This article was published as part of the Logan & Partners and qLegal series, which showcased practical and helpful insights on a variety of legal topics. qLegal is a pro bono law clinic at Queen Mary University of London that works with entrepreneurs and start-up businesses.
The Omnibus Directive: Consumer Reviews
The European Union (EU) has committed to improving consumer protection in the single market thanks to its “New Deal for Consumers” strategy. As part of that plan, the Omnibus Directive (2019/2161/EU) came into force on 7 January 2020. The Omnibus Directive amends existing EU consumer law to strengthen consumer protection and to expand its scope to cover digital goods, content and services.
Among the key changes brought by the Omnibus Directive was the introduction of stricter rules on consumer reviews. Consumers’ reviews can be found on e-commerce platforms, booking agents’ websites, social media, reviews platforms and many other websites.
Fake or misleading reviews
In particular, the Omnibus Directive prohibits the publication of fake reviews and endorsements (such as ‘likes’ on social media) of products offered to EU consumers. Traders (i.e. professional or business sellers) are not allowed to submit or commission someone to submit fake reviews and endorsements, or misrepresent these consumer reviews or endorsements.
Simply put, a fake review is a review published online (positive, neutral or negative) that does not reflect actual events or was not written by a person who has bought or used the relevant product or service. Commissioning a person to provide a false review is paying an actual customer to write a positive review. Misrepresentation includes practices such as making available positive reviews only and deleting negative reviews. For example, a trader that posts ‘likes’ for its products claiming ‘guaranteed real customer reviews’, but favours positive customer reviews over neutral or negative reviews.
Online platforms giving access to consumers reviews should therefore take reasonable and proportionate steps to ensure that these reviews are genuine and reflect the experience of real consumers. The ‘reasonable and proportionate steps’ are to be assessed by taking into account the specific business model of the platform, the scale of their activity and the level of risk. For example, large platforms with a high risk of fraudulent activity will need to deploy more significant means than smaller traders.
For example, these steps could include requesting information to verify that that the consumer has actually used or purchased the product, or requiring reviewers to register on a specific platform. However, traders should avoid taking measures which would make it excessively difficult for consumers to post reviews thus discouraging real consumers from submitting reviews.
Information about general processing of reviews
The Omnibus Directive states that traders giving access to such reviews should clearly state how the reviews are obtained and checked, and how they ensure that these come from consumers who have used or purchased the product. Traders must provide information not only about measures used to check a review’s source but also about the general processing of reviews, meaning whether all reviews are published, how they are obtained as well as how the average review score is calculated.
The required information must be clear and made available when providing access to consumer reviews, i.e. on the same interface where the reviews are published, including via hyperlinks.
What steps should businesses be taking?
The Omnibus Directive had to be transposed by 28 November 2021 and each Member state has until 28 May 2022 to bring it into force. Impacted businesses should review and update their processes for publishing and verifying consumer reviews, and ensure that consumers are informed about those. Fake reviews and endorsements must not be permitted.
Brexit and the UK
Following Brexit, the UK does not have any obligation to transpose the Omnibus Directive. However, UK traders selling to EU consumers will be required to follow the rules.
Stiff new GDPR like penalties have been introduced by the Omnibus Directive, and for serious breaches businesses could be fined up to 4% of their annual turnover in the relevant EU Member State(s) or €2m if a calculation is not possible.