Guest Blogger, rights, compliance, legal
Website Terms of use: Jurisdiction clauses
Thanks to Paul Foley of IIA Member Company McKeever Rowan for the following overview of a case where a company’s website terms of use saved the day.
In providing a service over the internet into other EU countries, from a website hosted in Ireland, an internet service provider will typically want to ensure that if there is a dispute with a user of the service, that the dispute can be litigated in Ireland.
Photo owned by walknboston (cc)
The Brussels Regulation (which determines which courts have jurisdiction in civil and commercial disputes between companies and individuals) at article 2 provides (subject to some exceptions including that set out in article 23) that a person (legal or natural) may only be sued in the member state in which he or she is domiciled.
Billigfluege.de Gmbh ( “defendant”) a German service provider was engaged in screen scraping of Ryanair’s web site, (gathering flight data from the Ryanair site and reproducing it on their price comparison site and selling it for a fee) a practice which Ryanair alleged was in breach of the site’s terms of use, clearly accessible through a hyperlink on the front page of Ryanair’s website.
One of the terms of use (clause 7) provided that the courts of Ireland were to have exclusive jurisdiction in any dispute involving the terms of use. This was consistent with article 23 of the Brussels Regulation, which allows as an exception to article 2 for parties to a contract to agree that a particular EU member state court would have jurisdiction in the event of a dispute.
Ryanair took proceedings for breach (under a number of headings) of their terms of use in the Irish High Court against the defendant.
The defendant argued that Ryanair’s terms of use could not form the basis of a contract because all of the traditional features of a legally binding contract were absent including that there was no consideration and accordingly Ryanair could not rely on article 23.
One of the issues that a previous decision of the European court of justice had argued, was that an EU member state court could have exclusive jurisdiction where there was a validly concluded jurisdiction clause, even where there was a dispute as to the validity of the agreement in which the clause was included.
In a decision of the Irish High Court (which is the subject of an appeal to the Irish Supreme Court, which is imminent), the judge decided that i) the Ryanair terms of use had been fairly brought to the attention of defendant (they were clearly accessible through a link on the front page of the site ); ii) the provision of information by Ryanair through their terms of use policy, which offer of information was accepted by the defendant when accessing the site and lifting the information, constituted valid consideration; and iii) the defendants had used the site and made a profit on the information obtained and by doing so had clearly assented to the terms of use. Accordingly the judge found that the exclusive jurisdiction clause in the terms of use had contractual effect and that the Irish courts had authority to determine the dispute. The judge did not go so far as to declare the remainder of the terms of use legally valid.
The judgement provides some encouragement to web site owners, that if their web site terms are sufficiently well drafted (including incorporating a home state jurisdiction clause), and are brought properly to the attention of site users, that the onerous provision of article 2 of the Brussels Regulation can be avoided and home state jurisdiction maintained. It remains to be seen whether the Supreme Court will uphold this decision.
public policy, Web 2.0, data protection, privacy, rights
Where everybody knows your name
Although the Darklight Symposia weren’t quite like the bar in Cheers where everybody knows your name, there was a lot of familiar names and faces at this event. A good sign for Darklight because it means that they touched a chord with the topics they chose and also attracted a respected panellists. I attended the first symposium of the day “Letting it all hang out: Privacy vs. Publicity in the Virtual World” and caught the very end of the second “Web 3.0: Where next for the Internet”. Brendan Hughes, chair of the IIA Social Media Working Group gives a good overview of the topics on his own blog. The festival continued in venues around Dublin all weekend.
I was particularly interested in the first symposium they ran this morning. Regular readers might recall that I was at another seminar last month about privacy in the Institute of International and European Affairs. While the two audiences were very different (Peter Fleischer from Google would not have been making jokes about Google employees non-tie-wearing* at today’s event, let me encapsulate it like that!) they had many of the same concerns albeit from a different angle. There was a strong sense of “us” and “them” to many of the comments from the floor. “Us” seemed to refer to the private citizen and “them” to anyone who wasn’t; but even “them” is made up of private citizens who have rights too; among them a right to earn a living. Also “them” variously referred to businesses and government: businesses who are retaining data about those using their services; governments using that data to for crime-fighting purposes. However there was little acknowledgement of the fact that those companies were generally obliged by those governments to keep that information but also to protect it. And where does the government get the mandate to oblige those companies to keep AND to protect it? From this “us”. However it would be disingenuous not to acknowledge that many of the concerns in the room were about the lack of disclosure about and access to exactly what information certain larger internet companies are retaining about individuals and their use of their services.
Businesses are, of course, not without their influence when it comes to data-protection policies. Involvement in bodies like the IIA allows businesses to come together and debate these issues and present a united view to the government. It is also essential that businesses remain aware of their obligations under data protection and privacy legislation and the IIA hopes to keep businesses abreast of these issues.
The keynote speaker was Daniel J. Solove, Associate Professor of law at the George Washington University Law School, and the author of “The Digital Person: Technology and Privacy In The Information Age”. This book can be downloaded for free from www.futureofreputation.com Chaired by solicitor and digital rights expert Caroline Campbell, the panel included journalist Jim Carroll, Hotline.ie director Cormac Callanan, Relevant Media owner Niall Larkin and Irish blogger Damien Mulley. The audience was made up of a mix of bloggers, developers, researchers, consultants and policy makers.
* Tie-wearing: I recall being irked at the IIEA seminar because Fleischer made a flip comment about how he could spot his Google colleagues a mile off because they were always the ones not wearing ties. This annoyed me because I had spoken to one of his colleagues earlier and SHE was most definitely not wearing a tie and probably never does. Similarly Annette Clancy from Inter-Actions, who I was sitting beside at the Darklight symposium on Friday, made a point from the floor that there were no women (bar the chair) on the panel on Friday and this was the case in both of the sessions. Working for an organisation that is constantly seeking good speakers and presenters for a variety of event types I understand the Darklight’s conundrum when they approach people and some of them are unavailable and unfortunately that effects the gender balance on their panel. Similarly I appreciate the viewpoint that to deliberately seek women because they are women could be just as sexist as not having women at all. However I do tend more to the side that it is essential that all aspects of a question are discussed. Women experience and use technology differently and for different purposes to men. I’m sure there’s research to back this up and would appreciate any links to same. Annette said to me later that one issue that was not discussed, and she feels, that this was due to the lack of women on the panel, was the issue of privacy and cyber-stalking. While this may not be solely experienced by women, if virtual life reflects real life chances are the majority of its victims are women.
Is the virtual life experience of women and their absence from some fora a reflection of the real life experience of women in technology and business? Why are the women unavailable? Where is the brave new world that the internet promises to all of us?