Let us talk about E-Contracts (II): E-Commerce Business Models

Without any argument, new communication systems, especially digital payment technologies, have supplanted the snail-paced conventional systems of communication and transactions. Business communities and consumers are increasingly using digital means to send and receive information in electronic form. The reason is that the information technology (IT) has abridged the time and distance factor in transacting business. Nowadays, inflow and outflow of information have become instant and momentary. Therefore, one principal contribution of IT is in the field of contract-formation.

Electronic contracts (e-contracts) are born out of the need for speed, convenience and effectiveness. The law has already recognised contract-formation using facsimile, telex and other similar technologies.

Let us envision a contract between an Indian businessman and an English businessman. Away from digital means, one option is that one party first draws up two copies of the contract, signs them and sends (through postal or courier service) them to the other, who, in turn, signs both copies and sends one copy back. The other option would be that the two parties meet somewhere and sign the contract. However, within the digital world, the whole process can be completed in seconds, with both parties simply affixing their electronic signatures to the electronic copy of their contract. There is, thus, no need for tardy dispatching mechanism (postal or courier services) and/or supplementary travelling costs in such a situation.

Before proceeding with the E-Contracts, let us have a brief look at the basics of the business model and kinds of transactions under which e-contracts are mostly used.

E-Commerce Business Models

Electronic commerce (e-commerce), in a very general sense, refers to buying and selling products and services over the internet and the World Wide Web (www). E-commerce, however, in actuality, includes all forms of commercial transactions involving both—organisations and individuals—that are based upon the electronic processing and transmission of data including text, sound, and visual images; and involves transactions over the internet as well. In addition, e-commerce also refers to the effect that the electronic exchange of commercial information may have on the institutions and processes that support and govern commercial activities.

There are several ways of looking at e-commerce:

(1) From a communications perspective, it is the ability to deliver products, services, information, or payments via networks like the internet.

(2) From an interface view, it means information and transaction exchanges: business-to-business (B2B), business-to-consumer (B2C), consumer-to-consumer (C2C), and business-to-government (B2G).

(3) As a business process, e-commerce means activities that support commerce electronically by networked connections. For example, business processes like manufacturing and inventory and business-to-business processes, like supply chain management is managed by the same networks as business-to-consumer processes.

(4) From an online perspective, e-commerce is an electronic environment that allows sellers to buy and sell products, services, and information on the internet. The products may be physical, like cars; or services, like news or consulting, etc.

(5) As a structure, e-commerce deals with various media: data, text, web pages, internet telephony, and internet desktop video.

(6) As a market, e-commerce is a worldwide network. A local store can open a web storefront and find the world at its doorstep—customers, suppliers, competitors, and payment services. Of course, an advertising presence is essential.

Types of Online Transaction

Online transactions can be recognised and categorised in four ways:

Business to Customer (B2C)

It is the transaction where a business entity on one side and an individual customer, on the other hand, conduct business. The expression B2C has been commonly used to refer to a sale by a business enterprise or retailer to a person or ‘consumer’ conducted through the internet. For instance, Flipkart.com which provides facilities for customers to buy goods from the website—is an example of a B2C e-business. In this situation, the website itself serves the purpose of a shop. The B2C transactions can be in relation to both—tangible and intangible products. The focal point of this e-commerce application is on the consumer’s use of a merchant’s web storefront or website. Consumers from any place can browse and order for goods and services online at any time. B2C is an electronic equivalent of the conventional mail-order or telephone-based ordering system.

Business to Business (B2B)

It is the type of e-commerce where there is an exchange of products, services, or information between businesses using the internet, rather than between businesses and consumers. Alibaba.com is the prominent example of B2B model.

Customer to Business (C2B)

Customer to Business (C2B), also known as Consumer to Business, is the most recent e-commerce business model, where individual customers offer to sell products and services to companies that are prepared to purchase them. It is the opposite of the traditional B2C model. Example of this model is blogs or internet forums where the author offers a link back to an online business facilitating the purchase of some product (like a book on Amazon.com), and the author might receive affiliate revenue from a successful sale.

Customer to Customer (C2C)

It is the transaction which involves two or more customers with business entity merely providing a web-based interface to facilitate the consumer to consumer transactions (B2C). The expression C2C generally refers to the sale of a product pertaining to a consumer to another consumer either directly or through an intermediary exclusively dedicated for this activity. One best example of C2C website is Ebay.com, which is an online auction site, where any person can buy and sell, and exchange goods and articles using this website. This website provides the web-based interface (i.e. the website with its database and other functions) and users can transact freely with each other. Another example is Amazon, which in fact, acts as both a B2C and a C2C marketplace.

