Introduction Most of the world today communicates electronically or would like to do so. Increasing proportions of the world’s trade is carried out online, both domestically and internationally. Electronic commerce (e-commerce) offers many benefits domestically and internationally. On the local front, it has improved economic efficiency and created many new jobs in developing economies and least developed countries, offering a chance for them to narrow development gaps and increase inclusiveness—whether demographic, economic, geographic, cultural, or linguistic. It also helps narrow the rural–urban divide (ADB and ESCAP, 2018). Internationally, there are significant benefits from the successful implementation of cross-border paperless trade such as the potential to cut transaction costs by 25% across Asia and the Pacific as well as to increase regulatory compliance, reduce illicit financial flows, and facilitate engagement in the increasingly digital global economy (ESCAP, 2019). It also allows small- and medium-sized enterprises to reach global markets and compete on an international scale (ADB and ESCAP, 2018). However, the commercial laws applicable to these transactions have not always kept up to the new realities. Some countries have amended their laws with e-commerce in mind, but different countries have taken different paths. In a time of global or regional economic blocs, these differences can cause inefficiencies in or barriers to trade. These issues are observed among members of the Central Asia Regional Economic Cooperation (CAREC) Program, though they are far from unique to Central Asia. This policy brief presents recommendations that may help members in improving their receptiveness to e-commerce. It is adapted from Regulatory Framework for e-Commerce Development in CAREC published by the CAREC Institute. Context Analysts of economic development and e-commerce recognize that legal measures applicable to e-commerce are only one element of its proper implementation and expansion. It is also crucial that a country reaches a state of economic development with trade relation infrastructure (e.g., commercial dealings, government communications) and access to technology that can support e-commerce. In addition, people’s attitude toward technology and commerce can affect the social or even cultural acceptance of electronic transactions. If strangers are considered likely to be dishonest, or if e-communications are thought to be unreliable, the law will likely have difficulty enabling people to trust the transactions and engage in e-commerce. Opening the door does not mean that anyone will pass through it. Countries also have different capacities to govern an e-commerce system. Some of the trustworthy elements that may overcome the social or cultural hesitation, such as good laws on personal privacy, prevention of cybercrime, and consumer protection, will succeed only with state power behind them. While CAREC members have enacted relevant laws, these measures are not always consistent and at times out of step with the best practices. Countries need to reflect on their capacity to design and administer effective regulatory and dispute-resolution systems for these purposes. Policy Issues The policy brief examined key issues needed to build or harmonize the legal and regulatory framework for e-commerce. Electronic transactions Should laws reflect technology neutrality or spell out the technology needed to have legal effect? The principal global text on the law of e-commerce is the Model Law on Electronic Commerce and the Model Law on Electronic Signatures of the United Nations Commission on International Trade Law (UNCITRAL). Its guiding principle is technology neutrality (i.e. not specifying what technology should be used to achieve legal validity for commercial uses of electronic communications). Many states around the world have found this approach insufficient to ensure what they consider adequate reliability of authentication of origin or integrity of electronic documents. Some CAREC members have a single law on e-transactions while others have two laws—one on e-documents and one on e-signatures. It is desirable to have a single law to provide internal consistency. International harmonization Electronic communications cross national borders readily. Both businesses and governments benefit from this potential. The policy consequence is that laws should be harmonized according to reputable international standards. Privacy Computers can collect huge amounts of personal information, directly or indirectly. Bits of information can be combined to provide detailed profiles of people’s lives and preferences. This scenario can undermine people’s trust in e-communications and reduce their engagement in e-commerce. The Organisation for Economic Co-operation and Development (OECD) issued guidelines for cross-border data flow in 1980, and the principles are reflected in the privacy legislation of many countries. The OECD updated its guidelines in 2013 to account for increases in connectivity and computing power since 1980. Cybercrime Computers and the internet provide opportunities for new kinds of criminal activities, including interference with data and data flow. Such intangibles may not be protected by traditional laws. For example, courts in some countries have found that data as such could not be considered “property”—it could not be owned, and as a result could not be stolen. The Council of Europe created the Budapest Convention on Cybercrime in 2001. It requires its parties (including two CAREC members: Azerbaijan and Georgia) to legislate against a number of crimes, including online fraud, forgery, and child pornography. It also provides for international cooperation to track down and prosecute cross-border offenders. Consumer protection A major barrier to consumer trust in e-commerce is whether they will actually receive the goods and services they buy online, and whether they can get a remedy if there are problems. Many countries have set up consumer protection bureaus to deal with consumer complaints, armed with the power to compel remedial behavior from merchants, while others have special tribunals to deal with low value or high volume disputes in courts (e.g. small claims courts) or through alternative dispute resolution mechanisms, online or offline. Some CAREC countries are reported to have consumer protection laws that are not effective because consumers do not know their rights or how to enforce them. A remedy to this problem lies in direct government communications and possibly in enforcement action—not in the law. There are international models for consumer protection laws, notably from the United Nations, with a text from the OECD on e-commerce for consumers. Policy Implementation The success of using e-commerce depends on a number of factors, which includes modern technology, ability to innovate, and updated laws and regulations. At present, several CAREC members have already implemented policies and laws on e-transactions and