Posted by sonnyzulhuda on June 4, 2009
By: Sonny Zulhuda
(This article first appears in the E-Security Bulletin vol. 18 – (Q1-2009), published by CyberSecurity Malaysia in 1st Quarter of Year 2009, under the title ‘The requirement of information availability in the E-Commerce Act 2006′)
One of the key components in information security is the information availability, which seeks to ensure that authorized users have access to information and associated assets whenever required. This availability factor is so important to the extent that its deficiency can adversely affect other aspects of information security, namely the integrity and confidentiality of information.
This significance cannot be seen bigger in the area of electronic commerce. Imagine if the security of an information system used by an e-payment service provider is compromised by a denial-of-service (DOS) attack thus affects the availability of service, not only are the commercial data and the electronic processing thereof being jeopardised, but also the whole supposedly-trusted system can fail miserably. Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond | Leave a Comment »
Posted by sonnyzulhuda on January 23, 2008
WHAT prevents people from driving recklessly, forging signatures, breaking into homes, kidnapping or stealing? Ideally, conscience should be enough but it’s more likely because people don’t want to pay the penalties for these crimes. And thanks to law enforcement, people are compelled to conduct themselves properly so the rest of us can go about our daily affairs with peace of mind.
So, if laws are essential to communities in the conventional world, what of the Internet – a networked world in which more and more of us dwell in each day?
“It is a myth that cyberlaws are ‘high profile’ legal matters that concern only techies, computer scientists and information security professionals,” said Sonny Zulhuda, a cyberlaws researcher at the International Islamic University of Malaysia (IIUM).
Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond | Leave a Comment »
Posted by sonnyzulhuda on January 17, 2008
By: Sonny Zulhuda
Implications of Data Protection Laws to Business Organizations
Whichever approach being preferred, it is quite true to forewarn industries and business organizations that the legislatures worldwide are seeking even wider legal measures to protect personal information. It will someday come to the point where all matters will be regulated.
To enable continued business activities and growth, organizations needs to be alert of the legal risks surrounding the personal data protection. The legal fences being enacted will automatically reduce the organizations’ liberty to conduct activities previously enjoyed. Especially with ever increasing consumerism that keeps watching the industries, puts them in liability risks whenever principles of data collection and use is ever infringed. The lack of awareness in this aspect will certainly position them in high risk too. There seems no available option for business organizations other than to follow and comprehend the development of the law and safely avoid legal liabilities.
Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond, ICT Policy & Governance | Leave a Comment »
Posted by sonnyzulhuda on January 17, 2008
By: Sonny Zulhuda
Legal Responses and Liabilities to the Personal Data Protection
The apprehension of consumers regarding the use of their personal data is increasing. A survey on March 2001 published by the Asian Wall Street Journal and Harris Interactive found that 73% Net users are concerned with their personal privacy on the Internet (AWSJ, 22/3/2001). This fact and many more similar surveys conducted worldwide brought policy makers to ponder on how, and to what extent, the state can make laws and regulations to protect people’s right to control the use and exploitation of their personal data in the networked world.
Questions as to which approach is more effective arise. And there are at least two different approaches being championed by different jurisdictions, and eventually inspired others in the world to adopt. The choice is between having state’s legislation to regulate this problem or to leave the Internet industries to regulate themselves. It is submitted that a working knowledge of those legal requirements is essential for parties in a business organizations involved with data systems that store or process the personal data of members of the public.
Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond, ICT Policy & Governance | Leave a Comment »
Posted by sonnyzulhuda on January 17, 2008
By: Sonny Zulhuda
This paper seeks to provide an overview of the legal risk liability issues that arise in the management of personal data in e-security policies. It argues that if personal data is properly managed, not only can legal liabilities be avoided but organizations can transform the practice of personal data management into a corporate asset building exercise. At the end of this paper, the reader should understand how personal data should be managed in a proactive and structured manner in the context of an organization’s e-security policies.
Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond, ICT Policy & Governance | Leave a Comment »
Posted by sonnyzulhuda on January 16, 2008
By: Sonny Zulhuda
The recall of Malaysia’s existing legal landscape related to electronic business (see my previous posting here on ‘Legal Landscape of Malaysian E-Business Environment’) may result in impression that the country has done good enough. True, Malaysia should take the pride of among the regional leader in enacting legal framework for e-business. But surely enacting rules alone is not sufficient. Not only they need to be implemented, but also they need to prove their effectiveness.
Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond | Leave a Comment »
Posted by sonnyzulhuda on January 16, 2008
By: Sonny Zulhuda
The need to enact, pass and thus implement e-business-related laws has been closely linked to assurance of having smooth and secure e-commerce activities and thus it is closely associated with a country’s determination to speed up development in this information era. The Malaysian Government has indeed reaffirmed this link. They include in their pledge to the international community when initiating Multimedia Super Corridor (MSC) project that Malaysia would become a regional leader in intellectual property protection and cyberlaws. This is because Malaysia believes (like other countries supposedly do) that the existence of cyberlaws in the country means guarantee for the invention, e-commerce as well as consumer protections. This is why cyberlaw is important for country’s growth and development.
Based on the nature of the scope of the legislation, e-business-related law can be categorized into two distinctive categories, firstly, those legislations that address solely the specific electronic environment and applications. Secondly, those legislations that do not solely address on electronic environment, instead they apply as a general law but applicable, in part or in totality, to the cyberspace and online environment. On the ground of these categorization, this paper makes an attempt to assess the current legal landscape of Malaysia’s e-business environment.
Since their enactment in 1997, specific set of Malaysia’s cyberlaws provided ground for establishing legal frameworks for country’s e-commerce and information security. Besides, there are other laws that have been identified as providing important grounds for the effective and efficient operation of electronic business. Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond | Leave a Comment »
Posted by sonnyzulhuda on January 16, 2008
By Sonny Zulhuda
The increasing numbers of transactions in both international and local trade are carried out by means of electronic data interchange and other means of communication, commonly referred to as electronic commerce (e-commerce). This e-commerce seeks at the use of alternatives to paper-based methods of communication and storage of information (Chissick & Kelman, 2000). This substitution is increasingly phenomenal today where more and more applications are used to eventually turn the Internet as a virtual business sphere. Nevertheless this initiative is more technologically advanced rather that its other aspects. If the traditional trading activities are already well equipped with traditional sets of laws and regulatory frameworks, its new electronic environment is not the same. Certainly this was the motives that pushed the United Nations Commission on International Trade Law (UNCITRAL), an international body under the United Nations, to look at possible model laws that seek to equip this new environment.
In an electronic business environment, a good law is supposed to provide a conducive framework in which the compliance would eventually serve as facilitator instead of barrier to the business (Lallana, 2004). Thus, the first and utmost function of the law here is to legitimize the use of electronic tools and methods for the purpose of contract and commercial transactions. Furthermore, there are general principles that ought to be considered by the policymakers and lawgivers in this country in respect with the law of electronic commerce, which include: preservation of national interest, harmony with national legal system and international initiatives, a balance between potential conflicting interests such those of industry and public consumers, and last but not least, being technology neutral, and anticipative of future challenges, given the evolving nature of the Internet and information technology.
Read the rest of this entry »
Posted in All Articles, E-Commerce Law and Beyond | 1 Comment »
