Jim,
First, tell the company lawyer to get additional counsel from someone versed in the legalities of this. If you're looking for real protection then you want a "signature" not a checkbox. That does not mean you need a pen-and-paper signature, but they (the user) needs to do something to "sign" the agreement. Clinton signed a law that states that a signature cannot be challenged solely on the fact that it's electronic (Electronic Signatures in Commerce Act, IIRC).
I would certainly capture the remote IP address, and it can't hurt to capture the exact text they're agreeing to. Text changes over time, this way you can say "This was exactly what you read" after all disk is cheap.
Also, if customers sign in to the system, are there many repeat customers? Would it be possible/advisable to get an initial _paper_ signature from the customer stating that they agree to use electronic signatures for all transactions moving forward. I know, for example, that if you wish to submit e-signatures to the FDA you must first have sent them a paper document stating that you plan to do this. If you're dealing with lots of one-off customers that's not very feasible, but if you're dealing with many repeats it is.
Finally, if the company lawyer is asking for "better proof" ask HIM/HER to define that proof. You don't want to be the one blamed at a later point when the proof you recorded isn't sufficient.
-Walden
--
Walden H Leverich III
Tech Software
(516) 627-3800 x3051
WaldenL@xxxxxxxxxxxxxxx <mailto:WaldenL@xxxxxxxxxxxxxxx>
http://www.TechSoftInc.com <
http://www.techsoftinc.com/>
Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.)
________________________________
From: web400-bounces@xxxxxxxxxxxx on behalf of Jim Franz
Sent: Fri 03-Jul-09 3:29 PM
To: WEB400@xxxxxxxxxxxx
Subject: [WEB400] Proof of accepting web orders from customers
Co lawyer has asked for some sort of "proof" the customer clicked on the "I Accept" button on the web screen to place an order.
That screen has 8 lines of legal text, so when they click to place order they are accepting the conditions of the text.
What do people normally keep to later prove the customer did place the
order with that text?
I already capture things like date, time, user id (not a public site-customer's log in), but do I need a picture of the screen as it appeared?
Do I need ip address that I see on some web receipts?
Approx 2500 orders a month and they do already keep a one page order report with details of the order, but it is just text.
This is not selling a product, but selling a service (construction liens and notice to owner), and there can be big lawsuits if the service is faulty, the legal text caps the liability.
Jim Franz
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/web400.
midrange.com
