Archived — Principles of Consumer Protection for Electronic Commerce: A Canadian Framework

Archived information is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Consumer Rights and Responsibilities

Principles of Consumer Protection for Electronic Commerce:
A Canadian Framework

Working Group on Electronic Commerce and Consumers

Acknowledgments

These principles were developed by the Working Group on Electronic Commerce and Consumers and approved by this working group in August 1999. The working group was coordinated by the Office of Consumer Affairs of Industry Canada. The following organizations participated in the working group:

  • Action réseau consommateur

  • Alliance of Manufacturers & Exporters Canada

  • Cable Television Standards Foundation

  • Canadian Association of Internet Providers

  • Canadian Bankers Association

  • Canadian Marketing Association

  • Competition Bureau, Industry Canada

  • Consumers' Association of Canada

  • CSA International

  • Information Technology Association of Canada

  • Ministry of Consumer and Commercial Relations, Government of Ontario

  • Ministry of Government Services, Consumer Affairs Division, Government of Alberta

  • Office de la protection du consommateur, gouvernement du Québec

  • Office of Consumer Affairs, Industry Canada

  • Option consommateurs

  • Public Interest Advocacy Centre

  • Retail Council of Canada

     


    Contents

  • Preamble
  • Guiding Principles
  • Principles in Summary
  • Principle 1: Information Provision
  • Principle 2: Contract Formation
  • Principle 3: Privacy
  • Principle 4: Security of Payment and Personal Information
  • Principle 5: Redress
  • Principle 6: Liability
  • Principle 7: Unsolicited Commercial E-mail
  • Principle 8: Consumer Awareness
  • Glossary

    Preamble

    The rapid evolution of the electronic marketplace requires an adaptable framework for consumer protection that is subject to ongoing review and modification in light of changing technologies and market practices. This framework should include a blend of voluntary and regulatory approaches and, given the global reach of electronic commerce, should be consistent with approaches to consumer protection agreed to by the international community.

    The principles in this document are intended to guide the actions of businesses, consumers and governments within Canada in the development of a consumer protection framework for electronic commerce over open networks, including the Internet. These principles are not intended to cover communications conducted solely over the telephone. The principles were drafted by a working group of representatives from Canadian businesses, consumer associations and governments, recognizing that a sound framework for consumer protection will promote consumer confidence and facilitate the acceptance and growth of electronic commerce. The working group has agreed to review the principles regularly to ensure their continued relevance in the rapidly changing electronic marketplace.

    No principle should be interpreted as affording less protection to consumers than is already provided for in current laws of general application, particularly those applying to trade practices, health and safety, and protection of personal information.


    Guiding Principles

    Equivalent protection

    "Consumers"* should not be afforded any less protection in "electronic commerce" than in other forms of commerce. Consumer protection provisions should be designed to achieve the same results whatever the medium of commerce.

    Harmonization

    Canadian governments should adapt existing consumer protection laws to apply to electronic commerce, and should strive to harmonize provisions across jurisdictions without requiring any jurisdiction to lower its standards.

    International consistency

    Without compromising the level of protection provided to consumers under the principles in this document or under existing laws, the Canadian consumer protection framework should be consistent with directions in consumer protection established by international bodies such as the Organisation for Economic Co-operation and Development.

    * For clarity, certain terms have been defined and appear in a glossary below. The terms appear in quotation marks on their first use in the text.


    Principles in Summary

    Note: This summary must be read in conjunction
    with the full text of the principles, which follows.

    Principle 1

    Consumers should be provided with clear and sufficient information to make an informed choice about whether and how to make a purchase.

    Principle 2

    "Vendors" should take reasonable steps to ensure that the consumer's agreement to contract is fully informed and intentional.

    Principle 3

    Vendors and "intermediaries" should respect the privacy principles set out in the CSA International's Model Code for the Protection of Personal Information.

    Principle 4

    Vendors and intermediaries should take reasonable steps to ensure that "transactions" in which they are involved are secure. Consumers should act prudently when undertaking transactions.

    Principle 5

    Consumers should have access to fair, timely, effective and affordable means for resolving problems with any transaction.

    Principle 6

    Consumers should be protected from unreasonable liability for payments in transactions.

    Principle 7

    Vendors should not transmit commercial E-mail without the consent of consumers, or unless a vendor has an existing relationship with a consumer.

    Principle 8

    Government, business and consumer groups should promote consumer awareness about the safe use of electronic commerce.


    Principle 1: Information Provision

    Consumers should be provided with clear and sufficient information to make an informed choice about whether and how to make a purchase.

