ABA Open Source Panel in New York

While much of the open source community was in San Francisco last week at the LinuxWorld Expo , I was in New York at the 2008 Annual Meeting of the American Bar Association (ABA) speaking at the “Life after GPLv3: New Developments in Open Source Software Licensing” event organized by the ABA Section of Intellectual Property Law. My presentation covered an update on the lawsuits filed over the past 12 months by the Software Freedom Law Center (SFLC) on behalf of their clients Erik Andersen and Rob Landley (the two principal developers of the BusyBox open source utility) against Monsoon Multimedia, Xterasys Corporation, High-Gain Antennas, Verizon Communications, Bell Microproducts, Inc., Super Micro Computer, Inc. and Extreme Networks alleging copyright infringement based on a violation of version 2 of the GNU General Public License (GPL) in connection with BusyBox. In addition to discussing the history and resolution of the BusyBox cases (including my involvement with several of the cases), I also highlighted the similarities and differences between these cases and past open source software license enforcement efforts outside of the courts by the Free Software Foundation (FSF) and Harald Welte of gpl-violations.org. The presentation materials are now available online. I understand that the ABA will be posting the materials from the other presenters at the event, as well as a podcast of the entire event, on the ABA website in the coming weeks.

Many thanks to Mark Wittow and Gloria Archuleta, co-charis of ABA IP Section for organizing the event and inviting me to speak. Thanks also to my co-presenters Terry Ilardi of IBM Corporation, Jim Markwith of Microsoft Corporation, and Gabe Holloway of Leonard, Street and Deinard, as well as the moderator of the panel discussion portion of the event, Sue Ross of Fulbright & Jaworski L.L.P.

How Do I Build an Enforceable Online Agreement? — Not (Always) the Way SalesForce.com or Google Would

The issue comes up on an increasingly frequent basis. A client is preparing to begin delivery of a new service (or product) through their web site. As part of their preparations, the client involves me (or, let’s say “an attorney”) to help them implement an online (“click-through” or “click-to-accept”) contract covering the terms under which the new service (or product) will be provided to their users. While almost all clients understand that this will entail the preparation of an online “terms of service” contract, not all also appreciate that the contract document itself is really only part of the equation. Creating a legally enforceable online agreement is also dependent on how that contract is implemented and whether the implementation is sufficient to create a legally binding agreement with each user. Examples of how to implement online contracts certainly abound — and in addition to contacting legal counsel many clients will also naturally look to major web sites for guidance on how to implement their own online contracts. However, it is not always a given that even these larger players have made the best decisions in designing their online contracting practices. As a result, simply asking “What would SalesForce.com and Google Do?” is not always the best approach.

At last year’s American Bar Association (ABA) Annual Meeting in San Francisco a panel hosted by the ABA Committee on Cyberspace Law discussed the results of a year-long working group on legal best practices for electronic contracting. Given the increasing frequency with which all companies (technology vendors or otherwise) must deal with online contracting issues, the findings of the working group are likely to be of interest to many companies (particularly if the alternative involves simply relying on whatever practices have been adopted by other web sites). While the current law in the area of online contracting is certainly still developing and in places resembles more of a patchwork of seemingly inconsistent legal decisions, the working group found that certain basic principles have emerged for establishing legally enforceable online agreements. In particular, the panel indicated that the working group had identified four “bottom line” steps for forming legally binding online agreements:

1. The user must have adequate notice that the proposed terms exist;
2. The user must have a meaningful opportunity to review the terms;
3. The user must have adequate notice that taking a specified, optional action manifests assent to the terms; and
4. The user must, in fact, take that action.

Among these four steps, adequate notice of the existence of the proposed terms is among the most important. The concept here is nothing new. Online contracts are not different from traditional paper contracts when it comes to notice of terms. As the panel indicated, the standard here asks quite simply whether a reasonable user entering into the agreement would understand what the terms were. The panel suggested that this generally means making the terms immediately visible to the user before assent is given — for example, through an on-screen window with a button that the user must click before moving on to the next screen. While there are many examples of what would be deemed “reasonable” under the circumstances, the more the notice of the terms is not straightforward, the greater the risk that the notice will not be deemed reasonable to form a binding agreement.

Despite the urging of counsel, the panel noted (and I would concur) that this simple step is often abused or simply not followed. Many times, it is a failure to provide the terms of the contract or at least a functioning hyperlink to a separate page containing the terms. Sometimes it is more subtle in that certain terms are only presented after the transaction has been completed on a confirmatory screen or email. Recently, I was working with a client who was reluctant to present the terms of their online contract as in fact being part of a “binding” agreement. Instead, the client wanted to present the terms merely as a request (or suggestion) to the users of their web site. As the panel noted, not only must the terms be presented to the user, but it must also be explicit and clear that the terms form a binding agreement between the parties.

While notice is a continual hot-button issue, the other “bottom line” steps are also important. It is of note that providing a “meaningful opportunity” to read the terms of the contract does not necessarily require that the user actually read the terms of the contract, only that they be given the opportunity to read the terms (you can lead a horse to water, but you can’t make it. . . ). The discussion by the panel specifically cautioned against using separate pop-up windows for purposes of accomplishing this step. As someone who has a pop-up blocker set on his own browser, I would agree that there is definitely a risk in this practice.

The issue of assent is also not to be overlooked. While the now ubiquitous “I Agree” button is the norm, I have reviewed sites that instead allow the use of standard browser navigation buttons to manifest assent. The panel noted this issue and stated that assent must be through some action that the user would not otherwise take automatically (like using the buttons on their browser to navigate to the “next” page of the web site). Instead, assent should be through an “optional action manifesting assent” to the terms of the contract.

In addition to the four bottom line steps, the panel also noted that the ultimate issue in any contracting situation is one of proof — can the party seeking to enforce the contract prove that the necessary steps were followed to form a binding agreement? The situation is no different in the context of online contracting. This means proving that a user either clicked a box (or was presented with a set of terms and continued forward anyway). While many web sites are set up to help provide this proof, it is worth considering what you would do if your agreement was challenged by a user and you had to prove that your web site implemented these four “bottom line” steps when the user accessed the site. While not always an easy task, the panel noted that particularly where a web site has gone through multiple updates or revisions (and what web site hasn’t), retaining records of the prior iterations of the site can be a valuable aide in helping to prove that users of the previous versions of the site did in fact enter into a binding agreement.

As I have mentioned in prior posts, the law in this area continues to evolve. The “bottom line” steps provided by the working group of the ABA Committee on Cyberspace Law are certainly of assistance — particularly, as noted above, when the alternative involves relying on whatever practices have been adopted by other web sites. However, best practices for online contracting are likely to continue to change as the law of online contracting continues to evolve. As a result, continued periodic review and update of online contracts and contracting practices will continue to be a must to help ensure continued legal compliance.