A clickwrap agreement, often referred to as a "click-through agreement," is a type of online contract used by companies to establish terms and conditions for their digital services, products, or websites. These agreements typically require users to click a button or check a box to indicate their acceptance of the terms and conditions before they can proceed with the desired action, such as creating an account, making a purchase, or using a service.
Under the E-Sign Act, clickwrap agreements are recognized as legally binding contracts. To ensure that these agreements are enforceable, the act lays out specific requirements, such as:
Intent to Sign: The person electronically signing the document must have the intent to sign it. This means that they must knowingly and willingly indicate their agreement or acceptance of the terms within the document.
From a UI perspective, putting the acceptance language & action above the call-to-action such as “signup” increases the user intent.
Consent: Users must provide their clear and unambiguous consent to the terms and conditions. This consent is usually obtained through the act of clicking a button or checking a box, which signifies agreement.
Accessibility: The agreement must be easily accessible to users before they agree to it. This means that the terms and conditions should be readily available for review before the user takes any action that demonstrates their consent.
Retainability: The E-Sign Act mandates that the clickwrap agreement and any associated records must be capable of being retained in a format that is accessible to all parties involved. This ensures that the terms and conditions can be referenced in the future if needed.
By meeting these requirements, companies can ensure that their clickwrap agreements are legally valid and enforceable, thus protecting both their interests and those of their users.
The various pieces of evidence listed below help to corroborate a user’s acceptance.
ToughClicks captures all of these pieces on your behalf.
Timestamps: Recording the exact date and time when a user accepted the clickwrap agreement is crucial. This timestamp can demonstrate that the user agreed to the terms at a specific moment.
User Identifier: Storing a unique identifier for the user, such as their username, email address, or account number, can help link the acceptance to a specific individual. This can be important when identifying the party to the agreement.
IP Address: Collecting the user's IP address at the time of acceptance can provide information about the user's location, which can be relevant in legal proceedings, especially in cases where the user's physical location is significant.
Device Information: Maintaining data on the user's device, including the device type, browser, and operating system, can support the claim that the agreement was accepted from a particular device.
Session Records: Keeping records of the user's session, including details of their interactions with the website or application leading up to the acceptance, can help provide context and sequence of events.
User Agent Information: Storing user agent information, which includes the browser's user agent string, can be helpful for verifying the user's identity and the technology they used to access the agreement.
Audit Trail: Maintaining an audit trail or log that tracks all relevant actions taken by the user, such as viewing the terms, scrolling through the agreement, and clicking the acceptance button, can be compelling evidence.
Authentication and Authorization Records: If the clickwrap agreement is part of a user account creation or login process, records of user authentication and authorization can be important to demonstrate that the user in question had the authority to accept the terms.
Version Control: Keeping records of the specific version of the agreement that was presented to the user at the time of acceptance can be essential to ensure that the terms being enforced are the terms the user actually accepted.
Notification Records: If the user was sent a notification or confirmation email after accepting the agreement, records of these notifications can corroborate the acceptance.
Consent Language: It can be beneficial to store the actual language of the terms and conditions presented to the user at the time of acceptance. This can help prove that the user had the opportunity to review specific terms.
Record Retention Compliance: Ensuring that all of the above information is retained in compliance with relevant legal requirements and data retention policies is crucial to demonstrate the integrity and authenticity of the metadata.
Navigation