Dear Doctor D, should I be across any legal stuff for my online business, I’m worried I might be breaking the law…somewhere.
Doctor Digital Says
It’s a great question and one that is asked all too infrequently. In the race to get online and into the vast pool of potential customers, business owners often neglect some basic legals which can come back to bite them. Of course you need to seek legal advice from a qualified person, (I’m only a digital doctor) so take this as a guide and progress with a professional.
Every business in Australia needs to be set up under the correct business structure, with the appropriate licencing, and using an ABN or an ACN depending on whether you are a sole trader or partnership or a company. You need to comply with our tax laws, and a host of other national and state laws that all businesses fall under such as anti-discrimination laws, fair trading etc. Whether you are digital or bricks and mortar or somewhere in the middle these rules apply, to find out more you can start with this comprehensive guide from the Australian Government.
Let’s look at some of the more digitally related legal aspects that you need to be across. Privacy is a big one, and under a more intense scrutiny since our friends at Facebook accidentally sold all your data to Cambridge Analytica. If you save contact and personal information from your customers, you are required, under the Privacy Act 1988, to make your customers aware of what you are collecting. You must also clearly explain how you will use their information.
The easiest way to comply is to set up a Privacy Policy on your website and require your customers or website users to agree to it when you collect information from them. To make sure your customer’s or user’s agreement will stand up legally, use a clickwrap method. A clickwrap method is where your customer or user has to click “I Agree” to your Privacy Policy in some way. This could be when they sign up to receive your marketing messages or when they make a purchase on your website.
It’s also important to reassure your customers that once you’ve collected their information, you will keep it secure. Your users need to feel they can trust you. You can show them you are trustworthy by informing them about how you will protect and store their information.
One simple way to protect customer privacy when you collect information is to use security such as SSL. SSL means that the connection between your website and the user’s browser is secure when data is transmitted. Ensure that any websites you use with your customers have SSL enabled. You can tell by the little padlock icon in the URL bar. Another potential security issue is the storage of customer data. A popular way for many online businesses and marketing companies to store data is to use cloud storage providers. To reassure your customers that you are keeping their data safe, always choose a reputable provider. And, preferably, choose a reputable provider within your own jurisdiction. If you store data with a cloud storage provider in another jurisdiction that has inadequate protections, you may be in breach of your local laws. If you use a cloud storage provider, you need to ensure that your Privacy Policy and/or your website Terms of Use cover the situation in which a cloud storage provider has a privacy breach and your customer data is released.
Alright, we’ve dealt with information coming in through your website, but what about when you’re sending it out? The biggest no-no is correspondence that is categorised as spam. Spam is electronic junk mail. It's when you send unsolicited promotional emails to a large volume of email accounts or mobile phone numbers. It’s an inconvenient nuisance to your customers and likely to get you in hot water legally.
Under the Spam Act 2003, it's illegal to send unsolicited commercial electronic messages. To ensure your business keeps within the law, check that you have these elements in your communications with customers:
- consent - you must have consent to send messages to your contacts
- identify - you must include clear and accurate information about your business, including who is sending the message and how they can be contacted
- unsubscribe - you must include an 'unsubscribe' facility to allow recipients to opt out of receiving your messages.
Basically, it’s good customer service to help people sign on and opt out, and no passive aggressive messages about how terrible their lives will be when they do opt out, or hiding the unsubscribe under 6pt font.
Ok, next, there is Intellectual Property protection or IP. This is about protecting your brand assets and recognising that they have a dollar value to your business. Australia still lags behind in our filing for Trademarks (TM), which are the baseline to protect your visual logo as well as your word forms. Registering a trademark gives you the exclusive right to use a specific word or words, name, design, or logo in connection with specific goods or services. It is valid for 10 years and is renewable if certain requirements are met.Trademarking can be expensive if you are protecting your marks in a number of countries as you need to file to protect the mark in each one and so the necessary searches prior to filing.
If you only trade in Australia, it will cost less, and is not a luxury expenditure, it is a necessary cost of doing business like insurance. Use a reputable IP lawyer, as while you can do a search yourself, it is a complex undertaking to ensure you are covered in all the right categories and aren’t inadvertently infringing on someone else’s mark. The Tasmanian government has a visiting IP lawyer service which is free – you can book in a time here.
If your website has a store, you need to understand and make sure you are complying with the fair trade act. There’s no legal difference between electronic and other transactions (e.g. paying for something with cash). This means the same laws apply to the transactions made on your website as the ones you might make at the supermarket. Before you start trading online, make sure you are familiar with the laws outlined in the Fair Trading Act 1989.
To comply with the law, the key things to remember are: get consent to send your marketing material; ensure that your customers are aware of and sign up to your Privacy Policy when you originally obtain their information; protect your intellectual property and don’t infringe on that of others; be honest and clear with all marketing messages; and allow your customers to opt out of your messages if they wish.
As a business owner, you may be wary of legal pitfalls, but by keeping the issues of privacy and data protection, intellectual property, and consumer protection laws and regulations in the forefront of your mind, you can ensure that you won’t run into any problems. Compliance is just a big a part of the digital landscape as every other part of society. Ignorance of the law is never an excuse, so get empowered and make sure your business is legally digital.