Online transactions pending adoption of the Internet law

The ongoing discussions on TV, radio, newspapers and the Internet on the need to make a law on transactions done electronically are timely.

With the support of the Parliamentary Committee on Energy, Communications and Public works, these efforts by the Government and the private sector to draft an Electronic Transaction Bill (ET Bill) could soon be rewarded when it becomes law.

The Organisation for Economic Cooperation and Development, or OECD, defines “doing business electronically” in two ways — a narrow, purely internet-based transaction which it calls internet transaction and the broader electronic transaction which covers any business, private or government, “conducted over computer-mediated networks”.

Most of us engage in some form of electronic transaction in the course of our day-to-day business.

We credit a school account with fees, send or receive money by M-Pesa, Money Gram, Western Union or any other convenient electronic transfer medium.

We order goods and services via computer-mediated networks (e-mail and SMS), although the delivery is often done offline. We could make enquiries and pay for a car in Japan online, but the deal is finally concluded when we physically receive the car at the Mombasa port.

But when buying computer software using a credit card, it is possible to conclude the deal online through downloading.

All over the world, governments and private organisations are concerned that two entities — even without establishing any physical presence — can transact business with amazing speed and over great distances.

Didn’t someone say the Internet is “the death of the distance?”

Kenya urgently needs specific legislation that address the unique issues that come with digital transactions. In the absence of such a law, we miss out on cross-border trade and the new global market in the cyberspace.

We will not be able to buy and sell online because the business world is reluctant to put money in a country that has no redress mechanism in the event of something going wrong.

There is also need to build public confidence in the integrity and reliability of electronic records and electronic commerce.

Kenya’s Draft e-Transaction Bill 2007 is a positive step towards addressing the need for regulation for all transactions taking place electronically.

The Bill addresses the niche aspect of ICT, unlike the broader Information and Communication Bill 2008, which seeks to regulate carriage and content of communication in areas such as broadcasting, multimedia, telecommunications and postal services.

The e-Transaction Bill looks at limitations to contract formation in the internet environment, imitations of liability of service providers, privacy, security and the use of electronic records and signatures by government.

I like especially the provision by the ET Bill for amendments to the Penal Code to allow the whacking of would-be offenders.

There has been a rise in SMS and e-mail misuse by criminals to broadcast hate messages or to swindle people of their money.

Two MPs recently reported that crooks were sending out provoking messages purporting them to come from them (MPs). This is called spoofing — providing or sending counterfeit electronic information for wrongful gain.

If the ET Bill had been passed into law, it would have earned the culprit(s) a five-year jail term or a fine not exceeding Sh5 million, or both.

You think that is too harsh? Laws and the accompanying punishment must deter crime. With too many emerging technologies, crooks must never have the motivation to abuse them.

Would-be cybercriminals must not be allowed to think that their activities cannot be detected or that when they are caught, the punishment will, after all, be bearable.

Those of us who oppose the registration of phone numbers by service providers because of privacy concerns may need to look at the bigger picture. The gains of doing so far much outweigh the pains.

There is always a small price to pay for using technology; you cannot eat your cake and have it. You must allow some demographic information (name, age, sex, address etc) to be kept by the service provider.

Think of the SMS threats and extortion targeting rich people, which have been traced to the Naivasha and Nyeri prisons inmates. In such a case don’t we need to know who owns the phone?

But cyberlaws are not only about legal protection and deterrents, they are also concerned with legal certainty and security.