Every country has their own set of rules, laws and regulations which govern how eCommerce websites must operate. In the UK, there are three major acts and directives that eCommerce sites must comply with (Data Protection Act 1998, Distance Selling Act 2000 and the EU eCommerce Directive 2002). In addition, there are several other regulations that UK eCommerce businesses must comply with.
Data Protection Act 1998
Businesses must register under the Data Protection Act if they collect personal information about customers, prospective customers, staff or trade partners such as email addresses, names, addresses, phone numbers. When registering, they must state why they’re collecting the data and how they intend to use it.
The Data Protection Act says that a business must not share the data gathered without explicit permission from the people who the data concerns. Businesses must also store the data securely and be able to present it to a person whose data is being recorded if they request it. If that person requests the data be deleted, the business must also erase the data in question.
Computer Misuse Act 1990
This act was created in 1990 to make it illegal to hack (or assist in hacking) in to someone else’s computer / network without authorisation. Viewing, modifying or removing protected files also became a crime along with making, supplying or obtaining anything which could be used to assist in computer misuse offences.
Committing unauthorized access only is a crime that is usually punished by a fine. Unauthorised access and modification of files / intent to modify files usually carries a more severe punishment in the form of heavy fines and/or jail time. You can’t say you haven’t been warned!
Consumer Credit Act 1974
The Consumer Credit Act regulates credit card purchases and protects consumers when entering in to credit agreements for between £100 – £30,000 paid by credit card.
The Act stipulates the content and form of credit agreements, how credit checks are run (and who has access to the information), how the APR (annual percentage rate) should be calculated and procedures that relate to non-payment of credit, termination of the agreement or early settlement. This all helps to ensure that the consumer knows up front the terms of the arrangement they’re entering in to including how much their repayments will be, at what time intervals and the total amount that will be paid back.
Both the business and the consumer must sign this agreement and a copy must be given to the consumer within 7 days of signing. The consumer is also entitled to a ‘cooling off’ period whereby they can cancel the agreement within a short time frame after signing. In this case, the credit agreement is cancelled and any upfront costs paid by the consumer are refunded provided the consumer returns the goods within a specified time-frame.
Trading Standards
Trading Standards in the UK are local authority departments who investigate businesses that trade illegally or unethically. They enforce a variety of legislation such as healthy and safety, licensing and distance selling.
If consumers have been sold counterfeit goods or have been misled as to what they’re buying for example they are encouraged to contact trading standards who would investigate and follow-up with the business in question.
As trading standards operate on a local basis, they have many drop-in centers around the UK which offer help and advice to consumers and take legal action against local traders who have done something wrong. Formal action can include written cautions, prosecution in criminal court or seizing goods / documents from a premises.
Trading Standards may also take informal action against traders such as helping to educate traders who may have unknowingly broken the law.
Freedom of Information Act 2000
The Freedom of Information Act (aka FOIA) gives people the right to access data that is recorded and held by public sector organisations. Anyone can request the information regardless of age, nationality or where they live.
Public sector organisations may include schools, universities, hospitals, police, courts, tribunals and advisory bodies. Recorded information may include printed documents, digital files, letters, emails, images, video or sound recordings.
The Act was created after it was agreed that the public have the right to know about the activities being carried out by the organisations which they help to fund. Not all requests will be granted in cases where it would cost too much or take too much staff time to deal with it. Repeated requests submitted by the same individual will also be refused.
Copyright Legislation
Copyright law gives the creators of intellectual property (such as designs, song lyrics, photos, logos, video footage, patents and trademarks) the same rights as owners of physical property. It is designed to prevent people from copying, re-using, adapting or reproducing someone’s work without their permission.
Copyright applies automatically as soon as a work that qualifies for protection is created. The work in question needs to involve some judgment or skill – simply copying existing work doesn’t qualify for copyright protection.
A logo is a good example of something that is copyright within a business. If the businesses logo is being used elsewhere without permission, that’s a violation of copyright law. Photos or videos produced by the business are also protected under copyright. Equally, if a business uses photos on their website that they haven’t got permission to use, then they’re breaking copyright law. This is why it’s important for a business to make sure all photos and images used on an eCommerce website have appropriate licences.
The duration of copyright for literary or artistic work is generally 70 years from the year in which the author dies. Depending on the nature of the intellectual property, copyright duration can vary from between 25 to 125 years for sound recordings, broadcasts, films and crown copyright (items such as legislation or reports producted by government bodies).
In the UK, the Copyright, Design and Patents Act, 1988 is the main legislation which deals with copyright.
EU E-Commerce Directive
The EU Electronic Commerce (EC Directive), 2002 was created to establish a set of rules that service providers and online retailers must comply with when sell to consumers in the EU. The directive outlines the information that retailers and service providers must provide consumers who buy products and services online.
Services covered include physical products and services such as advertising, professional services, entertainment and internet / telephony service provision (i.e. broadband or mobile phone operators). The information that must be provided to consumers includes:
- The clear steps involved in placing an order
- Terms and conditions under which a contract is made
- Clear prices, taxes and shipping costs
- email address and geographic address of the provider (and company registration number if applicable)
- Acknowledgment of orders by email and information on how to amend any errors which may have been input in the order process
- Details of any memberships or trade organisations the provider is a member of