Review of the Australian E-commerce Best-Practice Model, Australian Government, The Treasury.

Discussion Paper

Appendix C: The BPM’s Guidance Principles

The BPM provides guidance to businesses on best practice in consumer protection in e-commerce. The BPM’s guidance principles cover a range of areas, which are discussed below along with the legislation underpinning the principles. The full text of the BPM is available on the Internet at www.ecommerce.treasury.gov.au.

Fair Business Practices

Businesses should adopt fair trading practices when engaging in B2C e-commerce. In particular, businesses must comply with the TPA, the Australian Securities and Investments Commission Act 1989 (which covers financial services and mirrors provisions of the TPA) and State and Territory fair-trading legislation.

Accessibility

Businesses should ensure that the electronic delivery of goods or services can be achieved without specialised software or hardware, unless the requirement for such specialised software or hardware is made clear to the consumer beforehand.

Disability Access

In accordance with the Disability Discrimination Act 1992, businesses have to make reasonable adjustment in the provision of goods and services to ensure that they are accessible to people with a disability.

Advertising and Marketing

Businesses should ensure that advertising material is clearly identifiable as such and be able to back up their advertising or marketing claims.

In relation to commercial e-mail, the BPM adopts a qualified ‘opt in’ approach. This means that businesses should only send such e-mail to people with whom they have an existing relationship and those who have requested it. Businesses should also have simple unsubscribe procedures so consumers can indicate that they do not wish to continue receiving commercial e-mail.

Engaging with Minors

Businesses should take special care in advertising or marketing that is targeted at children. Businesses should take reasonable steps to establish if the consumer is under 16 years of age and, if so, should receive the consent of the child’s parent or guardian.

Information (Identification and Contractual)

Businesses should provide consumers with accurate and easily accessible information that identifies the business and allows prompt, easy and effective communication with the business. Amongst other things, the Corporations Act 2001 requires that a corporation’s website used to conduct commercial transactions should display its Australian Company Number or Australian Business Number.

Businesses should provide enough information about the terms, conditions and costs of a transaction to enable consumers to make informed decisions. They should provide all information online which they are required to provide offline either by law or by any relevant code of practice to which they subscribe.

Conclusion of Contract

Where appropriate, prior to the conclusion of the contract, businesses should give consumers the opportunity to advise them of the purpose for which they require the product or service or the result they wish to achieve. Businesses should also have procedures that let consumers review and accept or reject the terms and conditions of the contract; identify and correct any errors; and confirm and accept or reject the offer.

Privacy

Businesses should respect consumers’ privacy when dealing with personal information. The BPM states that, as a minimum, businesses must adhere to the Federal Privacy Commissioner’s National Principles for the Fair Handling of Personal Information. However, best practice in information privacy is now represented by the Privacy Commissioner’s National Privacy Principles (NPPs). The NPPs are contained in the Privacy Amendment (Private Sector) Act 2000, which came into effect in December 2001.

Payment

Consumers should be provided with payment mechanisms that are easy to use and offer security that is appropriate for the transaction. Consumers should have access to information on ways of making payments and the security of those payment methods.

Security and Authentication

Businesses should ensure that consumers have access to information about the security and authentication mechanisms the business uses that helps consumers assess the risk in relying on those systems. Businesses should also provide security appropriate for protecting consumers’ personal and payment information, and have in place suitable identification and authentication mechanisms.

Internal and External Complaint Handling and Dispute Resolution

Businesses should establish suitable internal procedures to handle consumer complaints. Consumers should also be made aware of any independent customer dispute resolution mechanisms to which the business subscribes, as well as any relevant government body, such as a State or Territory fair trading body.

Applicable Law and Forum

Where a business specifies an applicable law or jurisdiction to govern any contractual dispute or a jurisdiction or forum where disputes must be determined, it should clearly and conspicuously state that information at the earliest possible stage of the consumer’s interaction with the business.

Next: Appendix D - Internet Survey
Previous: Appendix B - International Enforcement and Cooperation
Contents

Contact the Review

By Mail:

Review of Australian E-commerce Best Practice Model
Competition and Consumer Policy Division
Department of the Treasury
Langton Crescent
PARKES  ACT  2600

Telephone (02) 6263 2812

Facsimile (02) 6263 3964