Assessment of the Legal Framework for the Cambodia National Single Window Final Report

June 2015

This publication was produced by Nathan Associates Inc. for review by the United States Agency for International Development.

Assessment of the Legal Frame-work for the Cambodia National Single Window

Final Report

DISCLAIMER

This document is made possible by the support of the American people through the United States Agency for Interna-

tional Development (USAID). Its contents are the sole responsibility of the author or authors and do not necessarily re-

flect the views of USAID or the United States government.

Contents

Abbreviations ii

Executive Summary v

Introduction v

Overview of Recommendations vi

General Background 1

Introduction 1

Methodology for the Cambodia Legal Review 2

Single Window Developments 4

Introduction 4

Legal Framework for a Single Window 5

The Use of International Legal Standards 6

Cambodia NSW: Legal Gap Analysis 12

Electronic Transactions Legal Developments 13

Essential Legal Elements of the Cambodia NSW 18

Identification 24

Comments and Recommendations 34

Introduction 34

Recommendations 36

Concluding Comments 39

Appendix A. CNSW Legal Gap Analysis Workshop Agenda

Appendix B. Excerpts from Protocol for Legal Framework to Implement the ASW

Abbreviations

ACTI ASEAN Connectivity through Trade and Investment ADR Alternative Dispute Resolution AMS ASEAN Member States APEC Asia-Pacific Economic Cooperation ASEAN Association of Southeast Asian Nations ASW ASEAN Single Window ASYCUDA Automated System for Customs Data B2B Business-to-Business B2G Business-to-Government CA Certification Authority CAMTA Cambodian Trucking Association CNSW Cambodia National Single Window CCC Cambodian Chamber of Commerce CSP Certification Service Provider ECC United Nations Electronic Communications Convention G2B Government-to-Business G2G Government-to-Government GDCE General Department of Customs and Excise ICT Information & Communications Technology IPR Intellectual Property Rights ISA Interconnection Security Agreement JLTF WCO-UNCITRAL Joint Legal Task Force on the International Single Window

in Coordinated Border Management LWG ASEAN Single Window Legal and Regulatory Working Group MAFF Ministry of Agriculture, Forestry, and Fisheries MEF Ministry of Economy and Finance MOC Ministry of Commerce MOH Ministry of Health MOU Memorandum of Understanding MPTC Ministry of Posts and Telecommunications MRA Mutual Recognition Agreement

A B B R E V I A T I O N S I I I

NBC National Bank of Cambodia NSW National Single Window NSWSC National Single Window Steering Committee OECD Organization for Economic Cooperation and Development PII Personally Identifiable Information PIN Personal Identification Number PKI Public Key Infrastructure PLF Protocol on the Legal Infrastructure for Implementing the ASEAN Single Win-

dow SLA Service Level Agreement SW Single Window TWG ASW Technical Working Group UN United Nations UN/CEFACT United Nations Centre for Trade Facilitation and Electronic Business UNCITRAL United Nations Commission on International Trade Law UNCTAD United Nations Conference on Trade and Development UNECA United Nations Economic Commission for Africa UNESCAP United Nations Economic and Social Commission for Asia and the Pacific WCO World Customs Organization WTO World Trade Organization USAID United States Agency for International Development

Executive Summary

INTRODUCTION 1. This Report has been prepared for the Royal Kingdom of Cambodia to support its efforts to develop the Cambodia National Single Window (CNSW) pursuant to its commitments under the ASEAN Single Window Agreement1 (ASW Agreement) and the ASEAN Single Window Protocol.2 The analysis here focuses on the key legal issues that are important to the creation and operation of a National Single Window (NSW), including those legal issues related to the use of infor-mation and communications technology (ICT) and electronic transactions that provide the framework within which an electronic NSW operates.

2. The ASW Agreement, signed by the Government of the Royal Kingdom of Cambodia in Kuala Lumpur, 9 December 2005, states in Article 5, paragraph 1, that: “Member Countries shall develop and implement their National Single Windows in a timely manner for the establishment of the ASEAN Single Window.”3

3. In order to fulfil its obligations under the ASW Agreement, Cambodia has actively engaged in preparations for creating its NSW. As part of these preparations, it requested assistance from the ASEAN Secretariat to develop a legal analysis that focused on identifying potential gaps in its domestic legal framework that will need to be addressed for the full implementation of the CNSW and its cross-border interoperability in an electronic environment.

