Compliance with secure e-commerce; an evaluation of online businesses in Uganda

Abstract

The general objective of the study was to determine the level of compliance of online businesses in Uganda with relevant legal and regulatory frameworks for secure electronic transactions. The study also sought to identify the requirements for secure ecommerce transactions by critically reviewing literature on best practices and to formulate a framework for secure online electronic transactions and evaluate online businesses in Uganda for compliance with the requirements for secure ecommerce transactions. The study followed an analytical and a descriptive survey through which descriptive and qualitative data were collected using open ended and closed ended questionnaires, interviews and reviewing the websites of the online businesses studied. Data were collected from a sample of five online businesses. These were selected using purposive sampling. The data was analyzed using frequency curves and percentages and presented on tables and bar graphs. The findings indicated that the online businesses studied don’t comply with the secure ecommerce business practices and hence don’t comply with the three ecommerce laws in which the secure ecommerce business practices are embedded. The non compliance was found to be due to lack of awareness about the laws, lack of awareness about the secure ecommerce practices and fear of increased costs of production due to using secure ecommerce technologies. It is recommended that the government sets up information security policies, conducts compliance awareness campaigns and trainings, NITAU should enforce compliance, and establish acceptable compliance levels. It is also recommended that government comes up with a data protection and privacy law, a standard compliance instrument and emphasizes prosecution of companies if the companies have full access to all the information necessary to comply with ecommerce secure online business practices and still fail to meet the requirements.