Navigate Up
Sign In

Consultation on draft amendments to the Electronic Commerce Act (Cap 426 Laws of Malta)


From: Parliamentary Secretariat for Competitiveness and Economic Growth 
​Malta Communications Authority
​Published on: 11.04.2016
​Running till: 29.04.2016
​Last Updated: ​05.05.2016
1. Purpose
1.1 The purpose of the draft amendments to the Electronic Commerce Act (Cap. 426 of the Laws of Malta)(hereafter the ‘E-Commerce Act’) is to ensure compliance with the measures provided for in the EU Regulation No 910/2014 of the 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC[1] (hereafter the ‘Regulation’) and to have in place one consolidated piece of legislation dealing with e-commerce and with trust services for electronic transactions in line with the applicable EU requirements. 
2. Background
2.1 The E-Commerce Act was enacted in 2001. Subsequently this law was complemented by the making of the Electronic Commerce (General) Regulations (SL 426.02 of the Laws of Malta). Comprehensively these laws together implement the EU Directive 2000/31/EC on certain legal aspects of information society services, in particular electronic commerce, in the internal market (the E-Commerce Directive), the EU Directive 1999/93/EC on a Community framework for electronic signatures (the E-Signatures Directive) and the EU Directive 2009/22/EC on injunctions for the protection of consumers’ interests (the Injunctions Directive) insofar as this latter Directive relates to the E-Commerce Directive. The administration and enforcement of the E-Commerce Act was given to the Malta Communications Authority (MCA) in 2005[2].
2.2 In July 2014 the EU enacted Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. The provisions of this Regulation apply directly to EU Member States, and Member States are required to ensure that their laws, where necessary, are amended in line with these obligations, in particular to ensure that there is effective compliance with the requirements of the Regulation.[3]
2.3 Member States are required to apply this Regulation as from the 1st July 2016 (unless stated otherwise in the Regulation). This specifically entails the designation of a supervisory authority and the provision of rules on penalties applicable to infringements of the Regulation[4], which penalties must be “effective, proportionate and dissuasive”.[5]
3. The proposed amendments to the E-Commerce Act
3.1 In taking forward the effective implementation of this Regulation, various amendments to the E-Commerce Act are being proposed relating mainly to the deletion or review of the existing provisions which implemented the former EU E-Signatures Directive and the inclusion of effective monitoring and enforcement tools to be exercised by the competent national authority – in this case the Malta Communications Authority (MCA) – to ensure compliance with the Regulation.
3.2 Unless stated otherwise in the draft legislation, it is being proposed that the amendments, in line with the requirements of the EU Regulation, are to come in force on the 1st July 2016.
3.3 As stated above, the proposed amendments envisage having in place one comprehensive law dealing with e-commerce and with trust services for electronic transactions. Apart from deleting or revising the articles which currently relate to e-signatures and ensuring effective compliance vis-à-vis the Regulation, the proposed amendments envisage the insertion of the e-commerce provisions currently factored in the Electronic Commerce (General) Regulations (SL 426.02 of the Laws of Malta). The ultimate end-result of all these amendments will lead to a comprehensive law on the subject.
3.4 The definitions article of the E-Commerce Act[6] is being amended to reflect the definitions as provided for in the Regulation and to eliminate any existing definitions which reflect the requirements under the former E-Signatures Directives. Some definitions currently found in SL 426.02 are being replicated in this article. One important change is that the definition of “certificate” is being changed to refer to the three types of certificates referred to in the EU Regulation.[7]
3.5 Some articles in the E-Commerce Act which relate exclusively to e-signatures are being deleted as these are now superseded by the provisions of the EU Regulation which therefore apply directly to all Member States. These include articles 6 (signature), 16 (accreditation of signature certification service providers), 17 (supervision of signature certification service providers that issue qualified certificates, and 18 (liability of signature certification service providers).[8]  New articles 8A to 8G are being included. These provisions relate to e-commerce and in substance (with some minor changes) reflect existing provisions currently provided for under SL 426.02[9]. 
3.6 A new article 23A which relates to the supervisory role of the competent regulator is being introduced. This new provision mirrors in substance the supervision requirements under the Regulation. [10] The new articles 23B and 23C effectively empower (unless stated otherwise in the Act) the competent authority to impose civil administrative sanctions if there is non-compliance with the provisions of the Act or of the Regulation.
3.7 The current article 24 which deals with offences and penalties is being substituted. The purpose of this change is to do away with the current wide sanction under the E-Commerce Act which lists all infringements of the E-Commerce Act or of any regulations made thereunder as criminal offences. With the proposed amendments only the infringement of certain specific provisions of the Act as amended and of the Regulation will be considered as criminal offences. Hence other instances of non-compliance will only be liable to ‘civil’ administrative sanctions.[11]
3.8 The new articles 24A up to 24K reflect the existing provisions under SL 426.02[12] and implement the requirements of the Injunctions Directive in so far as these relate to the E-Commerce Directive. It is further being proposed that these provisions apply to the Regulation.
3.9 The Second, Third and Fourth Schedules of the E-Commerce Act are being deleted given that these relate to the former E-Signatures Directive and are now superfluous given the direct application of the provisions of the Regulation.
3.10 Finally two new Schedules are being added. The new Sixth Schedule relates to the designation of the MCA as the competent regulator for the purposes of article 2 of the Act. A clause is being included which effectively empowers the MCA to apply Part VI of the Malta Communications Authority Act (Cap. 418 of the Laws of Malta) to ensure compliance with the provisions of the E-Commerce Act as amended and of the Regulation. The Seventh Schedule reproduces a schedule which is currently part of SL 426.02 the applicable provisions of which are now being inserted as part of the amendments to the E-Commerce Act.
Any responses or parts thereof may be made public unless the respondent expressly in writing requests otherwise giving his or her reasons therefore.
We thank you in advance for your input.

