ELECTRONIC COMMERCE REGULATION – AFRICA PURSUING GLOBAL OPPORTUNITIES PRIA CHETTY TECHNOLOGY & INNOVATION LAW AND POLICY ADVISOR/ ENDCODE.ORG
Jun 27, 2015
ELECTRONIC COMMERCE REGULATION – AFRICA PURSUING GLOBAL OPPORTUNITIES
PRIA CHETTY
TECHNOLOGY & INNOVATION LAW AND POLICY ADVISOR/ ENDCODE.ORG
Overview of Presentation Electronic Commerce – The Opportunity and Trends Background to global electronic commerce regulation –
key models and frameworks. Countries looking to benefit from electronic commerce
need to assess the policy and legal environment related to the ease of global, collaborative and integrated approaches.
Group Activity and Discussion: How suitable are our policy and legal frameworks in connection with developments and trends at the technology layer - as a lens for for regulatory responsiveness to electronic commerce?
Exploring Electronic Commerce – The Opportunity, The Trends
Source/ Read More: https://digiteen.wikispaces.com/Digital+Commerce
Electronic/ digital commerce
“is defined as the electronic selling and buying of goods however it goes further than that, nowadays technology is having a tremendous influence in our lives; currently we are having to deal with the fact that a large share of market economy is being done electronically.”
Source/ Read More: http://www.the-future-of-commerce.com/2014/03/10/infographic-china-ecommerce-market/
Access to global marketplace
Internet Penetration, Devices of choice
Consumer profile data, age, interests, geography
Preference for online
Security and payment concerns – cash on delivery?
Favoured by search engines
Rankings and ratings by users
Source/ Read More: http://blog.amasty.com/e-commerce-trends-for-2014/
Evolution of e-commerce
Intelligent e-commerce enabled by web2.0
Growth in m-commerce
Know your customer
Innovative response by postal services
Source/ Read More: http://blog.amasty.com/the-complete-guide-to-ecommerce-gamification/
Do you shop online?What are your concerns when shopping
online?
Group Activity and Discussion: Trust and Confidence in E-Commerce
Exploring Electronic Commerce Regulation – The EndGame
ICT Policy and Regulation
With the right policies and objectives in place, Information and Communications Technologies (ICTs) can have far-reaching and positive effects on development. ICTs are not a magic bullet, nor an alternative to other development investments, but if applied in the right way they are potentially a crucial enabling factor for development.
Source/ Read More: Unpublished Draft Report of the G8 DOT Force, April 2001
E-Commerce RegulationConvergence of technologies is the major driving factor that contributes to
the exponential growth of electronic commerce. Convergence goes beyond the use of technology to develop new products and services and is seen as a vehicle to improve the quality of life of society in South Africa and other
developing countries. Convergence will open new opportunities for all as
everyone gains equal access to information and the global markets. Small business will be able to compete on an equal footing with big business. What is needed is an environment that is conducive to conducting business and sharing information with confidence. Government will provide support by setting policy and regulatory frameworks that are appropriate to the information communications technology sector while taking cognisance of the pervasive nature of e-commerce and the challenges pertaining to legal and security matters.
Source/ Read More: A Green Paper On Electronic Commerce For South Africa, November 2002
The Issue List Concepts such as “writing,” “document” or “signature”
not easily applied in digital world Legacy laws - requirement in law for certain transactions
to be conducted in paper/ in person Requirements in law for record retention in paper Statutory requirements may prohibit online transacting Requirement in law for admissibility of evidence Conflicts in policies, laws, standards and trade practices
in different jurisdictions
The Issue List
Protection of personal data exchanged Online consumer protection Internet transaction taxation Criminalisation of new cyber-crimes Government’s powers and capacity to investigate and
prosecute crimes on the internet Alignment of intellectual property laws to the digital world Administration of domain names Regulation of ISPs
Key Concepts in Electronic Commerce Regulation
Technology neutrality Functional equivalence Non-discrimination Two-tier approach, Minimalist approach Harmonisation Multi-disciplinary approach Identity Management and Authentication
Promoting trust and confidence
Encoding Electronic Commerce – Key Models and Regulatory Approaches
Electronic Commerce Regulation
UNCITRAL AU SADC ECOWAS National Others: OECD, ITU, WIPO
Globally, there are multiple initiatives, efforts, models at international, national and regional levels. Particularly to:
Promote harmonised, global, coherent and co-ordinated approaches;Address legal barriers to electronic commerce; andPromote trust and confidence in electronic transacting methods
UNCITRAL (1996)
MLEC – Model Law on Electronic Commerce Promote greater consistency in national and
regional approaches. Create a more secure legal environment for
electronic commerce for providing a model reference for legislators
Implemented by several countries In Africa – implemented by South Africa, Cape
Verde, Mauritius
UNCITRAL Model Law Provides for the legal approach to non-discrimination,
technological neutrality and functional equivalence, Fundamentally provides for rules for the formation
and validity of contracts concluded by electronic means, for the attribution of data messages, for the acknowledgement of receipt and for determining the time and place of dispatch and receipt of data messages.
