Search engines may have your website in top position but there are legal aspects for site Owners to consider – security, disabled access, copyright, spam email and viruses.

With the growth of e-business in Australia there looms a new era of legal obligation and litigation for Internet users and Website owners.

Security of information and secure record keeping
Under the Privacy Act in Australia and similar Acts overseas, personal information collected must be held securely.
The protection of *credit card details provided for a purchase if disclosed to others through less than lustrous security is clearly the responsibility of the recipient of such information. This information can be stolen through a physical theft of a computer or through hacking into the computer. Either way if it could be shown that the information wasn’t being held securely – ie poor building security or software to prevent hackers – then watch out.
On the disposal of a computer be sure to have a competent expert reformat the hard drive to remove all records or better still remove the hard drive from the computer and destroy it.
(The deletion of information from the computer's hard drive removes the index however software, that doesn't require a great deal of expertise, is commonly available to recreate those files).
*Credit card details in particular should be removed from your computer and stored securely.
If your customer has advised you of credit card detail by email do not inadvertently resend the card details to the sender in your reply.
The most common cause of identity theft occurs because hard copies of records are not disposed of securely.
We have a link to the Federal Government Privacy Commissioner's website on our Useful Links page.

Offer a secure payment option
Your customers will appreciate a secure payment option facility on your site – it can mean getting the order or losing it !

Spam E-mail
New anti-spam laws came into effect in Australia on 11 April 2004 requiring all Australian businesses to gain the prior consent of the recipient.

The Act requires the sender to be clearly identified in their email and to include within their email, an unsubscribe or "opt out" option.

Whilst spam traps are on offer to arrest junk mail, our experience is that genuine messages can be filtered out (18.7% of legitimate emails were filtered out in 2003). However if your spam email has you at wit's end, then maybe a spam filter is worth a try.
( Here is a valuable tip - when sending email give careful consideration to the message in your subject line. Make reference to the topic of the email in order that it will be recognised by the recipient and entice them to open it rather than trash your message.
Obvious words include free, sex and viagra but there are many other words you should be aware of and if you search Google for "email spam filter words" you will find dozens of words that may cause your email to finish in the spam trash folder).

The change to leglislation in Australia will sadly have little, or no, effect on overseas email spam.

Our serious advice to spam recipients is never open spam email (and as we mention elsewhere never reply). Secret HTML code can be embedded in the message which alerts the sender that your email address is alive and well following which you will be deluged by junk mail.

In October 2006 an Australian company (Clarity 1) was fined AU$4.5 million for sending unsolicited emails. Can your company afford such fines?

Your well meaning staff may send SMS messages or emails however you will pay the fine if caught.

Business operators should be aware that in October 2007 the regulatory authority (Dept Communications) is looking at banning unsolicited business facsimile transmission. It is likely that faxes will also be included in the prohibition so our advice is stay aware of possible changes to the regulations.

Copyright
If you own a Website are you certain that those great images and the wonderful text that your Webmaster has put up for you, are not protected by Copyright? Often the use of images or other material only requires a request to the Owner – more often than not they will consent but they may ask you to give credit to the Authorship as a condition of use.

The consent must be in writing and specific use mentioned - just because the owner gives consent to use their material on your Website doesn't mean you can reproduce it in printed form. If it is your intention to use a copyrighted image in brochures, or other printed media, you should request consent for that use, along with your Web site.

As the web develops the use of videos and sound will become more common and obviously copyright equally applies.

We have provided a link from our Useful Links page to a website that traces plagiarised text in websites.

Google and Overture to be sued by Geico, a major American Insurance Company over the use of their Trademark. In September 04, a major insurance company in the US was given the right in court to sue both Google, and also Overture because they used the Geico trademark without consent.

If you knowingly use a registered trademark or tradename you may also be in this position.

To use an opposition's business name to draw their customers to your Website is bordering on economic suicide.

