Electronic Transactions Bill, 2008

Number:

Date introduced:

26 May 2008

Sponsor:

Hon. HAM-MUKASA MULIRA (Minister for Information and Communications Technology (ICT)

Bill No. 24 Electronic Transactions Bill 2008

THE ELECTRONIC TRANSACTIONS BILL, 2008.

_________

ARRANGEMENT OF CLAUSES.

PART I—PRELIMINARY

Clause.

1. Commencement

2. Interpretation

3. Application

4. Object of the Act

PART II—FACILITATING ELECTRONIC TRANSACTIONS

5. Legal effect of electronic records

6. Use of electronic signature

7. Authenticity of data message

8. Admissibility and evidential weight of a data message and an

electronic record

9. Retention of information or record

10. Production of document or information

11. Notarisation, acknowledgement and certification

12. Other requirements

13. Automated transactions

14. Formation and validity of agreements

15. Time of dispatch of data message

16. Time of receipt of data message

17. Place of dispatch or receipt

18. Expression of interest

19. Attributing a data messages to person originating the message

20. Acknowledgement of receipt of data message

21. Variation of conditions or requirements by agreement

PARTIII—E-GOVERNMENT SERVICES

22. Electronic filing and issuing of documents

23. Specific requirements by public body

PART IV—CONSUMER PROTECTION

24. Information to be provided by suppliers or sellers

25. Cancelling electronic transaction after receipt of goods or services

26. Unsolicited goods, services or communications

27. Performance of electronic transaction

28. Invalidity of provisions excluding consumer rights

PART V—LIMITATION OF LIABILITY OF SERVICE PROVIDERS

29. Liability of a service provider

30. Information location tools

31. Notification of infringing data message or activity

32. Service provider not obliged to monitor data

33. Regulations

34. Power of the Minister to amend Schedule

A BILL for an Act

ENTITLED

THE ELECTRONIC TRANSACTIONS ACT, 2008

An Act to provide for the use, security, facilitation and regulation

of electronic communications and transactions; to encourage the

use of e-Government services and to provide for related matters.

BE IT ENACTED

by Parliament as follows:

PART I—PRELIMINARY

1. Commencement

This Act shall come into force on a date appointed by the Minister by

statutory instrument and different dates may be appointed for the

commencement of different provisions.

2. Interpretation.

(1) In this Act, unless the context otherwise requires—

“addressee”, in respect of a data message, means a person who

is intended by the person originating the data message to

receive the data message, but not a person acting as an

intermediary in respect of the data message;

“automated transaction” means an electronic transaction conducted

or performed, in whole or in part, by means of a data message

in which the conduct or data messages of one or both parties

is not reviewed by a natural person in the ordinary course of

the natural person’s business or employment;

“consumer” means a natural person who enters or intends to

enter into an electronic transaction with a supplier as the

end user of the goods or services offered by that supplier;

“currency point” has the value assigned to it in the Schedule;

“data” means electronic representations of information in any

form;

“data message” means data generated, sent, received or stored

by electronic means and includes—

(a) voice, where the voice is used in an automated

transaction; and

(b) a stored record;

“data subject” means a natural person from whom or in respect

of whom personal information has been requested,

collected, collated, processed or stored;

“e-Government services” includes a public service provided by

electronic means by a public body in Uganda;

“electronic agent” means a computer program or an electronic or

other automated means used independently to initiate an

action or respond to data messages or performances in

whole or in part, in an automated transaction;

“electronic communication” means a communication by means

of data messages;

“electronic record” means data which is recorded or stored on

any medium in or by a computer system or other similar

device, that can be read or perceived by a person or a

computer system or other similar device and includes a

display, printout or other output of that data;

“electronic records system” includes the computer system or other

similar device by or in which data is recorded or stored and the

procedure for recording and storing of electronic records;

“electronic signature” means data attached to, incorporated in or

logically associated with other data and which is intended

by the user to serve as a signature;

“electronic transaction” includes the sale or purchase of goods or

services whether between business, individuals or governments

and other public or private organisations conducted over

computer mediated networks whether the payment or delivery

of the goods or services is made on or off line;

“information” includes data,text,images,sounds,codes,computer

programmes, software and databases;

“information system” means a system for generating, sending,

receiving, storing, displaying or otherwise processing data

messages and includes the internet;

“information system services” providing information system

connections, operating facilities for information systems,

the providing access to information systems, transmitting

or routing data messages between or among points

specified by a user and processing and storing of data, at

the request of the recipient of the service;

“intermediary” means a person who, on behalf of another

person, whether as agent or not, sends, receives or stores a

particular data message or provides other services with

respect to that data message;

“Minister” means the Minister responsible for information and

communications technology;

“originator” means a person by whom or on whose behalf, a data

message is sent or generated prior to storage, but does not

include a person acting as an intermediary in respect of that data

message;

“person” includes a public body;

“public body” includes the Government, a department, service or

undertaking of the Government, Cabinet, Parliament, a court,

local Government administration or a local council and any

committee or commission thereof, an urban authority, a

municipal council and any committee of any such council, any

corporation, committee, board, commission or similar body

whether corporate or incorporate established by an Act of

Parliament relating to undertakings of public services or such

purpose for the benefit of the public or any section of the

public to administer funds or property belonging to or granted

by the Government or money raised by public subscription,

rates, taxes, cess or charges in pursuance of any written law

and any council, board, committee or society established by an

Act of Parliament for the benefit, regulation and control of any

profession;

“service provider” means a certification authority which

certifies public keys that are used in electronic transactions

in order to guarantee the relationship between the identity

and the public key;

“third party”, in relation to a service provider, means a

subscriber to a service provided by the service provider or

any other user of the service provider’s services or a user of

information systems; and

“transaction” includes a transaction of a commercial or non

commercial nature and includes providing of information

and e-Government services.