Recommended Readings

  • Alan Davidson, The Law of Electronic Commerce, Cambridge University Press, (2009).
  • R K Singh, Law Relating To Electronic Contracts (2017)

COVID-19 Lockdown Guidelines [updated with Addendum]: E-commerce for essential services, key takeaways & punishment under section 188 of IPC

The Ministry of Home Affairs has issued guidelines on the measures to be taken by government authorities for containment of COVID-19 epidemic, which exempts delivery of all essential goods through e-commerce from the 21-day lockdown that had come in effect from midnight today. E-commerce will operate without restrictions in order to deliver food, pharmaceuticals, and medical equipment.

MeITY issues advisory to State Governments

On the same lines, the Ministry of Electronics and Information Technology (MeITY) through an advisory has directed all state governments to permit IT/ITeS industries to carry out essential functions which include delivery, warehouse operations, shipping and logistics.  There are cases and videos reported from several parts of countries of police officials halting and beating delivery executives in order to enforce the implementation of the lockdown. Therefore, the advisory by MeITY will help in ensuring that delivery executives and other associated employees carry out these functions. The Ministry advised the state governments to treat “copy of orders, waybills, invoices” as evidence.

Reuters had reported that e-commerce and online grocery delivery services were being disrupted across the country as multiple states have locked down to contain the COVID-19 pandemic. Section 144 has also been imposed in multiple parts of the country, making it harder for delivery personnel to operate, and for warehouse employees to get to work. Flipkart and Amazon temporarily suspended logistics services for sellers across regions, according to an Economic Times report. The problem that e-commerce companies are facing right now is that different states have come out with different guidelines on their operations during the pandemic. For instance, the Tamil Nadu government has banned home delivery services such as Zomato and Swiggy as the state goes into lockdown, but the Maharashtra government exempted food delivery as the delivery of an “essentially good”.

Therefore, the MeITY advisory will assist in providing a uniform direction to all the state governments in order to allow the operation of e-commerce deliveries of essential services across the country.

Other important things to know

Further, for the general information of the reader:

As per guidelines,

Closed Exceptions
Commercial and private establishments will be closed. (such as shopping malls, private outlets etc.) Shops, including ration shops (under PDS), dealing with food, groceries, fruits and vegetables, dairy and milk booths, meat and fish, animal fodder/ district authorities may encourage and facilitate home delivery to minimize the movement of individuals outside their homes/ Banks, insurance offices, and ATMs/ Print and electronic media Telecommunications, internet services, broadcasting and cable services/ Delivery of all essential goods including food, pharmaceuticals, medical equipment through E-commerce.

 

Offices of the Government of India, its Autonomous/ Subordinate Offices and Public Corporations shall remain closed. Police, home guards, civil defence, fire and emergency services, disaster management, and prisons/ District administration, Electricity department, water, sanitation Municipal bodies (Only staff required for essential services like sanitation, personnel related to water supply etc)/ Hospitals and all related medical establishments, including their manufacturing and distribution units, both in public and private sector, such as dispensaries, chemist and medical equipment shops, laboratories, clinics, nursing homes, ambulance etc. will continue to remain functional/ Transportation services for medical purposed will be permitted.

 

The Ministry of Home Affair issued an addendum to the guidelines to include more services/activities that have been exempted from the 21-day nationwide lockdown. Following additional services have been exempted: [The post has been updated on 26.03.2020]

  • The Government “Treasury” has already been exempted vide the guidelines issued yesterday. It is now clarified that the term “Treasury” would include Pay & Accounts Officers, Financial Advisors, field offices of the Controller General of Accounts;
  • Further, it has been added that the RBI, RBI Regulated financial markets, entities such as NPCI and CCIL, payment system operators and standalone primary dealers would also stand exempted;
  • IT Vendor for banking operations, Banking Correspondent and ATM operation and cash management agencies;
  • Shops for seeds and pesticides;
  • Data and call centres for Government activities only;
  • Operation of Railways, Airports and Seaports for cargo movement, relief and evacuation and their related operational organisations;
  • Inter-state movement of goods/cargo for inland and exports;
  • Cross land border movement of essential goods including petroleum products and LPG, food products, medical supplies; and
  • Veterinary hospitals, pharmacies (including Jan Aushadhi Kendra), Pharmaceutical research labs stand exempted.

