Russ Harvey Consulting - Computer and Internet Services

Web Design Ethics

Responsible e-commerce

Ethical E-commerce | Copyright | Jurisdiction

A shopping card outline using the cord attached to a mouse representing e-commerce.

Protect Your Image on the Internet

There is more than simply “hanging out your shingle” to having a presence on the Web. You need to be sure that you are conveying the right message and that you are not taking shortcuts that will hurt your business's reputation.

This page is focuses primarily on websites and blogs, but the information is pertinent to most business owners.

It also is Canadian-based, so you'll want to determine any specialized rules for your country and the jurisdictions where you do business.

Growing Importance of E-commerce.

Many businesses have been forced to take their web presence seriously because of COVID-19, especially its e-commerce aspects.

There are several security concerns to consider when setting up your site:

Don't Be Labeled a Spammer

You don't want to become identified as a spammer (someone that sends out unsolicited email messages).

An email or phone call offering to “target market” addresses for your business is offering to spam others on your behalf. The consequences can be severe.

Learn how to avoid being either the victim or perpetrator of spam or phishing attacks.

Return to top

Ethical E-commerce

If you have a website and offer an emailed newsletter, update notices or other similar services, you will want to ensure that people are actually wanting your email.

This can take the form of a subscription option on your website or an invitation in an email response to a message originated by the other person.

Opt-In Lists

Be certain that those on your mailing list truly wish to receive the material you're sending. This process is called opt-in.

Allowing Visitors to Choose

Allow your site visitors to choose to receive your emails (whether it is newsletters, special offers or promotional material) by having them check off the information they want. Don't use pre-checked boxes or other forms of “assumed” consent.

Then make it easy to unsubscribe if they change their mind.

Never “unsubscribe” from lists that you didn't subscribe to in the first place.

Confirming Opt-ins

Even with explicit permission, I'd recommend confirming opt-in requests by sending a message to the new address asking them to confirm their intention to subscribe (and not using that address until it is confirmed).

Avoid Annoying Pop-ups

Many sites have pop-up subscribe now notices that appear as soon as the person scrolls that site's content.

While this may improve your enrollment rate, it is annoying and is unlikely to produce a quality prospect. Many such new “subscribers” probably automatically mark your emails as “junk” when they arrive.

Family Lists

While it may be OK to send a single message to your whole family, you might want to check first.

Don't Use “Opt-out

Marketing companies prefer the term “opt-out.”

An opt-out system is different from an opt-in one, in that the people who weren't paying attention will be doing whatever the thing was. Obviously opt-in is far more privacy-friendly.
Jon Callas, EFF

Sneaky & Unethical

“Opt-out” is nothing less than an attempt to sugar-coat junk mail (spam). Is that how you want people to view your business?

Choosing opt-out rather than opt-in sends a strong message that customer privacy isn't important.

Pre-checked consent or failing to get express permission, are both UNETHICAL.

Pre-checking Boxes is NOT Consent

A number of companies use pre-checked boxes beside statements like:

I would like to be notified about product updates and information from our partners.

This “opt-out” practice resulted in an astounding 80% “assent” rate (compared an average of 0.1% response rate in traditional direct mail).

Marketing departments should have known better. They just turned their company into a SPAMMER.

Illegal in Canada

The pre-checking of available options is an unethical sales technique called an “assumed-close” and is illegal in Canada.

By using pre-checked boxes you are forcing the user to take action in order to NOT register.

If you have to pre-check boxes to get decent response that should tell you how “informed” opt-out really is.

Make your company ethical by refusing to use anything but opt-in.

Cookie Opt-Outs Annoying

The use of pop-up cookie notices is similarly offensive.

How many folks do you think would click on:

Please employ all your sleazy tracking cookies and web beacons to track me everywhere I go.

Welcome to the new surveillance economy where people's privacy is the new currency of business.

Data is being collected, processed and sold — all without direct permission from those affected.

Consumer Protection

This is a shady practice, the equivalent of sending products to you without your consent then billing you for them (illegal because the assumption that you could send the products back is inadequate).

Most North American jurisdictions give protection to the consumer — usually in the form of being able to keep the unordered merchandise without making any payment as well as a “cooling off” period for door-to-door sales.

Why should an electronic version be any different?

Marketing Lists

Never purchase a list of email addresses from anyone. Rather than bring you success, this is likely to get you listed as someone with questionable business ethics.

Marketers usually forge the sender's email address (rather than using their own) when making their unsolicited sales pitch. Does that sound ethical to you?

Spammers are Cowards

Spammers only want to deal with the gullible respondents that click on the links in the spam email.

The collateral damage (angry responses to spam emails) is left to the owners of stolen email addresses.

Is that the reputation you want your organization to have?

Hiding Behind False Links

Spammers and scammers often mask the actual destination of clickable links within their messages by making it appear to go to a legitimate address, when in fact it goes to a redirected address.

How Can You Tell?

When hovering over the links in a message, look in the status bar to see the actual destination of the link.

It is easy to mask the actual destination so that a link that appears to be "from your bank" takes you somewhere else.