(2) This Act shall be construed consistently with what is

commercially reasonable under the circumstances as to achieve

business sense.

3. Application

(1) This Act does not apply to a—

(a) will or codicil;

(b) trust created by a will or a codicil;

(d) document that creates or transfers an interest in property and

requires registration to be effective against third parties; and

(e) negotiable instrument, including negotiable documents of title.

(2) Nothing in this Act shall limit the operation of a law which

expressly authorises, prohibits or regulates the use of electronic

documents.

(3) The Minister may by statutory instrument, amend subsection (1).

4. Object of the Act

(1) The object of this Act is to provide a legal and regulatory

framework to—

(a) enable and facilitate electronic communication and

transactions;

(b) remove and eliminate the legal and operational barriers to

electronic transactions;

electronic communications and transactions;

(d) provide legal certainty and public confidence in the use of

electronic communications and transactions;

(e) promote e-Government services through electronic

communications and transactions with the Government,

public and statutory bodies;

(f) ensure that electronic transactions in Uganda conform to

the best practices by international standards;

(g) encourage investment and innovation in information

communications and technology to promote electronic

transactions;

(h) develops a safe, secure and effective environment for the

consumer, business and the Government to conduct and use

electronic transactions;

(i) promote the development of electronic transactions that are

responsive to the needs of users and consumers; and

(j) foster economic and social prosperity through the

information sector.

PART II—FACILITATING ELECTRONIC TRANSACTIONS

5. Legal effect of electronic records.

(1) Information shall not be denied legal effect, validity or

enforcement solely on the ground that it is wholly or partly in the

form of a data message.

(2) Information incorporated into a contract that is not in the

public domain is regarded as having been incorporated into a data

message if the information is—

(a) referred to in a way that a reasonable person would have

noticed the reference to the information or incorporation in

the contract; and

(b) accessible in a form in which it may be read, stored and

retrieved by the other party, whether electronically or as a

computer printout as long as the information is reasonably

capable of being reduced into electronic form by the party

incorporating it.

(3) Where—

(a) an act;

(b) a document; or

is required to be in writing, produced, recorded or retained, it may be

written, produced, recorded or retained in electronic form.

(4) For purposes of subsection (3) the requirement for a

document or information to be in writing is fulfilled if the document

or information is—

(a) in the form of a data message; and

(b) accessible in a manner which is usable for subsequent

reference.

6. Use of electronic signature.

Where a law requires a signature or provides for consequences where

a document is not signed, the requirement is fulfilled if an electronic

signature is used.

7. Authenticity of data message.

(1) Where a law requires information to be presented or retained

in its original form, the requirement is fulfilled by a data message if—

(a) the integrity of the information from the time when it was first

generated in its final form as a data message or otherwise has

passed assessment in terms of subsection (2); and

(b) that information is capable of being displayed or produced to

the person to whom it is to be presented.

(2) For the purposes of subsection 1(a), the authenticity of a data

message shall be assessed—

(a) by considering whether the information has remained

complete and unaltered, except for the addition of an

endorsement and any change which arises in the normal

course of communication, storage or display;

(b) in light of the purpose for which the information was

generated; and

8. Admissibility and evidential weight of a data message or an

electronic record

(1) In legal proceedings, the rules of evidence shall not be

applied so as to deny the admissibility of a data message or an

electronic record—

(a) merely on the ground that it is constituted by a data

message or an electronic record;

(b) if it is the best evidence that the person adducing the

evidence could reasonably be expected to obtain; or

(2) A person seeking to introduce a data message or an

electronic record in legal proceeding has the burden of proving its

authenticity by evidence capable of supporting a finding that the

electronic record is what the person claims it to be.

(3) Subject to subsection (2), where the best evidence rule is

applicable in respect of an electronic record, the rule is fulfilled upon

proof of the authenticity of the electronic records system in or by

which the data was recorded or stored.

(4) When assessing the evidential weight of a data message or an

electronic record, the court shall have regard to—

(a) the reliability of the manner in which the data message was

generated, stored or communicated;

(b) the reliability of the manner in which the authenticity of the

data message was maintained;

electronic record was identified; and

(d) any other relevant factor.

(5) The authenticity of the electronic records system in which an

electronic record is recorded or stored shall, in the absence of

evidence to the contrary, be presumed where—

(a) there is evidence that supports a finding that at all material

times the computer system or other similar device was

operating properly or, if it was not, the fact of its not

operating properly did not affect the integrity of the

electronic record and there are no other reasonable grounds

to doubt the integrity of the electronic records system;

(b) it is established that the electronic record was recorded or

stored by a party to the proceedings who is adverse in

interest to the party seeking to introduce it; or

stored in the usual and ordinary course of business by a

person who is not a party to the proceedings and who did

not record or store it under the control of the party seeking

to introduce the record.

