighted work, distribute it by sale or other transfer of ownership, prepare derivative works, or display the work publicly is the prerogative of the copyright holder.The latter also has the exclusive right to authorize another to undertake any of the above acts. However, legal liability for copyright infringement does not require intent on the part of the infringer. If one copies or distributes a copyrighted work without its owner’s authorization, ignorance of-the fact that the work was copyrighted is not a legal defence to a charge of infringement. Copyright violations are viewed as strict liability offenses by the courts.The fact that they may occur over the Internet does not impact on copyright laws.
Ltd. All rights reserved
303
Employers and the Internet/August Bequai
The judicial approach in cases where two innocent parties are involved - i.e., a copyright holder who has lost profits from the unauthorized copying, or an innocent copier who distributed copies of the work without knowing it constituted an infringement - is for the loss to be borne by the infringer.The reasoning being that those who perform or distribute copyrighted work, are in a better position to guard against the possibility of infringement through diligent inquiry. Various legal theories have been employed to impose copyright liability on the dissemination of unauthorized copyrighted works. Both corporations and individuals that infringe on a copyright holder’s exclusive rights are directly liable for their actions.The theory of contributory infringement is aimed at those who know of and participate in the infringing activity, but may not themselves infringe directly. The theory of vicarious liability can also be used against corporations and individuals who have control over, and derive benefits from the infringing acts of others; even if they have no knowledge of or directly participate in the acts in question. Some of these legal principles are not being applied to the Internet. For example, the system operator of a bulletin board can be held liable for copyright infringement under the theories of direct and contributory infringement. Liability for copyright infringement over the Internet has also been extended to corporations for the actions of their employees, agents, and officers. Increasingly, corporations are being called upon to oversee the activities of their employees over the Internet. A potential defence to findings of secondary liability can come into play where the device used to commit the infringement, plays also a legitimate business functionThose courts that have addressed this question, have held that the sale of such equipment does not constitute contributory infringement, provided the equipment has also non-infringing applications. For example, a VCR has a legitimate function in allowing users to record uncopyrighted telecasts and view them at a later time. However, it remains to be seen whether, and to what extent, this judicial view
304
will be extended services.
to incorporate
online
products
and
Legal defenses based upon the transnational nature of the Internet can also prove valid. For example, the Copyright Act has no extraterritorial effect and will not apply to unauthorized downloading when it occurs outside the US. However, in the case of international transmissions, where packets are transmitted from server to server across a network and with intermediate copies created over the network during the transmission, the Act could find application.To date, the courts have not fully addressed this area.
Trademark Infractions The trademark and unfair competition law known as the Lanham Act, provides the registrant of a trademark with the exclusive right to use the registered mark in commerce on the goods or services specified in registration. Trademark infractions can result from either confusion or the false designation of origin. Under the former, a violation can occur in cases involving a counterfeit or colorable imitation of a registered mark, where its use may result in confusion or deception. An infraction of the trademark laws under the confusion standard can give rise to a private right of action by the registrant. An infraction under the false designation standard can give rise to a private right of action by any business or individual that suffers a loss.
Use Of Patents Any company or individual doing business over the Internet, should be cognizant of the potential exposure it faces for any infractions of the patent laws. While computer software and hardware are patentable, US courts have yet to establish welldefined standards for software in patent cases. However, for a product to qualify for a patent it must be useful, novel and non-obvious at the time of its invention. Anyone who makes, uses or sells a patented
Computers & Security, Vol. 18, No. 4
product during the duration of its patent without authorization from its owner, is an infringer. As in the case of copyrights and trademarks, an infringer faces civil liability.
Defamation in Cyber-Space Doing business over the Internet can also run afoul of the laws of defamation, since each transmission constitutes a communication. However, for the communication to be defamatory it must be false; as well as injurious to one’s reputation. Defamation does not occur if the statements are true.The defendant bears the burden of proving its veracity. While defamation does not occur unless an individual can prove some specific damages that he has suffered, some statements can be viewed as being injurious by their very nature; in which case proof of damage(s) is not necessary. The latter are considered defamatory per se. For example, sending an E-mail massage that accuses a co-worker of a crime, could be viewed as defamatory per se. But according to current judicial trends in the US, whether someone who provides a forum for the online communications of others is liable for their defamatory communications, will depend largely upon the extent to which the provider exercises editorial control. An individual can be held liable for any defamatory communications he makes over the Internet, just as if he had used a traditional publication vehicle.
Obscene Conduct A serious concern for users of the Internet, is that of obscene conduct. As in the case of defamation, a distributor of obscene materials cannot be liable unless he had knowledge of the content of the materials being distributed. However, whether the material is viewed as obscene will depend on the standards of the locality where the violation is alleged to have occurred. For example, a couple residing in New York City was convicted in Georgia for transmitting, via computer,
obscene materials. Prosecutors in Georgia relied on the local community standards test to obtain their conviction. The material in question would not have been viewed as obscene by New York City standards.