A recent warning from ACCC - If you subscribe to sponsored links take note of a recent warning issued by the Australian Competition and Consumer Commission. If you elect to buy a sponsored link and use a keyword, or keywords, that include a competitor's business name or registered trademark to help searchers find your Web site, you may be guilty of misleading conduct under Section 52 of the Trade Practices Act 1974 (Australian Commonwealth Government).

Web Site access for disabled
Under the World Wide Web Consortium, ( W3C ), who write the guidelines for the operation of the www, many websites must be user friendly for disabled people. We have provided a link on our Links page to their Website in which the problems of WAI (Web Accessibility Initiative) are addressed.
It is conceivable that a disabled person who is unsuccessful in accessing information in a Website or completing a form on a Website will be able to take action against the site Owners.
Such a complaint may be from a simple request in your webpages to a colour-blind person to “check” the green box.
One in twelve males in Australia and one in two hundred females are colour blind.
As well as extending a helping hand to the many millions of disabled people worldwide who are unable to access websites, remember that their discretionary income runs into billions of dollars.
Many Governmental websites in Australia fail the test for disabled users and it is only a matter of time before someone (or a group) commences an action similar to that taken against the Australian Olympic 2000 site.

Forms in Web sites
As a courtesy to site visitors who use a form to send you email messages it is good practice to enable that form to send a copy of the message to the sender as a record of their message of which they will otherwise have no copy.

Register business name to protect your URL
Just because you have a web address, which is also known as a URL or as the bare name (which is the URL without the http:www which is called the Domain name), does not mean that the use of that URL can not be challenged, which could lead to that URL being taken off you. The www.daydreamisland.com case* is worth studying to understand the cyber-squatting aspect of a Website address – (*Domain Name Dispute Resolution case AF-0586). As a starting point in securing the URL, a Registered Business Name should be put in place.

Viruses
Attachments to your Emails may contain viruses. In the event that a recipient contracts a virus through your Email attachment you may face a damages claim – the need therefore to maintain efficient virus scanning software goes without saying and furthermore that software should be kept up to date. Some virus scanning software programmes are unable to detect a virus in attachments, which are written in HTML making it possible to contract a virus without being aware.
The maintenance of efficient firewall security on your system will minimise hacker’s attempts to access your computer records. Virus scanning programmes do not contain critical updates and browser vulnerability security for your operating system. It is essential to up date your operating system regularly to minimise hacker attacks on your computer. Your operating system can be set to advise you automatically of critical updates and available patches as and when they are released.

Virus advice.
Recipients of supposedly undeliverable Emails, (which are in fact new Emails) may be curious to learn of the content of which they will be unfamiliar.
Perhaps they believe that they initiated the Email and as so it must be virus free.
In opening the attachment accompanying their supposed undeliverable mail the virus is activated.
It is apparent that cyber terrorists have invented a new method of spreading viruses.

Take care of Emails, supposedly providing Website statistics for Webmasters, because they may also have an attachment which contains a virus.

Urgent notice to Internet banking customers 31 Jan 2008
Fraud is now more prevalent than ever with emails being sent randomly, supposedly from your bank. Whilst many emails reach customers who don't keep an account with that bank, there are many recipients who do.
The latest letter, on official looking letterhead, logo and all, advises customers that a payment from their account has been stopped and that they have 2 options - to acknowledge that the transaction was genuine or that it wasn't. Problem is when either button is pressed a Trojan Horse is let loose in your computer enabling the hacker to read your files.
And yet another 26 February 2008 Again on official looking letterhead this latest message informs recipients that their online banking facility is about to expire and encourages recipients to click the button to renew their Internet banking facility - again this will import the Trojan into your computer.
So cunning are these hackers that they are placing software in your computer to prevent others from launching spyware that may compromise their own spyware.
The banks are keeping very quite and simply refund any monies if the customer can prove it was fraud however the Police are not being advised by the banks and are mostly unaware of the fraud having been perpetrated.
In our view it isn't really up to the banks to keep these crimes hidden and there needs to be a compulsory reporting in order that our law enforcers can get on top of these criminals.

