Mobile Law: The legal risks in m-commerce

We are increasingly using our mobile devices to access the Internet. In response, organisations are adapting their back-end systems to enable mobile commerce. It's all good, but we do need to be aware of the legal, regulatory and security risks as we purchase more goods and services this way...

Mobile commerce, or M-commerce is any business transaction done using a mobile electronic device. A mobile device might include a mobile phone, a personal digital assistant (PDA), a smart phone, or other emerging mobile equipment.

The user can engage in mobile commerce via an Internet connection to the World Wide Web from different locations at anytime - virtually anywhere. To achieve this, mobile technologies must support the capability ie. wireless application protocol (WAP) or other competing protocols using wireless mark up language/WML and WML Script to make the interface between the mobile and the Internet.

Organisations wishing to transact through mobile technologies must create WP or i-mode portals that allow them to adapt webpages for individual mobiles and optimise them so that they fit the mobile screen.

Mobile law

But as people increasingly use mobile technologies so do their legal and regulatory risks, as well as the threats to online security. Mobile law looks at the key issues facing our love affair with mobile devices including contractual risks, online payment, conflict of laws, infringement of intellectual property rights, cyber crime, privacy and data protection.

Contractual risks

  • Mobile Technology Services, mobile commerce, what is android, mobile enterprise, mobile lawWho regulates the legal relationship between purchaser and supplier when a contract is made using a mobile device?
  • Can the contracting parties be identified?
  • Do the parties have the capacity to contract with each other? For example, a person under 18 years old cannot enter into a contractual relationship.
  • When will the contract be formed?
  • How can the contract be evidenced?
  • How can a purchaser download a copy of the terms and conditions?


  • What is the acceptable method of payment for purchases made?
  • Will payment be processed by Internet credit card or by another method devised specifically for m-commerce?

The main difference between e-commerce and m-commerce is that there is an additional layer of regulation if payment is taken via a premium-rate call or text. PhonepayPlus regulates phone-paid services in the UK and suppliers must comply with its Code of Practice when delivering phone-paid services.

Conflict of laws

Whose law applies to m-contracts? Consider the scenario of a customer residing in Germany using his/her mobile phone while traveling to Saudi Arabia to purchase software from an Australian firm whose server is located in the USA. Is it the law of the country of citizenship of the customer, the law of his/her domicile, the law of the jurisdiction in which he/she purchased the software, the law of the jurisdiction in which the seller is located, the law of the jurisdiction in which the server on which the seller receives the requests is located or the laws of another jurisdiction? Which courts and laws deal with any disputes arising out of the contract?

Infringement of intellectual property rights

Photographs can be taken using a mobile device and sent over the Internet using data sharing files. If a photograph is taken without authorisation, copyright is breached. Who then will be liable for the infringement? Is it the person who took the photograph or the network operators who facilitated the exchange? Can you identify the infringers given that Data Protection laws will apply in many countries, especially across EU member states.

Electronic crime and cyber security breaches

Wireless networks carry a high risk of crime being committed. Hackers can steal and erase information and data from mobile devices and disrupt wireless network traffic by overloading the network with information and phone messages. Viruses often infect mobiles causing them to switch of randomly or erasing all addresses and information stored within. Are international criminal laws harmonised enough to deal with enforcement?

Who is liable for a breach of security? In most cases the risks will lie with the service provider. However, where a mobile device is used to store value, such as where it is used as a form of electronic purse or travel card, the risk falls on the customer.

Privacy and data protection

Advertising, direct marketing and sales promotion

If an organisation wishes to use location data to push or target offerings to customers, it raises issues under The Privacy and Electronic Communications (EC Directive) Regulations 2003 in that a consumer cannot be sent an unsolicited marketing email or SMS without expressly consenting or opting in to receiving these advertisements. This is subject to a limited exception where the person has previously contracted for services from a supplier and certain conditions have been met.

In each electronic marketing message the supplier must include a means by which a customer can request that they are not sent further electronic marketing messages. Some customers will no doubt see this as an undue invasion of their privacy. Others may not be aware that they are being tracked if they have not read their terms and conditions.

The code requires organisations offering these services to provide clear and accurate pricing information and clear advertising. It also requires certain information to be provided to customers, in a certain format and at certain times. PhonepayPlus has the power to fine organisations that do not comply with the Code of Practice.

Location Data

Mobile phone companies, mobile phone application providers and mobile technology providers offer technology and applications that allow a user’s location to be tracked, either by using geotracking technology on the mobile device, or through mobile social applications, such as Foresquare and MyTown, which invite users to provide location-based information.

Transparency in using location data is an important legal issues and whether or not the company tracking your location has your consent to have this data and to use it. Many people do not want their location to be tracked or used for any purpose.

Further information


Enhanced by Zemanta