(6) For the purposes of determining whether an electronic record

is admissible under this section, evidence may be presented in respect

of any standard, procedure, usage or practice on how electronic

records are to be recorded or stored, with regard to the type of

business or endeavours that used, recorded or stored the electronic

record and the nature and purpose of the electronic record.

(7) This section does not modify the common law or a statutory

rule relating to the admissibility of records, except the rules relating

to authentication and best evidence.

9. Retention of information or record.

(1) Where a law requires that a document, record or information

be retained, the requirement is fulfilled by retaining the document,

record or information in electronic form if—

(a) the information contained in the electronic record remains

accessible and can be used for subsequent reference;

(b) the electronic record is retained in the format in which it

was originally generated, sent or received or in a format

which can be demonstrated to accurately represent the

information originally generated, sent or received;

of the origin and destination of an electronic record and the

date and time when it was sent or received; and

(d) the consent of the department or ministry of the Government,

or the statutory corporation, which has supervision over the

requirement for retaining the record, has been obtained.

(2) The obligation to retain a document, record or information in

accordance with subsection (1) (c) shall not extend to information

generated solely for the purpose of enabling a document, record or

information to be sent or received.

(3) Subsection (1) may be fulfilled by using the services of a

person other than the person who originated the document, record or

information.

(4) Nothing in this section shall—

(a) affect a law which expressly provides for the retention of

documents, records or information in the form of electronic

records;

(b) preclude a department or ministry of the Government, a

statutory corporation from specifying additional

requirements for retaining electronic records that are

subject to the jurisdiction of the department or ministry of

the Government, or statutory corporation.

10. Production of document or information.

(1) For purposes of section 5(3), a requirement to produce a

document or information is fulfilled if a person produces the

document or information in electronic form if—

(a) considering all the relevant circumstances at the time that

the data message was sent, the method of generating the

electronic form of that document provided a reliable means

of assuring the maintenance of the integrity of the

information contained in that document; and

(b) at the time the data message was sent, it was reasonable to

expect that the information contained in the data message

would be readily accessible so as to be usable for

subsequent reference.

(2) For the purposes of subsection (1), the authenticity of the

information contained in a document is maintained if the information

has remained complete and unaltered, except for—

(a) the addition of an endorsement; or

(b) an immaterial change, which arises in the normal course of

communication, storage or display.

11. Notarisation, acknowledgement and certification.

(1) A requirement for a signature, statement or document to be

notarised, acknowledged, verified or made under oath, is fulfilled if

an advanced or secure electronic signature of a person authorised by

law to sign or notarise the document is attached, incorporated or is

logically associated with the electronic record.

(2) Where a person is required or permitted to provide a certified

copy of a document which is in electronic form, the requirement is

fulfilled if the person provides a printout certified to be a true copy of

the document or information.

(3) Where a person is required or permitted to provide a

certified copy of a document and the document exists in paper or

other physical form, that requirement is fulfilled if an electronic copy

of the document is certified to be a true copy of the document and the

certification is confirmed with an advanced electronic signature.

12. Other requirements.

(1) A requirement for multiple copies of a document to be

submitted to a person at the same time is fulfilled by submitting a

single data message which is capable of being reproduced by the

person to whom the data message is submitted.

(2) Where a document is required to be sealed and the law does

not prescribe the method or form in which it is to be the sealed, the

document may be sealed by electronic means.

(3) For purposes of subsection (2) a document is sealed by

electronic means if the document includes the advanced electronic

signature of the person authorised to seal the document.

(4) Where a person is required or permitted to send a document

or information by registered or certified mail, that requirement is

fulfilled if an electronic copy of the document or information is sent

to an authorised service provider and the document, is registered by

the service provider and sent to the electronic address provided by

the sender.

13. Automated transactions.

(1) In an automated transaction—

(a) a contract may be formed where an electronic agent

performs an action required by law in order to form a

contract; or

(b) a contract may be formed by a party to the transaction using

an electronic agent to enter into the contract.

(2) A party using an electronic agent to enter into a contract

shall, subject to subsection (3), be bound by the terms of the contract

irrespective of whether the party reviewed the actions of the

electronic agent or the terms of the contract.

(3) A party interacting with an electronic agent to form a

contract is not bound by the terms of the contract unless the terms are

capable of being reviewed by a person representing that party before

the formation of the contract.

(4) A contract shall not be formed under subsection (1) where a

natural person interacts directly with the electronic agent of another

party and the electronic agent makes a material error when creating

a data message unless—

(a) the other party notifies the natural person of the error as

soon as practicable after he or she has learnt of the error;

(b) the electronic agent provides the natural person with an

opportunity to prevent or correct the error;

conform to the instructions of the natural person to return

any performance received, or, if instructed to do so, to

destroy that performance; and

(d) the party has not used or received any material benefit or value

from the performance received from the natural person.

14. Formation and validity of a contract.

(1) A contract shall not be denied legal effect merely because it

is concluded partly or wholly by means of a data message.

(2) A contract by means of a data message is concluded at the

time when and the place where acceptance of the offer is received by

the person making the offer.

15. Time of dispatch of data message.

(1) Subject to an agreement to the contrary, where a data message

enters a single information system outside the control of the person

originating the data message or a person who sent the message on behalf

of the person originating the message, the dispatch of the message

occurs when the data message enters the information system.

(2) Where a data message successively enters two or more

information systems outside the control of the person originating the

data message, unless otherwise agreed between the person originating

the message and the addressee, the dispatch of the message occurs

when the data message enters the first of the information systems.