      1.1 Information should be provided in a form that is clear and understandable to the consumer. Vendors should:

        a) avoid using jargon and legalese, and use plain language whenever possible;

        b) provide information in a form and manner that allows the consumer to keep the information for future reference;

        c) clearly distinguish the terms and conditions of sale from marketing and promotional material or messages.

      1.2 Information required by these principles should be "prominently disclosed."

      1.3 The following information should be provided to anyone accessing a vendor's Web site:

        a) vendor identity, location and any accreditation

        • vendor's legal identity, business name, full street address and telephone number (sufficient to enable consumers to verify the vendor's legitimacy);

        • an electronic method of verifying any accreditation claims;

        b) any geographic limitations on where a product or service is for sale;

        c) fair and accurate descriptions of products or services for sale;

        d) level of privacy protection (in accordance with Principle 3: Privacy)

        • "personal information" that is being collected and for what purposes;

        • vendor's privacy policy;

        e) security mechanisms available to consumers to protect the integrity and confidentiality of the information being exchanged;

        f) complaint procedure

        • how, where and by whom complaints will be handled;

        • any third-party dispute resolution mechanisms to which the vendor subscribes, including contact information and any cost;

        g) types of payment that will be accepted, and the implications of each in terms of any extra charges or discounts applied by the vendor.

      1.4 Vendors should disclose all terms and conditions of sale to consumers prior to the conclusion of any "sales transaction." These include:

        a) the full price to the consumer, including the currency and any shipping charges, taxes, customs duties and customs broker fees and any other charges (when unsure of the amount of any potentially applicable charges, vendors must disclose to consumers the fact that such charges may apply);

        b) delivery arrangements, including timing, cost and method of delivery;

        c) any geographic limitations on where a product or service is for sale;

        d) cancellation, return and exchange policies, warranties if applicable, and any associated costs.

      All the terms and conditions of sale should be available in one place.

      1.5 Vendors should provide consumers with their own record of the transaction, including key details, as soon as possible after the transaction has been completed. In a sales transaction, consumers should be able to obtain their own record of the completed transaction as proof of purchase and a printable record of the terms and conditions of the contract.

      1.6 Where there is a delay between the purchase and delivery of goods, or tickets for the use of a service (for example, airline or theatre tickets), vendors should provide the information set out below to consumers at the time of delivery:

        a) cancellation, return and exchange policies, warranties if applicable, and any associated costs;

        b) contact information in the event of a complaint;

        c) payment arrangements, including any vendor credit terms;

        d) applicable safety warnings and care instructions.


    Principle 2: Contract Formation

    Vendors should take reasonable steps to ensure that the consumer's agreement to contract is fully informed and intentional.

      2.1 Vendors should take reasonable steps to ensure that consumers are aware of their rights and obligations under the proposed contract before they agree to the contract or provide payment information.

      2.2 Vendors should make clear what constitutes an offer, and what constitutes acceptance of an offer, in the context of electronic sales transactions.

        a) Vendors should employ a multistep confirmation process that requires consumers to, specifically and separately, confirm the following:

        • their interest in buying;

        • the full price, terms and conditions, details of the order, and method of payment;

        • their agreement to purchase.

        b) If an appropriate multistep confirmation process, such as that set out above, is not used, vendors should allow consumers a reasonable period within which to cancel the contract.


      Principle 3: Privacy

      Vendors and intermediaries should respect the privacy principles set out in the CSA International's Model Code for the Protection of Personal Information.

      These 10 principles form the basis of the Model Code for the Protection of Personal Information (CAN/CSA-Q830-96).

        1. Accountability

        An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization's compliance with the following principles.

        2. Identifying Purposes

        The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.

        3. Consent

        The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except when inappropriate.

        4. Limiting Collection

        The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.

        5. Limiting Use, Disclosure and Retention

        Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfilment of those purposes.

        6. Accuracy

        Personal information shall be as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.

        7. Safeguards

        Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.

        8. Openness

        An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.

        9. Individual Access

        Upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

        10. Challenging Compliance

        An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization's compliance.

         

        Note: The full text of the Model Code for the Protection of Personal Information (CAN/CSA-Q830-96) can be obtained from the CSA International Web site (http://www.csa-international.org) or from:

        CSA International
        178 Rexdale Boulevard
        Etobicoke ON M9W 1R3


      Principle 4:
      Security of Payment and Personal Information

      Vendors and intermediaries should take reasonable steps to ensure that transactions in which they are involved are secure. Consumers should act prudently when undertaking transactions.

        4.1 Vendors and intermediaries should safeguard payment and personal information that is exchanged and/or stored as a result of a transaction.

        4.2 Consumers should take reasonable steps to conduct transactions safely and securely.


      Principle 5: Redress

      Consumers should have access to fair, timely, effective and affordable means for resolving problems with any transaction.

