The regulatory legal framework of electronic commerce E-commerce, whatever its manifestation, such as e-commerce by telephone or e-government, requires transparent and clear regulations for the parties involved. However, these parties do not directly know each other and do not have contact while negotiating an agreement or a contract. However, the lack of direct connection has not stopped many customers or clients in the market.

This high participation results from easy and low-cost access to telecommunications networks and low market barriers in inter-regional or international applications. But this kind of anonymity makes every consumer or client doubt the services received through these technologies. There are also concerns about the privacy and security of personal data (for example, credit card information) and the accuracy of the data transmitted. It’s potential for misuse as the electronic transaction occurs, given that there are known cases where such things have happened.

In this way, the contracting parties must rely on implementing the law and the implementation of previous contracts that have been performed using electronic devices (computers and telephones). Furthermore, the consumer should be able to trust the privacy of his sphere. Therefore, a clearly defined legal framework is needed to increase consumer credibility and increase acceptance among broad sections of society and ensure the proper functioning of e-commerce.

Legal regulations imposed by lawmakers seek to safeguard and balance both consumer’s and businesses’ interests by establishing market order and rules and using existing and future technologies. The European Union (EU) defines personal data as ‘any information relating to a natural person’s identification and traceability.’ In general natural person’s legal framework of electron-hole is guided by five main principles:
Applicable legal contracts.

Consumer protection.
Data privacy (it is not allowed to collect data that is not necessary and is not authorized). Data confidentiality (protection of data from misuse).
The right to self-determination (to advance or reject a communication).
As I wrote in the first part of this paper, e-commerce is a new field of study. In contrast, e-commerce by telephone has not yet attracted librarians’ attention as it is an even more recent phenomenon and is not studied as a particular field. In many parts of the world, e-commerce (computer or telephone) is included in the regulations on e-commerce using telecommunications.

Many of these regulations are based on multilateral agreements, such as those of the European Union (EU) or the United Nations (UN). Other organizations such as the OECD, the World Trade Organization (WTO), and the World Intellectual Property Organization have also been active supporters of member countries in drafting regulatory legal frameworks. It can generally be said that regulatory concepts, in principle, have an international character, although the degree of implementation of these regulations may be different in different countries.

There may be a more generous application of these legal frameworks for countries actively involved in international trade, including developed economies and transit economies. To date, the EU has adopted 12 directives dealing with the regulatory framework for e-commerce contracts, defining jurisdiction and enforcement, consumer data protection, intellectual property rights, conflict resolution, cyber-crime, and regime taxes, and among others, to ensure the safety of consumers and their legal security.

These EU directives establish the legal framework between member states while ensuring international agreements, mainly the ‘Model Law on Electronic Commerce’ passed by the United Nations Commission on International Business Law (UNCITRAL). However, different countries have different models. In Germany, for example, the Law on Electronic Commerce of Computers and Telephones is organized as part of the legislation on information and telecommunications services. This legislation is composed of several laws:

1) the law on the legal, regulatory framework of electronic commerce;
2) Law on Telephone Services
3) Law on Data Protection of Telephone Services;
4) Law on the protection of services against conditional access;
5) Interstate agreements on social media. Some other laws that apply to this issue are The Law on Fair Competition, anti-competition regulation, Law on distance purchases, Law on Administration of Copyright, federal data protection law. This legal framework provides legally to both consumers and retailers or businesses.

In Albania, progress has been made regarding the process of adopting information society legislation, in line with EU standards, where we can mention the adoption of laws: “On Electronic Communications”; “On Electronic Signature”; “On the Document” Electronic”; “For Electronic Commerce”; “For Electronic Data Protection”; Cybercrime legislation; as well as “On State Databases”. First of all are the rights protected in the Constitution, in Chapter II in part on Freedoms and Personal Rights, Article 22 wherein point one the freedom of expression is guaranteed, in fact, two it is written that ‘freedom of the press, radio, and television is guaranteed ‘and point three which states that’ prior censorship of the media is prohibited ‘.

Although there is no direct reference to new technological developments or the Internet, this article is an article that can also apply to the freedom of social media as well as online or telephone commerce. Article 23 also guarantees the right to information. Another analogy in the Constitution regarding intellectual property on the Internet can be found in Chapter IV of the Constitution of Albania, which summarizes the Economic, Social and Cultural Freedoms and Rights.

Article 58 contains references to the protection of copyright. In point 1, ‘freedom of artistic creation and scientific research, use and benefit from their achievements are guaranteed for all’, while in point 2, ‘copyright is protected by law’. It should also be borne in mind that according to Article 122 of the Constitution, issue 1 ‘Every ratified international agreement constitutes part of the domestic legal system after being published in the Official Gazette of the Republic of Albania.

