Online business poses unique challenges and opportunities for customer service. Online exporters must have an effective customer service program to build and maintain a customer base, and should consider hours of operation, local hires, language differences, etc. Customer service should be integral to website design and overall business strategy.
Disputes between buyers and sellers are inevitable, whether the transaction occurred on or offline. How customer complaints are resolved is important to building trust and confidence with an online exporter's clientele. For most companies involved in online cross-border e-commerce, the most practical way of dealing with disputes is alternative dispute resolution (ADR, also known as ODR or online dispute resolution). ADR mechanisms can be more flexible, creative, timely, and cost efficient than courts in finding solutions that satisfy both parties. There are a number of commercial websites and private service providers that maintain information on international ADR. U.S. Commercial Service officers in your target market can help you identify a country's ADR use. See also, research on the Top Internet Markets FAQ at right. Companies may also choose to participate in a trustmark program (also known as a consumer confidence seal program) that includes ADR services. For example, the Global Trustmark Alliance (GTA) is a new membership organization created to encourage cross border e-commerce by fostering consumer trust, encouraging good online business practices, and discouraging the development of burdensome and disparate governmental regulation.
In the online world, success and reliability are equal partners. Before using the Internet to export, companies should review their online practices and ensure that they are seamless with their offline business practices, that they are worthy of their customers' confidence, and that they conform to the relevant laws of the target market. Companies should pay particular attention to taxation, privacy, security, unsolicited commercial emails (UCE), advertising content and jurisdiction. Of course, companies should always deal in good faith.
An online merchant selling to foreign customers should pay careful attention to the tax implications of those sales. In general, once a company crosses a certain threshold of activity in a foreign country, the company becomes subject to income tax in that foreign country. Additional information regarding taxes is available at E-Payments and Taxes on the right.
U.S. organizations that collect personally identifiable information online should display their privacy policies prominently, and offer data subjects (i.e. customers, employees, other business contacts) choices about how their personal information is used. Customers, for example, should have the opportunity to refuse having their personal information shared with others or used for promotional purposes.
Many countries have privacy laws, and organizations should take care to comply or face prosecution. For example, the European Union prohibits the transfer of personal data to non-European Union nations that do not meet the European "adequacy" standard for privacy protection. The U.S. Department of Commerce, in consultation with the European Commission and the private sector, developed a "safe harbor" framework that provides U.S. organizations with a streamlined means to comply with the European Union requirements. Companies may self-certify to the safe harbor and find additional information regarding the safe harbor framework through the Safe Harbor Website.
All websites that accept credit cards or debit cards for online payment must meet the PCI Data Security Standards (DSS). The PCI DSS are a set of requirements to provide cardholder account data security. They include requirements related to security management policies and procedures, network architecture, and software design. The PCI Security Council manages the PCI Standards and updates them as necessary. Information on how to meet these standards is available at https://www.pcisecuritystandards.org/. A guide on meeting these standards is also available at http://www.pcicomplianceguide.org/.
In legal terms, an online sale is an enforceable contract, a valid and binding agreement. However, in some overseas markets, a contract is only enforceable if it is signed "in writing." Such jurisdictions do not recognize electronic signatures and, in the event of a dispute, would not enforce an agreement made via email or through a website. While many countries have modified their laws to recognize electronic signatures, online exporters should check to be sure their target market accepts electronic signatures and, if so, if those countries impose restrictions on which signatures/technology are legally valid. More information on electronic signatures can be found at the Department of Commerce Office of Information Technology and Electronic website, or via the U.S. Commercial Service Officer in your target market.
UCE, also known as Unsolicited Bulk E-mail (UBE) or spam, is controversial. Many domestic and international jurisdictions have laws about UCE. Violations may result in penalties. In addition, many email service providers, such as AOL and Yahoo!, have rules of conduct that forbid use of their service for sending UCE. More guidance on UCE can be found at the Direct Marketing Association website, http://www.the-dma.org/.
Most countries have laws about advertising content, which may be applied to websites, banner ads, and marketing e-mails sent from the U.S. The U.S. Federal Trade Commission (FTC) has information for online advertisers available on its website. See
Although the Commission's publications focus on domestic law, they contain important information about "best practices" in the online environment. The International Chamber of Commerce also has Guidelines on Marketing and Advertising using Electronic Media.
Some countries have regulations governing how information about consumer behavior online can be gathered, how long it can be kept, and how it can be used for targeted advertising. The United States has taken a self-regulatory approach to targeted advertising. In February of 2009, the U.S. Federal Trade Commission (FTC) published revised guidelines for Self-Regulatory Principles for Online Behavioral Advertising: Tracking, Targeting, and Technology. In response to the new FTC guidelines, a group of industry associations published Self-Regulatory Principles for Online Behavioral Advertising. The Network Advertising Initiative also published an updated Self-Regulatory Code of Conduct for its members in 2008.
In the European Union, targeted advertising is subject to the rules stipulated in the Directive on Data Protection. These rules state that personal information concerning an identifiable individual can only be processed with the individual’s consent or to fulfill a binding contract with the data subject. As noted in the privacy section above, the Directive also prohibits the transfer of personal data to non-European Union nations that do not meet the European "adequacy" standard for privacy protection. Information concerning how U.S. companies can receive personal data from the EU by participating in the Safe Harbor program is provided in the privacy section above and discussed on the Safe Harbor website.
Online exporters must be aware that they are doing business in a foreign jurisdiction, which means the laws and regulations of the target market apply to the goods and services being sold.
Dealing in good faith is perhaps more important for online businesses than for brick-and-mortar businesses, because customers rely heavily on reputation. Moreover, it is illegal in most countries to behave otherwise!