Privacy Intrusions A corporation doing business over the Internet may be liable for the conduct of its agents and employees. It faces the problem of to what extent can it monitor their E-mail and other communications to ensure compliance with its Internet policies. This challenge raises a host of privacy concerns that are addressed by an array of federal and state laws. However, the legal out-come will largely depend on whether an employee has consented to the search or whether he or she had an expectation ofprivacy in his or her communications. But regardless of whether or not an employee is placed on notice, US law is not yet settled as to the extent to which an employer can monitor an employee’s E-mail.
Limiting the Risks A company’s legal exposure from doing business over the Internet can be limited - while not entirely eliminated - by requiring its workforce to comply with codes of ethics and Internet security measures it has established. These proactive measures should provide for: Passwords and verification procedures at the various Internet sites, where business is conducted; as well as instructs its workforce that these are confidential and are not to be shared with unauthorized personnel. These efforts should be primarily directed at reducing the risk of unauthorized activities and business transactions. Policies and procedures that limit participation in chat channels and bulletin boards, only to those made of software applications that block employee access to lewd and lascivious forums. Training of the workforce on the proper use of
305
Employers and the Internet/August Bequai
l
l
l
306
the Internet; especially as regards Internet-etiquette. The latter can address the problem of users receiving inflammatory messages from co-workers. Restrictions on the off-site use of software by staff who use the Internet or other networking methods to link with the workplace from outside locations. Directing staff to abide by corporate policies and procedures which define what constitutes proper use of the Internet. Use of technologies to detect potential security gaps in the system; as well as promptly posting warnings about potential security breaches and problems as these are uncovered.
Conclusion A modern business would do well to establish and enforce Internet security policies. These can prove effective in limiting its legal exposure.The Internet, by its nature, allows information to be replicated and transmitted around the world to millions of
August Bequai, Esq. Is a McLean,Virginia
numerow
books and articles.
attorney
and the author of
& Security,
18 (1999) 303-306
Employers and the Internet: Legal Woes and Concerns August Bequai Legal Editor 7922 Jones Brad
Drive,
Suite 133, M&an,
LA 22102,
I:SA
Introduction
Intellectual Property
No one country, government agency, or business owns or exerts total control over the Internet; nor is it likely that this will become a reality in the foreseeable future. This lack of a centralized authority has served to foster diversity in both the content and user community of the Internet. Likewise, no one individual or business entity can be held legally liable for a failure to police transmissions over the Internet.
Words, pictures, music software and other modes of intellectual property, are all subject to the copyright laws. To the extent that doing business over the Internet involves the transmission of words, pictures, music or software, the copyright laws could pose a legal hurdle for many users.
Yet the legal woes and concerns that permeate the Internet, do not differ significantly from those that permeate the traditional vehicles of commerce. For example, an area of special legal concern with regard to the Internet, involves disputes over proprietary data. The existing intellectual property laws, while both broad and comprehensive, have not been well defined when applied to individuals, businesses, and government agencies operating over the Internet. However, given the global nature of the Internet, with many political and private entities vying for some form of control, there does exist a degree of uncertainty as to how intellectual property and related laws will find application over the Internet. While some discernible trends have appeared, the outcome is far from assured.
0167-4048/99$20.00
0 1999 Elsevier Science
The copyright laws provide safeguards for original works of authorship fixed in any tangible medium of expression; giving the holder of the copyright exclusive rights over the work in question. For example, the right to copy or reproduce a copyrighted work, distribute it by sale or other transfer of ownership, prepare derivative works, or display the work publicly is the prerogative of the copyright holder.The latter also has the exclusive right to authorize another to undertake any of the above acts. However, legal liability for copyright infringement does not require intent on the part of the infringer. If one copies or distributes a copyrighted work without its owner’s authorization, ignorance of-the fact that the work was copyrighted is not a legal defence to a charge of infringement. Copyright violations are viewed as strict liability offenses by the courts.The fact that they may occur over the Internet does not impact on copyright laws.
Ltd. All rights reserved
303
Employers and the Internet/August Bequai
The judicial approach in cases where two innocent parties are involved - i.e., a copyright holder who has lost profits from the unauthorized copying, or an innocent copier who distributed copies of the work without knowing it constituted an infringement - is for the loss to be borne by the infringer.The reasoning being that those who perform or distribute copyrighted work, are in a better position to guard against the possibility of infringement through diligent inquiry. Various legal theories have been employed to impose copyright liability on the dissemination of unauthorized copyrighted works. Both corporations and individuals that infringe on a copyright holder’s exclusive rights are directly liable for their actions.The theory of contributory infringement is aimed at those who know of and participate in the infringing activity, but may not themselves infringe directly. The theory of vicarious liability can also be used against corporations and individuals who have control over, and derive benefits from the infringing acts of others; even if they have no knowledge of or directly participate in the acts in question. Some of these legal principles are not being applied to the Internet. For example, the system operator of a bulletin board can be held liable for copyright infringement under the theories of direct and contributory infringement. Liability for copyright infringement over the Internet has also been extended to corporations for the actions of their employees, agents, and officers. Increasingly, corporations are being called upon to oversee the activities of their employees over the Internet. A potential defence to findings of secondary liability can come into play where the device used to commit the infringement, plays also a legitimate business functionThose courts that have addressed this question, have held that the sale of such equipment does not constitute contributory infringement, provided the equipment has also non-infringing applications. For example, a VCR has a legitimate function in allowing users to record uncopyrighted telecasts and view them at a later time. However, it remains to be seen whether, and to what extent, this judicial view
304
will be extended services.
