By: Sonny Zulhuda
The need to enact, pass and thus implement e-business-related laws has been closely linked to assurance of having smooth and secure e-commerce activities and thus it is closely associated with a country’s determination to speed up development in this information era. The Malaysian Government has indeed reaffirmed this link. They include in their pledge to the international community when initiating Multimedia Super Corridor (MSC) project that Malaysia would become a regional leader in intellectual property protection and cyberlaws. This is because Malaysia believes (like other countries supposedly do) that the existence of cyberlaws in the country means guarantee for the invention, e-commerce as well as consumer protections. This is why cyberlaw is important for country’s growth and development.
Based on the nature of the scope of the legislation, e-business-related law can be categorized into two distinctive categories, firstly, those legislations that address solely the specific electronic environment and applications. Secondly, those legislations that do not solely address on electronic environment, instead they apply as a general law but applicable, in part or in totality, to the cyberspace and online environment. On the ground of these categorization, this paper makes an attempt to assess the current legal landscape of Malaysia’s e-business environment.
Since their enactment in 1997, specific set of Malaysia’s cyberlaws provided ground for establishing legal frameworks for country’s e-commerce and information security. Besides, there are other laws that have been identified as providing important grounds for the effective and efficient operation of electronic business.
1. Digital Signature Act 1997
The Digital Signature Act 1997 (enforced on the 1st of October 1998) is an enabling law that allows for the development of, amongst others, e-commerce by providing an avenue for secure on-line transactions through the use of digital signatures. The Act provides a framework for the licensing and regulation of Certification Authorities, and gives legal recognition to digital signatures.
What is the impact of this Act to the e-business environment? The background behind the rise of electronic signatures is that in online commercial activities, authentication is seen very crucial. The nature of e-business allows anonymous communications and non-physical engagement of the sales and purchases. Therefore, in order to obtain some assurance that you are who you said you are’, the engaging parties need to authenticate each others. Digital signature is one way to accomplish this task: it employs private and public keys which are certified by a trusted third party called a certification authority. So, with the use of digital signature, there is a verification of the genuineness and authentication of the sender’s identity by a trusted third party, furthermore, this process will help secure the information exchanged between the trading parties (Julian Ding, 1999).
2. Computer Crimes Act 1997
The Computer Crimes Act 1997 (effective as of the 1st of June 2000) created several offences relating to the misuse of computers. Among others, it deals with unauthorized access to computer material and computer systems (section 3), unauthorized modification of computer contents (s.5), wrongful communication of means of access (s.6) and also the abetment and attempt of the said offences (s.7). It also makes provisions to facilitate investigations for the enforcement of the Act.
How does e-business environment benefit from this Act? Basically this Act had the objectives of enlisting new criminal offences. As a general principle, criminal law aims at preserving the public by punishing the offenders. Having a criminal law in the first place would also serve as deterrent for future offenders. One could reckon that if there is any trading activity with the most risks of being interrupted by wrongdoers, it would be those in e-business environment. Because in e-business the medium used (i.e. computer and Internet systems) are always subject to people who make them as playground, and eventually to gain at the expense of others. The priceless data that are transmitted online may be subject to interception and intruders. The sophistication of technology does not prevent them from trying and eventually winning the technological race by coming up with a more sophisticated skill and device to break the system. Therefore technology alone is not sufficient and law is expected to add into this barrier for potential culprit. By imposing heavy punishment of jail and fines, the Act should serve as a deterrent instrument.
3. Communications and Multimedia Act 1998
The Communications and Multimedia Act 1998 which came into effect on the 1st of April 1999, provides a regulatory framework to cater for the convergence of the telecommunications, broadcasting and computing industries, with the objective of, among others, making Malaysia a major global centre and hub for communications and multimedia information and content services. For the implementation of this Act, there is the Communications and Multimedia Commission Act 1998 that establishes the Malaysian Communications and Multimedia Commission (MCMC) on the 1st November 1998 as the sole regulator of the new regulatory regime. Apart from the licensing regime, another cornerstone of this Act is the establishment of new self-regulatory frameworks by the communications and multimedia industries on various aspects including the content and consumer protection.
How this law helps e-business environment? This Act regulates the licensing of various multimedia services including the provision of network facilities, Internet services, content, and application as well as infrastructure services. All these services are known as the backbone of the e-business activities. Thus the Act is dealing with something very fundamental, i.e. the gateway of e-business applications. Meanwhile, the Act also creates new offences relating to the offensive content (s.211), fraudulent and improper use of network facilities (ss.232 and 233), and illegal interception of communications (s.234). These latter sections seek to achieve a secure network that provides confidence for the users of e-business services.
