print letterhead

E-Business, Privacy & Data Security


All businesses today look to the Internet to expand their customer base, explore new distribution channels, integrate new technologies, and increase productivity. We provide legal counsel and advice to clients who commercialize disruptive edge technologies in all aspects of electronic commerce and web-based technology and services, whether in the form of established global companies, innovative start-up companies, or somewhere in between. Our experience in representing client across business-to-business and business-to-consumer online commerce enables us to represent clients who already operate online retailing platforms or want to develop the means to conduct wholesale, distributor, and supply relationships from an online platform.

We regularly advise clients and litigate issues involving domain names and trademark piracy, intentionally misspelled domain names, the use of metatags and keywords by competitors, and related trademark issues. We collaborate across our firm to help overcome the unique challenges of doing business over the Internet. Our lawyers remain current on the intersection of evolving technologies applicable to electronic commerce and the law.  Many have practical experience in analysis and design, programming, configuration management, testing and quality assurance, and product/project management—all of which helps us to counsel clients through the legal challenges facing online businesses.

Privacy & Data Security

Identifying, protecting, and enforcing rights in personal data and intellectual property (IP) is critical in the e-business environment. We routinely work with clients to implement strong contractual frameworks and relationships to maximize the client’s objectives while managing the legal risk. This means understanding the legal and practical benefits and drawbacks of doing digital business in the context of various jurisdictions, governmental regulations, warranty and liability issues, limitations on disclaimers, liability limits and non-competition provisions, tax implications, and effective  means of protecting and enforcing patents, copyrights, and trademarks.

We also advise clients to look inward, establishing and enforcing policies regarding use of company resources, such as on-site and remote equipment, software, smartphones, the company email system, Internet usage, participation in bulletin boards, blogging, and the ongoing challenge of maintaining confidentiality. We encourage clients to use available technology for company stores, to inform employees and new hires of existing and updated company policies and rules, and to develop training programs on human resources issues, sales techniques, product updates, and technology readily available to employees.

A few examples of our diverse experience include, but are not limited to, legal counsel and advice regarding:

  • online marketing, licensing, and advertising with service providers, partners, and independent contractors;
  • proper data collection methods and analysis;
  • social media analytics and integration;
  • data back-up, including cloud-based solutions;
  • online contracting and the Uniform Electronic Transactions and Computer Information Transactions Acts;
  • electronic signatures, public key infrastructure, and the various Digital Signatures Acts;
  • creating strong legal terms, service level commitments, and data security requirements for hosting and application service provider agreements;
  • developing and enforcing meaningful website terms of use, acceptable use policies, privacy statements, and legal disclaimers;
  • performing periodic audits of client websites to ensure continued compliance with industry regulations, such as those in banking and insurance; and
  • Payment Card Industry (PCI) Data Security Standards.

Customer information is one of a company’s most valuable assets. However, with the loss of just one computer, a company can find itself mired in a morass of data security and privacy regulations, incurring many thousands of dollars in unbudgeted sums, the wrath of its customers, and significant—if not fatal—damage to its reputation and good will. Consumer and legislative focus on this high-profile issue necessitates that businesses understand and comply with numerous complex U.S. and international laws governing data security and privacy. Few businesses exist that may not be subject to laws such as the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, the Health Insurance Portability and Accountability Act, and the European Union General Data Protection Regulation, not to mention the requirements of the more than 100 data protection authorities around the globe.

Miles & Stockbridge lawyers understand and advise clients regarding the varying legal issues involved in handling information, including data collection, data access and security, data storage, data sharing, and data transfer. Clients often find themselves addressing the issue for the first time after a breach has occurred. With our assistance, clients are able to formulate a response (both from a public relations and technological perspective), deal with the regulatory requirements, and develop and implement response procedures for the future.

We provide the most effective legal services when we are able to assess clients’ information collection and sharing practices prior to a breach. Through an assessment, we can educate and train clients regarding privacy basics, identify areas of risk, assist clients in development and implementation of policies relative to their information collection and privacy practices, and provide appropriate contract terms for data sharing—i.e., for marketing and advertising campaigns—as well as service providers who may access client data while providing services to the client.