twitter

Bread & Kaya: Attention e-commerce businesses: Fraud, the law and you

My Bread & Kaya’s second column was published on Digital News Asia on 29 January 2013.


Attention e-commerce businesses: Fraud, the law and you
Jan 29, 2013

– A new law to protect users of online trading portals goes into effect July 1
– While it may cost them a bit, operators of such businesses will have to comply

Bread & Kaya by Foong Cheng Leong

E-COMMERCE is booming in Malaysia. Euromonitor International estimated that Internet retailing in Malaysia reached RM842 million (US$268.3 million) in 2011; Goldman Sachs forecasts that e-commerce in Malaysia is projected to hit RM3.4 billion (US$1.1 billion) this year with a 30% year-on-year growth.

Notwithstanding such growth, online fraud is rampant in Malaysia. If you scour our online auction or listing websites, you’ll find many dodgy sellers and buyers selling or offering to buy products and services.

But the long arm of the law recently caught Mohd Yunus Jan Muhammad for approaching six victims who had advertised to sell their gadgets through an Internet trading portal, by posing as a customer and setting up appointments. At these meetings, he would grab the merchandise and flee. He was sentenced to one year’s jail. The Court also fined and imposed a whipping on Mohd Yunud.

Sometime in 2011, the Ministry of Domestic Trade, Co-operatives and Consumerism proposed that the Electronic Commerce Act 2006, an act that regulates online commercial transactions, be amended to regulate the online market place industry. I am told that consultation was held with the industry and I understand that some industry players had taken steps to lobby against the amendment.

In April 2012, its minister Datuk Seri Ismail Sabri Yaakob announced that the amendment would ensure that electronic transactions could be done in a safer and secured environment.

The law came about in the form of the Consumer Protection (Electronic Trade Transactions) Regulations 2012 (“Regulation“), a regulation under the Consumer Protection Act 1999.

The Regulation will be in force on July 1, 2013. Under this Regulation, an online marketplace operator is required to, among others, provide their full details, terms of conditions of sale, rectification of errors and maintenance of records.

The new law applies to two (2) types of persons namely:

– A person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace (“Online Business Owner“). “Online marketplace” means a website where goods or services are marketed by third parties for the purpose of trade. This may include your typical blog shops and sellers with accounts with eBay, Lelong and Mudah online stores.

– A person who provides an online marketplace (“>Online Marketplace Operator“). This may include group buying websites operators such as GroupOn, auction and listing websites such as eBay, Lelong and Mudah, and online shopping websites where third party products as sold such as Zalora.

Online business owners

Under the Regulation, Online Business Owners shall disclose on the website where the business is conducted and the following information, failing which the operator commits an offence.

  • The name of the person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace, or the name of the business, or the name of the company.
  1. The registration number of the business or company, if applicable.
  2. The e-mail address and telephone number, or address of the person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace.
  3. A description of the main characteristics of the goods or services.
  4. The full price of the goods or services including transportation costs, taxes and any other costs.
  5. The method of payment.
  6. The terms and conditions.
  7. The estimated time of delivery of the goods or services to the buyer.

Any person who discloses or provides the above information that he knows or has reason to believe is false or misleading, commits an offence.

Online Business Owners shall also:

  • – provide the appropriate means to enable the buyer to rectify any errors prior to the confirmation of the order made by the buyer; and
  • – shall acknowledge receipt of the order to the buyer without undue delay.

The order and the acknowledgement of receipt shall be deemed to have been received by the person who operates a business for the purpose of supply of goods or services through a website or in an online marketplace and the buyer, respectively, when the person and the buyer are able to access to such order and the acknowledgement of receipt.

The Online Marketplace Operator shall take reasonable steps to keep and maintain a record of the names, telephone numbers and the address of the person who supplies goods or services in the online marketplace, for a period of two years, failing which an offence is committed.

In addition to the terms and conditions, Online Business Owners and Online Marketplace Operators must comply with the Notice and Choice Principal provided by Personal Data Protection Act 2010 by inserting a privacy notice, in the National and English languages, on their website before the collection of any personal data.

Extra costs for businesses

Although this law seeks to protect consumers from unscrupulous traders, the introduction of this new law increases the startup costs and cost of operation of an e-commerce business.

Engaging lawyers to draft terms and conditions for e-commerce businesses can be expensive. But it is something any e-commerce business should invest in to protect themselves and their users.

The new law doesn’t specify in detail how the terms and conditions should be. Therefore, one can have a very simple set of terms and conditions.

Alternatively, one may opt to adopt the terms and conditions of other e-commerce businesses provided that one is well versed in drafting and amending agreements. But one should take note that every set of terms and conditions is customized for specific businesses.

It would be ideal if we have affordable online services to draft terms and conditions and privacy policies for SMEs (small and medium enterprises) like SnapTerms, which allows start-up companies the opportunity to customize their website’s terms and conditions without having to pay the fees typically associated with having the documents drafted by a lawyer.

But one must bear in mind that SnapTerms is a service provided by people who are well versed in the laws of their country and perhaps not Malaysia.

