Legal and Ethical Issues of Ecommerce

Previous years question E BUSINESS MBA 2nd semester

Ques1 what are legal and ethical issues of ecommerce in India? How are these
being addressed by the ecommerce companies? (MBA June 2018)

Ans Electronic commerce or ecommerce legal issues industry has come long way
since its early days and has been growing rapidly across the world

Ethics, Social and Political issues

Defining the rights of people to express their ideas and the property rights of
copyright owners are just two of many ethical, social, and political issues raised by
the rapid evolution of e-commerce.

The ethical, social, and political issues raised in e-commerce, provide a framework
for organizing the issues, and make recommendations for managers who are given
the responsibility of operating e-commerce companies within commonly accepted
standards of appropriateness. Understanding Ethical, Social, And Political Issues in
E-Commerce Internet and its use in e-commerce have raised pervasive ethical,
social and political issues on a scale unprecedented for computer technology.

We live in an “information society,” where power and wealth increasingly depend

on information and knowledge as central assets. Controversies over information
are often in fact disagreements over power, wealth, influence, and other things
thought to be valuable. Like other technologies such as steam, electricity,
telephones, and television, the Internet and ecommerce can be used to achieve
social progress, and for the most part, this has occurred. However, the same
technologies can be used to commit crimes, despoil the environment, and threaten
cherished social values. Before automobiles, there was very little interstate crime
 and very little federal jurisdiction over crime. Likewise with the Internet: Before
the Internet, there was very little “cyber-crime.”

Many business firms and individuals are benefiting from the commercial
development of the Internet, but this development also exacts a price from
individuals, organizations, and societies. These costs and benefits must be carefully
considered by those seeking to make ethical and socially responsible decisions in
this new environment.

Public Policy Issues in E commerce

The major ethical, social, and political issues that have developed around e
commerce over the past seven to eight years can be loosely categorized into four
major dimensions: information rights, property rights, governance, and public
safety and welfare. Some of the ethical, social, and political issues raised in each
of these areas include the following:
 Information rights: What rights to their own personal information do
individuals have in a public marketplace or in their private homes, when Internet
technology makes information collection so pervasive and efficient? What rights
do individuals have to access information about business firms and other
organizations?
 Property rights: How can traditional intellectual property rights are
enforced in an internet world where perfect copies of protected works can be
made and easily distributed worldwide in seconds?
 Governance: Should the Internet and e-commerce be subject to public
laws? And if so, what law-making bodies have jurisdiction - state, federal,
and/or international?
 Public safety and welfare: What efforts should be undertaken to ensure
equitable access to the Internet and ecommerce channels? Should governments
be responsible for ensuring that schools and colleges have access to the Internet?
Is certain online content and activities - such as pornography and gambling - a
threat to public safety and welfare? Should mobile commerce be allowed from
moving vehicles?
To illustrate, imagine that at any given moment society and individuals are more or
less in an ethical equilibrium brought about by a delicate balancing of individuals,
social organizations, and political institutions. Individuals know what is expected
of them, social organizations such as business firms know their limits, capabilities,
and roles and political institutions provide a supportive framework of market
regulation, banking and commercial law that provides sanctions against violators.
Now, imagine we drop into the middle of this calm setting a powerful new
technology such as the Internet and e-commerce. Suddenly individuals, business
firms, and political institutions are confronted by new possibilities of behavior. For
instance, individuals discover that they can download perfect digital copies of
music tracks, something which, under the old technology of CDs, would have been
impossible. This can be done, despite the fact that these music tracks still “belong”
as a legal matter to the owners of the copyright - musicians and record label
companies.

The introduction of the Internet and e-commerce impacts individuals, societies,

and political institutions. These impacts can be classified into four moral
dimensions: property rights, information rights, governance, and public safety and
welfare Then business firms discover that they can make a business out of
aggregating these musical tracks - or creating a mechanism for sharing musical
tracks- even though they do not “own” them in the traditional sense. The record
companies, courts, and Congress were not prepared at first to cope with the
onslaught of online digital copying. Courts and legislative bodies will have to
make new laws and reach new judgments about who owns digital copies of
copyrighted works and under what conditions such works can be “shared.” It may
take years to develop new understandings, laws, and acceptable behavior in just
this one area of social impact. In the meantime, as an individual and a manager,
you will have to decide what you and your firm should do in legal “grey”- areas,
where there is conflict between ethical principles, but no clear-cultural guidelines.
How can you make good decisions in this type of situation?
Before reviewing the four moral dimensions of e-commerce in greater depth, we
will briefly review some basic concepts of ethical reasoning that you can use as a
guide to ethical decision making, and provide general reasoning principles about
social political issues of the Internet that you will face in the future.

