Cyber Law Repository

Cyber Legislation UNCTAD

 

REPOSITORY

 

E-commerce Development in Ghana/West Africa

 

UNITED STATES OF AMERICA

 

  • S. Safe Web Act: This Act provides the FTC with a number of tools to improve enforcement regarding fraudulent spam, spyware, misleading advertising, privacy and security breaches, and other consumer protection matters, particularly those with an international dimension. Among other things, the Act allows increased cooperation with foreign law enforcement authorities through confidential information sharing, provision of investigative assistance, and enhanced staff exchanges. In certain limited circumstances it enables the FTC to obtain information in domestic or foreign consumer protection matters from third parties without tipping off investigative targets.
  • Cybersecurity Information Sharing Act (CISA)– Its objective is to improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes. The law allows the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies. The bill was introduced in the S. Senate on July 10, 2014, and passed in the Senate October 27, 2015
  • Cybersecurity Enhancement Act of 2014:  It was signed into law December 18, 2014. It provides an ongoing, voluntary public-private partnership to improve cybersecurity and strengthen cybersecurity research and development, workforce development and education and public awareness and preparedness.
  • Federal Exchange Data Breach Notification Act of 2015:This bill requires a health insurance exchange to notify each individual whose personal information is known to have been acquired or accessed as a result of a breach of security of any system maintained by the exchange as soon as possible but not later than 60 days after discovery of the breach.
  • National Cybersecurity Protection Advancement Act of 2015:This law amends the Homeland Security Act of 2002 to allow the Department of Homeland Security’s (DHS’s) national cyber security and communications integration center (NCCIC) to include tribal governments, information sharing, and analysis centers, and private entities among its non-federal representatives.[1]

 

The United States has several other legislations aimed to secure data in the cyberspace:

 

 – 1996 Health Insurance Portability and Accountability Act (HIPAA)

– 1999 Gramm-Leach-Bliley Act

– 2002 Homeland Security Act, which included the Federal Information Security Management Act (FISMA)

 

These three regulations mandate that healthcare organizations, financial institutions, and federal agencies should protect their systems and information. However, these rules are not foolproof in securing the data and require only a “reasonable” level of security.[2]

CYBER LAWS IN ASIA

  • INDIA

Information Technology Act, 2000

India has adopted the Information Technology Act, 2000 (No. 21 of 2000) being the Cyber Law in India aimed at promoting e-commerce. Further the Information Technology Act, 2000 (No. 21 of 2000) has been amended by the the Information Technology (Amendment) Act, 2008 (No. 10 of 2009). It includes penal substantive rules, regulations and also procedural rules.

The Personal Data Protection Bill, 2018

National Cyber Security Policy, 2013

Digital Information Security in Healthcare Act

Draft National E-Commerce Policy

 

  • MALDIVES

Maldives does not have any officially recognized regulation pertaining to Cyber Law.

Maldives has signed a Memorandum of Collaboration against Malicious Activities in Cyberspace with Japan Ministry of Information and Communication.

(http://www.itu.int/en/ITU-D/Cybersecurity/Documents/Country_Profiles/Maldives.pdf)

National Security Policy 2012

http://www.defence.gov.mv/english/images/publications/National_Security_Policy_2012.pdf – page doesn’t exist

 

  • BANGLADESH

Bangladesh Telecommunication Act, 2001.

Bangladesh Information and Communication Technology (ICT) Act, 2006

GOVERNMENT OF BANGLADESH INFORMATION SECURITY MANUAL          

National e-Commerce Policy-2017    

E-Mail policy-2017

  • BHUTAN

Bhutan does not have any specific cybercrime legislation but it has adopted the Bhutan Information and Communication Media Actprovides functions, responsibilities and powers of the Ministry of Information and Communications; the establishment of the Bhutan Infocomm and Media Authority; provision of ICT facilities and ICT services; provisions relating to radio communications; provisions relating to media issues; provisions relating to cyber issues such as e-governance, e-commerce, consumer protection and online privacy; and offences, penalties and legal proceedings.

 

  • CHINA

Regulations on Safeguarding Computer Information Systems, Feb. 1996

(http://fas.org/irp/world/china/docs/computer_code.htm)

Article 1- These regulations have been formulated to safeguard computer information systems, to promote the application and development of computers, and to ensure smooth progress in socialist modernization.

Cybersecurity Law of the People’s Republic of China

The Cybersecurity Law came into effect on 1 June 2017, and standardizes the collection and usage of personal information. Similar to India’s Data Protection Bill 2018, it emphasizes on privacy and data security,[3] and also requires foreign organisations to store critical data domestically.