To digress a little, e-commerce businesses should also protect their intellectual property such as their trademarks, copyright and patents. These rights are registerable and one can protect these rights in Malaysia by filing them with the Intellectual Property Corporation of Malaysia or MyIPO.

Other than that, it is pertinent to protect your brand from being taken in well-known social media websites like Facebook and Twitter. You can use Knowem to check for the use of your brand, product, personal name or username instantly on over 550 popular and emerging social media websites.

Closing

The introduction of laws to track and record Internet transactions is nothing new. Last year, Section 114A of the Evidence Act 1950 and Cyber Centre and Cyber Cafe (Federal Territory of Kuala Lumpur) Rules 2012 were introduced to track and record such transactions.

These laws will not be the last. I foresee that many more such laws will be introduced in the near future.

Download:
Consumer Protection (Electronic Trade Transactions) Regulations 2012

What lies ahead for social media

Published in Putik Lada column, The Star on Friday February 3, 2012

It is going to be a tempestuous year with more developments in the social media scene, and a digital war may erupt between Internet users, companies and governments.

MALAYSIA’S social media sphere hit a milestone last year. Facebook users reached 12 million in Malaysia as at Decem­ber and Twitter users reached about 470,000 as at October.

Defamation actions and criminal charges against people for alleged misuse of social media have also become normal. There have been interesting developments in the social media and Internet legal scene.

Last year saw an increase in the use of social media by the legal profession to market their services. Some lawyers, law firms and courts have their own Twitter accounts.

Former Bar Council president Datuk Ambiga Sreenevasan (@Ambiga_S) has over 6,000 followers, international law firm Allen & Overy (@AllenOvery) has more than 6,600 followers and the US Supreme Court (@USSupremeCourt) has 23,000 followers and counting.

With such extensive use by legal practitioners, the Law Society of England and Wales issued a practice note for the use of social media by lawyers.

Back home, Cybersecurity Ma­­laysia introduced a new Internet guideline called Best Practice on Social Networking Sites (SNS).

The guideline is used as acceptable practices in usage of SNS with heightened ethics as well as in protecting the security of users and privacy needs. It is very useful for companies as guidance when drafting their social media policies.

Interestingly, the High Court of Malaya recognised that misappropriation of a domain name by a former employee is actionable under conversion of and trespass to property and breach of fiduciary duty in the 2008 case of Ogawa World Bhd & Anor v Ch’ng Wai Loong.

Normally, misappropriated Top Level domain names are recoverable through the WIPO Arbitration and Mediation Centre.

In Canada, the Su­­preme Court of Canada in Crookes v Newton (2011) delivered an important decision on the status of hyperlinks.

The Court held that creating hyperlinks to allegedly defamatory articles does not amount to a publication of defamatory information.

In India, the owners of a hotel sued Google over the auto-complete function on its search engine for defamation. When users typed the hotel’s name into Google, the word “receivership” is a suggested search term. However, the suit was later withdrawn.

“Who owns your followers?” was an issue to be determined when mobile phone website PhoneDog sued a former employee, writer Noah Kravitz, over the 17,000 Twitter followers that he had built up on a Twitter account called @PhoneDog_Noah.

Noah filed a motion to dismiss PhoneDog’s case but the US District Court ruled that PhoneDog could proceed with the lawsuit.

Many commentators are of the opinion that PhoneDog should have established a social media policy to determine the issue of ownership of the Twitter account when the account was created.

In a similar case, Eagle v Edcomm, Inc, et al., the Eastern District Court of Pennsylvania held that a former employee’s LinkedIn account be­­longed to the employer, even though the LinkedIn account contained the name, professional history and accomplishments of the employee.

Facebook had a busy year in 2011. Friendster repositioned itself as a social gaming site and discontinued its user social network accounts, leaving Facebook with one less competitor. However, Google introduced a new social networking site, Google Plus.

Facebook was subjected to a thorough and detailed audit by the Office of Irish Data Protection Commissio­ner, which gave a dozen recommendations for how Facebook can im­­prove privacy protection and data-handling practices. The audit report is available online in the interest of transparency.

Last year also saw the battle for Facebook page www.facebook.com/Merck. Merck KGaA, a German drug maker, suddenly lost its Facebook page to US rival Merck & Co.

Merck KGaA initiated an action against Facebook for details on how the page was lost. Facebook subsequently apologised to Merck KGaA for the mix-up.

We all know that it is very difficult to remove information published online. Some argue that confidential information posted online will lose its quality of confidence.

However, in AMP v Persons Unknown (2011), the UK High Court granted a superinjunction to restrain the further publication of stolen intimate pictures of a woman which were leaked online.

Arguably, this case implicitly determined the position of confidential information which has been leaked online.

On the criminal front, a US Federal Judge in USA v William Lawrence Cassidy dismissed a criminal case against Cassidy for “tweet stalking” a religious leader on Twitter.

Cassidy allegedly posted 8,000 tweets, almost all of them about the leader and her religious group, which caused the leader to claim that she had suffered “substantial emotional distress”.

The Judge held that although the tweets were uncomfortable, Cassidy’s right to tweet was protected under the US Constitution.