16. Time of receipt of data message.

(1) Unless otherwise agreed between the person originating the

data message and the addressee, the time of receipt of a data message

is determined where the addressee designates an information system

for receiving a data message the receipt of a data message occurs—

(a) at the time when the data message enters the designated

information system;

(b) if the data message is sent to an information system of the

addressee which is not the designated information system,

at the time when the data message is received by the

addressee; or

(2) Where the addressee has not designated an information

system, receipt occurs when the data message enters an information

system of the addressee.

(3) Subsections (1) and (2) shall apply notwithstanding that the

place where the information system is located is different from the

place where the data message is received under section 17.

17. Place of dispatch or receipt.

(1) Unless otherwise agreed by the person originating a data

message and the addressee, a data message is deemed to have been—

(a) dispatched at the place of business of the originator; and

(b) received at the place of business of the addressee.

(2) For the purposes of subsection (1) the person originating the

data message or the addressee—

(a) has more than one place of business—

(i) and one of the places can more closely be associated

with the transaction, the place of business which can

be closely associated with the transaction is presumed

to be the place of business;

(ii) but paragraph (a) does not apply, the principal place of

business of the person originating the data message or

the addressee is presumed to be the place of business;

(b) does not have a place of business, the place where the person

originating the data message or the addressee ordinarily

resides is presumed to be the place of business.

18. Expression of interest.

An expression of interest may be in the form of a data message and

may be without an electronic signature as long as it is possible to infer

the interest of the person from the data message

19. Attributing a data message to person originating the message.

(1) A data message is attributed to the person who originated the

data message if the message is sent by—

(a) the person originating the message;

(b) an agent of the person originating the message or a person

who has the authority to act on behalf of the person

originating the data message ; or

originating the message or on behalf of the person

originating the message to operate automatically unless it is

proved that the information system did not execute the

programming properly.

(2) The addressee shall regard a data message as sent by the

originator and to act on that assumption if—

(a) in order to ascertain whether the data message is sent by the

person originating the message, the addressee properly

applies a method previously agreed to by the person

originating the message for that purpose;

(b) the data message received by the addressee resulted from

the action of a person whose relationship with the

originator enabled the person to gain access to a method

used by the originator to identify electronic records as

records of the originator; or

(3) Subsection (2) shall not apply where—

(a) the addressee receives notice from the originator that the

originator did not send the data message;

(b) the addressee knows or ought to have known, had he or she

exercised reasonable care or used the agreed method, that

the data message was not sent by the originator ;or

regard the data message as a message of the originator or to

act on the assumption that the data message was sent by the

originator.

(4) This section shall not affect the law of agency or the law on

formation of contracts.

20. Acknowledgement of receipt of data message

(1) Subject to this section, an acknowledgement of receipt of a

data message is not necessary to give legal effect to the data message.

(2) Where the originator specifies that the data message is

conditional on receipt of the acknowledgement, the data message is

taken as not sent, until the acknowledgement is received by the

originator.

(3) Where the originator specifies that the data message is

conditional on receipt of an acknowledgement and the

acknowledgement is not received by the originator within the time

specified or agreed upon or, if no time has been specified or agreed

upon, within a reasonable time, the originator may—

(a) give notice to the addressee stating that an acknowledgement

has not been received and specify a reasonable time within

which the acknowledgement should be received; and

(b) upon notice to the addressee, treat the data message as

though it has never been sent or exercise any other rights

that he or she may have in respect of the data message.

(4) Where the originator does not specify that the

acknowledgement is to be given in a particular form or by a particular

method, the acknowledgement may be given by—

(a) any communication from the addressee, automated or

otherwise; or

(b) any conduct of the addressee which is sufficient to indicate to

the originator that the addressee received the data message.

(5) Where the originator receives the acknowledgement of

receipt from the addressee, unless there is evidence to the contrary it

is presumed, that the addressee received the data message.

(6) The presumption in subsection (5) does not imply that the

content of the electronic record corresponds to the content of the

record received.

(7) Where the acknowledgement states that the related data

message fulfilled the technical requirements, either agreed upon or set

forth in applicable standards, it is presumed, unless evidence to the

contrary is adduced, that those requirements have been met.

(8) Except in so far as it relates to sending or receiving of a data

message, this section does not apply to the legal consequences that arise

from the data message or from the acknowledgement of its receipt.

21. Variation of conditions or requirements by agreement.

Sections 16, 17, 18, 19 or 20 may be varied by an agreement made

between the parties involved in generating, sending, storing or

processing a data message.

PART III—E-GOVERNMENT SERVICES

22. Electronic filing and issuing of documents

Where a law provides that a public body may—

(a) accept the filing of a document or requires that a document

be created or retained;

(b) issue a permit, licence or an approval; or

the public body may,

(i) accept the document to be filed, created or retained in

the form of a data message;

(ii) issue the permit, licence or approval in electronic form;

(iii) make or receive payment by electronic means.

23. Specific requirements by public body

(1) A public body may for the purposes of section 22 by notice

in the Gazette, specify—

(a) the manner and format in which the data message shall be

filed, created or retained;

(b) the manner and format in which the permit, licence or

approval shall be issued;

electronic signature required;

(d) the manner and format in which the electronic signature

shall be attached to or incorporated into the data message;

(e) the criteria that shall be met by an authentication service

provider used by the person filing the data message or that

the authentication service provider shall be a preferred

authentication service provider;

(f) the appropriate control process and the procedure to ensure

adequate integrity, security and confidentiality of a data

messages or a payment; and

(g) any other requirements in respect of the data message or

payment.

