Published on June 27, 2014
ELECTRONIC COMMERCE REGULATION – AFRICA PURSUING GLOBAL OPPORTUNITIES PRIA CHETTY TECHNOLOGY & INNOVATION LAW AND POLICY ADVISOR/ ENDCODE.ORG
Overview of Presentation Electronic Commerce – The Opportunity and Trends Background to global electronic commerce regulation – key models and frameworks. Countries looking to benefit from electronic commerce need to assess the policy and legal environment related to the ease of global, collaborative and integrated approaches. Group Activity and Discussion: How suitable are our policy and legal frameworks in connection with developments and trends at the technology layer - as a lens for for regulatory responsiveness to electronic commerce?
Exploring Electronic Commerce – The Opportunity, The Trends
Do you shop online? What are your concerns when shopping online? Group Activity and Discussion: Trust and Confidence in E-Commerce
Exploring Electronic Commerce Regulation – The EndGame
ICT Policy and Regulation With the right policies and objectives in place, Information and Communications Technologies (ICTs) can have far- reaching and positive effects on development. ICTs are not a magic bullet, nor an alternative to other development investments, but if applied in the right way they are potentially a crucial enabling factor for development.
E-Commerce Regulation Convergence of technologies is the major driving factor that contributes to the exponential growth of electronic commerce. Convergence goes beyond the use of technology to develop new products and services and is seen as a vehicle to improve the quality of life of society in South Africa and other developing countries. Convergence will open new opportunities for all as everyone gains equal access to information and the global markets. Small business will be able to compete on an equal footing with big business. What is needed is an environment that is conducive to conducting business and sharing information with confidence. Government will provide support by setting policy and regulatory frameworks that are appropriate to the information communications technology sector while taking cognisance of the pervasive nature of e-commerce and the challenges pertaining to legal and security matters.
The Issue List Concepts such as “writing,” “document” or “signature” not easily applied in digital world Legacy laws - requirement in law for certain transactions to be conducted in paper/ in person Requirements in law for record retention in paper Statutory requirements may prohibit online transacting Requirement in law for admissibility of evidence Conflicts in policies, laws, standards and trade practices in different jurisdictions
The Issue List Protection of personal data exchanged Online consumer protection Internet transaction taxation Criminalisation of new cyber-crimes Government’s powers and capacity to investigate and prosecute crimes on the internet Alignment of intellectual property laws to the digital world Administration of domain names Regulation of ISPs
Key Concepts in Electronic Commerce Regulation Technology neutrality Functional equivalence Non-discrimination Two-tier approach, Minimalist approach Harmonisation Multi-disciplinary approach Identity Management and Authentication Promoting trust and confidence
Encoding Electronic Commerce – Key Models and Regulatory Approaches
Electronic Commerce Regulation UNCITRAL AU SADC ECOWAS National Others: OECD, ITU, WIPO Globally, there are multiple initiatives, efforts, models at international, national and regional levels. Particularly to: Promote harmonised, global, coherent and co-ordinated approaches; Address legal barriers to electronic commerce; and Promote trust and confidence in electronic transacting methods
UNCITRAL (1996) MLEC – Model Law on Electronic Commerce Promote greater consistency in national and regional approaches. Create a more secure legal environment for electronic commerce for providing a model reference for legislators Implemented by several countries In Africa – implemented by South Africa, Cape Verde, Mauritius
UNCITRAL Model Law Provides for the legal approach to non-discrimination, technological neutrality and functional equivalence, Fundamentally provides for rules for the formation and validity of contracts concluded by electronic means, for the attribution of data messages, for the acknowledgement of receipt and for determining the time and place of dispatch and receipt of data messages. Guide to Enactment, provides background and explanatory text for countries seeking to implement the Model Law CLOUT (Case Law on UNCITRAL Texts) - cases relevant to UNCITRAL Model Law
Africa Initiatives by, for instance: AU (African Union) SADC (the Southern African Development Community) ECOWAS (Economic Community of West African States), EAC (East African Co-operation)
AU According to the Website: The Draft Convention gives effect to a Resolution of the last session of the Assembly of Heads of State and Government of the African Union, and seeks to harmonize African cyber legislations on electronic commerce organization, personal data protection, cyber security promotion and cyber crime control. In pursuance of the principles of the African Information Society Initiative (AISI) and the African Regional Action Plan for the Knowledge Economy (ARAPKE), the Draft Convention is intended not only to define the objectives and broad orientations for the Information Society in Africa, but also to strengthen existing legislations in Member States and the Regional Economic Communities (RECs) on the Information and Communication Technologies. It defines the security rules essential to establishing a credible digital space in response to the major security related obstacles to the development of digital transactions in Africa. It lays the foundation for an African Union-wide cyber ethics and enunciates fundamental principles in the key areas of cyber security. It also defines the basis for electronic commerce, puts in place a mechanism for combating intrusions into private life likely to be generated by the gathering, processing, transmission, storage and use of personal data and sets broad guidelines for incrimination and repression of cyber crime. Its adoption would capitalize African and international experiences in cyber legislations and speed up relevant reforms in African States and the RECs.
