The key piece of e-commerce legislation in Mauritius is the Electronic Transactions Act 2000. Other important laws are:
- The Information and Communication Technologies Act 2001;
- The Information Technology (Miscellaneous Provisions) Act - Dec 1998;
- Telecommunications Act - Dec 1998;
- Data Protection Act - 2004
- Cyber Crime and Computer Misuse Act - 2003
- The Copyright Act - 1997
'The setting up of the appropriate legal framework,' says the Government, 'is essential for Mauritius to position itself to exploit the new opportunities of Electronic Commerce and enable our enterprises to participate more actively in the emerging global economy. E-commerce experience in other countries has demonstrated how important the legal infrastructure is as a foundation and catalyst to the development and acceptance of e-commerce. The Electronic Transactions Act (ETA) removes legal obstacles and establishes a more secure legal framework for business and governments to function in an environment of trust.'
The provisions made to enable government to adapt its own administrative procedures and processes to enable the e-government also demonstrate the commitment of the Mauritian government to the creation of an environment of trust where companies can feel safe and secure in conducting their online business.
Electronic Transactions Act - ETA 2000 (Amended 2009)
The work group responsible for the drafting of the Mauritian legislation examined the UNCITRAL Model Law and considered e-commerce legislation introduced in countries such as Singapore, UK and Australia.
The following guiding principles were adopted:
The need to conform to international standards and international models in order to be integrated with the global e-commerce framework;
The need to avoid over regulation;
The need to be flexible and technologically neutral to adapt quickly to a fluid global environment; and
The need for transparency and predictability.
The objects of the Act were to provide:
- an appropriate legal framework to serve as the foundation to facilitate electronic transactions and communications and give a new orientation to the traditional way of doing business by fostering the conduct of transactions by electronic means;
- the legal recognition and regulation of electronic records and electronic signatures for authentication purposes during the conduct of electronic transactions and the security of such records and signatures;
- the regulation of the formation of contracts by electronic means;
- the appointment of a Controller of Certification Authorities who shall be responsible for the licensing and monitoring of the activities of the certification authorities;
- the electronic filing of documents in the public sector in order to enable the business sector and the public in general to resort to electronic media in their dealings with Government; and
- uniform rules and regulations aimed at establishing standards to combat fraud, forgery or any unlawful practice in order to build and ensure confidence in electronic records and dealings to promote electronic communications and transactions.
The Government said that Certification Authorities would play a vital role in facilitating secure electronic transactions as they provide the infrastructure for transacting parties in an electronic environment to authenticate each other's identities and ensure non-repudiation of electronic transactions through the use of digital signatures.
The ETA provides the legal framework for the establishment of a public key infrastructure (PKI) - also called trusted CA services - to faciliate the use of digital signatures in Mauritius. The ETA also makes provision for the setting up of a Controller of CAs to ensure that the integrity and standards expected from CAs are respected.
The Electronic Transactions Act also made provision for a voluntary licensing scheme for Certification Authorities (CAs) by the Controller of Certification Authorities (CCA).
An amendmend to the ETA in April 2009 was implemented in order to enable the Information and Communication Technologies Authority to discharge the functions and exercise the powers of the Controller of Certification Authorities.
The original act provided for the appointment of a Controller of CAs. The Controller would, amongst other duties, license, certify, monitor and oversee the activities of CAs. Only licensed and approved CAs will enjoy the benefits of the legislation for signatures generated from the certificates issued. The exception to this is where parties agree to be bound by signatures created by a commercially reasonable procedure. Once set up, the Controller of CAs layed down the administrative framework for licensing of CAs, the criteria for a CA to be licensed, and the continuing operational requirements after obtaining a licence.