What does a hair drier left unplugged, a burning hoverboard and children’s audio voice recordings have in common?

These are three reasons why Amazon was sued over the last year. 

The Amazon team navigated these crises with some grace and a lot of business law acumen. 

Like Amazon, other online retailers should stay apprised of the online business laws and regulations they need to stay compliant with. 

Whether you are a small business, startup or rapidly expanding mid-market company, your online operations are likely regulated by corporate, copyright and contract laws among others. Not to mention laws surrounding consumer protection and corporate governance.

There’s no rush to get a law degree. But you need to stay informed about the legal issues your ecommerce website may face. 

Key Ecommerce Laws You Need to Know

Ecommerce is a relatively new branch of retail. 

Similar to other types of online businesses, you need to comply with the general corporate laws and local and international laws applicable to your business. Additionally, you will need to comply with digital-specific provisions around web accessibility, data privacy and electronic payment processing that may be applicable to your store. 

To stay on the safe side, you should invest the time to learn about the rights and wrongs when it comes to:

  • Taxes
  • Payment gateways
  • Trademarks, patents and copyrights
  • Shipping restrictions
  • Inventory
  • Age restrictions
  • Business insurance
  • Licenses and permits
  • PCI compliance
  • Customer privacy 

1. Taxes. 

Here’s a quick refresher on taxes from Tracey Wallace’s handbook on ecommerce taxation.

U.S.-based ecommerce businesses are bound to charge:

Sales taxes vary by state and separate locations in states. 45 states and Washington D.C. impose a state-wide sales tax. However, different cities, counties and “special taxing districts” may also add local sales tax rates, on top of state-wide taxation. 

For example, here’s what’s included in Rhinebeck, NY sales tax rate:

new york sales tax

new york sales tax

Failure to properly calculate and collect the right sales tax amount can put a dent in your profit margin. Moreover, this leaves you stressed during tax season. So get to know your obligations in advance! 

You can read more about state-by-state tax sales tax rules in Jennifer Dunn’s separate guide. 

Import duties and taxes. If you import products from foreign-based suppliers (e.g. dropshipping partners or wholesalers) valued in excess of a certain threshold, your imports may be subject to customs duties. 

Also, other tariffs and taxes may apply if you regularly ship in products in larger quantities. You can use the free U.S. Free Trade Agreements (FTAs) tool to simulate different scenarios. 

Next, if you are selling products internationally, your foreign customers may have to pay import taxes and duties. You can choose to settle them on their behalf via pre-paid duties shipments, offered by some third-party logistics providers. Or you can bundle them into an international price. For example, European and Australian shoppers are accustomed to seeing all-inclusive prices. 

Ecotaxes. To promote sustainability, many states are introducing taxation on activities and items that may be harmful to the environment. For example, under the California Redemption Value (CRV) Act, consumers have to pay an extra recycling fee of $0.05 for plastic containers under 24 ounces and $0.10 for plastic containers over 24 ounces. The state also has a pending proposal for a new ecotax, which would be charged on each individual item packed in single-use plastic. If enacted, it would take effect starting in 2022. 

International businesses should also be mindful of local ecotaxes. For example, Europe is way ahead in charging extras for non-sustainable products, shipping or packaging practices. 

Takeaway: To cover all your bases, talk to a tax professional or local tax authorities. These experts will be able to help you understand specific circumstances that may affect your product and give you insights into how you need to charge tax for your business’s location. 

Keep in mind, too, that this information — and the regulations around it — are constantly changing! 

2. Payment gateways. 

Payment gateways are the lifeline for securely processing customer payments. 

The keyword here is “security” as a payment data breach can lead to a major regulatory fine. Not to mention result in indirect losses associated with damage to your brand image. 

Breaches are also common. For instance, last year one payment processor admitted to exposing over 1.5 million credit and debit card accounts in North America due to cyber attacks. 

So stay vigilant when it comes to selecting a payment processor. Prioritize solutions with:

  • DCI-PSS compliance 
  • GDPR compliance (for selling in Europe) 
  • HTTPS connection (SSL certificate) for all payment operations 
  • Integrated security and anti-fraud protection 

3. Trademarks, patents and copyrights. 

Trademarks, patents and copyrights are considered business intellectual property and, thus, protected by respective laws. 