4. This Report is a preliminary step in the on-going effort to develop an effective legal framework for the CNSW. It outlines the general legal requirements that should be addressed in creating the enabling legal environment for the CNSW.

5. The approach taken in this report provides a review and analysis of the Cambodia legal framework for establishing its CNSW. It is based on meetings held with Cambodian government officials and members of the private sector, as well as legal materials that were made available at

1 Agreement to Establish and Implement the ASEAN Single Window, Kuala Lumpur, (9 December 2005), available at http://www.asean.org/communities/asean-economic-community/item/agreement-to-establish-and-implement-the-asean-single-window-kuala-lumpur-9-december-2005-2

2 Protocol to Establish and Implement the ASEAN Single Window, (20 December 2006), available at http://www.asean.org/archive/23084.pdf; see also, Vientiane Action Programme, signed at Vientiane, Lao PDR (29 November 2004) available http://www.asean.org/images/archive/VAP-10th%20ASEAN%20Summit.pdf

3 Supra, n.1, ¶ 1.

V I A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

the time of the meetings held in June 2014. In addition, the Report takes into account those sug-gestions and comments that were provided at the Cambodia National Single Window Legal Gap Analysis Workshop held in Phnom Penh, Cambodia on 26 June 2014. The Report identifies the potential gaps in the Cambodian legal framework that may create barriers for establishing and operating the CNSW. And since the CNSW will operate in an electronic environment, the under-lying legal framework for electronic transactions or ICT-based transactions are also addressed.

6. Recommendations are included for the legal areas where changes, including new legal ini-tiatives, may be needed in Cambodian laws and regulations to legally enable the operation of the CNSW and to make it legally interoperable with the ASW and other trading partners.

7. At its Ninth Meeting in December 2009, the ASEAN Single Window Legal and Regulatory Working Group (LWG) approved a Terms of Reference for legal gap analyses that may be under-taken by ASEAN Member States (AMS) entitled, “Legal Analysis for Implementation of Nation-al Single Windows.” This report relies on that document for overall guidance.

8. Finally, it should be noted that there might be additional efforts currently underway within Cambodia to address issues raised in this report but which were unknown to the participants at the meetings held in June 2014. Should this be the case, of course, appropriate adjustments would be made in this report.

OVERVIEW OF RECOMMENDATIONS 9. The following preliminary Recommendations are included in this Report:

Enact the draft Law on Electronic Commerce currently under consideration in Cambodia. The ‘electronic transactions’ sections of that draft Law appear clearly based on internation-al standards including the UNCITRAL Model Law on Electronic Commerce and the UN Electronic Communications Convention. Several issues, however, regarding Article 25 of the Law may need to be addressed as discussed in the Report.

Promulgate the enabling law (possibly by Inter-Ministerial Prakas or Proclamation) that will firmly establish the CNSW in national law.

In this CNSW enabling law, authorize the access to and sharing of information and data in electronic form between government organizations and the CNSW and in cross-border transactions (required to participate in the ASW.)

Address, in the CNSW enabling law the following legal issues for the operation of the Cambodia NSW:

The sharing and exchange of electronic documents and communications between Gov-ernment Ministries and other Government entities including the CNSW;

Data protection, privacy, and information security;

Establishment of identification, authentication and authorization processes;

Dispute resolution processes;

Regulations for the use of electronic documents;

The use of electronic and/or digital signatures;

E X E C U T I V E S U M M A R Y V I I

Data retention and electronic archiving of data and information;

Intellectual property rights and database ownership;

Legal agreements for private sector access to the CNSW.

Implement capacity building for both public sector officials and private sector entities in-volved in the CNSW.

General Background

INTRODUCTION 10. Growth in global value and supply chains has led many countries to seek modern methods for enhancing their competitive positions in trade in order to take advantage of this trend. The use has been one important area for improving trade facilitation. Cambodia has been active in moving towards the use of ICT and electronic commerce.4

11. In addition to legally enabling the NSW itself, having a legal framework that enables elec-tronic commerce transactions that will interface with the NSW is essential. If electronic transac-tions are not legally enabled domestically, this will create a barrier to cross-border transactions with the ASEAN Single Window (ASW.)

