Legal Requirements for eCommerce Websites

Stephen Howells
21 January 2015 20:46

There are many worldwide and country specific rules, regulations and laws that govern how websites and in
particular ecommerce enabled website should be presented, work and what content should feature on them.
This is a quick guide to the main issues which effect ecommerce businesses using shopping cartsoftware.
This is in no way a complete guide and you should always seek proper legal advice from professionals if you
are unsure about any legal issues with your website or online shop.
In the UK if you are running an ecommerce enabled website there are three major acts and directives that
you must comply with. These acts and directives are

Data Protection Act 1998

Distance Selling Act 2000

Ecommerce Directive 2002

We have covered the basics of each of these acts and directives below along with contact information
should you wish to learn more about them.

Data Protection
(a) You must register under the Data Protection Act if you collect any kind of information about people, these
could be your customers, employees or potential customers. This information includes names, addresses,
telephone numbers and email addresses.
(b) You must state what you do and intend to do with your subject's data and not deviate from that
statement.
(c) The Act is applies to any size of business.
(d) You must not export the personal data outside the EC (European Community) without permission from
the people you are collecting data on.
(e) You must ensure that all information is held securely and must be revealed or deleted upon request from
the subjects of the information.
(f) You must only record data which is pertinent to your prime business needs.
For more information see: The Data Protection Act 1998

Consumer Protection (Distance Selling) Regulations

The Consumer Protection (Distance Selling) Regulations 2000 apply to many ecommerce websites.
However, they are not applicable to 'business-to-business' transactions.
(a) You must provide clear information about your products and services before purchase.
(b) You must be clear about postage and packing costs and whether VAT or any other tax is included in the
prices shown on your website.
(c) You must provide a written confirmation of order following purchase, for example a confirmation email.
(d) You must allow a "cooling off" period where by the customer can change their mind and cancel or return
the order within 7 working days for most goods. Certain exclusions do apply with items such as perishable
and digital goods.
(e) You must inform your customers of their right to cancel their order with no loss other than return postage
and packing.
For more information see: The Consumer Protection (Distance Selling) Regulations 2000

Ecommerce Directive
(a) You must display the name of your business, the company registration number (or proprietor's name),
geographical address (not a PO Box number), contact information e.g., telephone number and email
address, VAT registration number (if registered).
(b) You may refer to trade or professional schemes if applicable.
(c) You must provide clear information on price, tax and delivery to buyers.
(d) You must clearly display your site's Terms and Conditions.
(e) You must acknowledge all orders.
(f) In commercial communication with your customers, you must clearly identify any electronic
communication designed to promote your goods or services.
(g) You must clearly identify the sender of all electronic communication.
(h) You must clearly define any promotional offers and the qualifying conditions regarding these offers.
(i) If you send unsolicited emails, you must clearly identify them as unsolicited.
For more information see: The Electronic Commerce (EC Directive) Regulations 2002

Information Commissioners Office e-privacy directive (ICO Cookie Law)

This law relates to the storage of, or gaining access to information stored in the device of a visitors/users on
your website. This means the use of cookies and similar technologies for storing information.
(a) Your website must provide clear and comprehensive information about the purposes of the storage of, or
access to that information.

(b) You can 'assume' consent has been given for your site to use cookies, as long as the above point has
been carried out (clear and prominent information made available to visitors, on the cookies used by your
site).
(c) Cookies used for functional purposes do not require consent. Cookies used by ekmPowershop.com for
instance, which make the cart and other aspects work properly do not require consent/opt in.

