Business Lessons from the Facebook Terms of Use Mess

Just over a month ago, and all in the span of a single week, Facebook.com announced a set of drastic changes to its Terms and Conditions, a massive revolt ensued, and just as quickly as it all started, Facebook retreated. As the dust settled, many great legal analyses of the events quickly made their way to the web, including one by a favorite Internet lawyer of mine, Eric Goldman. For the most part, everything that there is to be said about this episode from a legal perspective has been said: Facebook’s changes were unnecessary and over-reaching, their initial response was a joke, and everyone who told them so was proven right by Facebook’s ultimate backing off. But as Facebook begins re-drafting their terms, this time with the input of their community, it is a great time to consider what business lessons may be gleaned from Facebook’s recent experience.

Terms and conditions for websites have an interesting but short history. Such things were not commonly needed until use of the web became popular among average consumers in roughly the first half of the 1990s. Further, things did not get particularly tricky for drafters of such terms and conditions until the appearance of highly dynamic web services. Users began contributing data as a major feature of sites, and, ultimately, just about every kind of commerce or social activity transpiring in the real world could be found online. As things stand now, the terms and conditions of a website might ultimately be the single most important legal document that a company has drafted—certainly could be strongly argued for user generated content sites such as Flickr or YouTube, and by extension Facebook, which offers many similar functions as those sites.

As terms and conditions have become more complicated and increasingly vital to the value structure of companies, another phenomenon has been simultaneously brewing: consumers are more informed and smarter about legal issues that effect them. From the by-the-second blogging of the now infamous SCO/Linux lawsuits at Groklaw.com to the rise of the site that “broke” the Facebook Terms of Use story, Consumerist.com, it is very clear that consumer-facing legal documents face much higher scrutiny now than ever before.

From one perspective, the unnamed lawyer that drafted Facebook’s now defunct amendments was doing precisely the right thing—changing an agreement to give even greater rights to her client (i.e. Facebook). But the reality is that even if Facebook was within its legal rights to make the changes that it did (this point is up for debate, but we’ll give them the benefit of the doubt for the sake of argument), it was clearly not the right business move. So what was? And what is the right move for web services that may be drafting their first ever terms of use and expecting to utilize user generated content?

The answer for Facebook, or for any other web company, is not to simply weaken their terms of use to the point that no user would ever object. Rather, the answer is to craft terms of use that strike a reasonable balance between the broad rights a company would like to have if they were operating in a vacuum and the much more specific set of rights needed to actually operate a site on the day the terms of use are drafted. The idea, of course, is that the middle ground will safely protect the author company’s rights in view of projected expansion in scope, functionality, or business model. The key in drafting such a document is making sure that the terms writer has a very clear understanding of the business of the company , including the specific operation of the technology employed to conduct that business. An increasingly useful mantra that I try to instill in my clients is that the more their business model depends on content or activity of users to create value, then the more likely it is that those customers will read and try to understand your terms of use; accordingly, the more important it is that you draft terms with the expectation that it will receive and withstand such scrutiny.

A corollary to the foregoing is that changes made to terms of use mid-stream should be made with particular care. In the recent Facebook situation, what is most curious is that the land grab for rights would occur apparently without such concern. The attempts by Facebook to justify their changes by general platitudes along the lines of “we need these rights to operate” makes one wonder why they thought their old terms of use was so deficient. Alas, the protestations of Mark Zuckerberg that we simply ought to trust him did not pass the smell test, nor would similarly vague justifications be useful in justifying a company’s overbearing grant of rights to itself.

The lessons here are:

Take your website terms and conditions seriously, and recognize that they should be tailored to the specific operation and needs of your business. Slapping in the most egregious version you (or your lawyer) can find from some behemoth company’s website is probably going to cause headaches.

If you wish to change your terms and conditions in a material and adverse way (as respects your users), consider the messaging that will accompany such changes and be prepared to justify them—both you and your counsel should believe in the necessity of such changes. Assume that users will actually read your terms of use (and that they will do so with the assumption that you are trying to screw them).

Although not discussed in this article, privacy policies for websites taking in user data are also extremely important to get right. Many states, including Massachusetts, have rapidly evolving laws concerning the protection of personalized data, so keeping on top is not easy. Just like rights grants or other important provisions in a terms of use, privacy policies must be carefully drafted to ensure that everything you want or need to do is permitted, while avoiding the “land grab” approach of taking everything you can from your users.