to incorporate
online
products
and
Legal defenses based upon the transnational nature of the Internet can also prove valid. For example, the Copyright Act has no extraterritorial effect and will not apply to unauthorized downloading when it occurs outside the US. However, in the case of international transmissions, where packets are transmitted from server to server across a network and with intermediate copies created over the network during the transmission, the Act could find application.To date, the courts have not fully addressed this area.
Trademark Infractions The trademark and unfair competition law known as the Lanham Act, provides the registrant of a trademark with the exclusive right to use the registered mark in commerce on the goods or services specified in registration. Trademark infractions can result from either confusion or the false designation of origin. Under the former, a violation can occur in cases involving a counterfeit or colorable imitation of a registered mark, where its use may result in confusion or deception. An infraction of the trademark laws under the confusion standard can give rise to a private right of action by the registrant. An infraction under the false designation standard can give rise to a private right of action by any business or individual that suffers a loss.
Use Of Patents Any company or individual doing business over the Internet, should be cognizant of the potential exposure it faces for any infractions of the patent laws. While computer software and hardware are patentable, US courts have yet to establish welldefined standards for software in patent cases. However, for a product to qualify for a patent it must be useful, novel and non-obvious at the time of its invention. Anyone who makes, uses or sells a patented
Computers & Security, Vol. 18, No. 4
product during the duration of its patent without authorization from its owner, is an infringer. As in the case of copyrights and trademarks, an infringer faces civil liability.
Defamation in Cyber-Space Doing business over the Internet can also run afoul of the laws of defamation, since each transmission constitutes a communication. However, for the communication to be defamatory it must be false; as well as injurious to one’s reputation. Defamation does not occur if the statements are true.The defendant bears the burden of proving its veracity. While defamation does not occur unless an individual can prove some specific damages that he has suffered, some statements can be viewed as being injurious by their very nature; in which case proof of damage(s) is not necessary. The latter are considered defamatory per se. For example, sending an E-mail massage that accuses a co-worker of a crime, could be viewed as defamatory per se. But according to current judicial trends in the US, whether someone who provides a forum for the online communications of others is liable for their defamatory communications, will depend largely upon the extent to which the provider exercises editorial control. An individual can be held liable for any defamatory communications he makes over the Internet, just as if he had used a traditional publication vehicle.
Obscene Conduct A serious concern for users of the Internet, is that of obscene conduct. As in the case of defamation, a distributor of obscene materials cannot be liable unless he had knowledge of the content of the materials being distributed. However, whether the material is viewed as obscene will depend on the standards of the locality where the violation is alleged to have occurred. For example, a couple residing in New York City was convicted in Georgia for transmitting, via computer,
obscene materials. Prosecutors in Georgia relied on the local community standards test to obtain their conviction. The material in question would not have been viewed as obscene by New York City standards.
Privacy Intrusions A corporation doing business over the Internet may be liable for the conduct of its agents and employees. It faces the problem of to what extent can it monitor their E-mail and other communications to ensure compliance with its Internet policies. This challenge raises a host of privacy concerns that are addressed by an array of federal and state laws. However, the legal out-come will largely depend on whether an employee has consented to the search or whether he or she had an expectation ofprivacy in his or her communications. But regardless of whether or not an employee is placed on notice, US law is not yet settled as to the extent to which an employer can monitor an employee’s E-mail.
Limiting the Risks A company’s legal exposure from doing business over the Internet can be limited - while not entirely eliminated - by requiring its workforce to comply with codes of ethics and Internet security measures it has established. These proactive measures should provide for: Passwords and verification procedures at the various Internet sites, where business is conducted; as well as instructs its workforce that these are confidential and are not to be shared with unauthorized personnel. These efforts should be primarily directed at reducing the risk of unauthorized activities and business transactions. Policies and procedures that limit participation in chat channels and bulletin boards, only to those made of software applications that block employee access to lewd and lascivious forums. Training of the workforce on the proper use of
305
Employers and the Internet/August Bequai
l
l
l
306
the Internet; especially as regards Internet-etiquette. The latter can address the problem of users receiving inflammatory messages from co-workers. Restrictions on the off-site use of software by staff who use the Internet or other networking methods to link with the workplace from outside locations. Directing staff to abide by corporate policies and procedures which define what constitutes proper use of the Internet. Use of technologies to detect potential security gaps in the system; as well as promptly posting warnings about potential security breaches and problems as these are uncovered.
Conclusion A modern business would do well to establish and enforce Internet security policies. These can prove effective in limiting its legal exposure.The Internet, by its nature, allows information to be replicated and transmitted around the world to millions of
August Bequai, Esq. Is a McLean,Virginia
numerow
books and articles.
attorney
and the author of