Basic Ethical Concepts: Responsibility Accountability, and Liability

Ethics is at the heart of social and political debates about the Internet. Ethics is the
study of principles that individuals and organizations can use to determine right
and wrong courses of action. It is assumed in ethics that individuals are free moral
agents who are in a position to make choices.

Extending ethics from individuals to business firms and even entire societies can
be difficult, but it is not impossible. As long as there is a decision-making body or
individual (such as a Board of Directors or CEO in a business firm or a
governmental body in a society), their decisions can be judged against a variety of
ethical principles. If you understand some basic ethical principles, your
ability to reason about larger social and political debates will be improved. In
western culture, there are ability and liability principles that all ethical schools of
thought share: responsibility, account- liability.
Responsibility means that as free moral agents, individuals, organizations and
societies are responsible for the actions they take. Accountability means that
individuals, organizations, and societies should be held accountable to others for
the consequences of their actions. The third principle -liability - extends the
concepts of responsibility and accountability to the area of law. Liability is a
feature of political systems in which a body of law is in place that permits
individuals to recover the damages done to them by other actors, systems, or
organizations. Due process is a feature of law-governed societies and refers to a
process in which laws are known and understood and there is an
 ability to appeal to higher authorities to ensure that the laws have been applied
correctly.
Analyzing Ethical Dilemmas
Ethical, social, and political controversies usually present themselves as dilemmas.
A dilemma is a situation in which there are at least two diametrically opposed
actions, each of which supports a desirable outcome. When confronted with a
situation that seems to present ethical dilemmas, how can you analyze and reason
about the situation? The following is a five step process that should help.
 Identify and describe clearly the facts. Find out who did what to whom,
and where, when, and how. In many instances, you will be surprised at the errors
in the initially reported facts, and often you will find that simply getting the
facts straight helps define the solution. It also helps to get the opposing parties
involved in an ethical dilemma to agree on the facts.
 Define the conflict or dilemma and identify the higher order value
involved. Ethical, social, and political issues always reference higher values.
Otherwise, there would be no debate. The parties to a dispute all claim to be
pursuing higher values (e.g., freedom, privacy, protection of property, and the
-enterprise system). For example, Double Click and its supporters argue that
their tracking of consumer movements on the Web increases market efficiency
and the wealth of the entire society. Opponents argue this claimed efficiency
comes at the expense of individual privacy, and Double Click should cease it’s
or offer Web users the option of not participating in such tracking.
 Identify the stakeholders. Every ethical, social, and political issue has
stakeholders: players in the game who have an interest in the outcome, who
have its vested in the situation, and usually who have vocal opinions. Find out
the identity of these groups and what they want. This will be useful later when
designing a solution.
 Identity the options that you can reasonably take. You may find that
none of the options satisfies all the interests involved, but that some options do a
better job than others. Sometimes, arriving at a “good” or ethical solution may
not, always be a balancing of consequences to stakeholders.
 Identify the potential consequences of your options. Some options may
be ethically correct, but disastrous from other points of view. Other options may
work in this one instance, but not in other similar instances. Always ask
yourself, “what if I choose this option consistently over time?” Once your
 analysis is complete, you can refer to the following well established ethical
principle to help decide the matter.
Privacy and Information Rights
The Internet and the Web provide an ideal environment for invading the personal
privacy of millions of users on a scale unprecedented in history. Perhaps no other
recent issue has raised as much widespread social and political concern as
protecting the privacy of over 160 million Web users in the United States alone.

The major ethical issues related to ecommerce and privacy includes the following:
Under what conditions should we invade the privacy of others?