12. The ASW, once operational, will be one of the key elements in AMS efforts to create an integrated economic community by 2015 and to enhance both regional and global trade and de-velopment.5 The AMS have outlined an ambitious and leading-edge approach to achieve these goals through the use of the ASW and doing this using modern ICT (e.g., electronic transactions). Cambodia has been an active participant in the development of the regional ASW, which seeks not only opportunities for enhanced trade within the Region but also growth in international mar-kets for the AMS.6 Development and implementation of the ASW is one of the important ele-ments for achieving this.7

13. A critical part of the ASW development effort has been to encourage AMS to review their legal framework for implementing their NSWs. As noted earlier, this has resulted in the adoption by the ASW LWG of the Terms of Reference for undertaking legal gap analyses. In March 2014, the Cambodia General Department of Customs and Excise (GDCE), a Government Department

4 See e.g., Review Of E-Commerce Legislation Harmonization In The Association Of Southeast Asian Na-tions, United Nations Conference on Trade and Development (UNCTAD), UNCTAD/DTL/STICT/2013/1 (2013), at 22.

5 See e.g., DECLARATION OF ASEAN CONCORD II (BALI CONCORD II), Article B – ASEAN Economic Community (7 October 2003), available at http://www.asean.org/news/asean-statement-communiques/item/declaration-of-asean-concord-ii-bali-concord-ii-3; see also, RECOMMENDATIONS OF THE HIGH-LEVEL TASK FORCE ON ASEAN ECONOMIC INTEGRATION, annexed to Bali Con-corde II, available at http://www.asean.org/news/item/recommendations-of-the-high-level-task-force-on-asean-economic-integration.

6 ASEAN Economic Community Blueprint (November 2007), http://www.asean.org/archive/5187-10.pdf 7 Vientiane Action Programme, signed at Vientiane, Lao PDR (29 November 2004), Sec.2.3.5.1 Customs,

http://www.asean.org/archive/ADS-2004.pdf.

2 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

within the Ministry of Economy and Finance (MEF) requested ASEAN Secretariat to provide technical assistance to conduct its legal gap analysis.

METHODOLOGY FOR THE CAMBODIA LEGAL REVIEW 14. The Royal Kingdom of Cambodia is in the process of developing its NSW for interconnec-tion to the ASW under the terms of the ASEAN Single Window Agreement to which Cambodia is a party. As part of its efforts, it requested assistance from the ASEAN Secretariat in undertak-ing a Legal Framework Analysis to identify any gaps in its legal environment that might hinder the implementation of the CNSW. In response to this request, the ASEAN Secretariat requested that the United States Agency for International Development (USAID) provide assistance in this effort through its ASEAN Connectivity through Trade and Investment (ACTI) Program. This Re-port was made possible through that support.

15. The approach for this legal gap analysis is generally consistent with the model developed by the ASEAN Single Window Legal and Regulatory Working Group.8 Several ASEAN Member States have used this Terms of Reference for conducting the legal reviews of their NSW legal environments.

16. An in-country review was undertaken from 16-27 June 2014. In addition to meetings with the General Department of Customs and Excise, meetings were arranged with representatives of other government Ministries, as well as private sector entities that would be participating in the CNSW and that will need to connect to the CNSW. Participating in these meetings were:

Ministry of Commerce (MOC) Ministry of Agriculture, Forestry and Fisheries (MAFF) Ministry of Posts and Telecommunications (MPTC) Ministry of Health (MOH) National Bank of Cambodia (NBC) Cambodia Chamber of Commerce (CCC) Cambodia Trucking Association (CAMTA) The World Bank

17. During the second week of the in-country review, a preliminary briefing was provided at the offices of the GDCE to all interested stakeholders on various aspects of the legal assessment. A variety of topics were discussion regarding the in-country review as well as the rationale for the use of international legal standards and the importance of addressing the requirements for the CNSW as anticipated by the ASW Agreements.

