Professional Documents
Culture Documents
Stephen Howells
21 January 2015 20:46
There are many worldwide and country specific rules, regulations and laws that govern how websites and in
particular ecommerce enabled website should be presented, work and what content should feature on them.
This is a quick guide to the main issues which effect ecommerce businesses using shopping cartsoftware.
This is in no way a complete guide and you should always seek proper legal advice from professionals if you
are unsure about any legal issues with your website or online shop.
In the UK if you are running an ecommerce enabled website there are three major acts and directives that
you must comply with. These acts and directives are
We have covered the basics of each of these acts and directives below along with contact information
should you wish to learn more about them.
Data Protection
(a) You must register under the Data Protection Act if you collect any kind of information about people, these
could be your customers, employees or potential customers. This information includes names, addresses,
telephone numbers and email addresses.
(b) You must state what you do and intend to do with your subject's data and not deviate from that
statement.
(c) The Act is applies to any size of business.
(d) You must not export the personal data outside the EC (European Community) without permission from
the people you are collecting data on.
(e) You must ensure that all information is held securely and must be revealed or deleted upon request from
the subjects of the information.
(f) You must only record data which is pertinent to your prime business needs.
For more information see: The Data Protection Act 1998
The Consumer Protection (Distance Selling) Regulations 2000 apply to many ecommerce websites.
However, they are not applicable to 'business-to-business' transactions.
(a) You must provide clear information about your products and services before purchase.
(b) You must be clear about postage and packing costs and whether VAT or any other tax is included in the
prices shown on your website.
(c) You must provide a written confirmation of order following purchase, for example a confirmation email.
(d) You must allow a "cooling off" period where by the customer can change their mind and cancel or return
the order within 7 working days for most goods. Certain exclusions do apply with items such as perishable
and digital goods.
(e) You must inform your customers of their right to cancel their order with no loss other than return postage
and packing.
For more information see: The Consumer Protection (Distance Selling) Regulations 2000
Ecommerce Directive
(a) You must display the name of your business, the company registration number (or proprietor's name),
geographical address (not a PO Box number), contact information e.g., telephone number and email
address, VAT registration number (if registered).
(b) You may refer to trade or professional schemes if applicable.
(c) You must provide clear information on price, tax and delivery to buyers.
(d) You must clearly display your site's Terms and Conditions.
(e) You must acknowledge all orders.
(f) In commercial communication with your customers, you must clearly identify any electronic
communication designed to promote your goods or services.
(g) You must clearly identify the sender of all electronic communication.
(h) You must clearly define any promotional offers and the qualifying conditions regarding these offers.
(i) If you send unsolicited emails, you must clearly identify them as unsolicited.
For more information see: The Electronic Commerce (EC Directive) Regulations 2002
(b) You can 'assume' consent has been given for your site to use cookies, as long as the above point has
been carried out (clear and prominent information made available to visitors, on the cookies used by your
site).
(c) Cookies used for functional purposes do not require consent. Cookies used by ekmPowershop.com for
instance, which make the cart and other aspects work properly do not require consent/opt in.
companies in India has already become very stringent and many foreign and Indian companies
and websites have been prosecuted in India for non exercise of cyber due diligence.
E-commerce entrepreneurs and owners in India must understand that legal issues of e-commerce in
India are different for different categories of e-commerce. For instance, electronic trading of medical
drugs in India requires more stringent e-commerce and legal compliances as compared to other ecommerce activities. Digital communication channels for drugs and healthcare products in India are
scrutinised more aggressively than other e-commerce activities. In fact, regulatory and legislative
measures to check online pharmacies trading in banned drugs in India are already in pipeline.
The legal requirements for undertaking e-commerce in India also involve compliance with other laws
like contract law, Indian penal code, etc. Further, online shopping in India also involves compliance with
the banking and financial norms applicable in India. For instance, take the example of PayPal in this
regard. If PayPal has to allow online payments receipt and disbursements for its existing or proposed ecommerce activities, it has to take a license from Reserve Bank of India (RBI) in this regard.
Further, cyber due diligence for Paypal and other online payment transferors in India is also required to
be observed.
Perry4Law and Perry4Law Techno Legal Base (PTLB) recommend that all e-commerce entrepreneurs
and owners must do a proper techno legal due diligence before opening an e-commerce website.
The Internet intermediary liability in India may be frequently invoked against e-commerce websites in
India. The Information Technology (Intermediary Guidelines) Rules 2011prescribes stringent liabilities
for e-commerce websites in India. Further, e-commerce websites in India must ensure privacy
protection, data protection, data security, cyber security, confidentiality maintenance, etc as well.
In E-commerce, numerous problems arise due to the buyer and seller being at a distance. The buyer is
not able to inspect or sample the goods or services. The buyer necessarily pays through a card. This
brings in the problem of fraudulence in card payment, it said.
The study has reviewed the proposed amendments in the Consumer Protection Act, 1986, proposed by
the union ministry of consumer affairs.
The Union Cabinet had in July approved the new bill as Consumer Protection Bill, 2015 and Consumer
Affairs Minister Ramvilas Pasvan had tabled it in Lok Sabha as well.
The new bill seeks to replace the 29-year-old law and proposes to set up a Consumer Protection
Authority which will also have the power to initiate class suit against defaulting companies.
The new bill came against the backdrop of emergence of complex products and services in the era of
growing e-commerce business in India that has rendered consumers vulnerable to new forms of unfair
trade and unethical business practices.
signature certificates (DSCs) wherever applicable, etc. Once these conditions and requirements are fulfilled, a
certificate of incorporation is sent by post to the registered office of the newly registered company.
The private limited company is also required to comply with income tax related compliances. These include
obtaining permanent account number (PAN), tax deduction account number (TAN), value added tax (VAT)
registration and obtaining of tax identification number (TIN), professional tax if applicable, service tax, etc.
In certain cases, compliance with labour laws is also required. For instance, the Shops and Establishment Act
is a legislation implemented by various States in India. The Act lays down mutual statutory obligation and
rights of employers and employees. Registration of shop/establishment is mandatory within 30 days of
commencement of work. Other workmen and labour related legislations cover areas like employees provident
fund, employees state insurance, etc.
However, e-commerce in India is also required to be conducted in a legally permissible manner. This is more
so when the information technology act 2000 (IT Act 2000) prescribes stringent penal and pecuniary penalties
for violation of its provisions during e-commerce transactions.
The e-commerce players must ensure cyber law due diligence in India. This is more so when thecyber law due
diligence for companies in India has become very stringent and foreign companies and websites are frequently
prosecuted in India for non exercise of cyber due diligence.
The legal requirements for undertaking e-commerce in India also involve compliance with other laws like
contract law, Indian penal code, etc. Further, online shopping in India also involves compliance with the
banking and financial norms applicable in India. For instance, take the example of PayPal in this regard. If
PayPal has to allow online payments receipt and disbursements for its existing or proposed e-commerce
activities, it has to take a license from Reserve Bank of India (RBI) in this regard. Further, cyber due diligence
for Paypal and other online payment transferors in India is also required to be observed.
Perry4Law and Perry4Law Techno Legal Base (PTLB) wish all the best to all e-commerce players in India and
abroad.