Browse Definitions:
Definition

Electronic Commerce (EC Directive) Regulations 2002

The Electronic Commerce (EC Directive) Regulations 2002 establishes legal rules that online retailers and service providers must comply with when dealing with consumers in the 27 member countries of the European Union (EU). The directive dictates the information that consumers must be provided with in online transactions. If a retailer/service provider fails to provide information required by the directive, its contract with the consumer may be invalid and it may be in breach of member state retail law.

Services covered by the directive include paid-for and free online information services provision, and online selling of products and services such as advertising, professional services, entertainment, and Internet and telephony service provision.

Retailers/service providers must provide the following information to consumers when conducting business via electronic means:

  • The technical steps involved in placing an order.
  • The terms and conditions under which a contract is made. This information must be available to the consumer in a way that can be reproduced and stored.
  • Prices must be clear and state whether tax or shipping costs are included.
  • The name of the service provider, its email address (a contact form is not sufficient) and a geographic address.
  • Acknowledgement of the order by electronic means and information on how to amend input errors made during the order process.
  • If it is a company, the company's registration number and place of registration.
  • Membership details, including registration number of any trade or professional association of which the service provider is a member.

Any breach of these requirements is considered a breach of statutory duty. If the consumer is not informed of how they can amend errors in an order, the contract can be voided.

EU law dictates that electronic transactions are subject to the Internal Market clause, which dictates that 'information society services' are subject to the law of the member state and that a member state cannot restrict incoming services.

The directive also applies to services provided by SMS text messaging. Given the 160 character limit of SMS, the body of the message must contain a URL where the required information can be found.

This was last updated in August 2010

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • principle of least privilege (POLP)

    The principle of least privilege (POLP), an important concept in computer security, is the practice of limiting access rights for...

  • identity management (ID management)

    Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or ...

  • zero-day (computer)

    A zero-day vulnerability, also known as a computer zero day, is a flaw in software, hardware or firmware that is unknown to the ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

SearchStorage

  • SAS SSD (Serial-Attached SCSI solid-state drive)

    A SAS SSD (Serial-Attached SCSI solid-state drive) is a NAND flash-based storage or caching device designed to fit in the same ...

  • MTTR (mean time to repair)

    MTTR (mean time to repair) is the average time required to fix a failed component or device and return it to production status.

  • OpenStack Swift

    OpenStack Swift, also known as OpenStack Object Storage, is an open source object storage system that is licensed under the ...

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close