As the name suggests, e-commerce is simply commerce conducted electronically. Nowadays, businesses are delegating more and more of their operations to the online arena, while the advertising and marketing activities are now predominantly conducted online, particularly in social networks. At the same time, a growing number of startups are fully established and managed in the cyberspace.
It goes without saying that any venue and platform dedicated for trade naturally requires some form of security. Since e-commerce is conducted mainly over the Internet, it is inherently intertwined with cybersecurity. The security of the cyberspace is governed by international laws such as the European Convention on Cybercrime (Budapest, 2004) alongside national laws. The security of E-commerce in Iran is ensured via national laws: Electronic Commerce Act (2004), Computer Crimes Act (2009), and the law on Publicizing and Access to Data (LPAD. 2010).
These laws are intended to provide protection for sensitive business data against unauthorized access, use, disclosure, alteration, and/or destruction.
Measures against computer crimes are generally undertaken by Cyber Police of Islamic Republic of Iran (FETA).
Even though cyberattacks originally targeted government agencies, today e-businesses are not immune from such attacks. Even individuals may be targeted for their credit card numbers and
Personal data. Especially with the increasing importance of personal and financial data, websites will remain a hot target. E-commerce business owners are fully aware of the repercussions of these threats in terms of loss of both data and customer trust. Which is why the majority of e- businesses purchase the latest security products and increase their security staff.
Electronic Commerce Act
Electronic Commerce Act addresses data messages (Art 10-16) and the obligations of parties entering into contracts in the virtual space. It also addresses consumer rights including the obligation of service and good providers to present the consumers with information affecting their decisions purchasing or accepting service terms of agreement.
1_Article 67- 77 discusses fraud and forgery e- commerce transactions, violation of consumer
2_rights and advertising regulations , breach of protection of personal “data message” ,violation of author’s rights , trade secrets and trademarks .
3_The civil liability is discussed in article 78 under the E-commerce Law of Iran.
Computer Crimes Act
“The Computer Crimes Act (CCA) describes authority and jurisdiction which were not addressed in the E- Commerce Law of Iran. The act has describes two kinds of punishments: jail, forfeiture or both. The CCA consists of two chapters: chapter 1 describes the elements of crime and punishment and chapter 2 describes the prosecution procedure.
The followings are some actions that CCA declares to be criminal offences:
_The jurisdiction of Iranian courts in this regard includes the country’s land, air, and maritime territory. Iranian or non- Iranian persons outside Iran’s borders are subject to this law in cases of crime against computer, telecommunication systems, and websites of the three branches of the government.
Damages and remedies raised by the contractual liabilities under the e-commerce agreements and the right to terminate the contract in the event of breach are other tools predicted to protect the rights of online sellers and consumers.
Measures to protect e-commerce businesses
Considering the growing threats of cybercrime, e-commerce business owners in Iran must embed security throughout their company’s operation and business strategy. Aside from ensuring network security, cyber leaders must be able to quickly counter threats, respond to incidents, and inform the managers.
The security infrastructure needs to have the following basic capabilities:
|•||Identification/authentication: This is the first step of any security and privacy process: being able to tell who users are. Having a security infrastructure that can do this quickly and accurately is necessary for creating a good experience for customers and partners.|
|•||Authorization: Once the system determines who users are it must provide the correct levels of access to different applications and stores of information.|
|•||Asset Protection: The system must keep information confidential and private. This has become more difficult in the modern E-business environment, where information is traveling across multiple, often untrusted, networks.|
|•||Accountability: This is the ability to keep track of who has done what with what data. E-business solutions also need to ensure that participants in transactions are accountable.|
|•||Administration: This involves defining security policies and implementing them consistently across the enterprise infrastructures different platforms and networks.|
|•||Assurance: This demands mechanisms that show the security solutions are working, through methods such as proactive detection of viruses or intrusions, periodic reports, incident recording and so forth.|
Specialist Legal Advice for the E-Commerce Industry in Iran
Asgari Law firm helps retailers, franchisors and distributors launch or use e-commerce platforms in Iran in order to grow market share, globalize their brands, and capitalize on digital marketing trends, we provide both legal and commercial insight regarding the new business models that have disrupted the model industry.
We would urge those seeking personalized legal assistance in e-commerce industry in Iran to contact our law firm directly. As a business client our lawyers can provide full service assistance and legal guidance for all of your interaction with Iranian Law. Contact us today by using our contact form or by email/phone. Our e-commerce lawyers in Iran look forward to working with you.