What legitimates intruding into others’ lives through unobtrusive surveillance,

market research, or other means?

The major social issues related to e-commerce and privacy concern the
development of “exception of privacy” or privacy norms, as well as public
attitudes. In what areas of should we as a society encourage people to think they
are in “private territory” as opposed to public view? The major political issues
related to ecommerce and privacy concern the development of statutes that govern
the relations between record keepers and individuals.

The Concept of Privacy

Privacy is the moral right of individuals to be left alone, free from surveillance or
interference from other individuals or organizations, including the state. Privacy is
a girder supporting freedom: Without the privacy required to think, write, plan, and
associate independently and without fear, social and political freedom is weakened,
and perhaps destroyed. Information privacy is a subset of privacy. The right to
information privacy includes both the claim that certain information should not be
collected at all by governments or business firms, and the claim of individuals to
control over personal of whatever information that is collected about them.
Individual control over personal information is at the core of the privacy concept.
Due process also plays an important role in defining privacy. The best statement of
due process in record keeping is given by the Fair Information Practices doctrine
developed in the early 1970s and extended to the online privacy debate in the late
1990s (described below).

Legal Protections
In the United States, Canada, and Germany, rights to privacy are explicitly granted
in or can be derived from, founding documents such as constitutions, as well as in
specific statutes. In England and the United States, there is also protection of
privacy in the common law, a body of court decisions involving torts or personal
injuries. For instance, in the United States, four privacy-related torts have been
defined in court decisions involving claims of injury to individuals caused by other
private party’s intrusion on solitude, public disclosure of private facts, publicity
placing a person in a false light, and appropriation of a person’s name or likeness
(mostly concerning celebrities) for a commercial purpose. In the United States, the
claim to privacy against government intrusion is protected primarily by the First
Amendment guarantees of freedom of speech and association and the Fourth:
Amendment protections against unreasonable search and seizure of one’s personal
documents or home, and the Fourteenth Amendment’s guarantee of due process. In
addition to common law and the Constitution, there are both federal laws and state
laws that protect individuals against government intrusion and in some cases define
privacy rights vis-à-vis private organizations such as financial, education, and
media institutions.

Ques 2 Ethical issues in electronic commerce? MBA 2015

Ans:

I will explain some ethical issues which always surround the world of e-commerce.
See below.

Web Spoofing
Web spoofing is an electronic deception relates to the Internet. It occurs when the
attacker sets up a fake website which almost totally same with the original website in
order to lure consumers to give their credit card number or other personal information.
For example is the attacker setup a site called www.micros0ft.com using the number
zero in place of the letter O, which many users sometimes type by mistake. Users
might find themselves in a situation that they do not notice they are using a bogus
web-site and give their credit card details or other information.

Cyber-Squatting

Cyber-squatting is an activity which a person or firm register, purchase and uses the
existing domain name belong to the well-known organization for the purpose of
infringing its trademarks. This type of person or firm, called cyber-squatters usually
infringed the trademarks to extort the payment from original trademark’s owner. The
extortion of payment occur when they offers the prices far greater than they had
purchased the organization’s domain name upon. Some cyber-squatters put up
derogatory remarks about the person or company which the domain is meant to
represent (eg: www.walmartsucks.com), in an effort to encourage the subject to re-buy
their domain from them. The following picture will worth explain the example of
cyber-squatting.

Privacy Invasion

This issue is related to consumer. The privacy invasion occur when the personal
details belong to consumers are exposed to the unauthorized party. It may occur in
THREE ways. i. Electronic commerce businesses buy information about individuals
such as their personal details, shopping habits and web page visitation listings. This
can be done with or without the individual’s knowledge by using different computing
technologies. A large number of web sites, which require users to create a member
name, also ask for personal details. These details are then often sold on to companies
to aid in the marketing and selling of their products. ii. The personal information of
consumers being transmit may be intercepted by anyone other than the person whom
it is intended. Protecting the privacy of communication is a great challenge, due to the
very nature of the online medium, an open network of digital telecommunications. It
is technically and economically impossible to patch all the holes through which
unauthorized intruders may gain access. iii. Malicious programs delivered quietly via
web pages could reveal credit card numbers, usernames, and passwords that are
frequently stored in special files called cookies. Because the internet is stateless and
cannot remember a response from one web page view to another, cookies help solve
the problem of remembering customer order information or usernames or passwords.