Here’s how the United States Patent and Trademark Office categorizes each of these terms:

  • Trademark: A word, phrase, symbol and/or design that identifies and distinguishes the source of the goods of one party from those of others.
  • Patent: A limited duration property right relating to an invention, granted by the United States Patent and Trademark Office in exchange for public disclosure of the invention.
  • Copyright: Protects works of authorship, such as writings, music and works of art that have been tangibly expressed.

In other words, if you take the appropriate steps with respect to your intellectual property, you may be afforded legal protections that prevent other brands from using your intellectual property without your consent. 

Likewise, you can’t use the intellectual property of others without the appropriate consents. For instance, if you want to sell t-shirts with Star Wars characters on them, you will want to obtain the appropriate consents to avoid any legal issues. 

Also, you may want to consider copyright protection for your ecommerce website. Some of the applicable copyright laws to keep in mind:

Takeaway: Obtaining a trademark, service mark or patent isn’t strictly necessary for ecommerce business owners but may provide additional protections. Yet, you need to make sure you’re not infringing on others’ intellectual property rights. Research with the appropriate copyright, patent and trademark organizations such as the US Patent and Trademark Office. They’ll help you start off on the right foot.

4. Shipping restrictions. 

Ecommerce shipping can be mind-boggling at times since logistics companies have different rates, rules and restrictions for shipping different types of products. 

Most shipping companies clearly note their restricted items. Some commonly-restricted items are:

  • Aerosols
  • Airbags
  • Alcoholic beverages
  • Ammunition
  • Animals
  • Cigarettes
  • CBD products 
  • Dry ice
  • Explosives
  • Fresh fruits and vegetables
  • Hazardous materials
  • Nail polish
  • Perfumes
  • Perishables
  • Poison

Also, note that some providers may allow you to ship normally restricted items, but they will require some extra paperwork and fees. You’ll want to take this into consideration as you evaluate shipping providers and integrations.

For information on shipping internationally, check out the Federal Trade Commission’s Electronic Commerce: Selling Internationally guide, which will help answer questions about taxes, duties and customs laws. They also have information on the shipping taxes, duties and imports. 

Takeaway: Not all shippers restrict the same items. Research different providers to determine the costs and requirements for shipping your type of product. 

5. Inventory. 

Maybe you’re thinking of storing the clothing for your online boutique in a spare closet or packing your handmade jewelry in too many storage boxes to count?

While your determination is alive and well, believe it or not, your business may be too large to legally run out of your home.

If you’ll be holding substantial inventory, you should also check your real estate lease, deed or zoning codes to see if there are any prohibitions on running a business like the one you’re contemplating out of your home. 

Even if you plan to run a small online business, some property laws can still apply to you.

Your local homeowners’ association may not be too keen on allowing a home-based business in the area if it doesn’t comply with the zoning laws or the homeowners’ association rules and regulations. Thus, you may be surprised to learn that you could benefit from having a brick-and-mortar location or warehouse in the early stages of your online business! 

If you’re hesitant to open a physical business and cannot run your business out of your home, don’t fret — you have more options.

Try leveraging a partnership with a shipping and fulfillment company that specializes in dropshipping or 3PLs.

Bonus? By using a dropshipping or 3PL service, you reduce shipping zones, or the distance packages travel, which will typically reduce the cost of shipping and time in transit. A win-win for both your business and your customers.

Takeaway: Learn about home-based business regulations, applicable to your ecommerce niche. Pay attention to general business licenses, zoning restrictions and health and safety permits. 

6. Age restrictions.

Anytime you launch a website, it’s absolutely required that it comply with the Children’s Online Privacy Protection Act (COPPA) — no exceptions.

This act includes quite a few regulations, but one that will likely apply to your site is the inability to collect any personal information from a child under the age of 13.

If you’re planning on selling a product or service tailored specifically to a young audience, you’ll need to abide by COPPA regulations. Or else, you risk regulatory fines of up to $43,280.

Also, check your country’s rules and regulations before selling age-restricted products through an ecommerce store.

Takeaway: Every country is different as far as their demands on how to run a business. Things get especially tricky when it comes to age restrictions on products. Do your research and stay on top of legislation to ensure your business is on the up-and-up.

7. Business insurance. 

Business insurance isn’t always legally mandatory for ecommerce store owners.

If you operate as a registered business entity such as a limited liability company (LLC), your personal assets may already be protected. However, you’ll want to consult with legal counsel to ensure that’s accurate, as the laws may vary based on where you operate or where your entity was formed.

