British Virgin Islands
Cayman Islands
Cook Islands
Costa Rica
Czech Republic
Hong Kong
Isle of Man
Marshall Islands
The Netherlands
The Netherlands Antilles
New Zealand
Ras Al Khaimah
South Africa
St. Kitts
St. Vincent & The Grenadines
Turks & Caicos Islands
United Kingdom
United States


To receive our free e-commerce updates featuring news and features, please enter your email address below:

CONTINUEThis site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.



- Executive Summary
- Introduction: The Scope of E-commerce Legislation and Regulation
- Supranational Regulation: the EU, the OECD and other bodies
- International Organisations and Anti-Offshore Initiatives


- Taxation of Offshore E-commerce
- Offshore E-commerce Facilities
- Offshore Professional and Financial Services
- Offshore E-commerce Applications


See Supranational Regulation: the EU, the OECD and other bodies for a description of measures which have been adopted by the EU, and for details of other pending legislation at a more technical level.

Some individual member states have passed or plan legislation dealing with aspects of e-commerce outside the scope of the EU legislation, or which strengthen individual parts of it.

In the UK, an e-commerce act in 1999 dealt with contractual and signature aspects, while the notorious Regulation of Investigatory Powers Act 2000 (RIP) deals with the powers of Government and ISPs to intercept and/or decipher Internet communications. Although the RIP Act has been much watered down since it was drafted, it still places a duty on ISPs to install monitoring equipment at the request of the Government, and gives the Government power to demand the key to any encrypted communication, subject to penal sanctions. Such demands can be contested in Court, but only after the event. With the RIP Act in place, the UK has by far the most intrusive investigatory legislation of any OECD country.

Following 9/11, the UK government enacted the Anti-terrorism, Crime and Security Act 2001. Provisions contained in the Act allow the Home Office to push for the retention of personal data, in order to track the users of telecommunication services if necessary. In 2003, the government introduced a piece of draft legislation - entitled Code for the Voluntary Retention of Communications Data - allowing such information to be retained for up to 12 months.

In 2003-04, the Office of Fair Trading said it was planning the introduction of new rules for e-tailers, intending to bring the sector into line with other "distance sellers", with a particular focus on guarantees, terms and conditions, returns policies, and contact details.

In June, 2006, the Treasury published new legislation to bring the UK's financial services regime into line with the EU's e-Commerce Directive.

has passed an Electronic Commerce Act, signed into law by the President on 10th July 2000, which provides for the legal recognition of electronic contracts, electronic writing, electronic signatures and original information in electronic form in relation to commercial and non-commercial transactions and dealings and other matters, the admissibility of evidence in relation to such matters, the accreditation, supervision and liability of certification service providers and the registration of domain names, and to provide for related matters.

In November, 2003, Ireland's Minister for Communications, Dermot Ahern signed into law new regulations dealing with spam, cookies, and other privacy issues relating to electronic communication. The European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations 2003 implemented the EU's Privacy and Electronic Communications Directive.

The regulations contained provisions regulating the use of cookies and spyware, impose restrictions on unsolicited direct marketing by phone, fax, e-mail, or SMS, and allow subscribers listed in freely available directories to specify what personal information is listed. The rules also required that subscribers listed in public directories are informed as to how their data can be accessed and used, and that mobile location data can only be used with an individual's consent.

passed an Information and Communication Services Act on 13th June 1997, which includes provision for digital signatures. In mid-April, 2000, the German government released a summary of draft amendments to the Act. The amendments, which are intended to implement the EU Directive on Electronic Signatures, made several important changes to the German Digital Signature Law, but retained the basic security standard under the current Act. Some German companies that offer electronic signature products and services want to retain the stricter standards in the existing Act, but the Government will probably stick with its proposals for a more liberal legal framework.

In Germany, the e-commerce directive was enacted in national law (Gesetz zum elektronischen Geschäftsverkehr (EGG)) on December 21, 2001. This meant a full implementation of the country of origin principle in German law.

passed a law on 15th March 1997 providing for the legal validity of electronic documents. It provides that "The instruments, data and documents constituted by the public service and by private individuals using computer or telematic methods, contracts stipulated in such form, and their archiving and transmission using computer instruments, shall be valid and effective for all legal purposes". It further states that "the criteria and methods of application of this paragraph shall be set out, for the public service and for private individuals, in specific regulations".

On 10th November 1997, a presidential decree provided that a digital signature is equivalent to a handwritten signature. Different levels of equivalence are provided. The Decree provided that a digital signature must be certified by an accreditated Certification Authority. According to the Decree the digital signature can be the equivalent of the hand-written signature but it can also replace, for any purpose set out in the legislation, the affixing of seals, embossing, stamps, signs and marks of any kind. Technical rules relating to digital signatures, electronic documents and certification authorities were set out in a Prime Ministerial Decree on 8th February 1999.

Italy incorporated the 2000 European directive on e-commerce into national law on 9 April 2003. But Italian MPs interpreted the directive in a more balanced way than their French colleagues. The Italian version holds Website hosts responsible for content they allow to be put out from the time they learn of any illegal content, but they can only censor a webpage if a "competent body" rules it is illegal.

