NON COPYRIGHT E-PUBLISHING ISSUES

1. 
   Internet access and the barrier caused by Telkom’s monopoly
   

PASA publicly welcomes the government's delivery of the draft telecommunications policy and believes that competition will mean lower Internet access costs for consumers, translating into greater time spent online which would ultimately boost spending at local e-stores.

PASA looks forward to a smooth licensing process geared at enabling the network to get up and running as soon as possible, thereby boosting foreign investor confidence in SA. This would, ultimately, have positive knock-on effects, not only for the Internet industry but also for the country a whole.

2. 
   Customer Privacy
   

People who use the Internet give away a whole range of information about themselves. There are currently no guidelines in South African Law as to the extent to which this information can be made public and sold to third parties.

The rapid growth and increasing use of the Internet give rise to many and complex privacy issues. In every electronic communication an Internet user gives away some form of personal information. Every e-mail message contains a header with information about the sender and the recipient. Virtually every electronic transaction will involve the transfer of personal data such as credit card numbers, telephone numbers, physical addresses and e-mail addresses.

The key to further Internet growth, especially as far as electronic commerce is concerned, is the attainment of privacy through technology and law. Unauthorised access to communications and personal information on the Internet remains relatively easy in the absence of encryption technology. Whether or not the vulnerability of privacy on the Internet is exaggerated, it is undisputed that there are security risks associated with its use. As a result, it is safer to assume, for the present, that the Internet is not yet a secure medium over which to communicate financial and personal information without having due consideration of the risks and legal issues involved.

Apart from traditional privacy concerns like surveillance and unauthorised access to information, the Internet also creates new concerns relating to the use of cookies and spamming.
1.38Present

Although the Open Democracy Bill addressed some of these issues, it was dropped from final legislation. Privacy of personal information is still governed by the common law.

1.39Proposed action

We believe that personal information about the individual should be protected in the sense that no business can make it public or sell it unless forced to do so by a Court Order. However, aggregate personal information that cannot be traced back to a single individual could be a valuable asset in a business and should be legal to make public and sell to third parties.

In this regard we suggest that the Government closely follow developments in the European Union and United States of America and thereafter decide whether the privacy of the individuals should be regulated by the market/industry or whether the necessary legislation should be enacted.

The use of cookies should not be legislated as users have the option to disable cookies. Furthermore, most Internet surfers prefer the use of cookies. Likewise with spamming – we suggest that no legislation is required and that an institution like the Advertising Standards Authority should draft guidelines for spammers.

Definitions:

• 
  Cookies: A cookie is an HTTP header that consists of a text-only string. The string is usually a set of random-looking letters long enough to be unique to every user. The cookie is sent from the server of the web site the user accessed the first time and is saved on the user’s hard drive. When the user accesses that site again, a copy of the cookie is sent with the request to that site. In this way the remote server knows who the user is and that he/she visited the site before.
  

• 
  Spamming: To send a message (usually an advertisement) to many discussion groups (bulletin boards, mailing lists or newsgroups), without regard for its topical relevance.
  

3. 
   Electronic criminal law
   

Hacking, cracking and other form of dangerous code bears a significant thread to any online business. Although these acts are punishable in other countries, a South African business should have considerable difficulty taking such a case to Court as it would have to be argued under common law crimes such as house-breaking or trespassing.

1.41Present

Computer crime covers a very wide field. At one end of the scale, it involves “traditional”, straightforward crimes, as we know it, such as theft of computer systems and hardware. At the other end of the scale, computer crime is committed by using highly technical equipment to manipulate and infiltrate computer systems that may be on the other side of the world. In essence it can be said that computer crime involves any criminal activity where a computer is involved.

Although computer crime spans such a wide field, it can be divided into two broad categories: the first deals with criminal activity that can be committed only by using a computer system. These crimes never existed before the advent of the computer, and a computer is absolutely essential for committing such a crime. Examples are hacking, cracking and sniffing. These crimes are exclusively created by statute. The second category of computer crime is much wider, and involves crimes that have existed for centuries, but are now committed by using a computer system. Obvious examples are theft of computer systems, Internet fraud and the possession and distribution of child pornography, to name but a few.
1.42Proposed action

We suggest that Government urgently amend the Criminal Procedure Act and create a statutory crime not only for the unauthorised access to a computer system but also any other technical means that could be used to circumvent access control measures and damage the infrastructure of an online business by either slowing it down or grinding it to a complete halt.