Even if that’s true for your situation, it may also be beneficial to get your business insured for 

  • General liability 
  • Product liability
  • Professional liability
  • Commercial liability 

Remember the story about a burning hoverboard? Well, the family was allowed to sue Amazon even though the company acted as an intermediary for another seller who sold a faulty gadget. Product liability insurance could protect you against such scenarios. This type of insurance is especially important if you plan on selling products that are considered high-risk, like CBD.

Also look into professional liability insurance (also known as errors and omissions insurance), which can protect your business against malpractice, error and negligence.

Takeaway: Business insurance can look expensive for new business owners. But it can save you more money if matters go legally awry.

8. Licenses and permits. 

Depending on which products you decide to offer, you may need a business license to sell them.

As a rule of thumb, most states in the U.S. require you to have a valid seller’s permit if you have a brick-and-mortar business.

However, the requirements are different for online businesses. As LegalZoom writes:

“Unless you are selling products or services in a regulated industry such as health care, you don’t need a seller’s permit to conduct business online. But that may not be the case in your state and/or in your industry.”

As LegalZoom notes, you should always double-check applicable laws. So be sure to do just that!

Separately, you may want to look into a reseller license — a document that lets you purchase inventory in bulk or wholesale without paying local sales taxes. Having one could prevent you from paying double taxation (i.e. when you pay a sales tax, then collect it from your customers and pay to the authorities). With a reseller certificate, you may only need to collect sales tax when customers buy your products. Similarly, check with local authorities if you plan to partner with wholesalers and suppliers. 

Finally, international sellers should also check with a local licensing department to verify whether they need any permits.

Takeaway: Apart from a sales tax ID, you may not need any other special business license to operate a small ecommerce store. However, to avoid any future issues, you should confirm that there are no business licenses required to operate in the jurisdictions you operate or transact in by confirming with the appropriate local regulators or consulting with an attorney. 

9. PCI compliance. 

Payment Card Industry (PCI) Data Security Standard (DSS) is a commercial security standard, introduced by a group of American financial services providers in 2006. 

The goal of a PCI DSS directive is to introduce unified standards for securely processing card transactions and bring all industry participants to the same level of compliance. It covers both online and POS transactions, as well as card over phone orders and other types of card-not-present transactions. 

Thus being PCI compliant doesn’t just mean providing a secure, encrypted checkout experience — you’ll also need to avoid storing any purchasing information on paper or via recording (e.g. if someone were to give you their card number over the phone).

Modern ecommerce platforms such as BigCommerce already come with PCI Level 1 compliance baked-in for payment processing. 

However, if you plan to use a third-party payment processor or an integrated POS system, inquire about their state of PCI compliance. 

Takeaway: PCI DSS is aimed at ensuring better payment security. It serves as an industry “stamp of approval” for payment processors and other types of companies doing money transactions. 

10. Customer privacy. 

Ecommerce websites can collect a ton of valuable insights to create a data-driven CX for shoppers. But not all types of ecommerce big data are up for analytics grabs.

Data privacy laws around the world prohibit merchants from using customers’ personal identifiable information (PII) for analytics purposes. This includes full names, addresses, social security numbers, debit and credit card details, etc. 

Also, some states and countries oblige online shops to explicitly ask for customers’ permission for collecting, storing and processing their data. 

Two customer privacy acts ecommerce store owners should familiarize themselves with are:

  • California Consumer Privacy Act (CCPA). This law obliges businesses to disclose any information they have about the consumer, as well as a list of third-party that their data is shared with as per users’ demand. Customers can also sue businesses for any privacy violations. 
  • General Data Protection Regulation (GDPR). This is an EU-member state-wide act that puts down seven must-follow regulations online businesses must abide by when it comes to customer data collection, storage and usage. 

GDPR has been notoriously advertised as the “stingiest customer data privacy” law. Indeed, the violation fines are steep — €20 million ($24.3 million) or 4% of global revenue, whichever is higher.

But staying on the right side of GDPR isn’t that hard either. If you plan to sell in Europe, refer to the official GDPR resource website. It has a detailed FAQ section and checklist for businesses. 

Takeaway: Customer privacy violations can lead to legal and regulatory action. However, compliance is a matter of due diligence and care. A number of ecommerce and marketing apps have in-built facets for ensuring compliance with data collection laws such as CCPA and GDPR. 

Wrapping Up 

Understanding the implications of online business laws is essential for the health of your business — and the protection of consumers who become your customers.

When you start your ecommerce business, take the time to learn about the tax, payments security, copyright, data collection and usage, as well as licensing requirements for your industry. 

