Home arrow What We Do arrow Business Support arrow E-Commerce Project arrow EC legislation on e-commerce
EC Legislation on E-Commerce PDF Print E-mail

EC legislation on e-commerce


The Acquis Communautaire on Internet usage and e-commerce

There is a wide range of EC legislation on Internet usage and e-commerce – in addition to a wide range of communications, initiatives, and action programmes. The following section serves to give a brief overview of the main legislative acts divided up into categories. Please note that these directives are often kept very general; member states are given considerable leeway as to how to implement them locally. More often than not, though, the Commission issues recommendations further laying down what it holds to be an optimal structure.

General provisions on e-commerce

The European Union has issued a number of directives regulating e-commerce in the narrow sense of the word: partially automated sales transactions taking place using electronic means. These regulate the framework within which electronic commerce can take place and takes some crucial steps towards ensuring that it can develop and prosper.


"E-COMMERCE DIRECTIVE" 2000/31/EC of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market .

This directive is the single most important piece of legislation on e-commerce. It defines a framework for free movement of on-line services and for the harmonization of electronic contracts. It promotes the adoption of codes of conduct and extrajudicial conflict resolution, and it sets up requirements on the information customers have to receive. It does not, however, regulate non-commercial internet activities.

DIRECTIVE 1999/93/EC of 13 December 1999 on a Community framework for electronic signatures .

This directive sets up the conditions necessary for an electronic signature to be valid. To which extent do electronic signatures have the same legal validity as paper signatures? This depends strongly on the kinds of signatures used (password, smart cards, insertion of scanned images) and on the security certificates used – if the requirements are fulfilled, however, electronic signatures may be used as evidence in legal proceedings and will have the same legal validity as hand-written signatures.

DIRECTIVE 1999/44/EC of 25 May 1999 on certain aspects of the sale of consumer goods and associated guarantees.

This directive governs consumer rights with respect to any kind of purchasing agreement. In particular, it has implications for default contracts, consumer rights in the case of faulty products, and the right of redress.

DIRECTIVE 19 97/7/EC of the European Parliament and of the Council of 20 May 1997 on the protection of consumers in respect of distance contracts .

This directive provides a legal framework for e-commerce and other long distance sales transactions in which the buyer and the seller are not physically present in the same location at the time of the transaction. In particular,

* consumers must be given written information about the contract,
* consumers have the right to revoke such contracts without cause within a particular period of time,
* suppliers must fulfil orders within 30 days, and
* prior consent is required for further communication.

Copyright and intellectual property rights

Directive 2001/29, in part amended through 2004/48 following the WTO TRIPS agreement, is the most relevant copyright directive for e-commerce purposes. It attempts to ensure the same level of copyright protection for web sites and online services as that for offline activities. In addition, two more directives provide protection for computer programs and for data base structures – issues only loosely regulated in international agreements.

DIRECTIVE 2004/48/EC of 29 APRIL 2004 on the enforcement of intellectual property rights.

This directive is an attempt on the part of the Community to implement the WTO TRIPS agreement. It regulates the measures, processes, and legal recourse available to parties whose copyrights have been breached.

DIRECTIVE 2001/29/EC of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society.

This directive ensures that copyright legislation is followed for internet based activities in the same way as for offline activities. It calls on governments to take appropriate action should voluntary agreements fail. Finally, it provides for a series of exceptions, in particular for non-commercial uses of copyrighted material.

DIRECTIVE 19 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases .

This directive harmonizes national legislation on the juridical protection of databases, defined as every collection of data or other elements systematically organized and individually accessible through electronic means.

There are two types of protection:

* Copyright protection for „the intellectual creation involved in the selection and arrangement of materials“, and
* Sui generis protection for „an investment... in the obtaining, verification, or presentation of the contents of the databases”.

Note, however, that the Directive does not provide for protection of the software of the database nor the individual items in a database, but only the scheme of the data base itself.

COUNCIL DIRECTIVE 19 91/250/EEC of 14 May 1991 on the legal protection of computer programs .

This directive provides a framework for the copyright protection of software. In particular, it stipulates that only the creator of a program may apply for copyright protection and regulates how a person may use a copyrighted piece of software that he has purchased. It is a partial implementation of the Berne Convention for the Protection of Literary and Artistic Works.


Taxation issues

The below directive regulates VAT applicability for most e-commerce activities:

COUNCIL DIRECTIVE 2002/38/EC of 7 May 2002 amending and amending temporarily Directive 77/388/EEC as regards the value added tax arrangements applicable to radio and television broadcasting services and certain electronically supplied services.