Punishment for violating the lockdown order

The guidelines strictly note that-

“Any person violating these containment measures will be liable to be proceeded against as per the provisions of Section 51-60 of the Disaster Management Act, 2005, besides legal action under Section 188 of the IPC.”

Section 188 of the Indian Penal Code provides two offences and their punishments as follows:

  • Disobedience to an order lawfully issued by a public servant, if such disobedience causes obstruction, annoyance or injury to persons lawfully employed. Punishment: Simple Imprisonment for 1 month or fine of Rs 200 or both.
  • If such disobedience causes danger to human life, health or safety, etc. Punishment: Simple Imprisonment for 6 months or fine of Rs 1000 or both.

The Section 3 of the Epidemic Diseases Act talks of penalty on any person found to be disobeying any regulation or order made under the law and would be deemed to have committed the offence under the Section 188 of IPC. Therefore, those violating the lockdown orders can face legal action under the Epidemic Diseases Act, 1897, which lays down punishment as per Section 188 of the Indian Penal Code, 1860, for flouting such orders.

Note from the author: The blog started with the aim of simplifying and compiling laws related to technologies for the understanding of everyone. The keyword that motivated the author to write on such topics is the uncertainty behind the laws that regulate technology. However, this post has been different and dealt with the simplification of certain other issues as well. It is again the uncertainty behind the present times that has motivated the author to write this blog piece. The uncertainty related to the magnitude of the damage due to the corona outbreak may result in more such unprecedented laws and guidelines from the government. The author will continue to simplify them for the understanding of everyone. A very little contribution to society in these difficult times. Let us fight this together. Stay home, stay healthy.

Simplifying FinTech and FinTech Laws: All the laws that govern digital payments and transactions in India

Over the years, the financial services industry has become increasingly regulated in terms of adoption of technologies for facilitation and disintermediation of transactions. The extensively fragmented laws and regulations certainly make it difficult for any person and entity to objectively find the mandatory requirements that a law imposes upon them. This post will give you a brief overview of fintech laws and the various ways in which they govern our digital transactions. This post is the third one in the series of ‘Simplifying FinTech and FinTech Laws’.

The legal topography that regulates the Fintech services in India is majorly distributed, and there is not a single comprehensive regulation or legislation that governs the Fintech industry in the country. The lack of a complete and comprehensive single set of guidelines or regulations makes it hard to refer to actual authorities that are supposed to govern the Fintech in India. The legislative or regulatory, whichever it is, primarily comprises of:

The Payment and Settlements Act, 2007

The sources of law that actually governs payment in Indian jurisdiction are the Payment and Settlement Systems Act, 2007 (PSS Act) and the Payment and Settlement Systems Regulations, 2008 and rules as issued thereunder. Basically, these are the statutes from which India’s central bank, the Reserve Bank of India, derives power to function and regulate payment and settlement system in India. In accordance with the PSS Act, the RBI has wide discretionary powers to issue orders, directions and rules to financial systems established in India. There are several recommendations (pending), to change the PSS Act and form a new regulatory board named as the Payments Regulatory Board (PRB), while the necessary amendments to the PSS Act still await.

As per the PSS Act, any person inclusive of the non-banking financial companies (NBFCs) which want to undertake the operation of a payment system, may do so as upon taking the authorization by the RBI. The Act provides several eligibility criteria that are required to be fulfilled by that person or company wishing to operate as a payment system. Further, technology facilitators between merchants and banking institutions (that process and settle the transactions), are known as ‘Gateway Service Providers’, doesn’t have to acquire any authorization from RBI. For instance, common gateway service providers are BillDesk, RazorPay, InstaMojo etc.

The PSS Act is the primary legislation that governs the regulation pf [ayments in India. The PSS Act provides the definition of the “payment system” such that:

“a system that enables payment to be effected between a payer and a beneficiary, involving clearing, payment or settlement service of all of them, but does not include a stock exchange”.

Master Direction on Issuance and Operation of Prepaid Payment Instruments

Prepaid Payment Instruments (PPIs) that are pre-loaded values (basically your PayTM or Freecharge wallets) and in some cases that value can be utilized for a specified purpose only as payment (basically Ola Money). PPIs provide the value to existing in a specified form which facilitates the payment for goods and services also in certain cases person to person remittance transactions of money for eg. sending money to your friends or family members. As defined in Rule 2.3 of the Master Directions:

“PPIs are payment instruments that facilitate purchase of goods and services, including financial services, remittance facilities, etc., against the value stored on such instruments. PPIs that can be issued in the country are classified under three types viz. (i) Closed System PPIs, (ii) Semi-closed System PPIs, and (iii) Open System PPIs.”

