skip to main content

Is your company website breaking the law?

If your company webpage does not comply with the new online and website legislations then it could spell trouble for your business. As we’ve discussed previously, websites are extremely beneficial for companies, small medium or large. But many people do not know the rules that apply to having a website: A Brunel University survey found that 48% of company webpages are in breach of EU data protection laws and are carelessly sharing confidential customer information.

One of the newer legislations companies must adhere to is the 2012 EU Cookie Law, which applies to how you use cookies and similar technologies for storing information on a user’s equipment, e.g. a computer or mobile device. The law requires websites to obtain consent from visitors to store or retrieve any information on a computer or any other web connected device. It was designed to allow internet users to choose whether they wish to share their personal information with websites, making consumers aware of how information is collected about them.

If you own a website, you must make sure it complies with this law by: working out what cookies your site sets and what they are used for; telling your customers that you use cookies; obtaining your customer’s consent for using cookies.

The maximum fine for not adhering to the legislations is £500,000.

Another recent legislation is the requirement of even the smallest firms to meet the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. Websites must: build and maintain a secure network, protect cardholder data, maintain a vulnerability management programme, implement strong access control methods, regularly monitor and test networks and maintain an information security policy.

Nationwide were fined £1million last year for failing to adhere to the legislation.

If you are worried that your site might not be adhering to the rules, you should visit the ICO website which is a comprehensive guide to website legislation.