Even so, I strongly urge you NOT to follow these links. Remember, these sites are built to steal from you: your passwords, your identity and your hard-earned money.

Facebook Obfuscates External Links

Facebook makes a practice of obfuscating the actual destination of advertising links on their site.

Facebook responded to the Cambridge Analytica misuse of user data by delaying and deflecting until the issue cooled down.

Facebook doesn't act ethically and you cannot trust anything they say. Just look at the statements former insiders made to Congress.

Beware of Phishing & Identity Theft

Legitimate companies don't warn you by email that your account is suspended.

Such messages are an attempt to gain access to your account by requesting your user name and password under false pretenses. The threat of account suspension is designed to get you to panic and ignore common sense.

Phishing and Spear Phishing

This is called phishing and leads to identity theft.

A more precise form of identity theft called spear phishing uses your name and often mentions specifics personal to you. Don't be fooled by this attempt to personalize spam.

The spammer has simply looked at what you've posted on social media, blogs and similar sites to personalize the email. They are not your friend.

Don't Follow Links

Never follow a link contained in such an email. Your safest option is to delete the message.

If you must contact the company concerned, type an address you've obtained from a reliable source (a recent invoice or account statement) into the location bar of your browser or contact the company directly by phone (again acquired from a reputable source).

Resources to Help with Spam

Return to top

circled-C copyright symbol

My favorite way of explaining the concept of intellectual property to the illiterate tribesmen I encounter daily is Okay, imagine that all the sheet music in the world burned up in a huge bonfire, and then imagine that they threw on all the CDs. You can still hum the music, right? The music still exists, right? Well, that thing you can't touch, or buy, or break…that is what we own.Why you can't use music on your web site

Copyright is Ownership

Copyright in its simplest terms is ownership.

The Internet has become a huge repository of information. Much of that information is freely available, but is NOT free. It is not in the public domain.

Who Owns the Content?

All text and images you find on the Internet were created by someone. Copyright is retained by the creator unless there are express indications that either the text or the images or both are public domain.

The Internet, just like other mediums, depends upon copyright protection to ensure that content is safe. No matter how noble the intention, the Internet should never be separated from other jurisdictions in terms of copyright protection.

You need to assume that copyright exists unless you see explicit indications that it is not.

Do not assume that because you acquired a work for free, it is in the public domain.
Stanford University Libraries

Verify Creative Commons Licenses

If you wish to share your own content, using a system such as Creative Commons, that is your prerogative and potentially provides a valuable asset to the community.

However, before you include other people's content on your site, be certain of their willingness to share that information.

Don't Steal

Imagine some stranger cashing your pay cheque without your permission.

That is how copyright violation feels to the person whose copyrighted information is used without permission or payment.

If you haven't met the conditions for using something you obtained, even if you didn't pay for it, then you're stealing. This makes you a thief.

Get Permission

If a search for the text or image shows up on a site, don't use the content without meeting the original owner's guidelines for use.

In most cases you'll need express written permission to use that content elsewhere.

Free Images

Sites like Pexels and Unsplash are exceptions.

Registered creators provide access to their works, often without payment or attribution (although providing credit to the photographer and site are always appreciated).

Copyright law can be complex. If you are unsure, consult a lawyer familiar with copyright and trademark law.

Copyright is Automatic

Copyright is the legal term used to convey ownership. In Canada, copyright is automatically awarded to your body of creative work at the time of creation.

Michael Geist's podcast episode 92 has a great discussion about copyright and Canadian journalism with his guest, Senator Paula Simons, a former journalist.

Protect Your Creative Work

Don't be suckered into paying an organization to register your work (a common practice by vanity presses and unethical print-on-demand companies).

If you are creating works you might want to belong to a creator's organization like the Canadian Authors Association to learn more about copyright and other important issues.

The Education System is NOT Exempt

The education system tends to be among the worst offenders when it comes to abusing copyright. (Lawyers are apparently also big offenders.)

According to education systems, creators are supposed to sell their books and articles to other parties, while providing them to schools for free.

These practices have led to a reluctance for authors to produce textbooks, especially those aimed at Canadian children.

Why Should Intellectual Property Be Treated Differently?

Special interest groups have proposed that we should exempt the education system from having to respect copyright, particularly when it comes to information on the Internet.

While it is often argued that the consumption of works of authorship doesn't diminish the remaining supply.

Some people think ideas (and electronic content) can be sold without reducing the value of what's left, but that isn't true.

Would you pay for groceries at your favourite store if the same items were provided for free next door?

You'd be reluctant to pay anything even though the consumption of groceries in the free store wouldn't affect the stock levels in the original store.

Try telling the farmer he can just grow more or the grocery clerk she can always work longer hours.

Balancing the Rights of Owners with the Public Good

There is the need to balance the rights of copyright holders with the public good.

Corporate Copyright Needs a Sunset Law

Eventually, the copyrighted material is placed into the public domain so that all can enjoy it. The time this takes varies by country.