The above may sound like a lot. But this knowledge and investment in professional legal or tax advice will future-proof your business against legal calamities and costly operational mishaps! 

Online Business Laws FAQs

1. What are online business laws?

Online business laws govern digital product and services sales, digital copyrights, as well as customer data collection, storage and processing. Such laws were designed to make online browsing and shopping experience safe, secure and fair for businesses and consumers alike. 

2. How can I legally sell online?

To legally sell products online, you need to apply for a sales tax ID (number). Then, ensure that you are collecting and reporting all applicable state- and local-level sales taxes. Moreover, you need to be compliant with digital customer data protection acts such as COOPA, CCPA (if you operate in California) and GDPR (for European sales). Finally, research if you need any special permits or licenses to operate your type of business or if any other laws apply to it. 

3. Do I need to start an LLC to sell online? 

You can start a small online store as a sole proprietor. But registering an LLC may offer you better liability protection against legal issues depending on the laws in the jurisdiction that you form the LLC in and where your business operates. Also, a business entity is often necessary to apply for a reseller certificate — a document many suppliers and wholesalers will ask for to trade with you. 

4. Are there products that I can’t legally sell online?

You can’t sell illegal items online as defined by your local laws, similar to brick and mortar stores. Otherwise, there are types of products you are restricted from selling without a special license such as alcohol, tobacco, fresh produce, medicals and pharmaceutical products. Also, some ecommerce platforms and marketplaces may have separate lists of items that are restricted from being sold on their platform. 

5. Is a business license the same as an LLC?

No, these are two different concepts. An LLC is a type of entity — a way to form a new company. Business licenses are obtained on top of company registration. Depending on your jurisdiction, a business license may only be required for certain occupations or types of online businesses. Having an LLC does not exclude you from the need to apply for a business license if you are otherwise required to apply for a business license. 

6. Does my ecommerce site need a privacy policy?

Yes, for all practical purposes, all online stores need a privacy policy, explaining which data you collect (e.g. cookies), for what purposes, how long you store it and how you use it. Ecommerce sites without a privacy policy are viewed as suspicious by consumers and can attract the attention of local regulators, monitoring compliance with customer data protection laws. 

7. What are intellectual property rights in ecommerce?

Ecommerce store owners are bound by general copyright and trademark laws, similar to other types of businesses. These can provide you with legal rights to protect your website content against unauthorized distribution, wrongful usage and copying. You can also choose to take the appropriate steps to trademark your online store name, and in some cases, a domain name too. 

8. What actions should ecommerce managers take to safeguard consumer privacy and security?

First of all, ensure that you have an up-to-date privacy policy. Secondly, analyze your tech stack and ensure that all payment, marketing and customer service tools you are using have complaint policies on customer data collection. Partnering with reputable ecommerce platforms, marketing software providers and analytics companies is a good step in ensuring that you are taking a proactive approach to safeguarding your customers’ security and privacy. 

9. Why is privacy in ecommerce important?

Because the last thing you’d want is having a distressed customer or government authority going after your business with a lawsuit for privacy violations. The ecommerce industry is regulated by digital customer data privacy laws such as CCPA, Data Broker Registrations and GDPR among others. You must comply with the privacy laws applicable to your business in order to avoid potential legal penalties and reputational damages. 

10. What states require sales tax for online sales?

Overall, 45 states and Washington DC have state-wide sales taxes for online sales made by/to local residents (businesses and private persons). Separately, almost every state has a sales tax nexus — a degree of connection between an online retailer and the state requiring the retailer to register and collect sales tax within the state.

11. What type of business license do I need for ecommerce?

You may not need any special business license, apart from sales ID tax registration, for your online store unless you are selling certain types of products such as medical devices, healthcare products, alcohol, fresh produce and other types of regulated products. However, it’s best to double-check the requirements with a local authority or a legal professional.


This material is for informational purposes only and does not constitute legal, tax, professional or financial advice. BigCommerce disclaims any liability with respect to this material, and the information on this website may not constitute the most up-to-date legal or other information. 

The information on this website is not a substitute for, and does not replace the advice or representation of, a licensed attorney or other professional. Please consult your attorney or professional advisor on specific legal, tax, professional or financial matters. All liability with respect to actions taken or not taken based on the contents of this site are hereby expressly disclaimed. This website contains links to other third-party websites. Such links are only for the convenience of the reader, user or browser; BigCommerce does not recommend or endorse the contents of the third-party sites.

Similar Posts