Written by Michael Coyle of Lawdit Solicitors on 20 November 2012
Did you know that all business websites must adhere to rules set out under UK and EU law? This article addresses the legal requirements placed on commercial websites that must be met to operate within the law – and the possible consequences of failing to comply.
Business-to-consumer (B2C) ecommerce has grown rapidly over the last decade. Figures from Boston Consulting Group show that the digital economy generated £121 billion pounds for the UK in 2010 – online shopping accounted for just over half of that figure, bringing in £64 billion.
The popularity of ecommerce prompted governments from across the EU to rethink consumer protection laws. They were concerned that any Tom, Dick or Javier could set up a website selling products and services – but how would consumers have confidence that the services or goods on offer were being provided by genuine businesses?
Lawmakers in Brussels decided that there were two key areas in which consumers required protection:
- The safety of their personal and financial data; and,
- The ability to enforce their legal rights when buying online.
To address these points, the EU introduced Directive 97/7/EC on the protection of consumers in respect of distance contracts (Distance Selling Directive) and Directive 2000/31/EC on certain legal aspects of information society services (E-commerce Directive).
Both of these EU laws were implemented in the UK through the Consumer Protection (Distance Selling) Regulations 2000 (SI 2000/2334) (Distance Selling Regulations) and the Electronic Commerce (EC Directive) Regulations 2002 (SI 2002/2013) (E-commerce Regulations).
In short, all business websites must address the following points to be legally compliant:
- Registered information: For a UK registered business, the website needs to display the Company Information i.e. the business name, place of registration, registered number, registered office address and if it is a member of a trade association. For sole traders and partnerships, the address of the principle place of business must be displayed.
- Cookies: Recent legislation changes have meant that websites must require user consent to leave cookies on the visitor’s computer unless the cookie is a necessary requirement for the website to function (e.g. shopping cart cookies). For more information on cookies see our in-depth article Taking the biscuit: How to comply with the new UK cookie law.
- Disability Discrimination Act 1995 (now the Equality Act 2010): All website owners must make sure their content is available to all users – for example the visually impaired – failure to comply may be considered ‘unlawful disability discrimination’.
- Disclaimer: Visitors to a website can use the information published on it to the extent stipulated in the disclaimer. This document should also state that the website owner does not accept any liability that may arise from using or downloading information from the website.
- Terms & Conditions: Terms, along with a Delivery and Returns Policy are all required as part of the Consumer Protection (Distance Selling) Regulations and Electronic Commerce Regulations (EC Directive). These terms must state:
- Identity of the supplier and address
- A description of the service
- The contract price inclusive of taxes
- Delivery costs (if applicable)
- Payment and delivery arrangement
- Notification of the right of cancellation
- The cost of the means of communication by which the contract is to be concluded (e.g. premium rate telephone numbers)
- The period for which the terms are available
- Minimum duration of the contract, where it is not of one-off performance
- EU Anti Spam Laws: To conform to EU Anti Spam Laws, ensure that email lists are only of ‘opt-in’ email addresses, and always include an ‘opt-out’ instruction on all marketing emails.
What are the risks of not complying?
If a website fails to comply with some or all of the rules listed above, it could generate two kinds of legal liability: civil liability and criminal liability. Civil liability may lead to injunctions and damages payments; criminal liability could mean a fine and a criminal record, and possibly worse.
In relation to websites, civil liability is more prevalent, although not necessarily less serious. For example, companies need to take care when copying text, images and other material from third parties – failure to do so could lead to a copyright infringement lawsuit. You should also check that your domain name and other branding elements do not infringe another party’s trademark rights.
Another significant risk is libel. Any derogatory comments posted on a website – by the website owner or a third party - could give rise to a defamation claim. Website owners must vigorously monitor their content to ensure that they are not subjected to libel action.
There is also a substantial volume of additional legislation designed to protect consumers which places special obligations upon website owners, breach of which can result in criminal liability. These include breach of data protection laws, obscenity, racial hatred and the laws of contempt of court.
This article is only a basic guide to the legal requirements placed upon UK website owners. To ensure your website is fully compliant, we recommend that you contact a legal expert.