Parliament approved a data protection measure in June 2003 including a section on spam, which could lead to online censorship. A court can now order an ISP to block access to foreign-based servers responsible for repeated and massive spam. This measure was supposed to include a code of conduct to guard against infringements of individual freedom but it was not added.

The government proposed on 23 December 2003 to amend the privacy law of June that year, notably to oblige ISPs to retain customer data on e-mail and other Internet activity for five years, to be handed over to a court if required. Strong protests by opposition parties and cyber-freedom activists, as well as criticism by the Office for the Protection of Personal Data, eliminated this clause from the version approved by parliament.

ISPs are required to cooperate with police and courts in investigations but are not legally obliged to retain any online activity data, except details of Internet payments for a period of six months.

In Canada some provinces have enacted digital signature legislation as well as the national government, and there are a number of other bills under consideration at national level. The most important are:

The Personal Information Protection and Electronic Documents Act, enacted October 26, 1999. The Act supports and promotes electronic commerce by protecting personal information that is collected, used or disclosed in certain circumstances, by providing for the use of electronic means to communicate or record information or transactions and by amending the Canada Evidence Act, the Statutory Instruments Act and the Statute Revision Act

The Electronic Commerce Bill (Bill 88) had its second reading on 19th June 2000. The Bill removes barriers to the legally effective use of electronic communications by governments and by the private sector. It is not intended to require the use of particular technology or to have a large impact on the methods that people use to communicate. It does not require anyone to use, provide or accept information in electronic form. The Bill is based on the Uniform Electronic Commerce Act which the Uniform Law Conference of Canada adopted in 1999, and is consistent in principle with the United Nations Model Law on Electronic Commerce.

The 'E-commerce Bill' (Bill 70) was referred to Standing Committee on May 11, 2000. The Bill provides that the legal effect and enforceability of information or documents may not be denied just because the information is in an electronic form. Subject to specified limits, where a law requires that information or a document be in writing or that a document be signed, the information or document may be provided electronically and the document signed electronically. Subject to specified limits, if a law requires a person to present or retain information or a document in its original form, the person may provide or retain the information or document in an electronic form. In specified circumstances, an electronic form may be used to satisfy a statutory or prescribed requirement for the use of a form.
The Bill also provides that the legal effect and enforceability of a contract may not be denied just because information or a document in an electronic form was used in its formation. The Bill recognizes contracts formed as the result of specified electronic exchanges and allows for errors arising from transactions with electronic agents to be corrected.

The Personal Information Protection and Electronic Documents Act came into force in 2001, with the following main effects:

Part 1 of the enactment establishes a right to the protection of personal information collected, used or disclosed in the course of commercial activities, in connection with the operation of a federal work, undertaking or business or interprovincially or internationally.

It establishes the following principles to govern the collection, use and disclosure of personal information: accountability, identifying the purposes for the collection of personal information, obtaining consent, limiting collection, limiting use, disclosure and retention, ensuring accuracy, providing adequate security, making information management policies readily available, providing individuals with access to information about themselves, and giving individuals a right to challenge an organization's compliance with these principles.

It further provides for the Privacy Commissioner to receive complaints concerning contraventions of the principles, conduct investigations and attempt to resolve such complaints. Unresolved disputes relating to certain matters can be taken to the Federal Court for resolution.

Part 2 sets out the legislative scheme by which requirements in federal statutes and regulations that contemplate the use of paper or do not expressly permit the use of electronic technology may be administered or complied with in the electronic environment. It grants authority to the appropriate authorities to make regulations about how those requirements may be satisfied using electronic means.

Part 2 also describes the characteristics of secure electronic signatures and grants authority to make regulations prescribing technologies or processes for the purpose of the definition ``secure electronic signature''.

Part 3 amends the Canada Evidence Act to facilitate the admissibility of electronic documents, to establish evidentiary presumptions related to secure electronic signatures, and to provide for the recognition as evidence of notices, acts and other documents published electronically by the Queen's Printer.

Part 4 amends the Statutory Instruments Act to authorize the publication of the Canada Gazette by electronic means.

Part 5 amends the Statute Revision Act to authorize the publication and distribution of an electronic version of the Consolidated Statutes and Regulations of Canada.

Most US states had adopted e-commerce legislation by the time that the Congress passed the Electronic Signatures in Global and National Commerce Act 1999, finally signed into law by Bill Clinton in June 2000, and which was effective from 1st October 2000.

The motivation for a federal statute was the fact that over the previous five years the fifty states had passed an array of electronic signature and electronic commerce statutes that fall into three varying models and are authorized for varying reasons. Some states provided that any type of electronic signature was valid. Other states stated that some minimal form of security is required (such as tying the electronic signature to the signer or being able to ascertain that the message has not been altered). Still other states validate only digital signatures, thought to be the most secure and requiring the use of PKI (Public Key Infrastructure).

In addition to providing three inconsistent models for approving of electronic signatures, the states provided different uses for the approved electronic signature. Certain states permit only transactions with government agencies to be accomplished through the use of electronic signatures, while others permit only certain kinds of commercial transactions to be validated.