Online Piracy

The online piracy can be defined as unauthorized copyright of electronic intellectual

property such as e-books, music or videos. This unethical activity occurs when the
Internet users use the software and hardware technology in an illicit manner to
transfer the electronic intellectual property over the Internet. For example, some web-
based applications such as www.napster.com have enabled large scale exploitation of
music samples and audio formats. Software that is available for free of cost on the
Internet allows the transfer of music and videos without the authorization of rights
holders. Moreover, CD burners and portable MP3 players allow copyright violations
to occur rather easily.

Email Spamming
E-mail spamming, also known as unsolicited commercial e-mail (UCE) involves
using e-mail to send or broadcast unwanted advertisement or correspondence over the
Internet. The individual who spam their e-mail usually called spammer. Many
spammers broadcast their e-mail for the purpose of trying to get people’s financial
information such as credit card or account bank numbers in order to defraud them.
The example of fraud using e-mail is spammers will lure consumers to enter their
personal information on fake website using e-mail, forged to look like it is from
authorized organization such as bank. The content of e-mail often directs the
consumers to the fake website in order to lure them to fill their personal information
such as credit card or bank account’s details. This technique is called phishing. The
following picture is an example of phishing e-mail.

Ques 3 What is the legal issues in ecommerce in India? You may

illustrate recent cases in India?

Legal Issues

1. E-contracts: Electronic contracts are governed by the basic principles provided

in the Indian Contract Act, 1872 ("ICA"), which mandates that a valid contract
should have been entered with a free consent and for a lawful consideration
between two adults. Section 10A of the Information Technology Act, 2000 ("IT
Act") provides validity to e-contracts. So, both ICA and IT Act needs to be read in
conjunction to understand and provide legal validity to e-contracts. Further, section
3 of the Evidence Act provides that the evidence may be in electronic form. The
Supreme Court in Trimex International FZE Ltd. Dubai v. Vedanta Aluminum
Ltd.1has held that e-mails exchanges between parties regarding mutual obligations
constitute a contract.

In an online environment, the possibility of minors entering into

contracts increases, more so with the increasing usage of online medium among
teenagers (read minors here) and their preference to shop online or purchase online
goods/services. It becomes crucial for an online business portal to keep such
possibility in consideration and qualify its website or form stating that the
individual with whom it is trading or entering into the contract is a major.

Stamping of contracts is yet another issue. An instrument that is not appropriately

stamped may not be admissible as evidence unless the necessary stamp duty along
with the penalty has been paid. But payment of stamp duty is applicable in case of
physical documents and is not feasible in cases of e-contracts. However, as the
payment of stamp duty has gone online and e-stamp papers are available, it can
become a possibility later that stamp duty might be asked on e-contracts as well.

The other crucial issue is the consent and the way offers are accepted in an online
environment. In a click wrap and shrink wrap contract, the customers do not have
any opportunity to negotiate the terms and conditions and they simply have to
accept the contract before commencing to purchase. Section 16(3) of the ICA
provides that where a person who is in a position to dominate the will of another,
enters into a contract with him, and the transaction appears, on the face of it or on
evidence adduced, to be unconscionable, the burden of proving that such contract
was not induced by undue influence shall lie upon the person in a position to
dominate the will of the other. So, in cases of dispute over e-contracts the entity
carrying out the e-commerce will have the onus to establish that there was no
undue influence. Further, section 23 of the ICA provides that the consideration or
object of any agreement is unlawful when it is forbidden by law, or is of such a
nature that if permitted, it would defeat the provisions of any law; or is fraudulent,
or involves or implies injury to the person or property of another, or the Court
regards it as immoral or opposed to public policy.

