The Internet provides instant access to consumers across the world and, unsurprisingly, business innovation in the online world has been rapid. However, business law has not kept pace with digital developments. Let’s examine some key legal considerations in this area.

Setting up a website

Most businesses opt to hire an external consultant to design and set up their website. When negotiating a website development agreement, bear in mind:

  • Functional and performance requirements as well as the visible content specifications should be clear. Ideally, include details of specific tests that will be carried out to confirm that the website meets your requirements
  • The agreement should set out key “project milestones” indicating the anticipated progress at various dates leading up to the launch of the website
  • Responsibility for ensuring that the website complies with intellectual property law, consumer protection regulations and privacy rules should be clearly assigned
  • There should be indemnities or insurance clauses that take effect if you are held liable because the website breaches the rights of a third party (eg. a copyright infringement)
  • Intellectual property rights related to the website should be transferred to you.

Consumer protection

The combination of the Consumer Protection (Distance Selling) Regulations 2000 and the Electronic Commerce Regulations 2002 places a heavy regulatory burden on any business with an online presence. Note that the Electronic Commerce Regulations apply to almost any commercial website, not just those selling goods and services.

A recent report by the Office of Fair Trading (“OFT”) indicates that more than a third of top online retailers may not be compliant in this area. However, ignore the Regulations at your peril. It only takes one complaint by a user of the website to spark an OFT investigation that could result in your having to suspend your website and pay damages, not to mention the impact on your reputation.

Some tips to ensure compliance are:

  • Make sure the website contains complete information about your business including contact details, company and VAT number and professional regulation or trade organisation details
  • Unsolicited adverts should be clearly identifiable as such and the conditions applicable to any promotional offers must be clear and unambiguous
  • Terms and conditions for purchases made via the website should be made clear. Customers should be able to make correction to the inputs they make when purchasing and be notified when their order is received. You should not place unreasonable restrictions on the right to receive a refund such as requiring goods to be in their original packaging (which would prevent the customer from inspecting their purchase).

Intellectual Property

A well designed website could contain some of your business’s most important assets which you should legally protect. This includes:

  • Brand name – it is important to register your name both as a trademark and as a website domain name to give maximum protection against other businesses hijacking your brand to sell their products
  • Copyright – The original content of the website (including graphics, sounds and data) is automatically protected by copyright. If you use an external website designer, the copyright will vest in them so make sure that your contract with them transfers it to you. To emphasise your copyright protection, you could state “all rights reserved” or add the © symbol to parts of your website with particularly valuable content
  • If your website contains a database that you have made a substantial investment putting together, you may have an intellectual property right in respect of the database.

Protecting user information

If your website collects personal data such as names, contact details or credit card information, it is likely that you are subject to the requirements of the Data Protection Act. You must understand your duties under the Act as failure to comply can result in personal liability or even criminal sanctions for directors and other company officials. Some of the key points include:

  • You need to register as a “data controller” with the Office of the Information Commissioner
  • You must tell individuals how their data will be used and normally they should give their consent to this. Ideally, you should publish a website privacy policy meeting the requirements of the Data Protection Act and require customers to confirm they have read, understood and agree to it
  • Data must be accurate; and kept secure and for no longer than needed
  • You should not use data for inappropriate purposes.

There is no doubt that it is important to have an understanding of the law applicable to running the online operations of the business. However, the best way to ensure you are doing things correctly from a legal perspective is to obtain professional advice from commercial and internet lawyers.