Guide to Enactment, provides background and explanatory text for countries seeking to implement the Model Law
CLOUT (Case Law on UNCITRAL Texts) - cases relevant to UNCITRAL Model Law
Africa Initiatives by, for instance: AU (African Union) SADC (the Southern African Development
Community) ECOWAS (Economic Community of West African States), EAC (East African Co-operation)
AUAccording to the Website:
The Draft Convention gives effect to a Resolution of the last session of the Assembly of Heads of State and Government of the African Union, and seeks to harmonize African cyber legislations on electronic commerce organization, personal data protection, cyber security promotion and cyber crime control.
In pursuance of the principles of the African Information Society Initiative (AISI) and the African Regional Action Plan for the Knowledge Economy (ARAPKE), the Draft Convention is intended not only to define the objectives and broad orientations for the Information Society in Africa, but also to strengthen existing legislations in Member States and the Regional Economic Communities (RECs) on the Information and Communication Technologies.
It defines the security rules essential to establishing a credible digital space in response to the major security related obstacles to the development of digital transactions in Africa.
It lays the foundation for an African Union-wide cyber ethics and enunciates fundamental principles in the key areas of cyber security. It also defines the basis for electronic commerce, puts in place a mechanism for combating intrusions into private life likely to be generated by the gathering, processing, transmission, storage and use of personal data and sets broad guidelines for incrimination and repression of cyber crime. Its adoption would capitalize African and international experiences in cyber legislations and speed up relevant reforms in African States and the RECs.
Source/ Read More: http://au.int/en/cyberlegislation
AU Draft Convention
The objective of this Convention is to propose the adoption at the level of the African Union, a Convention establishing a credible framework for cybersecurity in Africa through organisation of electronic transactions, protection of personal data , promotion of cyber security , e-governance and combating cybercrime
AU Draft Convention - Complexities Information security impacts on the security of
the digital and cultural heritage of individuals, organizations and nations;
The vulnerability in the normal functioning of institutions can compromise the survival and sovereignty of States;
Addressing cyber security calls for clear-sighted political will to define and implement a strategy for development of digital infrastructure and services (eservices) and articulate a coherent, effective and controllable multi-disciplinary cyber security strategy.
AU Draft Convention - Challenges Achieve a level of technological security adequate enough to
prevent and effectively control technological and informational risks;
Build an information society that respects values, protects rights and freedoms, and guarantees the security of the property of persons, organizations and nations;
Contribute to the knowledge economy, guarantee equal access to information while stimulating the creation of authentic knowledge;
Create a climate of confidence and trust, that is: Predictable in terms of prevention and resolution of disputes;
and evolving because it takes into account continued technological evolution;
Organized: covering the relevant sectors; Protective: of consumers and intellectual property (civil and
penal) of citizens, organizations and nations; Secured: striking proper balance between legal and
technological security; Integrated into the international order: providing meaningful
articulation between the national, regional and global levels.
