DRAFT
Codes of Conduct and standards for intermediaries and e-commerce service
providers
Please read, download the text and send any comments to the editor@ebusiness-incorporated.com
Appointed pursuant to Part 6, sections 28 and 29 of the Electronic Transactions Act 2000 (the ETA)
1. Preamble
This Code of Conduct and Standard has been established to protect the reputation of Vanuatu as an international business centre. It is the desire of the Minister, and of the representatives of industry contemplated by Section 28 (1) of the Act, that those undertaking e-commerce businesses connected with Vanuatu should so conduct themselves as to preserve the good name of Vanuatu.
In particular, intermediaries and e-commerce service providers should note that they are subject to all relevant criminal codes and Acts of Vanuatu, all as amended from time to time (the “Acts”).
Accordingly, it is the desire of Industry to conduct themselves, and to the best of their ability see that their customers conduct themselves, with regard to both the spirit and the letter of the Acts. In consequence of the foregoing, the Minister has promulgated certain Codes of Conduct and Standards contemplated by subsection 28(4) which are embodied in this Code of Conduct and Standard, and which have been further provided for in consultation with Industry as set out below.
The essence of the responsibility of those intermediaries and e-commerce service providers governed by this Code of Conduct and Standard is to know their customers, to render service which is consistent with Vanuatu’s reputation and the Acts, and to enable themselves to intervene where necessary to protect the reputation of Vanuatu
The Minister’s powers of censure under subsection 29(2) will be exercised having regard to the degree of compliance with this Code of Conduct and Standard as set out in the “Safe Harbour” guidelines below.
2. Definitions
Unless otherwise specifically defined in this Code of Conduct and Standard, all expressions used in the Standard bear the same meanings as they are given in the ETA.
3. Application of the Standard
(A) This Code of Conduct and Standard only applies to intermediaries and e-commerce service providers who are carrying on a trade or business or conducting commercial transactions or services in or from within Vanuatu, or which are identified with Vanuatu for the purposes of the ETA, whose transactions or services either themselves take place electronically or which assist others to do so, or which relate to business carried out electronically.
(B) This Code of Conduct and Standard comes into effect upon review by the Minister and gazetting.
4. The Vanuatu E-commerce Codes of Conduct and Standards
(A) Pursuant to subsection 29(5), the Minister has established the following minimum Codes of Conduct and Standards for intermediaries and e-commerce service providers:
i) Observe Business Integrity, accordingly do not conduct as principals
any activity prohibited by the Companies Act;or which contravenes the
laws regarding publication of obscene material, money laundering, slander,
or basic human rights (“undesirable activities”). (ii) Know Your Customer, and accordingly do not knowingly aid or abet
any undesirable activities. (iii) Know Your Own Business, and accordingly inform yourself and exercise
good judgement so as to not knowingly render any service in respect
of any electronic record or information which contravenes paragraphs
(i) and (ii) or which ought reasonably to be considered as likely to
contravene or already to have contravened the Acts. (iv) Protect Personal Data, and accordingly respect the privacy, accuracy
and security of personal information in accordance with the ETA. (v) Avoid Abusive Usage, and accordingly do not send bulk unsolicited
emails, seek unauthorized access to other peoples’ systems or seek to
interrupt other people’s use of electronic communications, or enable
others to do so. (B) In addition to the matters set out in (A) above the Minister has
established the following further Codes of Conduct and Standards for e-commerce
service providers:
i) Advertise Truthfully, and accordingly do not mislead customers as
to the nature, quality or purposes of goods or services sold through
your business. (ii) Deal Fairly and Openly with Customers, and accordingly trade and
settle with your customers in an honest transparent manner which has
regard to this Code of Conduct and Standard, the Acts, and the reputation
of Vanuatu as an international business centre. (iii) Settle Complaints and Disputes Quickly and Fairly, and accordingly
establish convenient methods of receiving and dealing with complaints
and for the swift, convenient and fair settlement of disputes. Intermediaries and e-commerce service providers shall make every reasonable
effort to introduce and maintain systems, procedures and practices which
achieve material realisation of this Code of Conduct and Standard. It is recognised that the same business may be conducting activities
in two different capacities, either as an intermediary or as an e-commerce
service provider. Accordingly, such business should establish such systems,
procedures and practices as are appropriate to the particular capacity
in which it operates in a particular instance. Where an intermediary or an e-commerce service provider has actual knowledge
of any matter or conduct which falls below the standard required by this
Code of Conduct and Standard, the intermediary or e-commerce service provider
must take action forthwith to remedy or terminate the matters or relationship
giving rise to the non-compliance with this Code of Conduct and Standard.
If in doubt, the intermediary or e-commerce service provider can apply
to the Minister for direction pursuant to the ETA. The consequences of non-compliance with this Code of Conduct and Standard
are set out in section 29(2) of the ETA, which enables the Minister to
give warnings, require compliance or recommend that prosecutions be instituted.
