eCommerce Legal Requirements

Many people turn to the Internet as a way to sell products and services. Apart from the usual commercial issues, there are legal issues that all retailers online should be aware of. In summary, they are as follows:

Consumer Law and Consumer Rights

Any retailer selling online in Australia is subject to Australian consumer law.

As far as the ACCC is concerned, there is no difference to consumer rights for someone purchasing online or because they have transacted in a bricks-and-mortar store, nor are consumer rights distinguished between purchases made in Australia versus overseas (other than it might be much more difficult to resolve problems with an international store).

In a nutshell, Australian eCommerce businesses must:

  • ensure products and services meet Australian safety regulations
  • not mislead you or hide costs and other details from consumers
  • compete fairly to ensure a variety of choices on quality and price
  • give consumers automatic guarantees with the right to ask for a repair, replacement, refund, cancellation or compensation as appropriate if there is a problem
  • have the right to sell consumers a product – it mustn’t be stolen and must belong to the business or individual and not come with any outstanding debts

In Australia, consumer law establishes consumer rights with respect to guarantees. These rights cover repairs, replacement or refunds, compensation and being able to cancel a faulty service.

Details regarding current Australian consumer rights can be accessed online here:

Data protection and credit card data

Any data collected by an Australian online retailer will be subject to the Commonwealth Privacy Act 1988, state and territory legislation, as well as a requirement to protect the information transmitted online, especially credit card information.

As a matter of housekeeping, all websites should contain terms and conditions of use as well as a privacy policy, which outlines how you handle people’s information. It is generally acceptable for a retailer to use personal data in order to fulfil an order but disclosure to third parties will require explicit consent unless disclosure is required by law.

In terms of credit card information, by far the easiest way for most online retailers to handle the secure storage of credit card information is by using a third-party service, such as Paypal or a bank gateway, which collects and stores the information on its behalf.

In this environment, the retailer has no visibility of any credit card information since the information is transmitted behind the third-party’s firewall. The onus to check and protect credit card information, including ensuring fraud protection, shifts to the third-party service. It is the responsibility of the retailer to choose a reputable payment gateway, such as Paypal or any of the major banks.

Websites require a SSL certificate to be able to provide an eCommerce service. Unless you are a very large website, a valid shared certificate is entirely appropriate, which can be obtained from the web hosting company.

If you decide to collect and process credit card payments directly, know that it can be an onerous process. You will need to comply with the Payment Card Industry Data Security Standard (PCI-DSS), which includes security and encryption requirements for any business that stores, processes or transmits payment cardholder data. These rules have been established by global payment brands (Visa, Mastercard, American Express and others) to create a secure framework for dealing with credit card information.
WANT MORE? Check out other eCommerce posts.

Internet Strategy: eCommerce Legal Requirements
Article Name
Internet Strategy: eCommerce Legal Requirements
Thinking about setting up an eCommerce store? Get the lowdown on the legal requirements you'll need to cover off.
Publisher Name
Undercover Strategist
Publisher Logo

Comments: no replies

Join in: leave your comment