AU Convention - Content
I am a document, open me
Provisions relating to legality of
electronic transactions,
protection of personal data, promotion of cyber security,
e-governance and
combatting cybercrime
AU Convention - Criticism
Source/ Read More: http://techpresident.com/news/wegov/24712/africa-union-cybersecurity-law-flawed
Provisions: too much power to the government, particularly in accessing
private information. processing of personal data and sensitive data
without consent of the owner for the purpose of state security and public
interest could be misused. broad and unchecked powers to “investigating
judges”. Such powers include the power to issue search and seizure
warrants for any electronic records. prosecution of anyone seen to promote
“theories” of racism and xenophobia. only approved e-commerce payments
may be used in a country. This requirement would force popular
global platforms, such as Paypal, to seek regulatory approval, considerably
slowing down the rate at which they could spread their services across
Africa
SADC Declaration on Information and Communications Technology (ICT) , 2001 s 2(d):
‘WE SHALL UNDERTAKE to work together to remove barriers of electronic commerce in our SADC countries as a means to opening opportunities and benefits such as increased access to markets, opportunities to create economic value and cultural assets, reduced administrative costs, and improvement of public services. There is a need to adopt and adapt technologies that enable e-commerce capability to avoid increasing exclusion from the global economy.’
SADC developed a ‘Model Law on Electronic Transactions and Data Protection’ in November 2003.
SADC (e-Commerce Readiness Study, 2012)
Validation Workshop for the e-Commerce Readiness Study in the SADC Sub-Region
Part of the e-SADC Strategic Framework o develop a holistic approach to harnessing ICT for socio-economic development and regional integration
One objective - deployment of eservices, particularly e-commerce to benefit from global opportunities and develop a regional ecommerce strategic action plan.
Angola, Botswana, DRC, Lesotho, Mauritius, and South Africa were earmarked for the readiness study
SADC (e-Commerce Readiness Study, 2012)
SADC e-Commerce Strategy encompasses the following four main pillars:
Enabled e-Commerce Environment; A Capacity Development Programme for e-Commerce Strengthening e-Commerce Sub-Regional and National
Infrastructure; and Institutionalized Framework to Implement, Evolve and Govern
the Current Strategy
Mauritius:· ICTA Public Key Infrastructure (PKI);· Concept of e-Payment;· Computer Emergency Response Team - Mauritius (CERT-MU); and· e-Commerce Strategy for Mauritius Post Ltd.
SADC Model Law on E-Transactions and E-Commerce, 2012
I am a document, open me
SADC Model Law, “This Model Law addresses the scope of application of key concepts and proposes neutral definitions for them.
The legal recognition of electronic communications and the legal effect of electronic communications are addressed.
Clear rules for electronic transactions are adopted.
E-commerce issues such as the attribution of electronic communications and electronic signatures, and the admissibility and evidentiary weight of electronic evidence are addressed.
The obligations of online suppliers are addressed. These include the type of information made available to consumers on the information system where such goods or services are offered, and a consumer’s right to a cooling-off period, review of a transaction, withdrawal from a transaction, and the performance, correction or cancellation of a transaction for goods and services are addressed.
Lastly, service providers’ liability is addressed.”
Other SADC Model Laws, 2012
SADC Model Law on Data Protection, 2012 SADC Model Law on Cybercrime, 2012 Technical Assistance was offered by HIPSSA
(ITU project) for the drafting of the Model Laws
The Model Laws were adopted at a SADC Ministerial meeting in 2012
ECOWAS Directive on Fighting Cybercrime, 2009 Incorporation of legal framework for Member
States Emphasis on cybercrime, data protection,
search and seizure
Source/ Read More: Sizwe Snail, Lecture 2013, P&DM www.snailattorneys.com
EAC
Regional e-Government Programme adopted by the EAC Council of Ministers (2006)
Enabling legal framework as a critical factor: e-transactions, cybersecurity
Harmonized regional and national legal frameworks Creation of an EAC Task Force (2008) Background: East African Community Secretariat, ‘Report of
the 2nd EAC Regional Taskforce Meting on Cyber Laws’ (2008) http://r0.unctad.org/ecommerce/event_docs/kampala_eac_2008_report.pdf
The EAC legal framework for Cyber Laws (Phase I) covering electronic transactions; electronic signatures and authentication, cyber crime, and data protection and privacy have been adopted by the Council of Ministers (2012)
EAC“The East African Development Strategy (2011/12 – 2015/16) proposes the key drivers for the realization of the EAC regional integration agenda in the next five years to include, among others, creation of a
strong legal framework (…) The development of cyber laws in the region is