The Directive 2002/38 refers to the VAT on e-services as for broadcasting, radio and other specific services provided through electronic means. It temporarily modifies Dir 77/388/CEE which is considered to be inadequate.

Privacy and data protection

Data protection and privacy belong to the main concerns of the European Community as national legislation on these issues diverge widely. The following directives regulate the processing of personal data by companies and authorities:

DIRECTIVE 2002/58/EC of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector.

This is an addition to the so-called Privacy Directive 95/46/EC, addressing issues endemic to electronic communication such as spam and other unsolicited electronic messaging solicitations including telephone, e-mail and instant messaging. In particular, the directive requires that member states adopt data protection measures in the following areas:

* Opt-in for Spam – a recipient’s prior permission is required before sending unsolicited marketing e-mails to individuals.
* Spyware, web bugs, hidden identifiers and similar devices.
* Cookies.
* Inclusion of personal data into directories.
* Storage of traffic data of users and subscribers as well as location data.
* Usage of automated calling systems.

"PRIVACY DIRECTIVE" 1995/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data .

This directive regulates government and business use of personal data. In particular, personal data may not be processed without the consent of the person, and data may not be transferred to countries with inadequate levels of data privacy protection.


Although we will not attempt to cover the totality of EC legislation on telecommunication here, we would like to draw your attention to one of the most important legislative acts with regards to e-commerce and internet access. The following directive,

FRAMEWORK DIRECTIVE 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services ,

is a framework directive encompassing four directives (the last one has been discussed in the section Privacy and data protection):

"AUTHORISATION DIRECTIVE“ 2002/20/EC on the authorisation of electronic network communications and services,

"UNIVERSAL SERVICES DIRECTIVE“ 2002/22/EC of the European Parliament and of the Council of 7 March 2002 on universal service and users' rights relating to electronic communications networks and services ,

"ACCESS DIRECTIVE“ 2002/19/EC of the European Parliament and of the Council of 7 March 2002 on access to, and interconnection of, electronic communications networks and associated facilities , and

"DIRECTIVE ON PRIVACY AND ELECTRONIC COMMUNICATIONS“ 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector .

The goal of the framework directive is to set up a harmonized structure for legislation concerning electronic communication networks and services. It encompasses not only telecommunication networks, but all electronic communication networks and services.

In particular, local authorities have to be:

* independent, juridically and practically,
* unpartial and open, and
* eligible for legal recourse.

Their responsibilities include:

* furthering competition,
* ensuring low prices and high quality,
* fostering investments,
* ensuring geographical coverage,
* promoting the establishment of so-called Trans-European networks,
* setting up simple conflict resolution procedures, and
* guaranteeing data protection and privacy.

They will carry the responsibility for awarding radio spectra, allotting names and top level domains, granting permission for setting up physical networks, and ensuring efficient resource allocation.


Finally, there is a noteworthy initiative on cybercrime in the form of a draft council framework decision on attacks against information systems. It attempts to ensure a common view of a number of computer related offences as criminal offences, including illegal access to information systems (hacking), illegal interference (viruses, denial of service attacks), and pernicious alteration of personal data. It also stipulates when member states will be competent to act.

Establishing the .eu top level domain:

A “top level domain” is the last part of an internet address (.com, .cy, .co.uk etc.). The .eu top level domain is being set up as a counterpart to the universal but loosely regulated .com domain. The goal is to set up a domain under firm control, ensuring that the domain names are awarded to their deserving owner. An .eu domain could thus develop into a kind of quality seal for the company possessing it.

COMMISSION REGULATION (EC) No 874/2004 of 28 April 2004 laying down public policy rules concerning the implementation and functions of the .eu Top Level Domain and the principles governing registration .

These regulations lay down the policy framework for the new .eu top level domain. The second enters into detail, laying down eligibility and general principles for registration, requests for domain name registration, rules concerning registrars, languages and geographical concepts. It also set up a phased registration period to give certain groups preference. Finally, it deals with reservations, whois data, improper registrations, revocation, and settlement of conflicts.

Brochure on E-Commerce Legislation (English)

Brochure on E-Commerce Legislation (Greek)

Brochure on E-Commerce Legislation (Turkish)


Last Updated ( Sunday, 01 July 2007 )

Web Site Solution is provided by QuickWASP Limited

Error. Page cannot be displayed. Please contact your service provider for more details. (25)