E-Commerce Laws In India Needed

E-commerce has its origin in foreign jurisdictions especially in developed nations like United States.
These jurisdictions have proper laws and adequate infrastructure to cater the needs of e-commerce
stakeholders. This has helped these stakeholders in not only complying with the laws of these
jurisdictions but also in contributing towards the economy of these jurisdictions.
E-commerce in India is a totally different class. It has all the advantages of profit making and
commercial viability but is neither regulated by any dedicated e-commerce law nor is it contributing
towards the economic and social growth of India.
Legal provisions pertaining to foreign direct investment (FDI), foreign exchange management act
(FEMA), national taxation laws, cyber law due diligence (PDF), cyber security due diligence, ecommerce due diligence, etc are openly ignored in India. In some instance, enforcement directorate
(ED) has also initiated investigation against big e-commerce players like Myntra,Flipkart and many
more e-commerce websites operating in India. Many stakeholders have alsoprotested against the unfair
trade practices and predatory pricing tactics of Indian e-commerce websites.
The matter has reached to the level of Indian government that has also promised to look into the matter
and draft suitable e-commerce law of India, if required. The alternative approach that can be adopted by
Indian government is to amend the Information Technology Act, 2000 (IT Act 2000) to accommodate ecommerce related issues.
We at Perry4Law believe that a dedicated e-commerce law of India is urgently required and Indian
websites must be suitably regulated. Indian government must also formulate a techno legal framework to
take care of complicated technology related legal issues in India. Amending the IT Act 2000 to
accommodate e-commerce related issues is not a very good option in this regard and must be the last
choice.

Legal Requirements To Start An E-Commerce Website In India

We have been receiving lots of queries regarding successful and legal opening of e-commerce business
in India. We have already explained the legal formalities required for starting e-commerce business in
India. In this article we would discuss the legal requirements for starting an e-commerce websites in
India.
To start with, we would like to say that we have no dedicated e-commerce laws and regulations in
India and they are still evolving. The Information Technology Act 2000 (IT Act 2000) governs the online
issues of e-commerce in India.
IT Act 2000 is the sole cyber law of India. The cyber law of India mandates that the e-commerce
entrepreneurs and owners must ensure cyber law due diligence in India. The cyber law due diligence for
3

companies in India has already become very stringent and many foreign and Indian companies
and websites have been prosecuted in India for non exercise of cyber due diligence.
E-commerce entrepreneurs and owners in India must understand that legal issues of e-commerce in
India are different for different categories of e-commerce. For instance, electronic trading of medical
drugs in India requires more stringent e-commerce and legal compliances as compared to other ecommerce activities. Digital communication channels for drugs and healthcare products in India are
scrutinised more aggressively than other e-commerce activities. In fact, regulatory and legislative
measures to check online pharmacies trading in banned drugs in India are already in pipeline.
The legal requirements for undertaking e-commerce in India also involve compliance with other laws
like contract law, Indian penal code, etc. Further, online shopping in India also involves compliance with
the banking and financial norms applicable in India. For instance, take the example of PayPal in this
regard. If PayPal has to allow online payments receipt and disbursements for its existing or proposed ecommerce activities, it has to take a license from Reserve Bank of India (RBI) in this regard.
Further, cyber due diligence for Paypal and other online payment transferors in India is also required to
be observed.
Perry4Law and Perry4Law Techno Legal Base (PTLB) recommend that all e-commerce entrepreneurs
and owners must do a proper techno legal due diligence before opening an e-commerce website.
The Internet intermediary liability in India may be frequently invoked against e-commerce websites in
India. The Information Technology (Intermediary Guidelines) Rules 2011prescribes stringent liabilities
for e-commerce websites in India. Further, e-commerce websites in India must ensure privacy
protection, data protection, data security, cyber security, confidentiality maintenance, etc as well.

Law on e-commerce needed to protect online consumers

The study has reviewed the proposed amendments in the Consumer Protection Act, 1986, proposed by
the union ministry of consumer affairs.
In the era of increased online shopping, a study conducted by the Indian Instituteof ManagementAhmedabad (IIM-A) has stressed on a need for a separate law for e-commerce with a view to protect
rights of web consumers in India.
In the era of increased online shopping, a study conducted by the Indian Institute of ManagementAhmedabad (IIM-A) has stressed on a need for a separate law for e-commerce with a view to protect
rights of web consumers in India.
To effectively protect a consumer buying goods or services through e-commerce would need a separate
law, as other countries have, said the study conducted by IIM Ahmedabad.
European Union has come up with the Directive on the Protection of Consumers in respect of distance
contract which the Union countries have given effect to. The UK first gave effect to it with the
Consumer Protection (Distance Selling) Regulations 2002, it said.
The recent study titled as Consumer Rights in the New Economy: Amending the Consumer Protection
Act, 1986 conducted by Professor Akhileshwar Pathak of IIM-A also highlighted the problems faced by
consumers in E-Commerce.
4

