Consumer protection


20 May 2017

The European Commission has fined Facebook €110 million for giving misleading or incorrect information during Commission’s 2014 vetting of its deal to acquire messaging service WhatsApp. It was found that, contrary to Facebook’s statement in the 2014 merger review process, the technical possibility for automatic users identities’ matching between their Facebook and WhatsApp accounts not only existed in 2014 but also Facebook staff was aware of this. In August 2016, WhatsApp published terms of service and privacy policy updates, which included the possibility of linking users’ phone numbers linked to WhatsApp with Facebook identities. Margrethe Vestager, EU Competition Commissioner, said that the EC decision is a clear message to companies to comply with European Union merger rules, which also includes the obligation to provide true and correct information. 

19 May 2017

The Commission Nationale de I’Informatique et des Libertés (CNIL), France’s data protection watchdog, has fined Facebook €150,000 for violating the country’s data protection rules. CNIL published a statement saying Facebook has failed in informing its users about how their personal data is tracked and shared with advertisers. A common statement by the Contact Group of the Data Protection Authorities of the Netherlands, France, Spain, Hamburg, and Belgium has also been issued along with the investigation results from three member countries: France, Belgium, and the Netherlands. At the same time, the Dutch Data Protection Authority (DPA) Autoriteit Persoonsgegevens's statement says that Facebook violates Dutch data protection law and does not provide sufficient information about the use of their personal data. DPA stated they did not fine Facebook, but if the violations continue ‘may decide to issue a sanction’. As a response, Facebook’s spokesperson said in an email statement to Reuters: ‘We take note of the CNIL’s decision with which we respectfully disagree’. 

18 May 2017

The European Parliament has voted in favour of new rules that will enable users to enjoy services they are subscribed to even when they travel to other countries in the EU. As of 2018, users will not have to pay extra to watch series, music, or sports events that are subscribed to in their country, when travelling. Rules on the portability of online content, together with rules to end data roaming, are part of the EU’s Digital Single Market strategy, including the modernisation of copyright rules.


Consumer trust is one of the main preconditions for the success of e-commerce. E-commerce is still relatively new and consumers are not as confident with it as with real-world shopping. Consumer protection is an important legal method for developing trust in e-commerce. E-commerce regulation should protect customers in a number of areas, such as online handling of payment card information; misleading advertising; delivery of defective products.


A new idiosyncrasy of e-commerce is the internationalisation of consumer protection, which is not a vital issue in traditional commerce. In the past, consumers rarely needed international protection. Consumers were buying locally and therefore needed local customer protection. With e-commerce, an increasing number of transactions take place across international borders.

Jurisdiction is a significant issue surrounding consumer protection. It involves two main approaches. The first favours the seller (mainly e-business) and is a country-of-origin/prescribed-by-seller approach. In this scenario, e-commerce companies have the advantage of relying on a predictable and well-known legal environment. The other approach, which favours the customer, is a country-of-destination approach.

The main disadvantage for e-commerce companies is the potential for exposure to a wide variety of legal jurisdictions. One possible solution to this dilemma is a more intensive harmonisation of consumer protection rules, making the question of jurisdiction less relevant. As with other e-commerce issues, the OECD assumed the lead by adopting the 1999 Guidelines for Consumer Protection in the Context of E-commerce and the 2003 Guidelines for Protecting Consumers from Fraudulent and Deceptive Commercial Practices Across Borders. The main principles established by the OECD are still valid and have been adopted by other business associations, including the International Chamber of Commerce and the Council of Better Business Bureaus.

The EU offers a high level of e-commerce consumer protection and promotes awareness campaigns on online shopping issues. The problem of jurisdiction has been solved via the Brussels I Regulation, which stipulates that consumers will always have recourse to local legal protection. The recast Brussels I Regulation, applicable as of January 2015, further harmonises the rules of jurisdiction by extending the situations under which individuals not domiciled in the EU can be sued by consumers in the courts of EU member states.

More than half of EU consumers (53%) made at least one purchase online in the 12 months to September 2012, almost doubling since 2006. Yet just 15% purchased online from vendors outside their own country. This is reflected in the confidence rating: while 53% feel comfortable purchasing from online domestic retailers, only 36% feel comfortable buying online from another EU country.

At global level, no apposite international legal instruments have been established. One of the most apt, the 1980 UN Convention on Contracts for the International Sale of Goods, does not cover consumer contracts and consumer protection.

A number of private associations and non-governmental organisations also focus on consumer e-commerce protection, including Consumers International, the International Consumer Protection and Enforcement Network, and Consumer Reports WebWatch.

The future development of e-commerce will require either the harmonisation of national laws or a new international regime for e-commerce customer protection.




Internet Governance Acronym Glossary (2015)
An Introduction to Internet Governance (2014)


Personal Data Storage in Russia (2015)


Virtual Currencies and Beyond: Initial Considerations (2016)
Report on OTT Services (2016)
2015 In Retrospect (Vol. 4) (2016)
OECD Digital Economy Outlook 2015 (2015)


The GIP Digital Watch observatory is provided by

in partnership with

and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top