        5.1 Vendors should provide adequate resources to handle consumer complaints efficiently and effectively.

        5.2 When internal mechanisms have failed to resolve a dispute, vendors should make use of accessible, available, affordable and impartial third-party processes for resolving disputes with consumers. However, vendors should not require consumers to submit to such processes.

        5.3 Governments, businesses and consumer groups should work together to develop appropriate standards for dispute resolution mechanisms.

        5.4 So that consumers are not disadvantaged, governments should cooperate in the development of clear rules regarding the applicable law and forum, and the mutual enforcement of judgements, in the event of cross-border disputes.


      Principle 6: Liability

      Consumers should be protected from unreasonable liability for payments in transactions.

        6.1 Consumers should not be held liable for amounts billed to them for "unauthorized transactions." Vendors should promptly refund consumer payments for unauthorized transactions or sales transactions in which consumers did not receive what they paid for.

        6.2 Credit card issuers should make reasonable efforts to help consumers resolve complaints with vendors in the event of non-delivery or unauthorized transactions.

        6.3 In inadvertent sales transactions in which consumers acted reasonably, the vendor should allow the consumer a reasonable period of time to cancel the transaction once the consumer has become aware of it.

        6.4 When a consumer disputes a sales transaction in which the vendor failed to provide relevant information, the vendor should refund payment provided that the consumer returns the good or declines the service within a reasonable period of time.


      Principle 7: Unsolicited Commercial E-mail

      Vendors should not transmit commercial E-mail without the consent of consumers, or unless a vendor has an existing relationship with a consumer.


      Principle 8: Consumer Awareness

      Government, business and consumer groups should promote consumer awareness about the safe use of electronic commerce.

        8.1 Consumer education and awareness initiatives should highlight those circumstances in the use of electronic commerce in which consumers are most vulnerable.

        8.2 Consumers should be provided with advice on how to minimize the risks associated with electronic commerce.

        8.3 Consumers should be made aware of their rights and obligations with respect to vendors.

        8.4 Consumers should take reasonable steps to inform themselves about how to conduct transactions safely and securely.

        8.5 Consumers should have access to information identifying disreputable electronic commerce practices.

        8.6 Consumers should have access to information identifying those convicted of illegal electronic commerce practices.

      Glossary


      The following definitions apply in Principles of Consumer Protection for Electronic Commerce: A Canadian Framework.

      Consumer: an individual who engages in electronic commerce for personal, family or household purposes.

      Electronic Commerce: the conduct of commercial activities between vendors and consumers and the solicitation of donations from consumers over open networks, including the Internet. This definition is not intended to cover communications conducted solely over the telephone.1

      Intermediaries: third parties facilitating a transaction, including those responsible for the storage of information.

      Personal Information: information about an identifiable individual that is recorded in any form.2

      Prominently Disclosed (with respect to information): easily visible and quickly accessible to consumers at the appropriate time. This includes accessibility through clearly labelled hot links.

      Sales Transaction: a transaction involving the buying, selling, leasing or licensing of a good or service by electronic commerce.

      Transaction: an electronic commerce transaction

      Unauthorized Transaction: a transaction not authorized by the consumer due to theft, fraud or vendor error.

      Vendor: an organization or an individual marketing, selling, leasing or licensing a good or service or soliciting donations by electronic commerce.


      1. In other contexts electronic commerce has been more broadly defined as any kind of transaction that is made using digital technology, including open networks (the Internet), closed networks such as electronic data interchange (EDI), and debit and credit cards.

      2. This is the definition used in the Model Code for the Protection of Personal Information (CAN/CSA-Q830-96).

      This publication, as well as a guide for merchants and tips for consumers, is also available electronically on the World Wide Web at the following address: http://strategis.ic.gc.ca/oca

      This publication can be made available in alternative formats upon request. Contact the Information Distribution Centre at the numbers listed below.

      For additional copies of this publication, please contact:

      Information Distribution Centre
      Communications Branch
      Industry Canada
      Room 205D, West Tower
      235 Queen Street
      Ottawa ON K1A 0H5

      Tel.: (613) 947-7466
      Fax: (613) 954-6436
      E-mail: publications@ic.gc.ca

      The views expressed in this report are not necessarily those of Industry Canada or of the Government of Canada.

      Printed by Industry Canada.

      With permission of CSA International, material is reproduced from CSA Standard CAN/CSA-Q830-96, Model Code for the Protection of Personal Information, which is copyrighted by CSA International, 178 Rexdale Boulevard, Etobicoke, Ontario, M9W 1R3. While use of this material has been authorized, CSA International shall not be responsible for the manner in which the information is presented, nor for any interpretations thereof.

      Cat. No. C2-417/1999
      ISBN 0-662-64127-2
      52645B