AU Draft Convention The objective of this Convention is to propose the adoption at the level of the African Union, a Convention establishing a credible framework for cybersecurity in Africa through organisation of electronic transactions, protection of personal data , promotion of cyber security , e-governance and combating cybercrime
AU Draft Convention - Complexities Information security impacts on the security of the digital and cultural heritage of individuals, organizations and nations; The vulnerability in the normal functioning of institutions can compromise the survival and sovereignty of States; Addressing cyber security calls for clear-sighted political will to define and implement a strategy for development of digital infrastructure and services (eservices) and articulate a coherent, effective and controllable multi-disciplinary cyber security strategy.
AU Draft Convention - Challenges Achieve a level of technological security adequate enough to prevent and effectively control technological and informational risks; Build an information society that respects values, protects rights and freedoms, and guarantees the security of the property of persons, organizations and nations; Contribute to the knowledge economy, guarantee equal access to information while stimulating the creation of authentic knowledge; Create a climate of confidence and trust, that is: Predictable in terms of prevention and resolution of disputes; and evolving because it takes into account continued technological evolution; Organized: covering the relevant sectors; Protective: of consumers and intellectual property (civil and penal) of citizens, organizations and nations; Secured: striking proper balance between legal and technological security; Integrated into the international order: providing meaningful articulation between the national, regional and global levels.
AU Convention - Content
AU Convention - Criticism
SADC Declaration on Information and Communications Technology (ICT) , 2001 s 2(d): ‘WE SHALL UNDERTAKE to work together to remove barriers of electronic commerce in our SADC countries as a means to opening opportunities and benefits such as increased access to markets, opportunities to create economic value and cultural assets, reduced administrative costs, and improvement of public services. There is a need to adopt and adapt technologies that enable e- commerce capability to avoid increasing exclusion from the global economy.’ SADC developed a ‘Model Law on Electronic Transactions and Data Protection’ in November 2003.
SADC (e-Commerce Readiness Study, 2012) Validation Workshop for the e-Commerce Readiness Study in the SADC Sub-Region Part of the e-SADC Strategic Framework o develop a holistic approach to harnessing ICT for socio-economic development and regional integration One objective - deployment of eservices, particularly e-commerce to benefit from global opportunities and develop a regional ecommerce strategic action plan. Angola, Botswana, DRC, Lesotho, Mauritius, and South Africa were earmarked for the readiness study
SADC (e-Commerce Readiness Study, 2012) SADC e-Commerce Strategy encompasses the following four main pillars: Enabled e-Commerce Environment; A Capacity Development Programme for e-Commerce Strengthening e-Commerce Sub-Regional and National Infrastructure; and Institutionalized Framework to Implement, Evolve and Govern the Current Strategy Mauritius: · ICTA Public Key Infrastructure (PKI); · Concept of e-Payment; · Computer Emergency Response Team - Mauritius (CERT-MU); and · e-Commerce Strategy for Mauritius Post Ltd.
SADC Model Law on E-Transactions and E- Commerce, 2012
SADC Model Law, “This Model Law addresses the scope of application of key concepts and proposes neutral definitions for them. The legal recognition of electronic communications and the legal effect of electronic communications are addressed. Clear rules for electronic transactions are adopted. E-commerce issues such as the attribution of electronic communications and electronic signatures, and the admissibility and evidentiary weight of electronic evidence are addressed. The obligations of online suppliers are addressed. These include the type of information made available to consumers on the information system where such goods or services are offered, and a consumer’s right to a cooling-off period, review of a transaction, withdrawal from a transaction, and the performance, correction or cancellation of a transaction for goods and services are addressed. Lastly, service providers’ liability is addressed.”
