Review of e-commerce legislation harmonization in the Association of Southeast Asian Nations (ASEAN) [UNCTAD/DTL/STICT/2013/1]


[ Galexia Dots ]

In Brief


E-commerce law initiatives in Cambodia have been encouraged by WTO membership (2004), the eASEAN initiative, an increase in international trade, and rising Internet penetration. An Inter-ministerial Working Group on E-commerce has been established and draft e-commerce legislation has been slowly moving through the various processes that will lead to its enactment. The draft law contains provisions for e-government and e-payment. It is based on the UNCITRAL Model Law on E-commerce, but also includes some broader issues such as cybercrime, consumer protection in online transactions and content regulation. No significant work has been undertaken at this stage on data protection.

Cambodia has a high level of mobile phone penetration but relatively low degrees of Internet and fixed broadband access represent a bottleneck for greater uptake of e-commerce.

Electronic transactions law

Draft e-commerce legislation is being developed by the Ministry of Commerce. This draft law takes account of Cambodia’s requirements as a member of both the WTO and ASEAN.

The development of the law is guided by the Inter-ministerial Working Group on E-commerce, consisting of the Ministry of Commerce, the Ministry of Justice, the Ministry of Posts and Telecommunications, and other key parties. The Ministry of Commerce acts as secretariat.

Cambodia is still engaged in some of the preliminary activities in the development of e-commerce law, such as awareness raising amongst key stakeholders and the study of international legal models.

The first phase of development of the draft legislation was supported by UNCTAD. This included brainstorming with stakeholders, the circulation of questionnaires on specific issues, and the development of an early draft of the legislation based largely on the UNCITRAL Model Law on Electronic Commerce.

The second phase of the development of the laws has been supported by the World Bank. A plan of action has been submitted to the Cambodia Trade Development Support Programme (TDSP).[2]5 At the time of writing Cambodia was in the process of recruiting consultants to assist with implementation of this phase of work. A broader project proposal relating to capacity-building is also being developed.

The current draft legislation being considered in phase two is broader than the original phase one model. It is a comprehensive, omnibus-style law, with 10 parts and 62 articles, covering a wide range of cyberlaw issues. These include:

  • Part 1: General provisions;
  • Part 2: Validity of electronic communications;
  • Part 3: Communication process;
  • Part 4: Security service providers;
  • Part 5: Intermediaries and electronic commerce service providers;
  • Part 6: Consumer protection;
  • Part 7: Government acts and transactions;
  • Part 8: Offences against confidentiality, integrity and availability;
  • Part 9: Evidence;
  • Part 10: Electronic funds transfer.

Cambodia is also preparing for a phase three – it is looking for resources and support to prepare for the implementation of e-commerce law, including training for business and government stakeholders and the commissioning of studies on enforcement issues.

Finally, Cambodia changed its regulatory structure in 2012, and has established an independent Telecom Regulator of Cambodia. This regulator is expected to play a key role once Cambodia’s e-commerce laws are in place.

Consumer protection

There is no general consumer protection law in Cambodia that applies to e-commerce. However, the proposed omnibus e-commerce law will include a section on online consumer protection.

Privacy and data protection

There is no general privacy law in Cambodia. However, the proposed omnibus e-commerce law will include a section on confidentiality that might provide some limited online privacy protection.

Online content regulation

Article 12 of Cambodia’s press law forbids the publication of “any information which may affect national security and political stability”. While not directly targeted at the online environment the article does place a limitation on material that can be published online.

Cybercrime and cybersecurity

The draft omnibus e-commerce law includes sections on offences against the confidentiality, integrity and availability of information systems and computer data which captures the usual offenses such as unlawful interference and interception, as well as new offenses such as stalking, malware and invasion of privacy. The take-down procedures are also articulated in the law and it is intended to be supplemented by regulations for enforcement.

Online dispute resolution and domain-name regulation

Regulations have been issued on the use of the .kh country-level domain. The Regulations on Registration of Domain Names for Internet under the Top Level “kh” 1999 set out the rules and naming structure for any first or second-level domain under the .kh domain, and also contain the rules and regulations that apply in the case of conflict, revocation and transfer of a .kh domain name. The regulations are administered by the Ministry of Posts and Telecommunications.

[25] World Bank, Trade Development Support Programme,