However, criminalising these acts would not be effective if the rules of evidence aren’t amended to make it possible and reasonably easy for businesses to take these matters to a Court. Finally, we would also like to note that both the Police force and criminal prosecutors should be adequately trained to investigate Internet crime matters and prosecute these. For example, when an electronic publisher recently had cases of electronic credit card fraud during January 2001 the police where very slow to respond to the calls. We later found out that the unit dealing with credit card fraud in Cape Town did not have sufficient access to transport. They also worried that, even if they followed the case up, prosecutors would not be eager to prosecute the matter because of their limited knowledge of the Internet. Finally, should the prosecutor decide to prosecute the case, much of the time will be spend explaining the workings of the Internet and e-commerce to the magistrate or judge. In this regard, Government might be well advised to create specialised E-commerce courts, much like our current labour courts and tax courts, where these cases could be heard.

Better training for the police, prosecutors and magistrates should be a long-term policy goal of the relevant department. E-commerce will never be a success in South Africa if the infrastructure and know-how is not created and preserved to enforce the laws we now want to enact. Electronic credit Cards and other forms of fraud are increasing daily in South Africa.

1.43The issue

Currently, the online business has to take the risk of any unauthorised online transactions. Obviously this creates a serious barrier to both confidence in electronic commerce and the growth of electronic commerce here in South Africa

1.44Present

Probably the most important issue from the perspective of the online merchant is getting paid. It is important to stress that payment mechanisms and payment instruments are continually being adapted to the online environment. Smart cards and electronic money (also known as “e-cash”) are in various phases of development or implementation all over the world. The South African Reserve Bank issued a position paper on stored value smart cards and electronic money during April 1999. Merchants interested in this form of payment must have due regard to these directives as well as the legislation and regulations regulating deposit taking. Examples include the Reserve Bank Act, Banks Act, National Payment System Act, Usury Act and, depending on the payment instrument involved, the Credit Agreements Act and the Bills of Exchange Act.

However, for the better part of 2000 and perhaps 2001, the traditional credit card will remain the predominant payment method in the online environment. A credit card transaction is an instruction by your customers for funds to be transferred into your account and charged against theirs. The instruction is given by your customers directly to you. Later the customer will have to make payment to their bank, typically once each month, in full or part settlement of the account. Charge cards (e.g. Diners Club) operates on the same basis with the exception that the account is not held directly with a Bank.

Face to face credit card transactions (e.g. paying at a restaurant) is referred to as “card-present” transactions. Credit card transactions by mail, telephone or fax are referred to as “card-not-present” transactions. These transactions are referred to by the financial services industry as MOTO (mail order / telephone order) transactions. Because of the risks that the inherent risks of fraudulent use in card-not-present transactions, banks have developed a standard practice, generally referred to as MOTO “rules”. In general, these MOTO rules provide that a cardholder is entitled to contest any entry that appears on their credit card statement. If they do so credibly the bank will credit their account and make a so-called “chargeback” to the Merchant with the result that you lose the money. The Bank will also require you to get authorisation from it for every Web transaction you conduct, using either an Electronic Fund Transfer point of Sale terminal (EFTPOS), your Internet Service Provider or the telephone. For unauthorised transactions conducted during the time between the theft of the card details and the card being stopped, the merchant is likely to bear the loss.

It is possible for a cardholder to effect a valid transaction, only to deny it later. If the denial seem credible to the customer’s bank, the merchant will have to bear the loss. However, the merchant is likely to prevent a chargeback if it is able to show the bank evidence that the cardholder confirmed the order and took delivery of the goods. It is therefore important for organisations to incorporate sufficient checks-and-balances into the transactional process to enable them to prove delivery has been made to the cardholder.
1.45Proposed action

We suggest that banks should be forced to take more responsibility for unauthorised transactions that are authorised by them. In terms of credit card companies and South African Bank Rules a user only need a name, credit card number and expiry date to conclude an online transaction in South Africa. The effect of this is that any person that has another persons’ card in his hand for a few seconds could go and commit electronic fraud with the information that is available on a credit card. This is not acceptable and we suggest that a starting point would be to force the banks to also check for a cardholder's address before authorising a transaction, as is the case in most other countries like in the United States of America.

The current situation only creates an unnecessary insurance industry because of the old economy risk management employed by South African banks.

Finally, we suggest that before Government starts to address issues like electronic money and electronic cheques, the uncertainty and risks involved with credit card transaction should be adequately addressed.

4. 
   Contracts
   

Currently Internet users in South Africa conclude a whole range of agreements or quasi-agreements directly over the Internet. This could be in the form of mere terms and conditions for the use of a web site or an agreement for a delivery of goods and services.

It is uncertain whether these agreements concluded online are in fact binding, and if so, how are such agreements would be proved in a Court of Law.

1.47Present

There is little or no guidance in South African law on the conclusion and enforcement of electronic contracts and licenses.