 

  • INDONESIA

Indonesia does not have any specific Cyber Law legislation but it has adopted Law of the Republic of Indonesia Number 11 of 2008 Concerning Electronic Information and Transactions,

Regulation Number 82 of 2012 Concerning Electronic System and Transaction Operation http://rulebook-jica.ekon.go.id/english/4902_ PP_82_2012_e.html.

Law on Consumers’ Protection 1999 http://www.cipatent.com/consumersprotectionlaw.Pdf – page doesn’t exist

Pornography Law 2008.

  • MALAYSIA

Computer Crimes Act 1997 of Malaysia:Part II of the Computer Crimes Act 1997 of Malaysia deals with offences. It includes penal substantive rules, regulations and also procedural rules.

Electronic Commerce Act 2006

Electronic Government Activities Act 2007

Digital Signature Act 1997

Personal Data Protection Act 2010

Communications and Multimedia Act 1998

Consumer Protection Act 1999

  • MYANMAR

Myanmar does not have any specific Cyber Law legislation but it has adopted the following

Electronic Transactions Law( The State Peace and Development Council Law No. 5/2004 ) The 12th Waxing of Kason 1366 M.E. (30th April, 2004)

Computer Science Development Law 1996

  • NEPAL

Nepal does not have any specific Cyber Law legislation but it has adopted The Electronic Transaction Act, 2063read with the Electronic Transaction Rules 2064 -Nepal’s first cyber law. The Chapter 9 of the Electronic Transaction Act, 2063 specifically deals with various cybercrimes. It includes penal substantive rules, regulations and also procedural rules.

 

  • SINGAPORE

Singapore does not have any officially recognized national legislation pertaining to cyber law. But it has adopted the following

Electronic Transactions Act (ETA) (Cap 88)– first enacted in July 1998 to provide a legal foundation for electronic signatures, and to give predictability and certainty to contracts formed electronically.

The Computer Misuse and Cybersecurity Act)
Spam Control Act

Personal Data Protection Act 2012 of the Singapore

Consumer Protection (Fair Trading) Act 2003
MDA Internet Code of Practice

 

  • THAILAND

Thailand does not have any specific Cyber Law legislation but it has adopted Computer Crime Act B.E 2550 (2007) of Thailandand the Computer Crime Act B.E 2550 (2007)– These deal with various cyber crimes. It includes substantive rules, regulations and also procedural rules.

Electronic Transactions Act 2001

Consumer Protection Act 1979
(http://www.asianlii.org/th/legis/consol_act/cpa1979246/).
Unfair Contract Terms Act 1997
(http://www.samuiforsale.com/law-texts/unfaircontract-terms-act.html (unofficial translation).

  • BRUNEI DARUSSALAM

Electronic Transactions Act 2008

Computer Misuse Act 2007

Sale of Goods Act 1999 

Unfair Contract Terms Act 1999 

Authority for Info-communications Technology Brunei Darussalam Order 2001

  • CAMBODIA

Law of the Press 1995 

 

Regulations on Registration of Domain Names for Internet under the Top Level “kh” http://www.gocambodia.com/KHDomainReg/ Regulation_on_Reg.asp. – page doesn’t exist

 

  • THE LAO PEOPLE’S DEMOCRATIC REPUBLIC

Electronic Transactions Law 2012.

Ministry of Information and Culture, Special Provisions (416/IC) for Control of the Content and the Information and Data Obtained via the Internet System.

Telecommunication Law 2001

THE PHILIPPINES

Electronic Commerce Act 2000

Data Privacy Act (2012)

Cybercrime Prevention Act 2012

Consumer Act 1991

Alternative Dispute Resolution Act 2004

 

 VIET NAM

Decree No. 26 providing detailed regulations on the implementation of the Law on E-transactions on digital signature and digital signature certification services http://www.moj.gov.vn/vbpq/en/Lists/Vn%20bn%20 php%20lut/View_Detail.aspx?ItemID=4172.

Management and Use of Internet Services Decree 2001

Law on E-Transactions 2005 (in English)

Law on Protection of Consumers’ Rights 2010 (in English)

 

 

[1] All laws from – https://www.appknox.com/blog/united-states-cyber-security-laws

[2]https://www.appknox.com/blog/united-states-cyber-security-laws

[3]https://assets.kpmg/content/dam/kpmg/cn/pdf/en/2017/02/overview-of-cybersecurity-law.pdf