It is directly applicable, except when it is not self-enforceable, and its implementation requires the enactment of a law. Amendment, supplementation, and repeal of rules adopted by a majority of all members of the Assembly for ratification of international agreements is done by the same majority ‘and according to point 2,’ an international agreement ratified by law has precedence over domestic laws that do not agree with him ‘. Whereas according to point 3 ‘the norms issued by an international organization have precedence, in case of conflict, over the law of the country, when the agreement ratified by the Republic of Albania for participation in that organization, explicitly provides for the direct implementation of the norms issued by hers.’ Since Albania has ratified the Universal Declaration of Human Rights of the United Nations, they are applicable within the Albanian legislation. They can also apply to exchanges and electronic commerce and Article 27 thereof, according to which ‘everyone has the right to participate freely.

In the community’s cultural life, to enjoy the arts and participate in scientific progress and its benefits. Everyone has the right to protect the moral and material interests deriving from any scientific, literary, or artistic creator, the creator of which is himself. Scientific progress has always been seen as a permissible right as long as it does not infringe on copyright and intellectual property.

It should be noted that the primary concern of lawmakers regarding new information services and e-commerce has been the protection of the private sphere of the consumer and the prevention of unauthorized use of data to protect the public interest and, on the other hand, to increase consumer confidence in the new form of e-commerce. For this reason, some restrictive regulatory norms have been applied, taking into account some fundamental rules which are also described by Tiwari and Buse (2007) about German legislation:
1. Personal data may be collected, processed, and used only with the express consent of the user;
2. If the user is offered the opportunity to give his / her consent electronically, then the seller must guarantee that: such consent must be a voluntary act of the user; the text of this liking must be accessible at all times by the user; as well as support may be withdrawn at any time by the user.
3. Personal data may not be processed for any purpose other than that they are being collected.
4. The same user data should not be used for different services.
5. Data that is no longer needed should be deleted without delay.
6. Buyer profiles, although anonymous, may only be created with their consent.
7. If technically possible, the user should be able to use and pay for the services anonymously or by a nickname.
8. The user can request the seller information on the data stored for him.
9. Violating these rules by the seller or lack of information to users about their rights constitutes an administrative violation, punishable by a financial fine, not exceeding 50 thousand Euros.

These norms described above are fundamental and general. German law provides for exceptional cases in emergencies. These exceptions may be permitted by state authorities to enforce legal provisions. Regarding Albania, the law on Electronic Commerce was approved for the first time in 2009 and was updated with several changes during 2016. Comments on the direction’s growth were of a nature that, in general, the law was little known and had difficulties implementing it in practice. The proposed changes were aimed at:
1) Changing the title, clarifying that this is not just a law on electronic commerce but information society services;
2) Clarification of the obligation of online portals (information society service providers) to have an identified contact point;
3) Placement of the reporting section for news or comments with illegal content, in which the readers of the portal can signal for materials or comments with unlawful content;
4) Setting a deadline, etc. From the moment they become aware, according to the Criminal and Civil Code provisions.
5) Determining the supervisory bodies for the implementation of this law, which at the time when it was approved in 2009, did not exist, such as ALCIRT, the cybercrime sector in the police, etc. The proposed changes were based very little on e-commerce than on the information disseminated on online portals. For this reason, the main arguments against these changes were made by the Albanian Media Institute, which identified as the main problems the risk of private censorship and the possibility of creating a penal regime, which nullifies the editorial autonomy of portals and forces them to remove information contested merely based on a private complaint.

This scheme practically sanctions private censorship, albeit in theory for an intermediate period, until the competent authority makes a decision. However, even this “intermediate censorship” can have very negative repercussions for open democratic discourse, for example, in the case of a lively debate on a topic of the day. According to the Albanian Media Institute, this approach also contradicts the latest jurisprudence of the Strasbourg Court, which has ruled that there can be no objective legal liability for portals in cases where third parties’ content is not “openly illegal”.

This decision highlights that a person’s claim of the illegality of third party publications can not be taken a priori for granted and automatically prevail over the freedom of expression of the author and the portal, in the absence of a decision by a competent authority. Also, according to the Albanian Media Institute, there was a risk of administrative censorship. Only a few administrative authorities in Albania have the legal power to make admissible decisions on some of the decisions that arise in the online context.

This may include personal data protection and anti-discrimination commissioners or consumer protection authorities. But the Albanian Media Institute was concerned about creating a ‘new responsible authority’, which by definition in the new legal changes could easily include the state police and several other agencies that are directly or indirectly dependent on the executive. As such, they can in no way become arbitrators in matters relating to the fundamental rights of individuals and especially to the free circulation of ideas and information on the Internet. The law ‘On electronic commerce’ in its article 5, point 2, ensures that the service provider of the information society, during the exercise of the activity, to provide its services remotely, ensures that these services:
a) not violate human rights;
b) to guarantee the protection of consumers and investors, according to the provisions of the legislation in force;
c) ensure the safety of minors;
ç) to impose protective measures for non-interference in its services and their non-use for criminal purposes;
d) be offered to all customers equally, without distinction as to sex, race, creed, ethnicity, or belief of the persons benefiting from them;
DH) not to endanger national security and public safety;
e) not to endanger public health;
ë) to be provided, in any case, with the prior consent of the service recipient. Article 5/1 states that the provision of information society services by a service provider established in a member state of the European Union, for reasons about coordinated regulation, is not limited to the Republic of Albania.