(2) For the purposes of subsection (1) (e) a relevant generic

service provider shall be a preferred authentication service provider.

PART IV—CONSUMER PROTECTION

24. Information to be provided by suppliers or sellers.

(1) A person offering goods or services for sale, hire or exchange

through an electronic transaction shall provide to the consumers on

the web site or electronic communication where the goods or services

are offered, the following—

(a) the full name and legal status of the person;

(b) the physical address and telephone number of the person;

(d) membership of any self-regulatory or accreditation bodies

to which the person belongs or subscribes and the contact

details of that body;

(e) any code of conduct to which that person subscribes and

how the consumer may access that code of conduct

electronically;

(f) in the case of a legal person, the registration number, names

of directors and place of registration;

(g) the physical address where the person may be served with

documents;

(h) a description of the main characteristics of the goods or

services offered by the person which is sufficient to enable

a consumer to make an informed decision on the proposed

electronic transaction;

(i) the full price of the goods or services, including transport

costs, taxes and any other fees or costs;

(j) the manner of payment;

(k) any terms or conditions of agreement, including any

guarantees, that will apply to the transaction and how those

terms may be accessed, stored and reproduced

electronically by consumers;

(l) the time within which the goods will be dispatched or

delivered or within which the services will be rendered;

(m) the manner and period within which consumers may access

and maintain a full record of the transaction;

(n) the return, exchange and refund policy of the person;

(o) any alternative dispute resolution code to which the person

subscribes and how the code may be accessed

electronically by the consumer;

(p) the security procedures and privacy policy of the person in

respect of payment, payment information and personal

information; and

(q) where appropriate, the minimum duration of the agreement

in the case of agreements for the sale, hire, exchange or

supply of products or services to be performed on an

ongoing basis or recurrently;

(2) A person offering goods or services for sale, hire or exchange

through an electronic transaction shall also provide a consumer with

an opportunity—

(a) to review the entire electronic transaction;

(b) to correct any mistakes; and

(3) Where a person offering goods or services for sale, hire or

exchange through an electronic transaction fails to comply with

subsection (1) or (2), a consumer may cancel the transaction within

fourteen days after receiving the goods or services under the transaction.

(4) Where a transaction is cancelled under subsection (3)—

(a) the consumer shall return the goods to the person who

offered the goods or, where applicable, cease using the

service; and

(b) the person selling or offering the goods or services shall

refund all payments made by the consumer after deducting

the direct cost of returning the goods.

(5) For the purposes of subsection (4) (b) the person offering the

goods or services shall use a payment system which is secure

according to the accepted technological standards at the time of the

transaction.

(6) Where a person offering goods or services for sale, hire or

exchange by electronic means fails to comply with subsections (4) (b)

and (5) he or she is liable for the damage suffered by the consumer

(7) Subsection (3) does not apply to an electronic transaction—

(a) for financial services, including, investment services,

insurance and reinsurance operations, banking services and

securities;

(b) by way of an auction;

intended for everyday consumption if they are supplied to

the home, residence or workplace of the consumer;

(d) for services which began with the consumer ’s consent

before the end of the seven-day period referred to in section

25(1);

(e) where the price for the supply of goods or services is

dependent on fluctuations in the financial markets and

which cannot be controlled by the supplier;

(f) where the goods—

(i) are made to the specifications of the consumer;

(ii) are clearly personalised;

(iii) by reason of their nature cannot be returned; or

(iv) are likely to deteriorate or expire rapidly;

(g) where audio or video recordings or computer software is

unsealed by the consumer;

(h) for the sale of newspapers, periodicals, magazines and

books;

(i) for the provision of gaming and lottery services; or

(j) for the provision of accommodation, transport, catering or

leisure services and where the supplier undertakes, when

the transaction is concluded, to provide these services on a

specific date or within a specific period.

25. Cancelling electronic transaction after receipt of goods or

services.

(1) Subject to sub section (2), a consumer may cancel an

electronic transaction and any related credit agreement for the supply

of goods or services—

(a) within seven days after the date of receipt of the goods or

services; or

(b) within seven days after the date of conclusion of the

agreement.

(2) A consumer who returns goods after cancelling an electronic

transaction under subsection (1) shall not be charged for the returning

of the goods other than the direct cost of returning the goods

(3) Where payment for the goods or services has been effected

before a consumer exercises the right to cancel the transaction under

subsection (1), the consumer is entitled to a full refund of money paid

within thirty days of the date of the cancellation.

(4) This section shall not be construed as prejudicing the rights

of a consumer which are provided for in any other law.

26. Unsolicited goods, services or communications.

(1) A person who sends an unsolicited commercial

communication to a consumer, shall provide—

(a) the consumer with the option to cancel his or her

subscription to the mailing list of that person; and

(b) where the consumer requests, the particulars to identify the

source from which that person obtained the personal

information of the consumer.

(2) A person who contravenes sub-section (1) commits an offence

and is liable, on conviction to a fine not exceeding seventy two currency

points or to imprisonment not exceeding three years or both.

(3) A person who sends an unsolicited commercial

communication to a person who has advised the sender that he or she

should not send the communication , commits an offence and is liable

on conviction, to a fine not exceeding seventy two currency points or

imprisonment not exceeding three years or both.