In fairness, copyright law should NOT give companies like Disney a perpetual licence while an individual creator's rights disappear at a specified time after death, denying their estate the same benefits as corporate shareholders.

A sunset law releasing corporate copyright holdings (much like patents on pharmaceuticals) would level the playing field. More content would be released into the public domain and encourage companies to continue their creative efforts.

Copyright Trolls

There are also copyright abuses that break the spirit, if not the letter, of copyright law.

A copyright troll is a party (person or company) that enforces copyrights it owns for purposes of making money through litigation, in a manner considered unduly aggressive or opportunistic, generally without producing or licensing the works it owns for paid distribution.

The rights of those holding legitimate copyright is damaged by copyright trolls (such as Prenda Law) who exploit the system, often illegally:

Copyright is a broken system, biased in favor of copyright owners at the public's expense, prone to harsh punishment and ruinous damages, steeped in the misleading and unhelpful rhetoric of "theft" and "piracy." A system so out of balance is a natural haven for lawsuit abuse.

The public good must be balanced with the value of the effort placed in creating intellectual property, much like patent law.

Patents for NEW Ideas Only

Patents were meant to provide protection for the inventor then to release that new technology into the open market.

There needs to be some accountability by patent offices in what they allow to be patented is truly new and not simply an attempt to lock up an existing practice for financial benefit.

Electronic Blackmail

Sending out threatening notices with cash settlements that are delivered anonymously by ISPs are hard to prove in court, yet many settle in fear of being exposed, especially if the content is porn or a similarly embarrassing content (often implied even if untrue).

[S]tatutory damages are also wielded as a club by entertainment, media, software, and technology companies. They can destroy competitors and dry up investment with mere threats of litigation, giving them veto power over new technologies and emerging artists.

The new NAFTA renegotiations appear to be based upon the exact same demands as the failed TPP Agreement that greatly threatens net neutrality and privacy rules.

Learning More

Learn more about copyright trolls and the frauds they perpetrate:

Obtaining More Information

These sites will give you a greater understanding of the issues and implications of copyright:

Return to top

Jurisdictional Issues

Be aware of some jurisdictional issues when selling online.

Unlike a bricks and mortar business, once you're on the Internet, you can be subject to laws in other countries — even if you don't normally do business there.

The General Data Protection Regulation

The GDPR is a European regulation that defines how personal data should be collected, processed and stored. See Addressing the GDPR (PDF) for more.

How Does It Affect Me?

You are going to be affected if you have content on your site that may embarrass or be inconvenient to others. The Internet is a pretty wide-open arena and, like radio signals, it doesn't stop at a border because the rules change.

What's Legal

In most cases you're going to have to legally be accountable for the laws and general practices within the jurisdiction where your site is hosted as well as where you are doing business.

Specify Jurisdiction

Your site should have a terms of use that clearly states this jurisdiction to avoid the expense of having to defend yourself in another community or another country.

Unfortunately, there is a trend for countries to determine that there is no barriers to their jurisdiction.

I'm sad to see the Canadian Liberal government follow in these footsteps with their current revisions of laws that affect Canadian Internet access Canadian copyright law currently predates the Internet and needs updating, but the current proposals do more for big media company interests than to meet the needs of most Canadians.

Get Legal Advice

If there is any possibility that you are placing material that could get the attention of the authorities, you should consult legal counsel before you put it up.

Personal Data at Risk

There are very broad powers given to governments to force ISPs (web hosts) to give up your personal data (including email correspondence) and to close down your site if they believe you have broken the law.

Unfortunately, various governments have used the threat of terrorism to spy on their own citizens and to sometimes make it difficult or impossible to know the actual rulings or even how they are applied.

Secret Courts

Secret courts and private tribunals may sound like something out of a bad movie plot, but that is exactly what Snowden revealed about the practices used by the NSA (and are used by other governments).

Shadow Regulation

In addition, there are many forms of shadow regulation (deals between companies that regulate your Internet usage) that can cause your domain to suddenly be backwatered or eliminated without notice.

Examples are removing your listings on a search engine or making them fall farther down the results list than would normally happen. A site listed 100 pages into a Google search might as well not exist.

Return to top

Domain Registry of Canada

Do NOT do business with

These companies use unethical business practices to gouge unwary domain owners.

Brown Envelope; Red Maple Leaf

The Domain Registry of Canada's “Domain Name Expiration Notice” comes in a brown envelope with a red maple leaf in the top left corner like those sent out by the government of Canada.

Domain Slamming

These “notices” use an unethical practice called“domain slamming” designed to trick you into moving your domain from your current registrar. They:

They appear to be culling your domain's WHOIS information. I strongly recommend using a privacy company for your domain to protect against such practices.

There is a very small notice at the bottom of the invoice that indicates that payment is voluntary.

Expensive to Fix

Because their fees are so high, you'll pay several times the typical renewal price.

Laws designed to protect against domain slamming may prevent you from moving your domain back immediately.

That move also requires that you pre-pay yet another year.

Related Resources

On this site:

Found this resource useful?
Buy Me A Coffee


Return to top
Updated: December 3, 2023