Many people turn to the Internet as a way to sell products and services. Apart from the usual commercial issues, there are legal issues that all retailers online should be aware of. In summary, they are as follows:
Consumer Law and Consumer Rights
Any retailer selling online in Australia is subject to Australian consumer law.
As far as the ACCC is concerned, there is no difference to consumer rights for someone purchasing online or because they have transacted in a bricks-and-mortar store, nor are consumer rights distinguished between purchases made in Australia versus overseas (other than it might be much more difficult to resolve problems with an international store).
In a nutshell, Australian eCommerce businesses must:
- ensure products and services meet Australian safety regulations
- not mislead you or hide costs and other details from consumers
- compete fairly to ensure a variety of choices on quality and price
- give consumers automatic guarantees with the right to ask for a repair, replacement, refund, cancellation or compensation as appropriate if there is a problem
- have the right to sell consumers a product – it mustn’t be stolen and must belong to the business or individual and not come with any outstanding debts
In Australia, consumer law establishes consumer rights with respect to guarantees. These rights cover repairs, replacement or refunds, compensation and being able to cancel a faulty service.
Details regarding current Australian consumer rights can be accessed online here: https://www.accc.gov.au/consumers/consumer-rights-guarantees
Data protection and credit card data
Any data collected by an Australian online retailer will be subject to the Commonwealth Privacy Act 1988, state and territory legislation, as well as a requirement to protect the information transmitted online, especially credit card information.
In terms of credit card information, by far the easiest way for most online retailers to handle the secure storage of credit card information is by using a third-party service, such as Paypal or a bank gateway, which collects and stores the information on its behalf.
In this environment, the retailer has no visibility of any credit card information since the information is transmitted behind the third-party’s firewall. The onus to check and protect credit card information, including ensuring fraud protection, shifts to the third-party service. It is the responsibility of the retailer to choose a reputable payment gateway, such as Paypal or any of the major banks.
Websites require a SSL certificate to be able to provide an eCommerce service. Unless you are a very large website, a valid shared certificate is entirely appropriate, which can be obtained from the web hosting company.
If you decide to collect and process credit card payments directly, know that it can be an onerous process. You will need to comply with the Payment Card Industry Data Security Standard (PCI-DSS), which includes security and encryption requirements for any business that stores, processes or transmits payment cardholder data. These rules have been established by global payment brands (Visa, Mastercard, American Express and others) to create a secure framework for dealing with credit card information.
WANT MORE? Check out other eCommerce posts.