Pro Bono Partnership

 

 

 

 

 

 


Auditing the Non-Profit Website

© 2002 Geoffrey G. Gussis, Esq.
 

This article was prepared by Geoffrey Gussis, Esq. for educational purposes for the Pro Bono Partnership’s clients and volunteer attorneys and should not be considered legal advice on any specific matter. For further information, please contact the Partnership.

An Internet website is an important marketing tool for many non-profit organizations. An organization’s supporters can access a website to obtain information or to make an online donation.  Many non-profit websites allow supporters to interact with one another to share ideas and discuss an organization’s goals and programs.   An organization’s online presence raises new legal issues that require periodic review.  These reviews, often referred to as “website audits,” examine a website and its content, links and policies to determine whether they forward an organization’s goals while minimizing liability exposure.  This article discusses some of the most common issues that are examined in a typical website audit. 

1.               Ownership.  The first question often addressed in a website audit is the ownership of the website itself.  Like other for-profit entities, non-profit organizations often hire third party contractors to build and maintain their online presence.  Many organizations are surprised to hear that, absent a written agreement, the United States Copyright Act vests ownership in the third party contractor.  Care should be taken at the outset of any contracting relationship to ensure that appropriate assignment and “work made for hire” language is inserted into the website development agreement. 

2.               Terms of Service.  Every website should have a Terms of Service that is accessible from every website page.  The Terms of Service is an agreement between a website owner and its users.  It often contains provisions granting users certain rights to use the website and a description of permitted and prohibited uses.  In addition, it often contains provisions that limit an organization’s liability and inform a user of what data is being collected by a website’s servers. 

3.               Copyrights.  A non-profit organization should make sure that proper copyright notices are included on all online materials.  The most common forms of notice are “Copyright, Year, Author” or “© Year, Author”.  The year is the year in which the work was created and may often consist of multiple years.  For example, a website may contain the notice “© 2002, 2003 Author”.  Many websites also contain a variety of third-party information.  A non-profit organization should obtain appropriate licenses prior to uploading any third-party material to its website.  In some cases, using third-party material is “fair use” under the United States Copyright Act.  A non-profit organization should check with outside counsel to ensure that a proposed use is permissible. 

4.               Trademarks.  Many non-profit organizations have registered their trademarks with the United States Patent and Trademark Office.  Registration entitles an organization to utilize the “®” symbol, which should be added to each instance of the trademark on the organization’s website.  It is also good practice to put a trademark notice on the bottom of each page of the website.  Any third-party trademarks should be clearly identified and, depending on the nature of the use, an organization may want to clear the use in advance by contacting the trademark’s owner. 

5.               Linking and Framing.  While it may seem counter-intuitive, many websites have specific policies that restrict or inhibit links from other websites.  An organization should evaluate its external links to ensure that they do not violate any third-party linking policies.  An organization should also examine the way in which it uses third-party linked content, especially when it is incorporated into “frames” or “pop-ups”.  In some cases, these methods may constitute violations of third-party rights. 

6.              Privacy Policies.  Online privacy is one of the most important topics facing website managers.  Indeed, many organizations have employees dedicated to the management and protection of information submitted by customers and consumers. Every organization with a website should have a privacy policy and communicate its terms clearly to its users.  Privacy policies are often included in a website’s Terms of Service (see Section 2 above), although the extent of an organization’s data collection practices may require a separate document to provide a complete explanation.  In some instances, specific privacy laws are implicated in a website’s data collection practices.  For example, the Children’s Online Privacy Protection Act (COPPA) may apply to websites that target children or knowingly collect information from them. 

7.              Right of Publicity.  An organization’s website often contains the names, likenesses or other distinctive characteristics of its sponsors or members in the form of photographs or member lists.  Such uses implicate the “right of publicity,” which must be cleared like other intellectual property rights.  Existing releases should be examined to ensure that they permit online uses and membership applications should be updated to obtain approval for all proposed online uses of information.   

8.               Forums & Message Boards.  While some organizations maintain passive or “one-way” websites, others provide interactive functionality that enable members to communicate with one another and post information online.  Interactive websites increase the potential for liability in many areas, including intellectual property infringement and defamation.  An organization with an interactive website should make sure that its Terms of Service (see Section 2 above) addresses these areas and provides adequate protection for the increased liability exposure.

9.               Disaster Recovery.  Organizations that depend on their website for revenue collection or member support should make sure that they have an adequate disaster recovery plan in the event that their website goes down or their online service provider goes out of business.  For some websites, this is as simple as making off-site backups which can then be uploaded to another provider.  For others, especially those with custom software, additional preparations may be necessary to ensure that a new site can be up and running with minimal downtime.

10.             Insurance.  Many insurance companies now write insurance policies covering many aspects of online liability.  Organizations should reach out to their insurance agents to determine what coverage is available and appropriate based on their online operations. 

It is important to note that the foregoing list is non-exhaustive.  The changing nature of Internet law requires periodic reviews of websites to ensure compliance with new case law, statutes and regulations.  Integrating the website review into existing compliance procedures is the best way to minimize liability exposure.  With proper planning, a website can be an invaluable tool to further the goals of a non-profit organization.