critical to underpin the realisation of full potentials in regional e-commerce, electronic financial
transactions and business processes outsourcing.” Hon. Musa Sirma, Chairperson of the Council of Ministers of the
East African Community and Minister for East African Community, Republic of Kenya, at the occasion of the
presentation of the budget of the EAC for the financial year 2012/2013 to the legislative assembly
Source/ Read More: http://www1.uneca.org/ArticleDetail/tabid/3018/ArticleId/1934/ICT-Ministers-call-for-harmonized-policies-and-cyberlegislations-on-Cybersecurity.aspx
Khartoum Ministerial Declaration – emphasises the need for
African countries to accelerate the formulation of cyberlegilsation…
Source/ Read More: http://www1.uneca.org/ArticleDetail/tabid/3018/ArticleId/1430/Experts-adopt-Declaration-of-Addis-Ababa-on-harmonization-of-cyber-legislation.aspx
Encode Electronic Commerce – Legislative Models and
Approaches
Legislation Enabling Electronic Transacting
The legal recognition of data messages – technology neutrality
The requirement of “writing” to be met by data messages � The requirement of “original” documents and functional �
equivalence The admissibility and evidential weight of data messages
The retention of data messages � The formation and validity of electronic contracts � Recognition by parties of data messages � The attribution of data messages � Liability of internet service providers Acknowledgement of receipt � Time and place of receipt and dispatch of data messages �
Legislation Enabling Protection of Personal Data
Definition of Personal Information Definition of Controller Minimum Security Safeguards Regulator Sharing of Personal Information with Third
Parties Cross-border transfer of Personal Information
Legislation enabling Electronic Signatures Electronic authentication technologies allow the
recipient of the electronic communication to: Verify the identity of the sender � Verify the fact that the content of the message has not �
changed since transmission; and Ensure that the sender cannot later repudiate the
message.
Prescribed (security) standards Accreditation Authorities Functional equivalence Methods to procure integrity of communications,
identity of sender
Legislation Governing Electronic Interception and Surveillance
Definition of interceptionPowers of interception – Who? When? Why? How?Restrictions on interceptionEnabling interception capabilitiesInterception recordsUnlawful interceptionRights of employers
Legislation Governing Cybercrime
Definition of cybercrimese.g. unauthorised access, e-fraud,
OffencesPenaltiesPowers of search and seizure
Intellectual Property Legislation
Domain Name AdministrationReview of trade mark legislationApplication of copyright in digital world
Copying, distribution, remix
Intellectual property in software
South Africa
Electronic Commerce Regulation Electronic Communications Act Electronic Communications and Transactions
Act (ECT Act) Protection of Personal Information Act Regulation of Interception and Interception
Related Communications Act Constitution of South Africa Consumer Protection Act
ECT Act, 2002
I am a document, open me
Case Law SB Jafta v. Ezemvelo KZN Wildlife – email
acceptance of employment contract S v Motata – admissibility of cellphone data
Namibia
Source/ Read More: Draft Policy Proposal for the Ministry of Foreign Affairs, Information and Broadcasting in Namibia, Schoemans, 2001
(Some) Lessons from Namibia ICT Policy Proposal Ensure that there is adequate and appropriate participation in
global dialogues. Many global initiatives have been undertaken, most led by the
developed countries with minimal input from developing countries.
Ensure that representatives are fully conversant with the complexities of global information society issues.
Conduct feasibility studies to ensure that all such mechanisms are sustainable in terms of financial, technical and human resources and that, if such vehicles are government-driven, that there is the political will to sustain them.
The implementation of universal access mechanisms must be accelerated to participate fully in the Global Information Society.
Source/ Read More: Draft Policy Proposal for the Ministry of Foreign Affairs, Information and Broadcasting in Namibia, Schoemans, 2001
How suitable are our policy and legal frameworks in connection with
developments and trends at the technology layer - as a lens for
regulatory responsiveness to electronic commerce?Group Activity and Discussion:
Mind the Gap (45 minutes)
In Closing
Other Considerations The drive to harmonise Multiple regional policy efforts – conflict, impose
compliance obligations, outdated E-commerce in the context of international private
laws e.g. international contracting Developing country case studies – unique
opportunities and constraints African case studies - unique opportunities and
constraints Mauritian data protection regulator, e-signature
accreditation Rwandan ICT strategies
Regulatory impact assessments
Pria Chetty
Technology and Innovation Law and
Policy Advisor
endcode.orgThanx, Questions?