Ecommerce between customer and buyer can be tricky. But the degree of difficulty increases when those two partners reside in different countries. If there's an ocean of difference between the laws of the two nations, the transaction must adhere to the stricter set of regulations.
The European Union is trying to simplify regulations for its members, observes Michael Sinclair, PhD, an attorney with Tarlo Lyons, a London, England law firm. The European Union is attempting to "achieve harmonization" like the United States by having the same laws across national borders. The aim of this initiative is to foster ecommerce, Sinclair says.
Things change, however, when one participant in the transaction doesn't live in one of the member countries. Protecting personal data across borders is becoming a big issue since the European Union enacted its Data Protection Initiative. This law, which member states have to ratify with their own legislation, forbids the transfer of certain personal details about a customer outside the European Union.
The United States, for example, has much less strict rules about sharing this kind of information, which can be found on the Net embedded in "cookies." Often, consumers new to the ways of the Internet have no idea the merchants they are dealing with collect this personal information.
Ask For Consent Before You Ask For The Sale
The best way to deal with the data protection issue is to get consent from consumers to share all personal information before they place their orders, suggests Sinclair. He suggests e-tailers put this consent agreement in their terms and conditions.
Encryption is another issue ecommerce merchants have to decipher. The Electronic Signature Directive encourages member states to enact legislation facilitating e-commerce, including the ability to have contracts that were signed electronically to carry the same weight in court as the paper version. Typically, these contracts are encrypted so no other parties can intercept them.
Sinclair says this directive has an extra-territorial effect. Foreign companies selling to the customers in the European Union using encryption are subject to this law even though their servers are off shore.
In addition to the European Union directives, Sinclair says each country has its own laws which affect commercial transactions on-line. In the U.K., for example, a financial services law requires all offshore providers to be subject to the British law. The same legal blanket falls on pharmaceutical vendors who sell drugs on the Web. "These laws can become an issue for suppliers," he says.
Sinclair suggests suppliers who believe the entire globe is their marketplace selectively learn the laws of the countries where a mistake could hurt their bottom lines. To learn the legalities of everywhere is too burdensome. The issue becomes risk assessment. "You can never eliminate the legal risk selling on the Net like you can selling in a store," says Sinclair.
Limiting Ecommerce Risk
The attorney observes that many Internet start-up companies are identifying countries where they have assets that they need to protect and are only learning the rules there. The local prosecution can serve legal papers on operations in that country, he points out. If the e-tailer loses the lawsuit, the victor can also win a judgment there. The court can order the victor to tap bank balances, for instance.
The other laws worth learning about are the ones regulating the e-tailer's target markets. These make a significant contribution to corporate profitability and thus have to be protected. These markets are a good place to adhere to the letter of the law.
Sinclair says a law before the British Parliament -The Regulation of Investigatory Powers bill -- will give the police the power to intercept data in the midst of a commercial transaction if they suspect something untoward is contained within. The move is designed to aid crime detection.
But a problem arises if two companies are in negotiations in which secrecy is crucial to making the deal happen. Sinclair posits this law could end up hurting the transaction if unwarranted police intervention lets people who aren't supposed to know about the deal suddenly have access to the facts. "To what degree will the Net be safe?" Sinclair asks rhetorically.
Lessons from the Outsourcing Primer:
- To aid ecommerce, the European Union is requiring its member nations to pass legislation so that the laws are the same throughout the Union, just like in the United States.
- Merchants doing business with European Union consumers must meet the strict personal data collection rules. The best way to stay out of trouble is to ask for consent to share this data before a transaction occurs.
- E-tailers must manage risk. They should learn the laws of countries where they have assets as well as in all their chief markets.
- Conducting secret negotiations on the Net may not be a good idea because of the possible police interception.