e-commerce. Some countries use public key infrastructure (PKI) for electronic transactions. PKI is a network of issuers and users of digital signatures and certificates. This is appealing in principle but very cumbersome to manage. Proving that one has complied with the technical demands can be difficult. As a result, a number of countries, including the Russian Federation—whose laws have influenced several CAREC members, have relaxed their e-signature requirements over the past decade to allow for some non-PKI signatures and some e-documents without a digital signature. Analysis of country laws and infrastructure suggests that CAREC countries would benefit from flexibility in terms of increasing the right of transacting parties to agree on their own standards, within limits. On the issue of privacy protection, most CAREC members have some form of privacy legislation. The laws reflect the main points of international standards: personal data should be collected only with the consent of the data subject and only for the purpose for which the consent was obtained. Unfortunately, many CAREC members have no laws that specifically pertain to consumer protection although provisions against fraud or misrepresentation would be relevant to consumers and businesses. The laws in place in the countries that do have them are quite varied--some modern, some out of date. Recommendations To ensure that laws support e-commerce, including rules on privacy, cybercrime and consumer protection, both domestically and among CAREC members, each state should take the following steps: Establish a dedicated multi-ministry task force with support at the highest levels. Include private-sector representation on some version of this group. Coordinate legal advice across government. Different departments or agencies must have consistent opinions on key matters. Ensure that all parts of government and other players have the right and capacity to communicate electronically. Replicate the national work at the international level and coordinate the two levels. Work closely with United Nations Economic and Social Commission for Asia and the Pacific technical and legal working groups, if not already doing so. This can be done even before becoming a member of the Framework Agreement. A state must also decide whether to rely mostly on self-regulation or on state supervision when it comes to e-commerce. Some factors to achieve balance include: The importance of private initiative versus the need to control social and economic activity in the country. The degree of trust in the private sector’s competence to choose appropriate measures versus the degree to which the state itself or the population depends on government support. The perceived balance between the appropriate promotion of private interests versus the promotion or protection of public policy goals. To a greater extent, the degree of regulation required by or wanted in a system depends on the degree of risk that the system is willing to tolerate. In addition: CAREC members should legislate a hybrid system maximizing the autonomy of commercial parties to satisfy themselves on signature and document technology, while ensuring that official or vulnerable parties have legal safe harbors for their reliable e-communications. CAREC members should harmonize their e-transaction laws by joining these three conventions: United Nations Convention on Contracts for the International Sale of Goods, United Nations Economic and Social Commission for Asia and the Pacific, and United Nations Convention on the Use of Electronic Communications in International Contracts. CAREC members should have privacy legislation consistent with international best practices that ensures protection of personal data of their residents both at home and when it crosses national borders. Consideration should be given to adopting the latest Council of Europe convention on the topic. CAREC members should ensure that their laws are consistent in terms of the prohibition of unlawful activities as provided in international conventions, and that their ability to collaborate in international enforcement efforts—exchanging data on local proceedings and local suspects—is adequate to the challenges of cross-border crime. CAREC members should adopt consumer protection legislation consistent with the United Nations and OECD models, with particular attention to the ability of the state to offer reliable enforcement of consumer rights given by the legislation. Note: ADB placed on hold its assistance in Afghanistan effective 15 August 2021. Resources Asian Development Bank and United Nations Economic and Social Commission for Asia and the Pacific (ESCAP). 2018. Embracing the e-Commerce Revolution in Asia and the Pacific. Manila. Central Asia Regional Economic Cooperation Institute. 2020. Regulatory Framework for e-Commerce Development in CAREC. Xinjiang. Council of Europe. 2001. Convention on Cybercrime. Budapest. ESCAP. 2016. Framework Agreement on the Facilitation of Cross-border Paperless Trade in Asia and the Pacific. ESCAP. 2019. Readiness Assessment for Cross-border Paperless Trade: MONGOLIA. Bangkok. Organisation for Economic Co-operation and Development (OECD). 1999. Guidelines for Consumer Protection in the Context of Electronic Commerce. OECD. 2016. Guidelines for Consumer Protection in the Context of Electronic Commerce. OECD. 1980. Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. OECD. 2013. Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. United Nations Commission on International Trade Law (UNCITRAL). 2005. Convention on Contracts for the International Sale of Goods. UNCITRAL. 1980. Convention on the Use of Electronic Communications in International Contracts (Electronic Communications Convention). UNCITRAL. 1996. Model Law on Electronic Commerce. UNCITRAL. 2001. Model Law on Electronic Signatures. Ask the Experts John Gregory Consultant, Asian Development Bank Prior to his retirement, John Gregory served as General Counsel with the Ontario Ministry of the Attorney General where he developed legislation and policy in areas such as electronic communications. He was a member of the Canadian delegations to The Hague Conference on Private International Law and the United Nations Commission on International Trade Law, where he helped develop the Model Law on Electronic Signatures and the Convention on the Use of Electronic Communications in International Contracts. Follow John Gregory on Central Asia Regional Economic Cooperation Institute (CAREC) The Central Asia Regional Economic Cooperation Institute (CAREC) is an intergovernmental organization promoting economic cooperation in Central Asia and along the ancient Silk Road through knowledge generation and sharing. CAREC is jointly shared, owned, and governed by 11 member countries: Afghanistan, Azerbaijan, People’s Republic of China, Georgia, Kazakhstan, Kyrgyz Republic, Mongolia, Pakistan, Tajikistan, Turkmenistan, and Uzbekistan. Leave your question or comment in the section below: View the discussion thread.