The web can be a great equaliser for SMEs which, with a
professional website, can set out their wares in competition with
larger businesses. However, the web is no longer the unregulated
anarchic environment it once was. With the drive to give consumers
greater confidence to buy online – and protection when they do –
comes a raft of legislation and rules with which businesses must
comply.
According to the Electronic Commerce (EC Directive) Regulations
2002, all sites offering products and services must include
comprehensive details not only of what is available, but also about
the provider. This includes company name, VAT number and other
relevant identifying data. Clear explanations are also required
about the ordering process and how the contract is concluded, as
well as offering consumers an opportunity to correct errors in
information provided.
The Consumer Protection (Distance Selling) Regulations 2000
consolidate these requirements, underscoring the need for full
information to be provided about pricing – including all applicable
fees and charges, delivery and return arrangements, and payment.
Written confirmation of purchase details must be given to
consumers, including notification of the seven-day "cooling off"
period, during which they can cancel the order for any reason and
claim a refund, subject to certain limited exceptions.
Most businesses are now aware of the strict rules on the use of
personal data under the Data Protection Act 1998. Where any
personal information, such as names and contact details, is being
collected or used, it is essential to adhere to the data protection
principles set out in the act. The information commissioner must
also be formally notified and subjects kept aware of what data is
collected, why and to whom it is disclosed.
Following concerns about the prevalence of spam and unsolicited
marketing, the Privacy and Electronic Communications (EC Directive)
Regulations 2003 cemented the requirement to give users the
opportunity to opt out of receiving such communications in the
future. It also introduced a "prior opt-in" requirement for
electronic communications – covering e-mail, faxes and SMS – in
certain cases. Using cookies on websites is also prohibited, unless
users are given clear information about how and why they are being
used, as well as details about how to turn them off.
More recently, the Disability Discrimination Act 1995 has been
extended to oblige SME web providers to make reasonable adjustments
so their services are accessible to disabled users. Guidance is
available from standards body the World Wide Web Consortium (W3C).
Although compliance levels are currently low, enforcement activity
is likely to be stepped up. Consequently, action should be taken
now to avoid becoming a test case.
As well as complying with the rules, SMEs must remember to
secure desired domain names and all intellectual property in the
site. They must also post appropriate online trading terms and
conditions to protect the business. To minimise the risk of falling
foul of local laws, it is important to be specific in the terms
about the territories whose consumers are being targeted and those
being excluded. It is also essential not to trip up over existing
UK sale of goods, consumer protection and misleading advertising
legislation.
Failure to get things right could result in fines or damage to
the company’s reputation. Although it may be a tangled web for
SMEs, it is one which can be unravelled with the right information,
patience and good advice.
Callum Sinclair is a solicitor specialising in IT and
intellectual property at corporate law firm Maclay Murray &
Spens
Further information www.w3c.org;
www.
informationcommissioner.gov.uk