27. Performance of electronic transaction.

(1) Where a person makes an order for goods or services by

electronic means, unless otherwise agreed by the parties, the supplier

shall execute the order within thirty days.

(2) Where the supplier fails to execute the order within thirty

days or within the agreed period, the consumer may cancel the order

after giving written notice of seven days.

(3) Where the supplier is not able to supply the goods or

services, on the ground that the goods or services ordered are not

available, he or she shall notify the consumer as soon as practicable

and refund any payment made in respect of the goods or services

within thirty days.

28. Invalidity of provisions excluding consumer rights.

A provision in an agreement, which excludes any rights provided for

in this Part, is void.

PART V—LIMITATION OF LIABLITY OF SERVICE PROVIDERS

29. Liability of a service provider

(1) A service provider shall not be subject to civil or criminal

liability in respect of third-party material which is in the form of

electronic records to which he or she merely provides access if the

liability is founded on—

(a) the making, publication, dissemination or distribution of

the material or a statement made in the material; or

(b) the infringement of any rights subsisting in or in relation to

the material.

(2) This section shall not affect—

(a) an obligation in a contract;

(b) the obligation of a network service provider under a

licencing or regulatory framework which is established by

law; or

block or deny access to any material.

(3) For the purposes of this section, provides access, in relation

to third-party material, means providing the necessary technical

means by which third-party material may be accessed and includes

the automatic and temporary storage of the third-party material for

the purpose of providing access.

30. Information location tools.

Where a service provider refers or links users to a web page

containing an infringing data message or infringing activity, the

service provider is not liable for damage incurred by the user if the

service provider—

(a) does not have actual knowledge that the data message or an

activity relating to the data message is infringing the rights

of the user;

(b) is not aware of the facts or circumstances from which the

infringing activity or the infringing nature of the data

message is apparent;

the infringing activity; or

(d) removes or disables access to the reference or link to the

data message or activity within a reasonable time after

being informed that the data message or the activity relating

to the data message infringes the rights of the user.

31. Notification of infringing data message or activity.

(1) A person who complains that a data message or an activity

relating to the data message is unlawful shall notify the service

provider or his or her designated agent in writing and the notification

shall include—

(a) the full name and address of the person complaining;

(b) the written or electronic signature of the person

complaining;

(d) a description of the material or activity which is alleged to

be the subject of infringing activity;

(e) the remedial action required to be taken by the service

provider in respect of the complaint;

(f) telephone and electronic contact details of the person

complaining;

(g) a declaration that the person complaining is acting in good

faith; and

(h) a declaration that the information in the notification is

correct to his or her knowledge.

(2) A person who knowingly makes a false statement on the

notification in subsection(1) is liable to the service provider for the

loss or damage suffered by the service provider.

32. Service provider not obliged to monitor data

(1) For the purposes of complying with this Part, a service

provider is not obliged to—

(a) monitor the data which the service provider transmits or

stores; or

(b) actively seek for facts or circumstances indicating an

unlawful activity,

(2) The Minister may by statutory instrument, prescribe the

procedure for service providers to—

(a) inform the competent public authorities of any alleged

illegal activities undertaken or information provided by

recipients of their service; and

(b) communicate information enabling the identification of a

recipient of the service provided by the service provider, at

the request of a competent authority

33. Regulations.

The Minister may, by statutory instrument make regulations for

any—

(a) matter which is required to be prescribed; or

(b) administrative or procedural matter which is necessary to

give effect to this Act;

this Act.

34. Power of the Minister to amend Schedule

The Minister may, by statutory instrument, with the approval of

Cabinet amend the Schedule.

SCHEDULE

Section 2.

Currency point

One currency point is equivalent to twenty thousand shillings.

BILLS SUPPLEMENT No. 12 14th November, 2008.

BILLS SUPPLEMENT

to the Uganda Gazette No. 56 Volume CI dated 14th November, 2008.

Printed by UPPC, Entebbe by Order of the Government.

THE ELECTRONIC TRANSACTIONS BILL, 2008.

MEMORANDUM.

1. Policy and principles of Bill

The object of this Bill is to make provision for the use, security,

facilitation and regulation of electronic communications and

transactions; to encourage the use or e-Government service and to

provide for related matters.

2. The defects in the existing law

It has been established that Uganda needs to maximally exploit the

great resource of ICTs resources, by ensuring that the Ugandan

communities, business and institutions have access to these modern

technologies. Uganda therefore needs to create a proper environment

for all possible users and beneficiaries of ICT to educate them on the

operations electronic transactions and in doing so, make necessary

amends to ensure security of users of ICT.

3. Remedies proposed

It is on the basis of such background that the Electronic Transactions

Bill has been put together in order to meet the need of exploiting

electronic transaction in the modern business transactions that have

become common.

4. Necessity for introduction of the Bill

The Bill is therefore being introduced to provide remedies for the

defects in the existing law. This Bill is one of three Bills that have

been found necessary to promote, to meet the current situation for

now and for the future.

The two other Bills are the Electronic Signatures Bill and the

Computer Misuse Bill.

5. “Electronic transactions” refers to the sale or purchase of goods

and services whether between businesses, individuals or governments

and other public or private organisations conducted over computer

mediated networks whether the payment or delivery of goods and

services is made on or off line.