In E-commerce, numerous problems arise due to the buyer and seller being at a distance. The buyer is
not able to inspect or sample the goods or services. The buyer necessarily pays through a card. This
brings in the problem of fraudulence in card payment, it said.
The study has reviewed the proposed amendments in the Consumer Protection Act, 1986, proposed by
the union ministry of consumer affairs.
The Union Cabinet had in July approved the new bill as Consumer Protection Bill, 2015 and Consumer
Affairs Minister Ramvilas Pasvan had tabled it in Lok Sabha as well.
The new bill seeks to replace the 29-year-old law and proposes to set up a Consumer Protection
Authority which will also have the power to initiate class suit against defaulting companies.
The new bill came against the backdrop of emergence of complex products and services in the era of
growing e-commerce business in India that has rendered consumers vulnerable to new forms of unfair
trade and unethical business practices.

Essential Legal Formalities for Starting E-Commerce Business in India

E-Commerce laws and regulations in India are still evolving. This has created a sort of
confusion and uncertainty among e-commerce entrepreneurs in India.
Essential Legal Formalities For Starting E-Commerce Business In India
E-commerce laws and regulations in India are still evolving. This has created a sort of confusion and
uncertainty among e-commerce entrepreneurs in India. While some have opened e-commerce outlets through
websites others are exploring a more appropriate and legal way of running an e-commerce business in India.
Legal issues of e-commerce in India vary as per different business models. For instance,electronic trading of
medical drugs in India requires more stringent e-commerce and legal compliances as compared to other ecommerce activities. Digital communication channels for drugs and healthcare products in India are
scrutinised more aggressively than other e-commerce activities. In fact, regulatory and legislative measures to
check online pharmacies trading in banned drugs in India are already in pipeline.
Besides there are many legal formalities that are required in order to start a company and e-commerce
activity in India. A business can be operated as:
(1) Sole Proprietorship.
(2) Partnership.
(3) Company Public/Private.
(4) Limited Liability Partnerships (LLP).
Mostly people decide to open a private company to substantiate an e-commerce activity and this article would
cover that aspect alone. To incorporate a private limited company you must approve its name, registered
office address, have at least 2 directors with director identification numbers (DINs), must have a minimum
authorised capital of Rs. 1 Lakh, memorandum of association (MOA) and articles of association (AOA), digital

signature certificates (DSCs) wherever applicable, etc. Once these conditions and requirements are fulfilled, a
certificate of incorporation is sent by post to the registered office of the newly registered company.
The private limited company is also required to comply with income tax related compliances. These include
obtaining permanent account number (PAN), tax deduction account number (TAN), value added tax (VAT)
registration and obtaining of tax identification number (TIN), professional tax if applicable, service tax, etc.
In certain cases, compliance with labour laws is also required. For instance, the Shops and Establishment Act
is a legislation implemented by various States in India. The Act lays down mutual statutory obligation and
rights of employers and employees. Registration of shop/establishment is mandatory within 30 days of
commencement of work. Other workmen and labour related legislations cover areas like employees provident
fund, employees state insurance, etc.
However, e-commerce in India is also required to be conducted in a legally permissible manner. This is more
so when the information technology act 2000 (IT Act 2000) prescribes stringent penal and pecuniary penalties
for violation of its provisions during e-commerce transactions.
The e-commerce players must ensure cyber law due diligence in India. This is more so when thecyber law due
diligence for companies in India has become very stringent and foreign companies and websites are frequently
prosecuted in India for non exercise of cyber due diligence.
The legal requirements for undertaking e-commerce in India also involve compliance with other laws like
contract law, Indian penal code, etc. Further, online shopping in India also involves compliance with the
banking and financial norms applicable in India. For instance, take the example of PayPal in this regard. If
PayPal has to allow online payments receipt and disbursements for its existing or proposed e-commerce
activities, it has to take a license from Reserve Bank of India (RBI) in this regard. Further, cyber due diligence
for Paypal and other online payment transferors in India is also required to be observed.
Perry4Law and Perry4Law Techno Legal Base (PTLB) wish all the best to all e-commerce players in India and
abroad.