High Technology and the Law

A Legal Perspective on the Open Systems Industry

The Law and the Net

A commonsense approach to the use of the Internet can prevent many legal problems before they start.

For its own safety, an employer should be aware of how its employees are using its systems and the Internet.

By Jonathan Wallace

When a company connects to the Internet, it gives its employees an opportunity to participate in an exciting new communications medium that can make them more productive. The company also acquires a confusing bundle of legal rights and obligations, which it may not understand and which the courts will be clarifying for years to come. For example, the Internet has been called the first true "two-way" communications medium; everyone who uses it has the opportunity to be both a publisher and a distributor of information. It is important to understand these two roles and the differences between them.

If you create content and put it on the Internet, you are a publisher. However, if you use your Internet server to store or republish information created by others, you are considered a distributor of information, similar to a bookstore. Publishers are required by the law to understand and take responsibility for the material they publish. Thus, if it contains "illegal" information--a libelous statement, copyrighted material used without permission or obscenity--the publisher will be held liable. On the other hand, a distributor is not required to read and know the contents of everything it distributes (a bookstore owner cannot read every book in the store). Therefore, a distributor is responsible only for distributing information that it knows is illegal.

The bookstore analogy was applied to the online world by a trend-setting case a few years ago called Cubby v. CompuServe, where a federal judge in New York held that CompuServe was not liable for a false statement a user made about Cubby on one of its forums. The Church of Scientology (COS) took this precedent to heart. When it brings one of its numerous lawsuits in pursuit of copied church documents on the Net, COS will first put an Internet service provider (ISP) on notice that a user is engaging in copyright violations. If the ISP declines to do anything, COS sues the ISP along with the infringing user, claiming that the ISP contributed to the violation.

In another recent copyright misunderstanding, an individual operating a Web site pertaining to voice transmission over the Net posted a software driver that a user had e-mailed to him. The driver worked with a particular commercial voice product, and its owner sued the Web site operator for copyright infringement. He took the offending software offline and informed the few users who had downloaded it that it was an illegal copy, but the lawsuit is still pending.

In the Monitor of the Beholder

Another area of potential liability for employers is indecency, under the new Communications Decency Act (discussed here in August 1995). While this law is extremely vague and its constitutionality is being litigated, employers should watch developments carefully. The act extends the Cubby precedent to indecent material, meaning that if a company becomes aware that its computers are being used to distribute material that depicts or describes sexual acts or organs, it may suffer criminal liability or fines.

The graphical World Wide Web can also create interemployee problems that become the company's headache. The constant presence of sexual images on an employee's screen can add up to sexual harassment of another employee who objects to it; in this sense, the picture on the screen is no different than an offensive poster on a wall.

For its own safety, an employer should be aware of how its employees are using its systems and the Internet. Most employees are honest and reliable but a renegade--like the person who used a laboratory computer to store large amounts of pornography--makes life difficult for everyone. A clearly written company policy on use of the Internet will go a long way toward avoiding problems. Start by asking yourself what your employees really need the Internet for, then define the policy accordingly. One company, which gave Internet access to salespeople, wanted them to be able to look for leads in Usenet newsgroups and on the Web. However, it didn't want the Net to keep them off the phone during "prime time," so it published a policy that Net use should occur only before 10 a.m. and after 4 p.m.

Technological solutions can also be of use. The same company placed two technical restrictions on its salespeople. File Transfer Protocol was disabled, because the salespeople did not need to receive or send files in order to carry out their mission of obtaining sales leads. Also, several sites on the Web that could interfere with productivity (while creating headaches for the company) were blocked, such as those of Playboy and Penthouse magazines.

Some critics call this censorship or Big Brother-type intervention. But use of the Net by employees is a privilege, not a right. Employees unhappy with the company policy are free to maintain their own Internet accounts from home, which they can use for whatever purposes they please. Despite the high-tech trappings, company policies pertaining to the Net are similar to those governing use of the telephone. You have a right to decide that your employees should not make personal calls to Hawaii on your company phone; you have a similar right to decide that they should not use your computers and Net connection to publish, view or download material that could get you into trouble.

Jonathan Wallace is vice president and general counsel of Pencom Systems, Inc., in New York City. He can be reached at jw@pencom.com.