The Master Directions were issued by the RBI on October 11, 2017, and amended from time to time. It provides the eligibility criteria that is required to be followed by the PPI issuers, provides the thresholds for debits and credits that can be done using PPIs, and also provides the other operational obligations that are required to be fulfilled by a PPI issuer at the time of issuing such instruments to its customers in India. PPIs come into the ambit of the term ‘payment system’ as provided under the PSS Act and henceforth have to comply with the PSS Act and the Master Directions, both. PPIs include brand-specific gift cards, e-wallets like PayTM wallet, Freecharge, Mobikwik, shopping or travelling cards as issued by the Banks themselves, etc.

NPCI Guidelines governing the UPI Payments

UPI payments are governed through the Procedural Guidelines related to UPI and Operating and Settlement Guidelines related to UPI, as issued by the NPCI. As per the contemporary governing framework, the Banks only have the scope to provide UPI payment services to consumers. Banks are authorized to integrate the UPI platform into their payment systems. They operate over the UPI platforms by engaging the services of a technology provider, in such circumstances the Guidelines subject such technology providers and the Banks to strict compliance with certain norms as prescribed by the NPCI.

“The Unified Payment Interface enables architecture and a set of standard Application Programming Interface (API) specifications to facilitate digital payments using a mobile phone.”

Regulations related to Non-Banking Financial Companies (NBFCs)

The primary document of legislation that governs the NBFCs is the Reserve Bank of India Act, 1934 and subsequent to other secondary master directions and rules and guidelines and circulars which regulates the licensing and operation of such companies in India. The RBI has formed a set of thresholds that are required to be fulfilled in order to determine whether a business entity is to classified as a “financial services company” which also requires a license. Majority of lenders that operate digitally fall under the ambit of the term ‘NBFCs’. The most important regulation that holistically governs NBFCs is the Master Direction – Non-Banking Financial Company – Systemically Important Non-Deposit taking Company and Deposit taking Company (Reserve Bank) Directions, 2016, Master Direction – Non-Banking Financial Company –Non-Systemically Important Non-Deposit taking Company (Reserve Bank) Directions, 2016, and Master Direction – NBFC – Acceptance of Public Deposits (Reserve Bank) Directions, 2016.

Master Directions related to P2P lending platforms

The Master Directions- NBFC- Peer to Peer Lending Platform Directions 2017 incentivized a whole lot of activities for P2P platforms. It provided the P2P platforms to act as an intermediary, such that it has to comply with certain strict legal requirements and has to conduct proper due diligence of participants that are using the platform to finance or borrow. The Master Directions make it mandatory for P2P portals to check the creditworthiness in a form of an assessment and perform risk profiling of the borrower’s business or project, and actively share the disclosures with the potential investors or lenders. Further, RBI regulations bar the P2P platforms from lending or raising deposits or cross-sell any product over the portal. They are not required to facilitate any credit guarantee or secured loans. Cross-jurisdictional flows of funds are barred as per the Master Directions. Therefore, in toto, the Directions prescribe the norms that govern lender exposure and aggregate borrowing thresholds in the context of workings of P2P lending platforms in the country.

Guidelines to govern Payment Aggregators/Intermediaries

The RBI’s circular related to“Directions on opening and operation of Accounts and Settlement of Payments for Electronic Payment Transactions involving Intermediaries” as on November 24, 2009, (“Payment Intermediary Circular”), which lays down the legal framework that applies to the operation of payment gateways and intermediaries in India. Such intermediaries are strictly subjected to be in compliance with guidelines related to the operation of intermediary systems in Inda as provided under the Payment Intermediary Circular.
According to the RB I’s recent discussion papers, it has been suggested that the payment gateways and aggregators form a significantly critical link in the transaction flow, and henceforth it is required to regulate the activities as fall under the ambit of the PSS Act, 2007. The RBI has provided that the established contemporary guidelines governing payment intermediaries and gateway providers have to be reviewed in its Monetary Policy Statement for 2018-19.

RBI Guidelines on Payment Banks

The Guidelines on operation of Payment Banks and Guidelines for Licensing of Payment Banks as provided under the RBI’s governing framework elucidates that the governing regulations and measures related to licensing and operation of payments banks in India. The guidelines, among others, lays down the criteria for eligibility for registration or permissible operation and further other such guidelines that govern the working of payment banks. The Reserve Bank of India provides the purpose of setting-up Payment Banks such that:

“Reserve Bank of India says ―The objectives of setting up of payments banks will be to further financial inclusion by providing (i) small savings accounts and (ii) payments/remittance services to migrant labour workforce, low income households, small businesses, other unorganised sector entities and other users.”