1.48Proposed action

We should suggest that the Government take the following steps:

• 
  Legislation should be enacted to ensure the legal recognition of electronic communications. Standards should be prescribed to which electronic documents must conform to qualify as written and original. Seeing that the use of the Internet increases daily, we suggest that no exceptions should be provided for any agreements to be concluded online. However, acknowledging electronic communications as contracts only goes half the way – the true problem is proving such communications in courts. The current law of evidence, therefor, needs urgent attention. Finally, due regard should be had to international guidelines to ensure international conformity.
  

• 
  Electronic agreements should be allowed as evidence in Courts and guidelines should be formulated to indicate what kinds of steps online business should take to keep track of this evidence. We suggest that the law should treat computer-generated evidence exactly the same as evidence created in the old economy.
  

• 
  The time and place an electronic agreement came into being should be clear. In this regard that we would like to note that the old common law rules regarding the time and place of contracting, is insufficient in an electronic environment and we suggest that legislation should be used to clear up any misunderstanding. The misunderstanding comes from the different approaches followed in our common law when contracts are concluded over the telephone and when an acceptance of an offer is posted. We suggest that electronic communications should be treated in much the same way as telephonic communications.
  

• 
  The issue of signature in an electronic environment should be addressed. In terms of South African law, a signature does not necessarily have to be something done in ink by a person’s hand. It could also be an indication that a person agrees with the content of an agreement. In this regard we suggest that Government enacts legislation in line with international precedence. Currently, South African law states that a signature does not have to be a mark made with ink on a piece of paper – it could be any indication that a party agrees with the contents of an agreement. Therefor, a click on a computer screen (click-wrap agreements) and even opening a box of software (cling-wrap agreements) are considered “signatures”. Regardless of whether a “signature” is present, proving such an act is very difficult under our current law of evidence.
  

5. 
   Taxation
   

The advent and growing use of the Internet and electronic commerce (“e-commerce”) has signalled the beginning of a new era in taxation. Many fundamental tax concepts, currently used in tax jurisdictions globally, are challenged. Tax authorities will have to adapt their application of existing tax principles, practices and procedures for an e-commerce environment. Alternatively, new methods of levying and collecting taxes will have to be devised. Taxpayers, on the other hand, will have to adapt their tax planning strategies and consider the impact of a changing business environment on their global tax charge.

In essence the problems of physical location and distance (and time) as an obstacle to economic development have been overcome by e-commerce. A person’s need through centuries to be physically close to markets has fallen away. Services can be supplied and goods sold remotely, and that is the crux of the problem. However, most taxation and tax collection systems in force globally are based on the premise of physical presence of a taxpayer in a jurisdiction as a prerequisite to having a taxable presence there. This premise potentially renders the application of these systems ineffectual in an e-commerce environment.
1.50Present

Although government has started to move away from the residence based tax system to a worldwide system, many e-tax issues remains unsolved. These include:

• 
  Characterising types of income: Different form of income is taxed differently. For example, if X allows the public the right to download 10 copies of an e-book from the Internet, the question remains as the type of income X will receive. Is it income from the sale of books (10 copies sold) or rather royalty income (license to make 10 copies)?;
  
• 
  The source of income;
  
• 
  The residence of an multinational online company; and
  
• 
  The definition of “permanent establishment” in Double Taxation.
  

Consumption tax, such as Value-added Tax (VAT) or Goods and Services Tax (GST), is probably the most talked-about electronic commerce taxation issue. Questions in this regard revolve around whether a Web-based sale is taxable and, if so, what jurisdiction, if any, may collect the tax and what is the most effective way of collecting the tax or ensuring tax compliance. In addition, many electronic commerce enterprises may be running at a loss and are therefore indifferent to income tax – at least for now. However, consumption tax is immediate. With the rapid increase in Web-based sales, an increasing number of purchases are made free of indirect tax when the buyer ignores the requirement to voluntarily remit the tax, causing an increasing strain on state tax revenues. Consumption tax issues have therefore been recognised to have more immediacy than direct taxation issues.

• 
  time of supply (i.e. the tax point)
  
• 
  value of supply
  
• 
  place of supply
  

Knowledge of the time of supply is essential as VAT on a particular supply must be accounted for by the parties in the particular tax period within which the tax point falls. Knowledge of the value of the supply is essential in order to calculate VAT in respect of that value. For VAT purposes, the place where a supply is made is referred to as the place of supply and that is the only place where that particular supply is liable to VAT. In traditional business this concept was relatively easy to define and straightforward rules could be applied. The advent of electronic commerce has, however, complicated this issue.

We suggest that Government urgently address the gaps in the South African Income Tax Act. There is already significant international agreement in the UN and OECD to allow the Government to draft proper legislation in this regard.

Prepared by Reinhardt Buys

Internet, New Media and E-commerce Attorney

24 Dunkley Square, Cape Town

Cell: 082 379 2123

e-mail: crbuys@mweb.co.za

and