It is implicit in subsection 29(2) that the Minister is the arbiter in
the first instance of whether there has been non-compliance with this
Code of Conduct and Standard and accordingly the Minister shall have regard
to any relevant circumstance which goes to such determination. Although the Minister shall have regard to all the circumstances of a
case in making a determination under subsection 29(2) as to whether there
has been non-compliance with the Standard and accordingly a breach of
this Code of Conduct and Standard, an intermediary or e-commerce service
provider shall, in the absence of any special circumstances, be deemed
to have observed the Standard and accordingly to be in compliance with
this Code of Conduct and Standard, if such intermediary or e-commerce
service provider’s systems procedures and practices are substantially
in accordance with the following guidelines: A) The Maintenance of Effective Monitoring Systems Make reasonable efforts to ensure as far as practicable that electronic
records handled by the business do not include information that contravenes
or is reasonably likely to contravene the Acts. (B) The Establishment of Effective Contracts Establish commercial terms and conditions with customers which contain
a condition to the effect that the sending of bulk, unsolicited electronic
records to persons with which such customer has no relationship (either
contractual or personal) or to persons who have not otherwise consented
to receive such records, is not permitted through the services of such
intermediary or e-commerce service provider. Include terms and conditions
in any agreement with customers which prohibit undesirable activities
from being carried out by the customer, pursuant to or in connection with
the agreement, and which includes a condition that would lead to the termination
of any such agreement where the customer is found to be engaging in undesirable
activities. Incorporate the substance of this Code of Conduct and Standard
into their commercial terms and conditions with customers. (C) Institute Effective “Know Your Customer” Practices Establish information sufficient to satisfy such intermediary or e-commerce
service provider that, having regard to the nature of the services provided,
it knows who its customer is and what it is the customer proposes to do
in or from within, or otherwise in connection with, Vanuatu so that such
intermediary or e-commerce service provider does not knowingly aid or
abet any undesirable activities. Except as provided by the Criminal Code,
this guideline does not extend to requiring the intermediary or e-commerce
service provider to check the customer’s electronic records to confirm
this information. (D) Establish Systems to Protect Privacy This clause 7(D) does not apply to the extent it is inconsistent with
any more onerous obligations of confidentiality of personal data or business
records as required by the Acts, any other law, equity, code of practice
or under Part VI of the Electronic Transactions Act 1999. If an intermediary
or e-commerce service provider does not intend to observe the principles
in relation to personal data set out below, that intermediary or e-commerce
service provider must notify that fact to its customers or other persons
from whom it collects personal data or business records.
i) Intermediaries and e-commerce service providers should collect personal
data of customers only:
a) if relevant for the provision of goods, services or information
as agreed with the customer; or (b) as otherwise disclosed to the customer prior to collection of
such information. (ii) Intermediaries and e-commerce service providers should use personal
data and business records of customers only for:
a) internal marketing, billing or other purposes necessary for
the provision of services; (b) purposes made known to the customer prior to the time the personal
data or business records are collected; or (c) other purposes with the prior consent of the customer, and
should endeavour to ensure that the personal data or business records: (d)are accurate, and if necessary, kept up to date; (e) if inaccurate, are erased or rectified; and (f) are erased when no longer reasonably required. (iii) Intermediaries and e-commerce service providers should endeavour
to:
a) ensure the confidentiality of personal data and business records
of customers (b) prevent the sale or transfer of the personal data and business
records of customers other than as part of the sale of the intermediaries’
or e-commerce service providers’ business; and (c) prevent the examination of or tampering with personal data
or business records other than for the purposes of maintenance or
security of the relevant information processing system or data integrity.
(iv) This guideline does not prohibit disclosure of personal information
or business records:
a) with the express or implied consent of the person to whom such
personal data or business records relates; (b)or as required by law. Intermediaries and e-commerce service
providers may not sell or transfer personal data or business records
of customers to another person for the purpose of sending bulk,
unsolicited electronic records. (E) Establish Practices to Avoid Abusive Usage Intermediaries and e-commerce service providers should refrain from sending
bulk, unsolicited electronic records to persons with whom they do not
have a relationship (either contractual or personal) or to persons who
have not otherwise consented to receive such records. Intermediaries should
establish reasonable practices to prevent their services being used for
the sending of such bulk, unsolicited electronic records and should endeavour
to cease providing services to persons who engage in such conduct. (F) Establish Complaints and Disputes Systems E-commerce service providers should establish procedures to:
i) notify their customers of procedures to raise complaints about
the services provided by them; and (ii) answer, in a speedy and decisive manner, any complaints raised
by customers. E-commerce service providers should provide a specific
contact address to receive complaints. E-commerce service providers should provide alternative dispute resolution
procedures for disputes arising between themselves and customers, meaning
mechanisms pursuant to the Arbitration Act 1986 or the Vanuatu International
Conciliation and Arbitration Act 1993 as appropriate, should be considered.
E-commerce service providers should encourage the resolution of disputes
by electronic means. (G) Establish Business Practices which are Transparent E-commerce service providers shall disclose the following information
on any web site that is generally accessible by the public:
i) the trading name and any other name reasonably necessary to identify
the e-commerce service provider; (ii) the email and mailing address for contact with the e-commerce
service provider; and (iii) a statement that they are obliged to comply with this Code
of Conduct and Standard. (H) Establish Systems to Avoid Misleading Statements or Omissions
In addition to any sanction under the criminal or civil law, e-commerce
service providers should establish practices and review procedures to
ensure that they do not mislead or deceive customers in:
(i) advertising goods or services through electronic means; or (ii) completing transactions through electronic means.
5. Business Procedures to Be Observed
6. Consequences of Non-Compliance
7. The Safe Harbour Guidelines