My favourite definition of "pioneer" is that it is a person in the middle of the prairie with an arrow in the back. Beware of frontiers. There's a lot of loose talk currently about blogs being part of a legal frontier. There's an assumption that the relevant law is stable, and blogs are at the frontier. Actually, both are at the frontier.

The relevant law for bloggers includes intellectual property law and the law affecting marketing, publishing and use of the Internet. Although in law each area is categorised separately, for discussion and simplification purposes for non-lawyers,  we'll refer to all such law as data law, be it data in text, photo, video or other format.

Data law is in flux if you consider the pace of developments. Here are two examples illustrating the change.

• Say you want to use data comprising the name, contact details or photo of a person online. Twenty years ago the legal issues were far fewer. Today, the data law you should consider includes spam law, privacy law, "do not call" lists, and law regulating the use of photos taken of children near a school or workers in a workplace without consent.
• Breach of data law can bite. To cite one example, in April 2005 the Sydney Morning Herald reported that the operator of www.carsales.com.au was fined $6,600 under the Spam Act 2003 (Cth) for sending unsolicited SMS messages promoting a car sales website to mobile phone numbers. The email addresses had been copied from classified advertising in newspapers. 

Summarising so far, in Australia a spider web of data law regulates what a person or company can publish, broadcast, store, disclose, advertise or use. The detail and lack of finessed integration of such laws poses a challenge when advice is needed on the data law of several countries. Resolution of the issues is vital if a company or individual seeks to commercialise a data-based work, by for example:

• publishing the work online via a blog, website, or extranet,
• distributing the  work on a DVD using a distributor who then seeks warranties, eg that no law is breached by the work,
• incorporating into the work the text, video or audio content of others, or
• releasing a mashup MP3 track. 

Despite their complexity, broadly speaking Australia's data laws work remarkably well. There's still a lot of them to consider! Hence a simple legal checklist could be useful. So thinking about the risks of blogging, today I prepared just such a checklist. The 20 questions below are a legal checklist for data. It can be applied to data on a blog, a website, an e-commerce facility, a broadcast email, an extranet or an intranet. Use the checklist when you wish to publish or present data online or when you want to develop an informational or entertainment product requiring a legal opinion. The checklist relates only to law in Australia.  

1. 1. Have you disclosed who you are and your contact details?
1. 2. Do you need a licence for what you are doing online, eg a financial services licence?
2. 3. Are you complying with privacy law requirements regarding the collection, disclosure, use and other dealings with personal information?
3. 4. If you have advertising (eg for alcohol), are you complying with the many regulations affecting them?
4. 5. Are any disclaimers appropriate, and if you have them are they prominent enough?
5. 6. Should you clarify your position regarding any content by including copyright and trade mark notices or credits to authors?
6. 7. Is all content your own or copied with authorisation or permission?
7. 8. Is anything you say defamatory - ie lowering the public's estimation of a person, exposing the person to hatred, contempt or ridicule, or causing the person to be shunned or avoided? (Put simply, in Australia there is no legal right to free speech.)
8. 9. Is a special consent required prior to use, eg photos of a child taken near the child's school?
9. 10. Are your comments in contempt of court? Example: The Guardian reported on 30 August 2006 that the New York Times blocked British visitors to the Website of the Times from accessing a front-page story on a UK terrorism alert. It said the New York Times feared it may be breaching contempt laws in the UK, where it has assets which in the worst case scenario might be seized following prosecution. The story was also pulled in the physical form, the entire British shipment of the paper was cancelled.
10. 11. Is what you offer or do in breach of any relevant industry code of conduct or regulation (eg regarding sexually explicit material or gambling)?
11. 12. Is what you do in breach of any contract, eg a confidentiality obligation or employment contract?
12. 13. Does the site involve photographic or video monitoring of a person in his or her workplace?
13. 14. Are you passing off someone else's brand as your own?
14. 15. Are there any omissions or misrepresentations in the information on your site?
15. 16. Is any order handling and e-commerce payment procedure clear and auditable?
16. 17. Are the terms and conditions for dealings with visitors or users available, prominent and in writing?
17. 18. Are you clear about which transaction records and documents you should or must keep at law, and for how long? Example: Accompanying this checklist is the front page of the US government's 2004 court pleading against Arthur Andersen, the global accounting firm which collapsed shortly after that case began. It was alleged to have not complied with data law due to shredding of Enron Corporation data at one of its offices.
18. 19. Are there security measures in place to minimise abuse or accidental release of sensitive data?
19. 20. Is there a policy, procedure, or training system that should be in place to reduce legal risks?

To apply point 20 for your survival, it is useful to have some core documents. Maintain a procedure manuals for publishing material online or off line. Consider also monitoring employee email with consent, and ensure you have in place proper file archiving procedures. Where appropriate, consider including a privacy policy, terms and conditions of use, and an intellectual property guides for reference by employees.

Point 20 does not stop at creating artefacts that sit idle on a server. Trade practices law, and other law in Australia, increasingly favour those who walk the talk by implementing regular training programs. Your company should plan to build relevant competencies in its people. To survive at the data law frontier the competencies requiring development include knowledge management, document management, workflow improvement, information security administration and awareness of legal obligations and prohibitions.