Over the last decade, the internet has become the leading arena for international trade, with websites such as Alibaba and Amazon leading the way in online consumer purchases. It’s no surprise then, that almost all companies – large or small – own a website or a mobile application. Often, during the very first steps of a startup, one of the first acts will be the setting up of a website or mobile app. This is done with the main purpose of establishing a virtual presence, and the assumption that the rest will follow.

Like in the physical world, business in the virtual one requires preparation in order to avoid unnecessary legal liability. For example, if a user on your website publishes user content that infringes the copyrights of a third party, the owner of the website might be found liable for that infringement, and may be required to pay damages.

The best practice for avoiding such liability is a comprehensive and specifically adapted agreement with each of your website or mobile application internet users in the worldusers (For convenience, both will be called a “Website”). However, with almost 3.5 billion internet users, it isn’t reasonable, or even possible, to draft
a unique contract with each and every user. The solution then, is to create a general agreement that will apply to any user that uses the website. This agreement is called a Terms of Use (“TOU”), Terms of Service (“TOS”) or Terms and Conditions Agreement (“T&C”). The TOU is relevant to any website – regardless of whether they offer a service or product, and regardless if they charge a fee or not. All website owners require a TOU, the only difference between each website will be the length and issues covered in it, based on what each website does.

In this article we will focus on the key sections of a TOU, with an in-depth focus on the issues relating to copyrights and user content – meaning content that is uploaded by the users of the website like is done on Facebook, Instagram or Twitter.

What is a TOU or TOS Agreement and why is it needed?

A TOU is an agreement formed between the user of a service and the company offering that service. It defines the ‘dos and don’ts’ of the user’s activities on the site, allocates liability to the different parties, and offers “legal insurance” of sorts to the company against liability claims raised for actions done by its users.

A TOU agreement must be tailor made to a specific product or service, and a general template taken randomly from the internet is usually not sufficient without proper adaptations. A TOU for a gaming app should be significantly different from a TOU for an online shopping website, as they have different functions and therefore different ‘risk points’ for which they may be liable. A TOU that is not adapted to the website’s specific functions will offer the company less protection and increase its exposure.

Does anyone even read the Terms of Service agreement?

Many first time start-ups and website owners tend to think that a TOU is unimportant because most people don’t read them. Although it is true that most users don’t in fact read the TOU, it is a very important part of your legal coverage and has been the main issue in many major law suits which have ultimately come down to whether the TOU existed or not, what they said, and whether the users had reasonable access to them.

How to strengthen the user’s consent to the TOU:

In order for a contract to be legally binding, both sides of the contract need to understand it and enter into it of their own free will. A company has to take a few basic steps in order to prove, in case of a law suit (or to prevent the law suit), that the user indeed agreed to its TOU and not less important, that the user had easy access to it.

A few golden rules :

1. Easy to understand & read: The TOU need to be drafted clearly and a way which is easy for the average user to understand. Additionally, the font needs to be large enough and the document shouldn’t be too long – the average is usually 3-10 pages, depending on how complicated the service is and/or how many services the website provides. This “simple” and “easy to understand” approach has grown more popular over the last few years with companies such as Twitter and Instagram wording their TOU with very clear and easy to understand language.

2. Easy to access: The company must ensure that the user can find the TOU at all times without having to click more than once. This can be easily done by adding a link on the top and/or bottom of the home page and in other relevant locations. For example, a best practice is to add a link to the TOU on the registration page or just before the user clicks “accept” when taking a certain action on the website.

3. Active acceptance: when possible, it is recommended to get the active consent of the user, by presenting the TOU, or a shorter version of them, and having the user click on an “I Agree” button before continuing to the requested service. If technically possible, the “I agree” button should only become active once the user has scrolled down to the end of the document.

That acceptance of the TOU should be documented in the company’s database, with the date, time, IP address and any other relevant information.

Some smaller websites might not have the resources to implement all of the above options, but similar ones may be easily done. The more golden rules you follow, the less likely the chances a user will have should he/she claim that he/she had no knowledge of the TOU or their content.

The Key Sections of the Terms of Use document

Copyright s

There are two main issues in regards to copyrights: (1) the first relates to the use of content (by the website) that your users upload, and the (2) second is the risk of infringing (‘harming’) third parties rights because a user uploaded something that they didn’t have the right to.

A good example of a website where users upload content is Instagram. Another example could be a public blog or a forum. The risk here is that if you don’t clearly define what you (the website owner) can and can’t do with the content, a user may claim that you infringed (harmed) his copyrights. The second risk is that a user will upload content that he or she didn’t have the right to upload – for example an image of the Mona Lisa.

