Ecommerce Law

Is your Website and Online Activity Legal?

Having spent a great deal of money and time creating your website it is imperative that steps are taken to make sure it complies with the latest regulations and guidelines; firstly because it's the law and secondly because your prospective customers will be more likely to trust you and therefore do business with you if you show that you are operating within the law.

If you trade online then you must comply with the following:

  • The Electronic Commerce (EC Directive) Regulations 2002
  • The Consumer Protection (Distance Selling) Regulations 2000 as amended by the Consumer Protection (Distance Selling) (Amendment) Regulations 2005
  • The Data Protection Act 1998

The legislation probably looks more arduous than it really is; in reality the guidelines are relatively straightforward so it is just a case of ensuring that you know what they are and have taken steps to comply. Non-compliance could result in serious connotations, so it is vital that you familiarise yourself with the requirements. Here is an outline of your duties as an online trader:


1. The Electronic Commerce (EC Directive) Regulations 2002

Otherwise known as the Ecommerce Directive, these regulations apply to you if you do business online, or your business communicates via e-mail. They set out, amongst other things, what information you are required to display on your website together with laying down rules as to the conduct of e-mail communications.

The main points that you should note are as follows:

  • You must display the name of your business and your geographic address on your website - a PO Box address is not sufficient
  • If you are a registered company, you should show your company registration number and if you are VAT registered, your VAT number should also appear
  • Where you show pricing, this must be unambiguous and include details of whether VAT, taxes and delivery charges are included
  • You must make your Terms and Conditions available for buyers to view
  • You must acknowledge all orders received
  • If you are a member of a professionally regulated body, institution or recognition scheme then your registration number should be displayed
  • When sending commercial communications by e-mail, whether unsolicited or not, you must ensure they are easily identifiable as a commercial communication; visibly show who the communication is from and make sure that any promotional offer being made is clear and any conditions are made obvious, for example a closing date for a discount offer.

Ecommerce Law

Probably the most important condition of the Ecommerce Directive and one that has recently been the topic of discussion by online traders and business lawyers alike is Article 5(1)(c) which dictates that companies must provide direct, easy and permanent access to the details of the service provider, including an electronic mail address, thus making it possible to make rapid contact and communicate with the supplier in a direct and effective manner.

However, it was recently felt by the European Court of Justice (ECJ) that this 'direct and permanent' means of communication was not sufficiently met by just an e-mail address so they set out that websites must also display either a telephone number or alternatively a web response form that is answered in 30-60 minutes; not by an automated responder, but by a human being.

This move has prompted a great deal of concern across the online business world where traders are picturing the need for 24-hour call centres to handle enquiries within the required timescale. Whilst their aim may well be to protect consumers by ensuring they can contact online providers rapidly, the ECJ has set what is considered a highly impractical task for business owners.

2. The Consumer Protection (Distance Selling) Regulations 2000 amended by the Consumer Protection (Distance Selling) (Amendment) Regulations 2005

These regulations apply to any business that sells to consumers either online or by mail order or telephone and provide clear guidelines with which you must comply, including:

  • The information on the products or services being offered should be unambiguous; for example where it could be assumed that a product is supplied with certain accessories it should be made clear if this is not the case.
  • Information on any additional costs should be made clear, for example the addition of delivery charges, taxes or VAT. An indication of the amount of any additional charges is a safe bet.
  • Written confirmation of an order should always be provided.
  • You must abide by the seven working day "cooling off" period which applies to the sale of most goods (perishable or digital goods are not included). Customers should be informed of their right to cancel their order without charge (other than mailing costs).

3. The Data Protection Act 1998

If as part of your sales and marketing activity you collect information about your customers or visitors to your website, for example names, telephone numbers, e-mail or postal addresses, then no matter what the size of your business, the Data Protection Act applies to you. The main points to note are as follows:

  • You must register with the Information Commissioner, the government official that oversees Data Protection, at a cost of ?35 per year.
  • You have a duty to keep the data secure and if requested by the subjects, you must reveal or delete it.
  • You must tell people what you do with the data that you collect.
  • You must not export the data outside the EC unless you have the subject's consent.

Including a Privacy Statement and Terms of Web Use on your website will help you make your policies, processes and intentions clear to your customers and visitors, and will work towards instilling a good level of trust, something that will enhance your customer's experience in dealing with you.

We use cookies to help provide you with the best possible online experience.
By using this site, you agree that we may store and access cookies on your device. You can find out more and set your own preferences here.