6. Provisions of the Bill

The Bill creates facilitation of electronic transactions, e-Government

services and the extent of liability of service providers.

The Bill is divided into five parts.

7. Part I of the Bill—Preliminary

Part I of the Bill incorporating clauses 1, 2, 3, and 4, for preliminary

matters relating to commencement of the Bill, interpretation,

application and object of the Act.

Under the interpretation, clause 2 – transaction has been defined as

follows—

“transaction” includes a transaction of a commercial or non

commercial nature and includes the providing of information and e-

Government services.

Whereas e-Government is defined to include a public service

provided by electronic means by a public body in Uganda.

Under clause 3 relating to application, for instance this Act shall not

extend to for example will and codicil, power of attorneys and negotiable

instrument including negotiable documents of title among others.

However this Act shall not limit the operation of a law which expressly,

authorises, prohibits or regulates the use of electronic documents.

The object of the Act is laid down in clause 4 which details the

provisions of a legal and regulatory framework for instance—

(a) to enable and facilitate electronic communication and

transactions;

(b) to remove and eliminate the legal and operational barriers to

electronic transactions, etc.

8. Part II—Facilitating electronic transactions

Part II of the Bill incorporating clauses 5 – 21 deals with general

provisions on facilitating electronic transactions.

Clause 5 deals with legal effect of electronic records; for instance –

(1) Information shall not be denied legal effect, validity or

enforcement solely on the ground that it is wholly or partly in the

form of a data message.

Clause 6 explains the use of electronic signature such as, where a law

requires a signature or provides for consequences where a document

is not signed, the requirement is compiled with if an electronic

signature is used.

Clause 7 explains the authenticity of data message which can be so,

if for instance that information is capable of being displayed or

produced to the person to whom it is to be presented.

Clause 8 explains admissibility and evidential weight of a data

message or an electronic record.

A person seeking to introduce a data message or an electronic record

in any legal proceeding has the burden of proving its authenticity by

evidence capable of supporting a finding that the electronic record is

what the person claims it to be.

When assessing the evidential weight of a data message or an

electronic record, the court shall have regard to—

(a) the reliability of the manner in which the data message was

generated, stored or communicated;

(b) the reliability of the manner in which the authenticity of the

data message was maintained;

electronic record was identified; and

(d) any other relevant factor.

Clause 9 deals with retention of information or a record; where a law

requires a document, record or information to be retained, that

requirement may be fulfilled by retaining the document, record or

information in electronic form if for instance, the information

contained in the electronic record remains accessible and can be used

for subsequent reference.

Clause 10 gives details on production of document or information. A

requirement to produce a document or information may be fulfilled if

a person produces the document or information in electronic form.

Clause 11, gives details on notarisation, acknowledgement and

certification for a signature, statement or document which

requirement may be fulfilled if an advanced or secured electronic

signature if a person authorised by law to sign or notarise the

document is attached, incorporated or is logically associated with the

electronic record.

Clause 12, explains multiple copies, sealing and other requirements.

A requirement for multiple copies of a document to be submitted may be

fulfilled by submitting a single data message capable of being reproduced.

A requirement for sealing a document where the law does not

prescribe the method or form of sealing, may be sealed by electronic

means. The document in this case includes the advanced electronic

signature of the person authorised to seal the document.

A person who is required or permitted to send a document or information

by registered or certified mail complies with the requirement, if an

electronic copy of the document or information is sent to an authorized

service provider and the document is registered by the service provider

and sent to the electronic address provided by the sender.

Clause 13 gives details on automated transactions, where in—

(a) a contract may be formed where an electronic agent performs

an action required by law in order to form a contract; or

(b) a contract may be formed by a party to the transaction using

an electronic agent to enter into the contract.

Clause 14 provides for formation and validity of a contract.

(1) A contract shall not be denied legal effect merely because it

is concluded partly or wholly by means of a data message.

(2) A contract by means of a data message is concluded at the

time when and the place where acceptance of the offer is received by

the person making the offer.

Clause 15 gives details on time of dispatch of data message where a

data message successfully enters two or more information systems

outside the control of the person originating the data message, unless

otherwise agreed between the person originating the message and the

addressee, the dispatch of the message occurs when the data message

enters the first of the information systems.

Clause 16 establishes the time of receipt of data message, the receipt

of a data message occurs—

(a) at the time when the data message enters the designated

information system;

(b) if the data message is sent to an information system of the

addressee which is not the designated information system at

the time when the data message is received by the

addressee.

Clause 17 explains place of dispatch or receipt of a data message is

taken to have been as follows—

(a) dispatched at the place of business of the originating; or

(b) received at the place of business of the addressee.

Where there is more than one place of business, the place closely

associated with the transaction in regard to the place of business.

Clause 18 gives details on expression of interest.

An expression of interest may be in the form of a data message and

may be without an electronic signature as long as it is possible to infer

the interest of the parties from the data message.

Clause 19 explains the expressions attributing a data message to the

person originating the message.

A data message is attributed to the person who originated the data

message if the message is sent by—

(a) the person originating the message;

(b) an agent of the person originating the message or a person

who has the authority to act on behalf of the person

originating the data message,

etc.

However, this section shall not affect the law of agency or the law on

formation of contracts.

Clause 20 explains acknowledgement of receipt of a data message.

An acknowledgement of receipt of a data message is not necessary to

give legal effect to the data message unless otherwise required, for

instance—

“The originator specifies that the data message is conditional on

receipt of the acknowledgement the data message is taken as not sent,

until the acknowledgement is received by the originator”.