Simply put, the question of copyrights is who owns the rights to content published on the website and who is liable for damages it may cause? As to the first question, the default answer, according to the Law in Israel, is that the creator of the work is the owner. For example, if I took the picture that I’m loading to Instagram, I have the ownership rights to it. However, there are many exceptions to this. For example, if I took the picture as part of my work at Time magazine, and unless agreed otherwise, the rights to the picture belong to my employer (in this case Time magazine). As to the second question – liability – and seeing how it is difficult to find each and every user that infringes on someone else’s rights, it sometimes happens (if not dealt with in the TOU) that the party liable is the website (and their owners) who permitted the publishing of the infringing content.

The way to solve the above is with 2 main provisions (which of course have sub-provisions) but this is the general idea:

1. A license to use the content from the user to the website

In this method, the TOU will state that by uploading content to the website, the user gives the website and its owners an irrevocable license to use the content, free of charge. The advantage of this method is that after the transfer of rights (which is done automatically once the user agrees to the TOU), the user still remains the owner of the content (thus not deterring users from uploading content), but because the license is very broadly defined, and irrevocable, the website can make use of it for almost all its needs without worrying about infringing the users’ rights.

2. A statement allocating liability to the user

As for the liability risk when using content uploaded by users, the TOU needs to clearly state that the user will be liable for any damages caused to the uploading of infringing content – thus shifting the liability from the website to the user. Additionally, the website also needs to implement a take-down system by which if a third party complains that certain content is infringing on his rights, the website will investigate the claim and if found to be true remove the content. By doing this, the website is showing third parties that it does not support this behavior and thus reduces the risk of claims against it.

Definition of the word “content”, dos and don’ts and liability

What is user content? In addition to the above copyright provisions, it is recommended that the TOU include a clause which clearly defines what is included in the term “Content” or “User Content” and what are the approved and/or forbidden uses of the content on the website. For example, it should be specifically forbidden to upload pornographic, racist or offensive content and or content that infringes third parties’ rights. The clause should also include a commitment by the user to follow the rules detailed in the agreement, and an arrangement for the attribution of liability in the event that they don’t. Most common are the arrangements which are purposed to limit the company’s liability for the content and its according damages (for example, viruses or malicious files). The provision must be formulated to be as comprehensive and inclusive as possible, so it offers the best defense for the company from any legal liability. It is also possible to include the right of the company to demand a statement from the user on the truth/legality of his published content, and a statement notifying the user that the company retains the right to remove any content that does not follow the guidelines mentioned in the TOU, alongside another provision stating that the company isn’t committed to actively scan or monitor the published content (this, once again, is to remove the need for the company to spend very large resources scanning for problematic content).

Liability for third party publications

If the company’s website contains external links (to other websites for example – which almost all websites do), allows advertisements by other companies and/or lets external companies provide services on the website itself (even if it’s clear that the services are provided by third parties) it should prominently state that it does not provide these services and/or does not promote the third party advertisements and/or has not reviewed the TOU of the third parties and therefore is not liable for any content published or services provided on those external websites. It is considered best practice to formulate a clause that the company denies liability for any damages, incompatibility or any other possible claim, derived from these third party links or advertisements. In states (in the U.S.) where the law doesn’t permit the denial of liability completely, this clause will not prevent all liability but may reduce it substantially to the minimum possible as defined by that state’s law and is still recommended for the purpose of deterrence.

Flexibility for making changes to the Terms of service

As in other fields in the business world, a TOU for a website should have the flexibility needed to avoid unexpected and unpredicted situations. It is recommended to add a clause that reserves the right of the company to change the terms of the TOU at any given time and at its sole discretion. In addition to allowing the company to make changes, the clause should also clearly state that the changes will become in force (be ‘active’) within a certain period of time – this could be immediately (less reasonable), within 24 hours or within 7 days (more reasonable but limiting for the company in case of urgent changes). Additionally, it is advised to set an arrangement as so far as notifications regarding the change. The company may choose the option of “all changes will be in effect immediately and without notice” or “the company will notify users of any substantial change by email”.

Final thoughts

The TOU is targeted to formalize the relations between the company/website and its users, and has a major influence on reducing the risk for a company. Although adding a TOU will not promise that no claims or suits will ever be filed by a user, it substantially reduces the chances of that happening and if it does, it puts you in a better starting point – assuming of course that you have a decent and personally tailored TOU. The TOU should be accompanied by a Privacy Policy, especially if personal information is connected about the users.

Feel free to comment below or ask any questions. 

The information presented is not legal advice, is not to be acted on as such, may not be current and is subject to change without notice.