Coupon Accepted Successfully!

Introduction - relevance of information technology law (IT law) and cyber laws for business owners and their advisors
What issues relating to IT law should businesses be aware of?

How can professionals (such as lawyers, CAs, Company Secretaries), consultants and advisors use IT-law related skillsets to add value to their clients?

How can businessmen use knowledge of IT law in their business?

Businesses have moved over to internet in an unprecedented way. It is difficult to imagine a business without internet – except for the local kirana store maybe. Even the local grocery stores can use internet in innovative ways to increase footfall and customer engagement. All local businesses have been creating web presence through their own websites, or aggregation and rating services. Yelp, Zomato or AskLaila do exactly that. If you want to grow in the internet age, ignoring technology is very difficult.

As internet and software become a part of everyday business transactions, what role do internet and technology laws play? Are these laws really relevant for the everyday businessman or their advisors and consultants? What is the part that lawyers, accountants and company secretaries can play in the shift towards software, internet and mobile-based activities?

We tried to answer this question by isolating some of the issues that almost all businessmen in today’s world need to know. Let’s start by identifying why businesses use the internet before we start identifying the laws that may apply.

Activities that have moved online
  1. Internet makes communication easier – so it is frequently used by businesses for communication of all sorts. Let’s sort the communication work in a few categories: 
  • Business communication – person-to-person, such as emails, online chat, calls over Skype, etc.
  • Business contracts – online offer and acceptance.
  • Public conversations with users via websites, blogs and social media
  1. Performance of various transactions and other activities online
  • Advertisements and marketing
  • Online buying and selling
  • Online performance of service (eg. design or secretarial services)
  • Online creation of intellectual property (imagine a teacher taking a class online or a singer performing live on the web)
  • Software as a service – provided from the cloud
  • Online dispute resolution
  • E-governance and online interface with government – e-filing of documents, electronic certificates, electronic bidding and complaint procedures
  1. Framework for various online activities and provision of internet infrastructure
Many traditionally offline activities can now take place online. Performance of some transactions may take place online. Usually terms and conditions of such transactions will be agreed between parties.
  • : Consider online dispute resolution - it is common for parties to arbitrate offline in a specified venue. However, technology has now made it possible for the entire proceeding to take place online.
There is no limit to what activities and transactions can take place online – provided that we have technology to do so.
Provision of internet infrastructure

Movement of transactions online has created a space for service providers to provide new services such as hosting, cyber-security, payment gateways to perform these tasks.
Internet is also being used to route tasks – for example, a company may use the internet to outsource tasks to a location and entity to which it would have otherwise found it difficult to do so in the absence of such a channel for communication and collaboration. This requires businessmen to be able to define tasks and identify definite criteria for performance measurement, so that location, cultural differences, or lack of familiarity with the other side does not come in the way of setting mutual expectations.

How law affects online activities

Information technology-related legal issues are being listed below:
  1. Internet-related contracts and documentation:
Emergence of internet-related services and performance of various transactions online has given rise to the need of specific legal documentation to govern the terms of these services and security practices. Creation of terms and conditions for websites and various internet-related services, privacy and information security policies to protect user data, service level agreements to set the right deliverables for transactions have become extremely important.

Typical contracts and policies are:
  • Terms of service (TOS), terms of use or user agreements
  • Privacy policies
  • Service level agreements, cloud computing and outsourcing agreements which specify special performance metrics
  • Advertising guidelines
  • Data use policies
Note that the actual content of terms of service and user agreements can significantly differ depending on the kind of platform and services being offered by the website. For example, an e-commerce platform selling physical products will have very different terms of service from that which is selling digital goods, or a social media website.

Similarly, service level agreements can differ vastly depending on the type of service that is being outsourced.
  1. Regulatory and jurisdiction-related issues:
Regulatory issues pertaining to the specific function being performed by the website or directions of the sectoral regulator may be important in certain cases. For example, a website which accepts online payments must be compliant with regulations pertaining to online payment systems. Sometimes, a regulator may stipulate certain requirements for businesses or professionals - for example, SEBI has issued guidelines requiring listed companies to provide certain kinds of information on their website. Similarly, the Institute of Chartered Accountants has issued guidelines for maintenance of websites by CAs and CA firms (see here). Guidelines issued by the Bar Council of India for lawyers can be accessed here.