Other SADC Model Laws, 2012 SADC Model Law on Data Protection, 2012 SADC Model Law on Cybercrime, 2012 Technical Assistance was offered by HIPSSA (ITU project) for the drafting of the Model Laws The Model Laws were adopted at a SADC Ministerial meeting in 2012
ECOWAS Directive on Fighting Cybercrime, 2009 Incorporation of legal framework for Member States Emphasis on cybercrime, data protection, search and seizure
EAC Regional e-Government Programme adopted by the EAC Council of Ministers (2006) Enabling legal framework as a critical factor: e-transactions, cybersecurity Harmonized regional and national legal frameworks Creation of an EAC Task Force (2008) Background: East African Community Secretariat, ‘Report of the 2nd EAC Regional Taskforce Meting on Cyber Laws’ (2008) http://r0.unctad.org/ecommerce/event_docs/kampala_eac_2008_report.pdf The EAC legal framework for Cyber Laws (Phase I) covering electronic transactions; electronic signatures and authentication, cyber crime, and data protection and privacy have been adopted by the Council of Ministers (2012)
EAC “The East African Development Strategy (2011/12 – 2015/16) proposes the key drivers for the realization of the EAC regional integration agenda in the next five years to include, among others, creation of a strong legal framework (…) The development of cyber laws in the region is critical to underpin the realisation of full potentials in regional e- commerce, electronic financial transactions and business processes outsourcing.” Hon. Musa Sirma, Chairperson of the Council of Ministers of the East African Community and Minister for East African Community, Republic of Kenya, at the occasion of the presentation of the budget of the EAC for the financial year 2012/2013 to the legislative assembly
Encode Electronic Commerce – Legislative Models and Approaches
Legislation Enabling Electronic Transacting The legal recognition of data messages – technology neutrality The requirement of “writing” to be met by data messages ‰The requirement of “original” documents and functional equivalence The admissibility and evidential weight of data messages ‰The retention of data messages ‰The formation and validity of electronic contracts ‰Recognition by parties of data messages ‰The attribution of data messages Liability of internet service providers ‰Acknowledgement of receipt ‰Time and place of receipt and dispatch of data messages
Legislation Enabling Protection of Personal Data Definition of Personal Information Definition of Controller Minimum Security Safeguards Regulator Sharing of Personal Information with Third Parties Cross-border transfer of Personal Information
Legislation enabling Electronic Signatures Electronic authentication technologies allow the recipient of the electronic communication to: ‰Verify the identity of the sender ‰Verify the fact that the content of the message has not changed since transmission; and Ensure that the sender cannot later repudiate the message. Prescribed (security) standards Accreditation Authorities Functional equivalence Methods to procure integrity of communications, identity of sender
Legislation Governing Electronic Interception and Surveillance Definition of interception Powers of interception – Who? When? Why? How? Restrictions on interception Enabling interception capabilities Interception records Unlawful interception Rights of employers
Legislation Governing Cybercrime Definition of cybercrimes e.g. unauthorised access, e-fraud, Offences Penalties Powers of search and seizure
Intellectual Property Legislation Domain Name Administration Review of trade mark legislation Application of copyright in digital world Copying, distribution, remix Intellectual property in software
Electronic Commerce Regulation Electronic Communications Act Electronic Communications and Transactions Act (ECT Act) Protection of Personal Information Act Regulation of Interception and Interception Related Communications Act Constitution of South Africa Consumer Protection Act
ECT Act, 2002
Case Law SB Jafta v. Ezemvelo KZN Wildlife – email acceptance of employment contract S v Motata – admissibility of cellphone data
(Some) Lessons from Namibia ICT Policy Proposal Ensure that there is adequate and appropriate participation in global dialogues. Many global initiatives have been undertaken, most led by the developed countries with minimal input from developing countries. Ensure that representatives are fully conversant with the complexities of global information society issues. Conduct feasibility studies to ensure that all such mechanisms are sustainable in terms of financial, technical and human resources and that, if such vehicles are government-driven, that there is the political will to sustain them. The implementation of universal access mechanisms must be accelerated to participate fully in the Global Information Society.
How suitable are our policy and legal frameworks in connection with developments and trends at the technology layer - as a lens for regulatory responsiveness to electronic commerce? Group Activity and Discussion: Mind the Gap (45 minutes)
Other Considerations The drive to harmonise Multiple regional policy efforts – conflict, impose compliance obligations, outdated E-commerce in the context of international private laws e.g. international contracting Developing country case studies – unique opportunities and constraints African case studies - unique opportunities and constraints Mauritian data protection regulator, e-signature accreditation Rwandan ICT strategies Regulatory impact assessments
Pria Chetty Technology and Innovation Law and Policy Advisor endcode.org Thanx, Questions?
View Pria Chetty’s professional profile on LinkedIn. LinkedIn is the world's largest business network, helping professionals like Pria Chetty discover ...
PwC: Pria Chetty. By Monique Verduyn ... Lawyer Pria Chetty completed her degree in 2000, ... “My goal was to integrate law with policy and regulation in ...
AN ANALYSIS OF ELECTRONIC SIGNATURE REGULATION IN SOUTH AFRICA Pria Chetty March 2013 A research report submitted to the Faculty of Management, University ...
Chetty Law represents a ... Consumer Protection Act Regulations Published E ... Pranesh Prakash Pria Chetty Privacy prohibited contract promotional ...
Chetty Law is the response to the call ... consumer protection regulations contract Contracts cross ... Pranesh Prakash Pria Chetty Privacy prohibited ...
Pria Chetty has over 10 years experience a s a ... Postgraduate studies in E-Commerce and Internet Law ... Meet the highly qualified team at EndCode.
View priya chetty’s professional profile on LinkedIn. ... Contact priya directly; ... The Act Unfair practice regulations, Lease Agreement, ...
A technology law and policy resource and knowledge base in Africa.