This year will see more developments in the social media legal scene. We may also see more Internet censorship and crackdowns on websites for sharing files – just like what happened to MegaUpload.

As a result, a digital war may erupt between Internet users and companies and governments. It is going to be a tempestuous year ahead.

Tweet at your own risk

Published in The Star Newspaper on 21 January 2010

The explosion in Internet-based social networking – fuelled by ease of DIY publishing – is throwing up new challenges, business and legal, to the online community.

THE year 2009 marked an important year for social media networking. It brought change to politics, society and business.

Many politicians set up their own Twitter accounts to connect with the masses.

Many companies – from multinational companies to our local restaurants – set up accounts on social media networking websites to publicise their business, and even to manage consumer complaints.

Malaysian company MOL Global Pte Ltd entered into an agreement with Friendster, Inc to acquire 100% of Friendster.

Also launched was Project Alpha, Malaysia its first online TV show about Malaysian bloggers.

Social media, designed to be disseminated through social interaction, is created using highly accessible and scalable publishing techniques, Internet-based applications that build on the ideological and technological foundations of Web 2.0 and allow the creation and exchange of user-generated content.

Social media can take many different forms, including Internet forums, weblogs, social blogs, wikis, podcasts, pictures, videos, ratings and bookmarking (Source: Wikipedia). Examples of social media networking websites or tools are Facebook, Twitter, LinkedIn and Friendster.

With social media websites rising in popularity, there are now more content generators on the Malaysian online community. Publishing content, once a technical and time consuming task, has been simplified; users merely need to enter text and click a button to publish.

Is Malaysian law able to cope with such changes?

The law governing online activities remains the same. Content generated through social media websites are still governed by laws on defamation, trade mark, copyright, and as well as the Computer Crimes Act 1997, Communi­cations and Multimedia Act 1998, and so on.

Internet users should be vigilant when posting updates, blog entries, tweets, comments and emails.

Even a 140-character limit tweet may get you into trouble. For example, Courtney Love, the widow of Kurt Cobain, was sued by her former clothes designer for defamation, invasion of privacy and inflicting of emotional distress for “an extensive rant” on Twitter about how she was billed for custom clothing.

Social media websites or tools have also been used to attack others. Some users think they can hide incognito behind the screen. However, some were unmasked and had to endure severe punishment.

In 2008, in the case of Applause Store Productions Limited & Anor v Grant Raphael [2008] EWHC 1781 (QB), the claimants were awarded £22,000 in damages against Raphael, an old school friend, who had created a false personal profile of the claimants on Facebook.

Back home, in July 2009, a former bank employee was charged with posting vile and indecent material in a blog with intent to annoy another colleague. He was fined RM8,000, in default two months’ jail.

Making a complaint against malicious users is now fairly easy and can even be done online – at http://aduan.skmm.gov.my, the website of the Malaysian Communications and Multimedia Commission’s (MCMC) complaints bureau.

In the face of severe punishments, malicious users will take all sorts of steps to keep their identity secret. They may use fake names and emails, proxy servers, and also install devices to ensure that their identity cannot be traced. However, they are not safe from the long arm of the law.

In the case of The Author of a Blog v Times Newspaper Limited [2009] EWHC 1358 (QB), a blogger sought an interim injunction in the English court to restrain Times Newspapers Ltd from publishing any information that would or might lead to his identification as the person responsible for a blog.

The blogger argued that his anonymity protected him against any action being brought against him. His application failed. The judge commented that blogging is a public activity and any right of privacy would likely be outweighed by public interest in revealing his activities.

Anything posted on the Internet will stay on the Internet. It will travel and be read by other people. Nothing is ever private on the Internet.

A clear example is the case where a former high school teacher in the US was forced to resign over photos and expletives on her Facebook page. The page had photos of her holding wine and beer and an expletive.

Although one may argue that it is one’s right of privacy to have one’s personal activities protected, the law does not prevent others from doing so.

Trade marks and trade names have also been highly abused in social media websites. Many users register their username using trade marks or trade names of other companies or individuals.

Companies have had to seek legal advice on the available courses of action in restraining such action or in obtaining such names back. This resulted in hefty legal fees and also time.

In combating such problems, Facebook gave trade mark owners the opportunity to register their rights to the username before the launch of personalised username and URLs. In doing so, Facebook had taken steps to avoid any lawsuits over trade mark.

Twitter on the other hand was not so lucky. A well-known US sports figure, St. Louis Cardinals manager Tony La Russa sued Twitter over an account created in his name.

The false account posted updates that gave the false impression that the comments came from La Russa. The suit said the comments were “derogatory and demeaning” and damaged La Russa’s trade mark rights. The case was eventually settled.

The year 2010 will be another interesting year. Internet-enabled phones and data plans are offered at an affordable rate. Users can now access the Internet through their mobile devices whenever and wherever they are.

It will be interesting to see what are the new tools for online social networking, and the new legal challenges for the online community.

> The writer is a young lawyer. Putik Lada, or pepper buds in Malay, captures the spirit and intention of this column – a platform for young lawyers to articulate their views and aspirations about the law, justice and a civil society. For more information about the young lawyers, please visit www.malaysianbar.org.my/nylc.

 Scroll to top