Common Legal Problems Facing Online Businesses in the UK

Running an online business in the UK is becoming increasingly complicated. Business owners currently grapple with ever-increasing legal obligations and risk management. Ensuring compliance with legal and regulatory rules helps protect your reputation and bottom line. This article will explore the most common legal problems facing your online business and explore potential solutions to each issue so that your company can thrive. 

How Lucrative Are Online Businesses?

In 2019, studies predicted that nearly 20% of UK sales were online purchases. More recently, 2022 studies estimated that almost 25% of all retail sales occurred through online shopping.

This means that nearly one in every four sales occurs online. This represents a significant portion of a company’s client base. Accordingly, in the same way customers desire appealing storefronts on the high street, an e-commerce company should have a modern and updated website.  

Let us explore four common legal issues facing online companies in the UK, so your organisation can consider any required updates and changes to its online presence.

1. Inadequate Website Terms and Conditions

Your website terms and conditions are an online document setting out the rules for using your webpage. Essentially, this is a rulebook detailing how visitors are permitted to use the site and describing situations in which you can ban individuals from using it again.

Having an out-of-date terms and conditions document is problematic. At best, it can make it difficult to ban a user. At worst, it may lead to legal action against your company because of uncertainty over the terms of use.

Whilst website terms and conditions documents vary, many will include reference to some of the following:

• the organisation that owns the intellectual property, copyright and content displayed on the website;
• restrictions on copying parts of the site and publishing them elsewhere;
• scenarios that may see individuals banned from using the website (such as leaving abusive remarks within comment sections or trying to hack the webpage); and
• details of any delivery charges, cancellation policy or refund policy.

2. Guarding Against Cyber Intrusion

Online stores need effective and robust cyber security similar to physical stores requiring burglar alarms and secure locks and entry systems.

This is not only for reputational purposes but also due to the General Data Protection Regulation (GDPR) requirements. In the UK, a breach of the GDPR can result in the Information Commissioner’s Office (ICO) fining your business up to £17.5m. 

There are two main types of cyber intrusion: 

• ransomware; and 
• data theft.

Both can have horrific consequences for your organisation. As the name suggests, ransomware locks you out of your company’s computer system and only grants you access upon ransom payment.  Unfortunately, some ransomware attackers do not restore access or steal the data anyway.

In contrast, data theft is a much simpler process in which hackers copy your electronic data. Cybercriminals usually prioritise information belonging to clients and individuals. If your business is a victim of a cyber criminal, you must report the cyber attack to the ICO. However, if the cyber attack was preventable by suitable safeguards, the ICO will likely hand your company a substantial fine.

UK Startup Manual

LegalVision’s Startup Manual is essential reading material for any startup founder looking to launch and grow a successful startup.

Download Now

3. Ensuring Safe Payment Methods

Another potential cyber intrusion is a cybercriminal trying to intercept payment data. This usually involves a third party trying to intercept credit card information within your website’s checkout section.

This type of attack is becoming increasingly common and allowing cybercriminals to gain access to credit card details for thousands of individuals. Again, any loss of the personal information of individuals is a breach of the GDPR and is subject to a sizeable fine from the ICO.

Online businesses can guard against payment data interception by employing the following practices:

• using commission an anti-fraud business to carry out a system vulnerability assessment of your computer systems (and implement their findings);
• ensuring the use of a secure payment system (rather than picking the cheapest); and
• encrypting information resulting from online payments on your website.

4. Outdated Privacy Policy

The GDPR requires your online business to display an accurate and up-to-date privacy policy on its site. Any failure to do so may well constitute a breach of the GDPR and put your company at risk of a fine from the ICO.

The ICO’s website contains some helpful guidance on privacy policy content. Overall, our data protection laws require your company to be honest and transparent regarding:

• the types of information you obtain from individuals;
• the purpose behind your business processing and storing that personal data; 
• details of any third party your organisation may share personal information with; and
• the identity of an individual within your company that they can contact with any queries.

Providing an accurate privacy policy also improves the customer experience. This is because potential customers are likely to appreciate good data security. Given the intrusion of cyber attacks on our daily lives, customer expectations demand strong data security and up-to-date privacy documentation.

Key Takeaways

Online companies are similar to bricks and mortar businesses in that they require good documentation, legal compliance and robust security measures.  

However, the nature of those things is slightly different in the virtual world.  Some of the biggest challenges to e-commerce businesses in England include ensuring good security, guarding against cyber threats and ensuring good data protection practices.  Many online business owners seek expert legal advice on achieving these aims and achieving good peace of mind.

If you need help drafting and utilising force majeure clauses, our experienced E-Commerce and Online Business lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page. 

Frequently Asked Questions