2. Data Protection: Security of the information provided during the online

transaction is a major concern. Under section 43A of the IT Act the "Reasonable
practices and procedures and sensitive personal data or information Rules, 2011"
have been proposed, which provide a framework for the protection of data in India.
Data can be personal, which has been defined as "any information that relates to a
natural person, which, either directly or indirectly, in combination with other
information available or likely to be available with a body corporate, is capable of
identifying such person." The date can also be sensitive and a sensitive personal
data consists of password, financial information, physical, physiological and
mental health condition, sexual orientation, medical records and history and
biometric information. The entity collecting data should have a privacy policy in
place, should always obtain consent from the provider of sensitive information and
maintain reasonable security practices and procedures. Unauthorized access to
personal information and any misuse of such personal information should be
checked by the online goods/service providers.

Interface with payment gateways is yet another challenge in online transactions. In

1995, the EFT, a retail funds transfer system enabling customers to transfer funds
from one account to another and from one region to another, without any physical
movement of instruments was introduced. The banks were permitted to offer
internet banking facilities based on the Board-approved internet banking policy
without prior RBI approval. As a step towards risk mitigation in the large value
payment systems, the RTGS was made operational by the RBI in March 2004,
which enabled settlement of transactions in real time, on a gross basis. The RTGS
System is operated by the RBI. In 2005, NEFT was introduced which was a more
secure, nation-wide retail electronic payment system to facilitate funds transfer by
the bank customers, between the networked bank branches in the country. The
enactment of the Payment and Settlement Systems Act, 2007 empowered the RBI
to regulate and supervise the payment and settlement systems in the country, give
authority to permit the setting up/continuance of such systems and to call for
information/data and issue directions from/to payment system providers. The IT
Act provided legal recognition for transactions carried out by means of electronic
data interchange and other means of electronic communication, commonly known
as "electronic commerce", which involve the use of alternatives to paper-based
methods of communication and storage of information.2 Some of the initiatives
taken so far to a secured e-transaction include: The IT (Amendment) Act 2008,
RBI's guidelines on Mobile Banking and pre-paid Value Cards, Guidelines on
Internet Banking and Mobile banking guidelines. Essentially, the IT Act has laid
the foundation for strengthening cyber security and data protection in India with
introduction of section 43A that mandates body corporate to implement
"reasonable security practices" for protecting "sensitive personal
information".3 The IT Act formally introduces the concept of data protection in
Indian law, ushers in the concept of "sensitive personal information" and provides
for fixation of liability on a body corporate to preserve and protect such sensitive
personal information.4 It also provides for civil and criminal liability for failure to
protect personal data and information.5 Further, the RBI has mandated a system of
providing additional authentication based on information encrypted on the cards
but not visible for all online transactions. Banks have also to put in place alert
systems to keep a tab on online activity. Since an e-commerce website relies on an
online mode of payment, several requirements imposed by the RBI do impact them
but essentially the payment gateways. However, while engaging such payment
gateways the contractual obligations on data protection and usage should be clearly
defined.
3. Intellectual Property Rights ("IPR"): There are enormous possibilities of
trade mark, copyright or patent infringements in online medium. E-commerce
websites are designed and made by other parties and often the content is also
created by third parties. Unless the agreements between the parties specifically
provide the IP rights, there can be serious ownership issues of IPR. Any usage of
third party IPR should have valid approvals in place. In interactive websites, the
disclaimer and IPR policy should clearly spell out these issues and goods/service
providers should also keep a watchful eye on the usage of their websites regularly.
Domain names have trade mark protection and deceptively similar domain names
can give rise to disputes. In Satyam Infoway Ltd v. Sifynet Solutions Pvt Ltd., the
Supreme Court had held that "a domain name may pertain to the provision of
services within the meaning of section 2(z) of the Trade Marks Act."

4. Efficient delivery system and an effective supply chain and service

management: It is important to always keep consumer protection issues in
consideration in e-commerce. The Consumer Protection Act, 1986 ("CPA")
governs the relationship between consumers and goods & service providers and
there are no specific provisions related to online transactions. Liability for a
goods/service provider arises when there is "deficiency in service" or "defect in
goods" or occurrence of "unfair trade practice". The CPA specifically excludes
from within scope any service rendered free of cost. So, if only the actual sale is
taking place in the online medium, the users will be considered as consumers under
the CPA. The goods/service providers may be asked to remove
defects/deficiencies, replace the goods, return the price already paid, compensate
and discontinue the unfair trade practice or the restrictive trade practice and not
repeat them.