The Federal Act 'preempts' state legislation unless the latter conforms to the Uniform Electronic Transactions Act (approved and recommended for enactment by the National Conference of Commissioners on Uniform State Laws in July 1999) or is technologically neutral.

Under the Federal Act, consumers must affirmatively consent to receive electronic records; the consumer may retain such records and withdraw consent.

The Act is technology-neutral so that the parties entering into electronic contracts can choose the system they want to use to validate an online agreement. Many browsers contain minimal authentication features and companies are developing pen-based and other types of technologies to facilitate online contracting. In addition, a number of companies already provide digital signature products using PKI.

The Act specifies that:

no one is obligated to agree to use or accept electronic records or signatures;
its provisions do not affect any disclosures required under regulation or law
if a notice must be provided to a consumer in writing, an electronic version will fulfill that requirement only if the consumer has consented to accepting an electronic version and has demonstrated that he can access the information in electronic form;
it does not apply to the creation and execution of wills, codicils and testamentary trusts; to adoptions, divorce or other matters of family law; to any notice of cancellation or termination of utility services or the default, acceleration, repossession, foreclosure or eviction under a credit agreement secured by, or a rental agreement for, the primary residence of an individual; the cancellation or termination of health or life insurance benefits; or the recall or notification of a material failure of a product;
it covers contracts, agreements, or records entered into or provided in, or affecting, interstate or foreign commerce, as well as those within the scope of the Securities Exchange Act of 1934;
it defines the term 'electronic signature' to mean information or data in electronic form, attached to or logically associated with an electronic record, and executed or adopted by a person or an electronic agent of a person, with the intent to sign a contract, agreement, or record.

In addition to the electronic signature provisions, the Act contains electronic record keeping provisions that are effective on March 1, 2001.

In Hong Kong, the Electronic Transactions Ordinance was enacted on 7th January 2000 and had effect from 7th April 2000. The Ordinance establishes guidelines for the validity and use of electronic signatures and electronic records. It provides for the admissibility of digital signatures and electronic records into legal proceedings.

This Ordinance also establishes electronic contract requirements and regulations for certification authorities are established. If law requires the signature of a person or provides for certain consequence if a document is not signed by a person, a digital signature of that person satisfies the requirement but only if the digital signature is supported by a recognized certificate and is generated within the validity of that certificate. If a rule of law requires information to be or given in writing or provides for certain consequences if it is not, an electronic record satisfies the requirement if the information is contained in the electronic record is accessible so as to be usable for subsequent reference.

has enacted The Electronic Transactions Act 1999. The Act reflects international standards, including the UNCITRAL Model Law on electronic commerce, working papers of the European Parliament and Council in respect of electronic signatures, the European Union's safe harbour principles for data protection, and “best practice” legislation found in other jurisdictions.

The Act, drafted by international law firm Linklaters & Payne, lays a foundation for the conduct of electronic transactions on a technology-neutral basis that is sufficiently flexible to embrace new technological developments and that contemplates a high degree of self-regulation. It lays down a basis for electronic documents and signatures to replace their physical equivalents in all applicable legislation.

Bermuda also adopted a Code of Conduct in May 2000. The code is designed to encourage business to observe integrity, protect personal data, avoid abusive usage, advertise truthfully, deal fairly and openly with customers, and settle complaints and disputes quickly. In essence, the legislation does not regulate customers directly, but tasks ISPs and e-commerce service providers, (such as transaction gateways) to ensure that their customers adhere to the Code. The Ministry of Telecommunications and E-commerce is the final authority regarding enforcement of the Code. For example, the Code will outline remedial steps if a customer infringes on copyright law, and requires the local providers to report criminal or prohibited acts under Bermuda law. Furthermore, Bermuda-based companies are not allowed to engage in online gaming or adult-content services.

Other key pieces of legislation include the Electronic Communications and Transactions Act 2003, The Computer Misuse Act 2003, and the Data Protection (Privacy of Personal Information) Act 2003.


- Executive Summary - A quick overview of major developments in national and international regulation of E-commerce with special reference to offshore e-commerce.
- Introduction: The Scope of E-commerce Legislation and Regulation - A review of the range of laws impacting the conduct of onshore and offshore e-commerce.
- Supranational Regulation: the EU, the OECD and other bodies - International initiatives to regulate e-commerce and offshore e-commerce; anti-offshore initiatives.
- International Organisations and Anti-Offshore Initiatives - International initiatives from the G7, the OECD and the EU to restrict offshore regimes and their tax-saving possibilities.


  Expat Briefing
  Global Incorpoation Guide [GIG]

IMPORTANT NOTICE: Important Notice: Wolters Kluwer TAA Limited has taken reasonable care in sourcing and presenting the information contained on this site, but accepts no responsibility for any financial or other loss or damage that may result from its use. In particular, users of the site are advised to take appropriate professional advice before committing themselves to involvement in offshore jurisdictions, offshore trusts or offshore investments. All rights reserved. 2017 Wolters Kluwer TAA Limited