Anti-Money Laundering (AML) Regulations and Know Your Customer (KYC) Regulations

Know Your Customer (“KYC”) is a term that indicates the customer identification process. The KYC norms include the prudential efforts made to ascertain the identity and ownership source of accounts, source of funds, the nature of customer’s business, and accountability of operations in the account in connection to the customer’s businesses etc which further assists banking institutions to manage the risks reasonably. The purpose of the KYC guidelines is to avoid and prohibit banks from being used, specifically as criminal essential of money laundering.

The Reserve Bank of India issued the guidelines to banks under Section 35A of the Banking Regulation Act 1949 and Rule 7 of Prevention of Money-Laundering (Maintenance of Records of the Nature and Value of Transactions, the Procedure and Manner of Maintaining and Time for Furnishing Information and Verification and Maintenance of Records of the Identity of the Clients of the Banking Companies, Financial Institutions and Intermediaries) Rules, 2005.

The key takeaway regulatory guidelines that prescribe anti-money laundering (AML) norms for fintech services in India are part of the PMLA, the PML Rule and the KYC norms included in the Master Directions.

Data Protection Regulations and Rules

Fintech is a data-driven industry due to which it faces a challenge or risk related to the data ownership and its security. Such a risk can be superseded by taking certain legal and technical measures only. There are choices of cybersecurity measures that data labelling, optional information sharing and identified data shareholding, which can be the response to various data-driven challenges that the fintech space is facing.
Unauthorized access to customers’ data is a threat to data privacy, which actually violates the fundamental right to privacy, and therefore a significant challenge to the Fintech platforms engage in gathering and storing several forms of financial and behavioural data. India, right now, doesn’t have any comprehensive legislative or regulatory framework that governs data protection. The Information Technology Act 2000 and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, contemporarily provide for the obligations of corporations or businesses to take reasonable measure in order to protect the personal data of consumers.

Further, the draft Personal Data Protection Bill, 2018, that is in pipeline can be best described such that:

“The draft Personal Data Protection Bill (2018) contains provisions that go beyond just the requirements of the IT Rules. The Bill specifies a notice and consent framework with explicit consent in the case of sensitive personal data. Explicit consent is understood as consent that is informed, clear, and specific along with being free and capable of being withdrawn.”

Recommended Readings:

  1. Aayush Rathi and Shweta Mohandas, Fintech in India: A study of privacy and security commitments, The Centre for Internet and Society, at https://cis-india.org/internet-governance/files/Hewlett%20A%20study%20of%20FinTech%20companies%20and%20their%20privacy%20policies.pdf (last accessed on 12/10/2019).
  2. Dr. R Srinivasan and Prof. M. Subramanian, Payment Banks in India – Demystified, SSRG-IJEMS, Vol. 2 Issue 12 (December 2015).
  3. Department of Payment and Settlement Systems, Discussion Paper on Guidelines for Payment Gateways and Payment Aggregators, Reserve Bank of India, at https://www.rbi.org.in/Scripts/PublicationReportDetails.aspx?UrlPage=&ID=943 (last accessed on 12/10/2019).
  4. Latha Ramesh and Yashika Gandhi, Reserve Bank Regulations for P2P lending platforms, Deccan Herald, at https://www.deccanherald.com/business/economy-business/reserve-bank-regulations-p2p-718950.html (last accessed on 12/10/2019).
  5. Rahul Gochhwal, Unified Payment Interface- An advancement in Payment Systems, American Journal of Industrial and Business Management Vol.7 Iss.10, 1174-1191, at https://www.researchgate.net/publication/320661583_Unified_Payment_Interface-An_Advancement_in_Payment_Systems (last accessed on 12/10/2019).
  6. Shilpa M. Ahluwalia & Himanshu Malhotra, Fintech 2019 in India, Golbal Legal Insights, at https://www.globallegalinsights.com/practice-areas/fintech-laws-and-regulations/india (last accessed on 12/10/2019).
  7. Shaikh Zoaib Saleem, What are prepaid payment instruments?, Livemint, at https://www.livemint.com/Money/Wq5AT6vx1JklC0lRSMbnSI/What-are-prepaid-payment-instruments.html (last accessed on 12/10/2019).