Under the Information Technology (Intermediaries Guidelines) Rules, 2011,

the intermediaries have the obligation to publish the rules and regulations, privacy
policy and user agreement for access or usage of the intermediary's computer
resource by any person. Such rules and regulations must inform the users of
computer resource not to host, display, upload, modify, publish, transmit, update or
share certain prescribed categories of prohibited information. Also, the
intermediary must not knowingly host or publish any prohibited information and if
done should remove them within 36 hours of its knowledge. In Consim Info Pvt.
Ltd v. Google India Pvt. Ltd, the Delhi Court recognized that no injunctive relief
could be granted to Consim since it did not pass the triple test of (i) prima facie
case (ii) balance of convenience and (iii) irreparable hardship but here the decision
of the court was greatly influenced by the fact that the trademarks in dispute were
generic in nature. The court also observed that though the intermediary, Google,
cannot be made liable for infringement arising out of a third party's actions since it
is not possible to always check every advertisement posted online; however, this
observation was subject to section 3(4) of the aforesaid Intermediaries Guidelines
and Google had to act upon it within 36 hours of receipt, failing which it may be
held liable.

5. Advertising: Advertising is an important and legitimate means for a seller to

awaken interest in his products. For long, advertisements were regulated by the
courts, government, tribunals, or police that depended upon the nature of each
case. Additionally, absence of a single comprehensive legislation created a lot of
confusion in terms of a proper code to follow by the industry and the authority to
regulate or guide the pattern of advertising. In 1985, the Advertising Standards
Council of India ("ASCI"), a non statutory tribunal, was established that created a
self regulatory mechanism of ensuring ethical advertising practices. ASCI
entertained and disposed off complaints based on its Code of Advertising Practice
("ASCI Code"). On certain occasions, however, the ASCI orders were set aside by
courts as ASCI being a voluntary association was considered usurping the
jurisdiction of courts when it passed orders against non-members. Gradually, the
ASCI Code received huge recognition from the advertising industry. The warnings
issued by ASCI to the advertisers against the misleading advertisements were
gradually being accepted by the advertisers and the advertisements were actually
stopped being aired or were modified significantly to comply with the prescribed
ASCI Code. The advertisements should make truthful and honest representations
and avoid false and misleading claims, should not be offensive to public decency
or morality, not promote products which are hazardous or harmful to society or to
individuals, particularly minors, observe fairness in competition keeping in mind
consumer's interests and avoid obscene or harmful publication and indecent
representation of women.

6. Competition: E-commerce has already generated a lot of competition with ever

increasing players and acquisition of several old players in the market and has
enabled development of new services, new distribution channels, and greater
efficiency in business activities. Creation e-hubs where significant market share
lies can lead to certain competition issues if they appear to have developed
sustainable market power resulting from network effects and/or engaging in
strategic acts to preserve or maintain their market power. Potential issues for e-
commerce players would be price fixing or tacit collusion or anti-competitive
discrimination or refusal of access to third parties. E-commerce players should
refrain from collusion and excessive pricing. Options for parties to use same web
platform for different kinds of products/services can give rise to different
intermediaries and that can lead to collusive behavior. Market transparency should
be encouraged.

Recent cases in india

- November 2017: Flipkart cheated off of Rs 17 lakh by a gang

- October 2017: Amazon conned to the tune of Rs 50 lakh in New Delhi

- May 2017: Amazon India cheated off of Rs 69.91 lakh in Bengaluru.

- Dec 2016: Flipkart duped of Rs 1.05 crore, 152 expensive mobile phones in
Kota

The above instances of customers' duping ecommerce companies

made the headlines, but there are thousands of cases every year that go
unreported in the media. If you think that etailers are the sole victims of
ecommerce fraud, you would be mistaken

Fraud is a big problem for ecommerce companies and these companies

end up blocking complete zipcodes of states to deal with it. There was a
time when one of the biggest ecommerce companies in India was not
shipping anything over Rs 7000 to 20% of the population. The whole of
Madhya Pradesh, Bihar, Uttar Pradesh, Jharkhand, and Uttarakhand
were blocked