Where the originator receives the acknowledgement of receipt from

the addressee, unless there is evidence to the contrary it is presumed,

that the addressee received the data message.

Clause 21 explains variation of conditions or requirements by agreement.

Section 16, 17, 18, 19 or 20 may be varied by an agreement made

between the parties involved in generating, sending, sorting or

processing a data message.

9. Part III of the Bill—E-Government services

Part III of the Bill incorporating clauses 22 to 23 provides for e-

Government services. For instance, clause 22 provides for electronic

filing and issuing of documents.

Where a law provides that a public body may—

(a) accept the filing of a document or requires that a document

be created or retained;

(b) issue a permit, licence or an approval; or

may—

(i) accept the document to be filed, created or retained in

the form of a data message;

(ii) issue the permit, licence or approval in electronic form; or

(iii) make or receive payment by electronic means.

Clause 23 creates specific requirements by public body.

A public body may for the purposes of section 22 by notice in the

Gazette, specify—

(a) the manner and format in which the data message shall be

filed, created or retained;

(b) the manner and format in which the permit, licence or

approval shall be issued, etc.

However, for purposes of the above provision, a relevant generic

service provider shall be a preferred authentication service provider.

10. Part IV of the Bill—Consumer protection

10. Part IV of the Bill incorporates clauses 24 to 28 providing for

consumer protection.

Clause 24 explains information to be provided by suppliers or sellers.

(1) A person offering goods or services for sale, hire or exchange

through an electronic transaction shall provide to consumers on the

website the following—

(a) the full name and legal status of the person;

(b) the physical address and telephone number of the person;

(d) membership of any self-regulatory or accreditation bodies

to which the person belongs or subscribes and the contract

details of that body, etc.

(2) A person offering goods or services for sale, hire or exchange

through an electronic transaction shall also provide a consumer with

an opportunity—

(a) to review the entire electronic transaction;

(b) to correct any mistake; and

Clause 25 explains canceling electronic transaction after receipt of

goods or service.

(1) A consumer may cancel an electronic transaction and any

related credit agreement for the supply of goods and services—

(a) within seven days after the date of the receipt of the goods

or services; or

(b) within seven days after the date of the conclusion of the

agreement.

(2) A consumer who returns goods after canceling an electronic

transaction under subsection (1) shall not be charged for returning the

goods other than the direct cost of returning the goods.

Clause 26 explains unsolicited goods, services or communications for

example—

A person who sends an unsolicited commercial communication to a

consumer, shall provide—

(a) the consumer with the option to cancel his/her subscription

to the mailing list of that persons; and

(b) where the consumer requests, the particulars to identify the

source from which that person obtained the personal

information of the consumer.

Clause 27 explains the performance of electronic transaction

Where a person makes an order for goods or services by electronic

means, unless otherwise agreed by the parties, the supplier shall

execute the order within thirty days.

Upon failure of execution within thirty days or agreed period, the

consumer may cancel the order after giving written notice of seven

days.

Clause 28 explains the invalidity of provisions excluding consumer

goods.

A provision in an agreement, which excludes any rights provides for

in this part, is void.

11. Part V of the Bill—Limitation of liability of service providers

Part V of the Bill incorporates clauses 29 to 34, providing for the

limitations of liability of service providers. For instance—

(1) A service provider shall not be subject to any civil or

criminal liability in respect of third-party material which is in the

form of electronic records to which he or she merely provides access,

if the liability is founded on—

(a) the making, publication, dissemination or distribution of

the material or a statement made in the materials; or

(b) the infringement of any rights subsisting in or in relation to

the material.

(2) This section shall not affect—

(a) an obligation in a contract;

(b) the obligation of a network service provider under a

licencing or regulatory framework which is established by

law; or

block or deny access to any material.

Clause 30 explains the information location tools where a service

provider refers or links users to a web page containing an infringing

data message or infringing activity, the service provider is not liable

for damage incurred by the user if the service provider—

(a) does not have actual knowledge that the data message or an

activity relating to the data message is infringing the rights

of the user;

(b) is not aware of the facts or circumstances from which the

infringing activity or the infringing nature of the data

message is apparent, etc.

Clause 31 explains the notification of infringing data message or

activity.

(1) A person complaining that a data message or an activity

relating to the data message is unlawful shall notify the service

provide or his or her designated agent in writing.

(2) A person who knowingly makes a false statement on the

notification in subsection (1) is liable to the service provider for the

loss or damage suffered by the service provider.

Clause 32 provides that service provider not obliged to monitor data.

(1) For the purpose of complying with this Part, a service

provider is not obliged to—

(a) monitor the data which the service provider transmits or

stores; or

(b) actively seek for facts or circumstances indicating an

unlawful activity.

Clause 33 provides for regulations

The Minister may, by statutory instrument make regulations for

any—

(a) matter which is required to be prescribed; or

(b) administrative or procedural matter which is necessary to

give effect to this Act;

Act.

Clause 34 explains the power of the Minister to amend the Schedule

The Minister may, by statutory instrument, with approval of Cabinet

amend the Schedule.

HAM-MUKASA MULIRA,

Minister of Information and Communications Technology (ICT).

Technology and the Law

Judgments

Legislation

ULII LAW REPORTS

Electronic Transactions Bill, 2008