4. Payment Systems Act 2003
The Payment Systems Act is the principal legislation which provides for the framework of the payment systems and payment instrument. Among its objectives is to promote a reliable, efficient and smooth operation of the national payment and settlement systems and for ensuring that the national payment and settlement systems policy is directed to the advantage of Malaysia. According to the Act, this noble task will be spearheaded by the Central Bank itself (BNM).
How is this Act strengthening the environment of e-business? This can be answered in many ways. First, the description in its definition section (s.2) that payment instrument includes tangible and intangible payment methods, thus this strengthens the legality and reliability of electronic business environment. In other parts of this Act it is required for every issuer of designated payment instruments to ensure adequate operational arrangements including measures to ensure prudent management of funds. This is all in order to guarantee the safety and reliability of the payment instrument itself (s.28). This provision absolutely emphasizes on the need to have strong corporate governance and risk management especially for the institutions that operate the payment instrument as designated by the Act.
5. Electronic Commerce Act 2006
In line with the development of international electronic commerce law, Malaysia has stepped up efforts to lure increasingly huge market for online business by enacting the Electronic Commerce Act recently. The Act mentions in its title that it provides for legal recognition of electronic messages in commercial transactions, the use of the electronic messages to fulfill legal requirements and to enable and facilitate commercial transactions through the use of electronic means and other matters connected therewith.
What is the benefit of this Act to the e-business environment? The enactment of this law would provide the public the needed assurance that the law is ready to equip e-business with legal remedies similar to what it gave to the traditional business environment, thus it creates certainty and reliability. The Act further removes the uncertainties about the application of writing and signature requirements. This is akin to unblocking the psychological barrier that tends to prevent both industries and consumers from maximizing their transactions online.
6. Minimum Guidelines on the Provision of the Internet Banking Services by Licensed Institutions
This guideline was issued by Bank Negara Malaysia (BNM). It sets out minimum guidelines that licensed banking institutions in Malaysia should observe in providing Internet banking services. It also states that banking institutions are free to adapt more stringent measures and are expected to keep abreast not only with technological developments, but also the needs of their customers. The guideline explains, among other things, types of Internet banking and risks. It also provides various aspects of corporate governance such as prudential regulations and supervisions, risks management practices, security requirements, consumer protection and compliance with other requirements (Abu Bakar Munir, 2004).
What Malaysia’s e-business can gain from this administrative guideline? In the e-business ecosystem, banks play vary important role. Too fit in with the new challenges, banking system today has also transformed itself into survival by engaging in online operation. With borderless nature of business today, Internet banking is a panacea for traditional bureaucracies that had previously defined bank’s operations. Thus, in order not to loose this important momentum, the central bank’s initiative to issue this guideline is just timely and imperative, that is to ensure the bank plays its traditionally important role in a new ecosystem.
7. Other Laws Applicable for Online Environment
In this section, we are looking at other laws that can be used to apply on e-business environment. These laws include the Penal Code, the Copyright 1987 and the Evidence Act 1950.
The Penal Code stipulates primary criminal offences in Malaysia and their punishments. These offences apply in general circumstances in so long there is no exception to such generality. For that matter, some provisions of Penal Code do apply for online environment. This type of provisions include the offences of fraud (s.415), e.g. for cases such as online fraud; impersonation (s.416); extortion (s.383), distributing obscene materials (s.292), as well as criminal defamation (s.499), which was used to charge the defaming email involving popular singer Siti Nurhaliza in a 2005 case (the case was discharged but not amounting to acquittal). More interestingly, the Penal Code has also recognized that the meaning of ‘document’ is to include a matter recorded, stored, processed, retrieved, or produced by a computer (s.29(1)(c)). This definition has aptly accommodated the need for secure online environment.
Meanwhile, the Evidence Act has experienced several amendments so as to adapt to online environment. It lays down rules for the admissibility of computer-generated document and of statements contained therein. These rules apply to criminal and civil proceedings (s.90A, 90B and 90C). The Act provides that the document is admissible if it was produced by the computer in the course of its ordinary use. It nevertheless requires the person responsible for the management of the computer, or for the conduct of the activities for which that computer was used, to sign a certificate proving that the document was produced by a computer in the ‘course of its ordinary use’.
Last but not lest, an appraisal is also due to another important piece of legislation, i.e. the Copyright (Amendment) Act 1997, which makes unauthorized transmission of copyright works over the Internet an infringement of copyright. It is also an infringement of copyright to circumvent any effective technological measures aimed at restricting access to copyright works. These provisions are aimed at ensuring adequate protection of intellectual property rights for companies involved in content creation in the ICT and multimedia environment. This Act clearly imposes stricter rule in relation to copyright in the course of e-business environment. This is necessary because the nature of e-business makes it so much easy to transmit copyrighted materials and make unlimited copies of similar quality in a very short time.
(Note: More to come is the Electronic Government Activities Act 2007