Websites that have been up and running for a while tend to get tinkered with by well-intentioned marketing and technical staffs. Although businesses should encourage innovation, many common website practices can, if implemented in the wrong way, invite legal problems. Here's a rundown on five common website mistakes.

1. "Guiding" user comments on social networking pages

Websites generally have immunity under Section 230 of the Communications Decency Act for liability for defamatory statements posted by users on social networking pages of a site. However, recent cases have begun to chip away at that immunity in cases where the website has gotten too involved in "shaping" the user-generated content. Too much shaping and a website risks becoming the publisher itself, thereby losing the Section 230 immunity.

2. Testimonials in blogs

Many bloggers are unaware that the Federal Trade Commission (FTC) has guidelines regarding endorsements and testimonials in blogs. In general, the guidelines require that bloggers disclose any material connections between themselves and the products that they are reviewing or discussing. Similarly, if a blog offers a testimonial, it should state whether its results are "representative" of what consumers will experience from using the product. This area is particularly perilous because the FTC has brought very few enforcement actions and, therefore, it is unclear where the agency may seek to draw lines.

3. Not updating the privacy policy

When was the last time your website's privacy policy was updated? How many changes has the site implemented since then? A website's privacy policy should never be set in stone; it should evolve as practices change. Did the site review its privacy policy when it introduced that exciting new data-sharing tool? Did it make changes when implementing a new "just-in-time" notice? Not all changes on the site require revising the privacy policy. But if evolving website practices turn out to conflict with what the privacy policy states, the site could face charges that it is misleading or deceptive.

4. Offering a mobile application without thinking through the data flows

Everyone wants to offer a mobile application these days, often linking to a website. However, questions are beginning to arise about the information that apps collect and the devices on which they appear, who handles it and what happens to that data. Knotty legal problems can emerge where these issues have not been vetted.

5. Copyright infringements

Copyright infringement is as old as the Internet. Federal law governing online copyright violations - the Digital Millennium Copyright Act - has been in place for a decade and the rules are fairly well understood. Nonetheless, pirated material still often appears on websites, posted by users. Websites must maintain their procedures in order to earn the protections of the DMCA "safe harbour". A website that loses its DMCA safe harbour protection due to inattentiveness may face substantial losses.