CPTPP: E-Commerce, Consumer Rights, Technology and Data Protection
In virtue of the economic growth and opportunities provided by electronic commerce and the importance of frameworks that promote consumer confidence, Chapter 14 of the CPTPP regulates “electronic commerce”. In this regard, the treaty regulates the following matters:
Link to article
E-commerce and consumer rights:
- Customs Duties: No party shall impose customs duties on electronic transmissions, which shall not preclude a party from imposing internal taxes, fees, or other charges on content transmitted electronically, provided they are consistent with the treaty.
- Non-Discriminatory Treatment of Digital Products: Neither party will grant less favorable treatment to digital products created, produced, published or first made available on commercial terms in the territory of another party.
- Domestic Electronic Transactions Framework: Each party is mandated to maintain a legal framework governing electronic transactions consistent with the principles of the UNCITRAL Model Law on Electronic Commerce 1996 or the United Nations Convention on the Use of Electronic Communications in International Contracts, done at New York, November 23, 2005. Any unnecessary regulatory burden on electronic transactions should be avoided.
- Electronic Authentication and Electronic Signatures: The parties may not: (i) deny the legal validity of a signature on the basis that the signature is in electronic form, (ii) take measures that prohibit the parties to a transaction from determining the appropriate authentication methods or (iii) prevent the opportunity to prove to the judicial or administrative authorities that their transaction complies with any legal requirements with respect to authentication.
However, a party may require that, for a particular category of transactions, the method of authentication meets certain performance standards or is certified by an authority. Finally, the use of interoperable electronic authentication should be encouraged.
- Paperless Trading: Each party shall make trade administration documents available to the public in electronic form and shall accept electronically submitted documents as the legal equivalent of the paper version.
- Online Consumer Protection: The parties must adopt or maintain consumer protection laws to prohibit fraudulent or deceptive practices that cause harm or potential harm to consumers. The parties recognize the importance of cooperation between their respective national consumer protection agencies in activities related to cross-border electronic commerce.
- Cooperation: By virtue of the global nature of electronic commerce, the parties will seek to: a) work together to assist SMEs to overcome obstacles to its use; b) exchange information and share experience on regulations relating to electronic commerce, including those related to the protection of personal information, online consumer protection, spam, security, authentication and electronic government; c) exchange information and share views on consumer access to products and services offered online between the parties; d) participate actively in regional and multilateral fora to promote the development of electronic commerce; and e) encourage development by private sector of methods of self-regulation that foster electronic commerce, including codes of conduct, model contracts, guidelines and compliance mechanisms.
Data protection, information security and cybersecurity:
- Protection of Personal Information and Personal Data: The parties should adopt or maintain a legal framework that provides for the protection of personal information in electronic commerce, either through: (i) laws that broadly cover the protection of personal data; (ii) sector-specific laws; or (iii) laws that provide for the enforcement of voluntary undertakings by enterprises relating to privacy. In adopting such regulatory frameworks, the parties shall take into account principles and guidelines of relevant international bodies.
- Cross-Border Transfer of Information by Electronic Means: The parties shall allow international transfers of information. CPTPP countries have retained the ability to maintain and modify regulations related to data transfers.
- Location of Computing Facilities: The parties have committed not to impose "localization requirements" that require companies to build data centers or use local computer facilities in CPTPP markets. However, the Treaty contains an exception to allow localization measures where necessary for "legitimate public policy objectives", provided that: (i) this does not result in arbitrary or unjustified discrimination or a disguised restriction on trade; and (ii) that any restriction on the use or location of computing facilities only applies to the amount necessary to achieve the public policy objective.
- Unsolicited Commercial Electronic Messages: The parties will adopt or maintain measures that require providers of unsolicited commercial electronic messages to facilitate the ability of recipients to prevent their continuous receipt; require the consent of recipients to receive messages; and that provide for the minimization of unsolicited messages. Finally, it is indicated that the parties will provide recourse against suppliers of unsolicited commercial electronic messages that do not comply with the measures adopted.
- Cooperation on Cybersecurity Matters: The parties recognize the importance of developing the capacities of their national entities responsible for responding to computer security incidents and using existing collaboration mechanisms to cooperate to identify and mitigate malicious intrusions or dissemination of malicious code that affect their electronic networks.
Link to article