[1] The former E-Signatures Directive, the requirements of which was implemented as part of the Electronic Commerce Act and of the Electronic Commerce (General) Regulations (SL 426.02 of the Laws of Malta)
[2] See SL 426.01 of the Laws of Malta.
[3] Hence the Regulation states the former E-Signatures Directive is being deleted. This means that Malta has to repeal or review any laws which implemented the requirements of that Directive. This is one of the objectives of the proposed amendments to the E-Commerce Act.
[4] See Articles 16 and 17 of the Regulation.
[5] See Article 16 of the Regulation.
[6] See article 3 of the E-Commerce Act.
[7] Namely ‘certificate for electronic signature’, ‘certificate for electronic seal’ and ‘certificate for website authentication’. See Article 3 of the Regulation.
[8] See in particular Chapter III ‘Trust Services’ of the Regulation.
[9] See regulations 3 to 9 of SL 426.02.
[10] See Article 17 of the Regulation.
[11] See new articles 23B and 23C. 
[12] See regulations 14 to 24 of SL 426.02.
Data Protection Statement Data Protection Act (Chapter 440)
The Data Protection Act, 2001 regulates the processing of personal data whether held electronically or in manual form. The Ministry for Social Dialogue, Consumer Affairs and Civil Liberties collects only information which is necessary for it to perform its intended functions and is set to fully comply with the Data Protection Principles as set out in the Act.  Verification of the ID number provided will take place as deemed necessary. All personal data provided will be processed according to the Data Protection Act (Cap 440).
In addition, please be aware of:
·         Disclosure under the Freedom of Information Act (Chapter 496)
As we are a public authority all documents we hold, including documents related to this public consultation process, may be released following a request to us under the Freedom of Information Act (Chap. 496), unless such request may be subject of an exemption arising from the same Act.


Click on the 'Online Consultation' logo to go to the Public Consultations main page.

Top Section Banner.jpg