Laws relating to the sale of cannabinoids are generally made at state level, rather than by the European authorities.
This page currently only applies to online retailers of cannabinoids serving customers located in the United Kingdom.
UK
There is currently no legal age-restriction on the sale of cannabinoids.
However, as this nascent market emerges, there are discussions amongst those representing the sector about the potential benefits of imposing age restrictions voluntarily.
To enforce such policies, age verification is going to be required. (It should be noted that even insisting on a credit card being used does not guarantee that the customer making the purchase is over 18.)
Age Appropriate Design Code (in force today, but grace period in operation in the UK until 2 September 2021)
This requires sites to consider if they could risk the moral, physical or mental well-being of children under 18. And if so, to put in proportional measures to safeguard children and young people.
There is potentially a physical – and potentially mental – risk arising from providing cannabinoids to children – if only because they may ingest them at dosage levels that exceed safe recommendations. So in effect, the code may create an age-restriction for online sales by limiting access to the websites of the retailers.
Our opinion is that online cannabinoids retailers require age verification to be in place to keep children from acquiring cannabinoids. The rigor required is a matter for the judgement of the sites concerned – giving consideration to the nature of the content on the site, the number of users under 18 found to be using it, etc. But given the reputational risk if a child is harmed by cannabinoids acquired from your online store, we recommend at least a standard level of assurance. See our page on levels of assurance for an explanation of the methods of age verification that achieve this degree of confidence in an age check.
GDPR (in force today)
If your customers open accounts on your website, you should be sure that your users are at least old enough to give consent for their personal data to be processed, if you rely on consent under Article 8 of GDPR, as a basis for processing some or all personal data you obtain from your users. (Remember, personal data even includes just an IP address.) In the UK, this “age of digital consent” is 13 but it varies between EU member states so if you have users in the EU, you will need to also determine their location and apply the relevant age as part of this check.
Online Safety Bill (only draft legislation, not yet passed by Parliament)
Online retailers do not generally allow users to interact and share content such as photographs, so they are not likely to be in scope for the Online Safety legislation. But if you do allow for online communities to discuss their conditions etc., then the site may fall within scope.
Online cannabinoids retailers’ sites may be “likely to be used by Children” so if they are in scope because they offer user-to-user services then further duties applicable. (But remember, children are defined as under 18-years-old.) It is recommended that sites monitor the age of their customers to check they have not become a site where:
- there are a significant number of children who are users of the service or of that part of it, or
- the service, or that part of it, is of a kind likely to attract a significant number of users who are children – where a “significant” number includes a reference to a number which is significant in proportion to the total number of UK users of a service or (as the case may be) a part of a service. (This test is based on evidence about who actually uses a service, rather than who the intended users of the service are.)
Please read our briefing on the Online Safety Bill for further explanation of these new duties.
CBD products currently have no statutory age limit. There are however other controls in place that effectively supercede any age limit controls re supply.
Cannabidiol (CBD) / Tetrahydrocannabinol (THC) products
It’s a bit complicated but in essence, anything with any THC will be a controlled substance, and subject to Police enforcement under Misuse of Drugs laws. So they may claim, through words, images, graphics etc. that they will get you “high” but all products sold within the UK must contain no detectable amount of THC in order to remain in line with UK laws. This applies to both vape oil and foods (cookies/gummy bears etc).
Cannabidiol (CBD) / Tetrahydrocannabinol (THC) vape products
Various vape products have been found on sale that claim to contain CBD, THC or have images related to marijuana implying some link. These are often a concern. They are frequently packaged in a way in nicotine containing refill containers that are likely to create the impression that the product has a health benefit, which is prohibited. The use of “vitamins or other additives that create the impression that a tobacco product has a health benefit” is against the law. THC is the principal psychoactive constituent of cannabis. THC vape juice is illegal in the UK.
Currently CBD oil is legal to sell in the UK, and this includes the sale of CBD vape juice. However, UK law dictates that any CBD oil sold must contain no nicotine. It must also contain no detectable THC.
See https://www.businesscompanion.info/en/quick-guides/food-and-drink/novel-foods-including-cbd-and-hemp
Cannabidiol (CBD) / Tetrahydrocannabinol (THC) food products
Must be registered and approved as novel food. see – https://www.food.gov.uk/business-guidance/cannabidiol-cbd
Searchable list of approved and likley to be approved products here https://www.food.gov.uk/business-guidance/cbd-products-linked-to-novel-food-applications
CBD and other cannabiniod ‘Products’ – For a CBD and other cannabiniod products to be lawfully available for human consumption it needs to either meet the Exempted Product Criteria in Regulation 2 of the MDR 2001 or the definition of a CBPM in Schedule 2 to the MDR 2001 for its possession to be lawful. Where a product is neither a CBPM nor an ‘Exempted Product’, licences would not ordinarily be issued to enable the use of a ‘Schedule 1’ controlled drug product outside of bona-fide research or a recognised UK clinical trial.
https://www.gov.uk/government/publications/cannabis-cbd-and-other-cannabinoids-drug-licensing-factsheet/drug-licensing-factsheet-cannabis-cbd-and-other-cannabinoids