Jurisdiction-related issues are extremely important. In case of a dispute, where will the website be sued? Which government will take action? Apart from internet giants such as Google or Microsoft which may have physical business presence in multiple countries, it will be extremely inconvenient if an online business with nation-wide or international reach is sued by entities in multiple locations. Therefore, it must look for ways to restrict legal proceedings against itself to a particular forum or court, so that it is feasible and convenient for representatives of the business to be present at the court proceedings for the purpose of defending itself. In fact, if they can help it, even technology giants would prefer to be sued in the courts of a country of their choice. How can the risk of being sued in multiple locations be minimized? Jurisdiction-related issues will be discussed in a subsequent chapter.
  1. Legal issues surrounding new types of businesses:
Sometimes, technology-based businesses can give rise to very different kinds of legal issues. For example, Airbnb is a startup which enables cash-strapped travellers to rent a room at homeowners, thus providing a cheaper alternative to staying in hotels. However, a New York judge fined one of its users (who provided a room in his house to a traveller) on the ground that commercial renting out a room made his house a hotel, which is not allowed under New York regulations without having the necessary permissions (see here).

2012-2013 saw the emergence of ride-sharing startups – that is, companies which enabled users to pool their cars. Essentially a ride-sharing startup merely provided an online app where users who wanted a ride could identify other drivers who were driving on the same route (in their personal cars), and get a ride. This could potentially save fuel, parking costs and even enable the driver to share costs. However, in San Francisco, officials started imposing fines and arresting such drivers, on the ground that they did not have licenses to ply taxis. Later in California, the public utilities commission modified local regulations to allow ride-sharing companies to operate – the law allowed a company which enabled riders to share rides in their personal vehicles through an internet-based platform to operate (see here).

In the above cases, note that it was not the startup which directly ran into legal trouble, but it was the users - car drivers who drove their personal vehicles and offered a ride to others, or homeowners offering their rooms on rent, who used the services of the startup who fell into legal trouble (the startup may or may not have been implicated for abetting legal violations. However, this is irrelevant as such legal risks will jeopardize the entire business model of the startup.

Such problems are not necessarily new - even earlier, the release of Google Books had publishers and authors up-in-arms against Google for potential copyright violations, the arrival of ads inside Gmail had given rise to privacy concerns. In these cases however, the risk was directly to the business itself.
  1. Content-related issues and intellectual property:
If you own or advise a company which simply maintains a website, a blog and some social media presence, the one of the key goals will be to protect the intellectual property in your content and to prevent it from being copied without permission. Hence, an understanding of what steps can be taken in case there is an intellectual property violation will be extremely important. The chapter discussing takedown notices will be helpful for this.
Similarly, content-heavy websites which enable user-generated content such as Blogger or YouTube, or news aggregators such as Google News or Flipboard are prone to even more risks apart from intellectual property infringement - defamation, hate speech, hurting religious sentiments, insults to a individuals or groups, etc. could be some of the issues.

Where websites enable user-generated content to be posted, they may not be able to always monitor the quality of such content beforehand (unless there is a complaint from a user). What are their duties and responsibilities? What are the risks they face? How should they respond to takedown notices?
  1. Legal issues around online reputation management:
A lot of local businesses have started getting customers through online marketing, user reviews and contact details that are available on the internet – since users are constantly accessing the internet, any business is likely to be interested in ensuring that there is no damaging information pertaining to itself on the internet. For this, it may be required to initiate online conversations, participate in conversations started by others and monitor these consistently at a broader level. Online reputation management deals with strategies to monitor and track conversations around a business and strategies that can be deployed so that the business does not have a negative reputation online. For businessmen or their advisors such activities can have legal ramifications, which we will discuss separately.
  1. Government interception:
Understanding situations when a website may be required to share data with government agencies, or when access to the website can be entirely blocked by the government or regulatory agency is important. For example, government-agencies across the world have requested Google, Facebook, Yahoo, Twitter and various other websites to share content – Facebook is known to disclose more frequently to the government whereas Twitter follows a relatively strict policy and is known to be less amenable to government requested for disclosure. Google started releasing a ‘transparency report’ to inform users about the number of government requests received each year, a trend which was picked up by several other technology companies (read more about transparency reports here and here).
Platform-based businesses, social media companies and other businesses which provide access to user-generated content are more likely to receive government-requests to disclose data or to block access to content, and it may be important for them to have a sense of legal provisions related to these issues.
  1. Internet crime:
It is important for business-owners and their advisors to know about legal actions it can take when it is subject to internet crimes such as hacking or unauthorized access of user data, denial of service attacks, mass credit card fraud and identity theft.

This course will address various legal and strategic aspects which arise from online transactions, internet communication and similar relationships. The introductory chapters will first explain legal issues arising from the unique network or web-like structure of the internet and its transnational structure.
  1. Governance-related issues
Electronic governance is increasing – company law related compliance, tax-related filings, customs law filings and tender submissions have largely moved online. Business owners and their advisors should appreciate legal issues arising out of electronic contracts, digital signatures and e-filings. 

Test Your Skills Now!
Take a Quiz now
Reviewer Name