E-commerce is a relatively new area of business and, as such, laws and regulations are changing all the time. It is vital that you are aware of any potential legal issues your business could face, as well as any government regulations you need to follow. While it is always important to cover potential legal ramifications with a lawyer, there are a few things you should always be aware of when pursuing legal compliance as an e-commerce business.
Amazon, one of the most recognizable names of the e-commerce industry, has faced legal scrutiny for its practices. In 2019, a three-judge panel ruled Amazon could potentially be sued for product liability after a dog collar it sold from a third-party vendor caused permanent vision loss to a Pennsylvania woman. Amazon settled with the plaintiff at a later date, and the U.S. Court of Appeals for the Third Circuit was prevented from finding Amazon liable for the consumer’s injuries. However, this case remains a lesson for many e-commerce businesses.
For the average e-commerce startup, the ruling illustrates the importance of clearly defining a product’s liabilities and warranties, especially if you deal with third-party vendors. You can be sued by customers for product defects for items that your business doesn’t even manufacture, yet you may spend thousands of dollars on legal fees defending your business in a lawsuit.
Most e-commerce platforms are reservoirs of sensitive customer information, which is often collected via contact forms, through customer registration and during the checkout process. In many countries, e-commerce sites are required to protect customers’ data.
In the European Union, for instance, e-commerce websites are required by the General Data Protection Regulation to notify visitors when they gather user information and seek explicit consent before collecting or reusing personal data. In the U.S., California mandates that certain for-profit companies must implement and maintain policies and procedures that protect consumers’ personal information.
To ensure your e-commerce website is compliant with data protection rules, create a comprehensive data protection policy, in addition to a cookies policy, that outlines what data is collected from visitors and how it is stored. Links to both these policies should be clearly visible on your website and should provide visitors with a way they can request to not have their information sold to other parties.
As e-commerce platforms have access to sensitive information, it is required for your e-commerce business to have clear policies and procedures that protect your users’ information from potential fraud or theft.
Incidents involving payment fraud, as well as other issues related to online security, have skyrocketed over the past few years, coinciding with the growth of the e-commerce industry. According to Insider Intelligence, card-not-present fraud is predicted to reach $13.73 billion by 2024 and will make up 74% of fraud overall in that same time.
Besides protecting customers’ information on your site, it is important to delve into the inner workings of your e-commerce site to prevent fraud. One preventive measure to ensure your systems run smoothly is application performance management.
If you are hacked, you’re legally obligated to inform your customers and the public. Many countries require businesses to report any breach to the public, especially one that deals with personal and sensitive user data. In the U.S., for instance, most states will require businesses to report a data breach to its customers within 45 days, though this varies from state to state. Always be sure to stay on the safe side of the law when you suspect a breach, even when you’re tempted to sweep it under the carpet.
Just because your customers don’t walk through a physical store doesn’t mean your e-commerce platform is above the law. Take time to ensure your online store meets stipulated regulations across all the jurisdictions where your products or services are sold to potential customers.
If someone uses another company’s intellectual property without its consent, accidentally or not, that company can ask for millions of dollars in damages. Now more than ever, it’s easy to infringe on someone else’s intellectual property accidentally, so take as many preventive measures as possible. Even if you cite the source of the copyrighted material, the owner of that intellectual property can still file a claim against you.
According to Ecomcrew, there are several effective strategies to help prevent intellectual property infringement. First, make your graphics for any advertisements or listings yourself. Second, consider all work as copyrighted unless you use a platform that requires a subscription fee. Third, consult a lawyer to make sure you’re not infringing on someone’s intellectual property.
Citing the source of the intellectual property won’t protect you from liability, but there are also strategies you can use to protect yourself from being held personally liable for infringement. Set a standard for your employees. You, as a business owner, should not be involved in the day-to-day operations of processes that could involve infringement.
To avoid being held personally liable for any intellectual property infringement, keep your personal and professional assets completely separate.
While it’s great to see your products being sold on other platforms, if resellers are unauthorized, they can undercut your sales by selling your products at a lower price, cause your authorized resellers to back out of selling your products and negatively affect your brand’s reputation overall.
Legally, unauthorized resellers cannot resell products that differ from your original product, as it is tantamount to copyright infringement. Even still, it is always best to make sure that your trademark is registered. If you do find an unauthorized reseller is selling your product, test-buy your product from it, and if that reseller is infringing on your trademark, send a cease-and-desist letter and file a claim only if the reseller does not respond or resist.
>> Learn More: The Business Legal Terms You Need to Know
Companies that do business in EU member nations must ensure they comply with the e-Commerce Directive. Its purpose is to streamline the rules across the EU nations while also defining how businesses should conduct online transactions. The regulation dictates what information companies should provide to customers when they make an online transaction with the retailer. The directive establishes rules regarding transparency and information requirements, commercial communications, electronic contracts, and limitation of liability. The directive’s rules also cover online marketing and unsolicited commercial communications.
For example, retailers must outline clear terms and conditions, disclose the price and tax/shipping costs, and include details about any trade or professional group the seller is a member of.
One of the key principles behind the directive is the internal market clause, which ensures e-commerce businesses have to follow the law only of the EU member state in which they are established and not the laws of any state where their services are accessible. The directive also strives to prevent unfair discrimination against those who use e-commerce businesses online within the EU and covers these services: online information services, online selling of products/services, online advertising and entertainment services.
The main framework behind the directive is to build trust and transparency for customers who are making purchases online. It also aims to remove any obstacles for online businesses that operate across EU member state borders. Any company that operates in an EU nation should know about the latest interpretations of the directive and any additional impacts from doing business in specific EU member states. The European Commission continues to revise the rules to adapt the regulations for changing commerce needs. Most recently, the European Commission proposed the Digital Services Act to address new online challenges, particularly those relating to intermediaries.
While the regulations are written to present strict guidelines, another goal is to expand e-commerce throughout the common market. Staying atop of commission guidance is essential for best practices on the continent.
Running a successful e-commerce business requires that you understand your legal obligations in every jurisdiction in which you operate. For e-commerce owners, you could be subject to multiple regulations, all of which you must follow. According to BigCommerce, some of these regulations include those surrounding taxes, payment safety, intellectual property, shipping restrictions, inventory, age restrictions, business insurance, licenses and permits, Payment Card Industry (PCI) compliance, and customer privacy.
Tax regulations vary from state to state, so check your state’s tax laws in advance. Also, consult a tax law expert, as they will be able to help you understand specific instances that may affect your product and how you should charge sales tax. If you don’t collect and calculate the right sales tax, it can reduce your profits and cause additional stress during tax season.
Consult with an attorney to ensure you do your best to comply with all applicable laws and regulations. In the end, it will be critical to protecting your business’s success. [Read more about what to do if ICE serves you an I-9 audit.]
Derek Walter and Howard Goldstein contributed to this article.