When I first started out in e-commerce, like most people running a site, I was focused on products, marketing, and building the perfect customer journey. Legal compliance seemed like something I could handle “when I got to it.” But after years in the industry—and seeing companies stumble over avoidable issues—I’ve learned that being proactive about legal requirements is non-negotiable. Overlooking even one area can mean costly fines, lawsuits, or lasting damage to your reputation.
Here are a few critical legal areas I urge every e-commerce owner to review. If you haven’t checked these off your list yet, as one of my favourite bands once said “What better place than here? What better time than now?”.
Did You Think About CCPA?
If you serve customers in California, the California Consumer Privacy Act (CCPA) likely affects you—even if your business isn’t based there. CCPA gives California residents rights over their personal data, including knowing what’s collected, requesting deletion, and opting out of data sales.
It’s surprisingly easy for even small brands to attract California shoppers. If your privacy notices aren’t clear or you lack a process for data requests, you could be at risk.
What could happen? Fines can reach up to $2,500 per violation ($7,500 if intentional). More importantly, failing to protect customer privacy can destroy trust—and trust is everything online.
ASA/Accessibility: Are You Excluding Customers (and Putting Yourself at Risk)?
Accessibility is about ensuring everyone can use your website, regardless of ability. In the US, the Americans with Disabilities Act (ADA) and, in the UK, the Advertising Standards Authority (ASA) set standards for accessibility.
Here’s something many don’t realize: legal “trolls” in the US actively look for non-compliant sites. Sometimes, they file lawsuits without even having a real client, simply to pressure businesses into settlements. These cases can typically cost $15,000–$25,000 to settle—just under the cost of going to court.
In Canada, the Accessible Canada Act and similar provincial laws (like the AODA in Ontario) require digital accessibility. Fines can reach up to $250,000 per day for federal non-compliance, and up to $100,000 per day under Ontario’s AODA. The cost of retrofitting a site under a tight deadline can be just as significant.
But true accessibility goes beyond compliance. It means using proper colour contrast, structuring your content clearly, adding alt text to images, enabling keyboard navigation, providing captions for video, having hyperlinks that are big enough to use, and more. It’s about the flow of content, not just the look.
Here’s why I always recommend planning for accessibility from the start:
- It’s great for SEO: Search engine crawlers navigate your site in ways similar to screen readers, so accessible sites tend to rank better.
- It’s great for UX: Clean, accessible sites are easier to use—for everyone—which means happier customers and higher conversions.
- It’s much easier to plan for accessibility from the get-go rather than trying to retrofit it later.
Want a real-world example? In 2022, the Canadian Transportation Agency fined Air Canada $100,000 for failing to make its digital platforms accessible (read more).
GDPR: Are You Ready for European Visitors?
The General Data Protection Regulation (GDPR) impacts any site that gets visitors from the EU. It requires clear consent for data collection, easy data deletion, and strong security.
I found GDPR intimidating at first, but it boils down to transparency and customer control. Start with a clear privacy policy, review all your forms, and have a process for data requests.
What could happen? Fines can reach up to €20 million or 4% of global annual revenue, whichever is higher. Even small businesses have been fined for seemingly minor lapses. And once again—trust is on the line.
Bill 96: Serving Customers in Quebec?
If you sell to customers in Quebec, Bill 96 strengthens requirements for French language usage. Your website, contracts, customer support, and even product packaging may need to be in French.
Many businesses get caught off guard, thinking English is enough for Canadian customers. It’s not—respecting local language law is a must.
What could happen? Fines, lost business, and the high cost of scrambling to comply after the fact.
Pricing Compliance in Canada: Are You Playing by the Rules?
This is one area I’ve seen trip up even established brands. The Competition Bureau of Canada is the federal watchdog enforcing pricing rules—and they are serious about compliance.
Key areas to watch:
- Promotions and Sales: You can’t advertise a “regular price” unless the product has been sold at that price for a substantial period. Sales and discounts come with strict timing and disclosure requirements.
- Drip Pricing: It’s illegal to advertise a low price and then tack on mandatory fees at checkout. All costs must be upfront.
- Bait and Switch: Advertising a product at a low price without reasonable stock or intent to sell at that price is strictly prohibited.
- Contest Rules: Every contest must have clear, written rules, and you must follow strict guidelines for how winners are chosen and prizes awarded. The Competition Bureau takes misleading contests very seriously.
What could happen? The Competition Bureau can levy substantial fines—and repeat or intentional violations can even carry jail time. One of my previous employers was caught out on pricing compliance, resulting in millions in fines and even more lost in time and process changes. (Read about the $6 million fine for Ticketmaster’s drip pricing here.)
Final Thoughts
I don’t share these stories to scare you, but to help you avoid the headaches I’ve seen too often. Legal requirements shift constantly, and it’s easy to get caught up in growth and overlook compliance.
My advice? Take a little time to review these areas. Consult a legal expert if you’re unsure. A small investment in compliance now can save you massive headaches later—and shows your customers you take their rights and needs seriously.
If you’re not sure where to start, or want to share your own experiences, I’m always happy to discuss what’s worked and what to watch for. In e-commerce, we’re all learning as we go.