Notice to computer banking users 5 April 2004
AusCERT (Australian Computer Emergency Response Team) today issued an urgent notice to banking customers using the Internet. It was previously thought that typing in the password to activate Internet banking, provided customers with excellent security as opposed to leaving the password in the computer. Apparently this is not now the case. Hackers are now able to record the keystrokes used to steal the password and access the users bank account.
Initiated by opening an attachment with emails, supposedly from a bank seeking updates about your account, the Trojan Horse, (yes just like the invasion of Troy), alerts hackers to your computers use.
(The Trojan Horse is often wrongly called the Trojan virus which is inaccurate in that it doesn't replicate itself).

In January 2007 a new threat emerged - the Storm Worm. The outbreak was followed by another serious outbreak in August 07.
An email message advises that you have a greeting card and whilst you are no doubt aware that opening attachments to emails is taboo, there is no attachment to the "greeting card" email message. Rather the recipient is invited to visit a Web site wherein their supposed greeting is available.
This Web site actually contains malicious Trojan Horse code that can give others access to your computer's files.
You may be surprised to hear that even world leading anti-virus software, that boasts to check your machine for malware - DOESN'T.
We advise strongly that a specific malware software be installed and Spybot Search and Destroy, which is freeware, from our observations seems to be among the best. Just as with any software be aware of conflict with any other pre-installed software.

You'll probably get a shock when you first run a spy bot / malware detection software as to the number of problems that your "super-duper world leading anti-virus software" have missed!!!

Firewalls - As you know are essential however your operating system may provide a firewall in addition to your anti-virus software but be aware you CANNOT have both configured at the same time because they will conflict with one another.

Telephone Internet banking may seemingly offer users security however identity theft through the recording of your phone line sending tone signals can equally provide thieves with your bank's access codes.

Your antivirus scanning software will NOT protect you from such problems.

Radiation danger from monitors - Non LCD monitor users or should we say specifically those sitting directly behind conventional monitors (as apposed to sitting facing the screen) face a far higher dose of RADS (Radiation) than the actual users.

Many Governmental departments, aware of this danger are now configuring their work places to minimise this risk by placing no one behind any monitors.

Fire danger from monitors - A traditional monitor can easily catch fire when unattended and even LCD's can cause a fire if they fall face down and create heat under the screen (as they may be prone to do because of their shallow base). So whether using a conventional monitor or an LCD screen be aware of the inherrent fire risk in leaving the monitor on when you shut down your operating system.

The solution is to turn off the monitor and as well as saving on power bills - future TV's around the world will not permit standby screens to simply save the viewers a short wait to have their screen light up.

Wireless communication, Wi-Fi - a hackers dream.
Modern Modern office buildings are being constructed without wiring for telecommunications with computer connections made through radio waves which replace traditional wires/optic fibre.
Radio waves however are not contained within the walls of the building.
A wireless computer user within several hundred feet of another wireless connected computer will find it simple to hack into that computer and look at what ever files they wish (** See note).
The prospect of enjoying that cup of coffee in a coffee shop while catching up on emails on a wireless connection looks as though it is over before it began unless more security is made available in the future.
**Encryption software (that scrambles the information for everyone except the authorised user) will maximixe your security but from our observations very few Australian companies are currently using this technology.
Our suggestion until security issues are resolved is don't use a wireless connected computer in which important or private information is stored.
Building developers and Architects should provide clients with this information.
This will avoid the cost of client's installing cable connection at greater expense once a building has been completed.

Cordless phones
Many of our readers may still be using cordless phones operating on a analogue signal, that enabled anyone driving around the streets to keep trying until they got a dial tone then bingo they were using your phone service. Newer digital technology has provided improved security for cordless phones so perhaps you may like to consider updating your old anologue cordless phone for a digital.
The reason we raise this issue is because the older technology does not encrypt the call so if you call to obtain a credit card number, anyone listening in also knows that number.

Australian E-Business legal resource
Additional information about doing business on-line in Australia can be found at the Oz NetLaw Website which has a link from our Links page.

Oz NetLaw is part of the Communications Law Centre, a non-profit research, policy and educational organisation specialising in media, communications and online law.