The law ‘On e-commerce’ itself, which in its beginnings was based on the same EU law adopted in 2000. The main changes of 2016 include only a few articles of this law and not its object. Thus, the main differences are related to the authorities’ determination that will take action in cases of ascertainment of information with illegal content, as such will be the Commissioner for the Right to Information and Protection of Personal Data, but also deadlines.

The main changes include articles 7, 8, 9, and 22. According to article 7 there is an obligation for general information by the portals that provide electronic commerce. Point 1 states that the ‘service provider in the exercise of the activity provides information to the service recipients and the relevant authorities, at least, on
a) the trade name of threepence, provider and if there is no such, the term used to whom he is registered for the exercise of the activity;
b) the address of the place where the headquarters or the main center of activity of the service provider is located;
c) e-mail address or any other details that allow fast and efficient communication with the service provider;
e) registration data in the commercial register of the service provider, especially the unique identification number of the person;
d) unique data of the responsible supervisory authority when the activity of the service provider is the object of its exercise through its equipment with special authorization;
h) regulated professions, also indicating:
i) public, professional entity or similar institution, where the service provider is registered;
l) the professional title and the State of its issuance or acquisition;
g) reference to the rules governing the profession and jurisdiction applied in the State of its creation and the means of information on them; m) the unique identification number of the entity or NIPT. In addition to the provisions of this law, the information service provider is obliged that in the information it provides, in addition to the provisions of this law, to respect the provisions of law no. 9902, dated 17.4.2008 “On consumer protection”. Article 8 of the law “On electronic commerce” has also been amended, which deals with the conditions for providing information. Thus, according to this article, the information society service provider in commercial communications, which are part or constitute an information society service, ensures that these communications meet at least the following conditions:
a) are identifiable by third parties as commercial communications;

b) enable the clear identification of the natural or legal person, in whose name and on whose behalf these commercial communications have been made;
c) in the case of promotional offers, which result in a reduction of the price, winning of any prize or allowed gifts, according to the legislation in force, must have identified the above data, and must present in a manner transparent, easily accessible and without a doubt, the conditions to be met for qualification,
e) in the case of competitions or promotional games, if these are allowed under applicable law, the information society service provider must have identified them as such, as well as present to third parties, in a transparent, easily accessible, and without any doubt, conditions for their participation.

Article 9 defines the cases of unsolicited commercial communications. Thus, according to point 1 of this article, ‘unsolicited commercial communications via e-mail or SMS are allowed only with the prior approval of their recipient.’ Point 2 states that ‘unsolicited commercial communications via e-mail, in those cases where they are permitted by law, must be clearly and unequivocally identified as such, from the initial moment of their receipt by the recipient.’ Point 3 requires that “every service provider providing unsolicited commercial communications via e-mail shall maintain a register of exceptions, which shall record persons who do not wish to receive unsolicited commercial communications. Service providers are obliged to check and respect the register of exemptions regularly.

Article 22, which sets the sanctions in case of violation, has also been amended. Thus, according to this article, a legal entity, service provider of the information society, is punished with a fine of 200,000 (two hundred thousand) ALL, for the following cases:
a) violation of the obligation for general information (Article 7);
b) violation of the responsibility for available information on commercial communications (Article 8);
c) violation of the obligation to provide access for the conclusion of the contract (Article 13 point 1);
d) non-compliance with issue 3 of article 13 of this law for not granting access to the service recipient, to preserve, use and reproduce them;
e) violation of the obligations of points 2 and 3 of article 20 of this law;
f) not providing access to computer equipment and information for authorized persons, according to point 3 of article 21 of this law.
g) for non-compliance with Article 9 for unsolicited commercial communications. Point 2 determines a different fine for violations committed by natural persons, service providers of the information society, wherein they are punished with a fine of 100,000 (one hundred thousand) ALL. As with laws adopted in EU countries, as in the example of Germany above, point 3 of Article 22 stipulates that” the violations provided for in this law, when they do not constitute a criminal offense, constitute administrative offenses and, according to their field of action, the supervisory authorities impose fines, according to the provisions of this law. ”

In general, the Albanian legislation in force on electronic communications, information society, and media aims to: eliminate obstacles to the effective functioning of the internal market in electronic communications networks and services, promoting competition in the internal market, consumer protection, etc. Despite the existence of legislation, the main problem remains its implementation and the high level of informality. Although the existing laws are drafted according to EU standards, Albania’s online commerce still appears problematic and chaotic. Most entities that engage in this activity are often unregistered, and consumers can easily fall prey to fraud. In the following section, I will discuss some concrete cases of online commerce in Albania, its mode of operation, and the practical benefits that come from it.