18. A Workshop9 was held for government officials and other stakeholders on Thursday, 26 June 2014. The Workshop included a presentation of the key international and ASW standards

8 See supra, ¶ 7. 9 See, Annex I, Provisional Agenda – Cambodia National Single Window Legal Gap Analysis Workshop,

Sunway Hotel, Phnom Penh, Cambodia – 26 June 2014.

G E N E R A L B A C K G R O U N D 3

related to development of NSW legal frameworks as well as a presentation of the Preliminary Findings of the Cambodia NSW Legal Framework Review.

19. The findings presented were based on the review of legal materials provided to the Legal Advisor and the discussions held in meetings with government officials as noted above. Subse-quent to the presentations, the participants raised a variety of questions and comments that are covered in this Preliminary Draft Report. This Preliminary Draft Report was provided to Cambo-dian officials to make additional comments and clarifications. This final Report incorporates the comments provided.

Single Window Developments10

INTRODUCTION 20. The growing use of electronic commerce methods in international business transactions has demonstrated the increasing importance of ICT as a basis for Single Window operations. A con-siderable amount of energy in the development of Single Window facilities has focused on the importance of technical “interoperability” across borders11. The reasons for this are obvious, at least in terms of using a country’s Single Window facility for efficient cross-border trade transac-tions with Single Window facilities in other countries. Work in this area is continuing in various organizations.12

21. The concept of the Single Window in trade is relatively straightforward. The United Na-tions Centre for Trade Facilitation and Electronic Business (UN/CEFACT) adopted its Recom-mendation 33 – Establishing a Single Window to Enhance the Efficient Exchange of Information between Trade and Government in 2005 and provides a now widely used definition of the single window:

10 See generally, W. Luddy, “International Single Window Development,” UNCITRAL COLLOQUIUM ON ELECTRONIC COMMERCE (New York, February 2011), available at http://www.uncitral.org/uncitral/en/commission/colloquia/electronic-commerce-2010program.html ; W. Luddy, "ASEAN Single Window: The Intersection of Law and Technology" (2008), available at: http://pdf.usaid.gov/pdf_docs/PNADM816.pdf ; UN Recommendation 35 – Establishing a legal framework for international trade Single Window, ECE/TRADE/C/CEFACT/2010/23/Rev. 2 (8 October 2010), which is available at http://www.unece.org/fileadmin/DAM/cefact/recommendations/rec35/Rec35_ECE_TRADE_401_EstablishingLegalFrameworkforSingleWindow_E.pdf ; UNCITRAL, Promoting confidence in electronic com-merce: legal issues on international use of electronic authentication and signature methods (2009), availa-ble at http://www.uncitral.org/pdf/english/texts/electcom/08-55698_Ebook.pdf ; UNESCAP, Electronic Single Window Legal Issues: A Capacity-Building Guide (August 2012), available at http://www.unescap.org/publications/detail.asp?id=1518; WCO Compendium: How to Build a Single Win-dow, at http://www.wcoomd.org/en/topics/facilitation/activities-and-programmes/single-win-dow/~/media/WCO/Public/Global/PDF/Topics/Facilitation/Activities%20and%20Programmes/Single%20Window/Compendium/PC_SWC_Vol_1_E.ashx (See, Chapter 7, “Dealing with Legal Issues.”).

11 It should be noted that the UN/CEFACT is currently developing a new Recommendation 36 – Single Window Interoperability that is focused specifically on the technical and legal issues related to cross-border Single Window transactions. It is in the early phases of development.

12 See e.g., UNESCAP Draft Agreement / Framework Agreement / Framework Arrangement on Facilita-tion of Cross-Border Paperless Trade in Asia and the Pacific. The latest version of which is included in the Report of the Ad Hoc Intergovernmental Meeting on a Regional Arrangement for the Facilitation of Cross-Border Paperless Trade, E/ESCAP/PTA/IGM.1/2, Bangkok, Thailand (30 April 2014). The Report is avail-able at http://unnext.unescap.org/fcpt-igm-report.pdf Additional related materials can be found at http://unnext.unescap.org/reso683.asp.

S I N G L E W I N D O W D E V E L O P M E N T S 5

… [A] Single Window is defined as a facility that allows parties involved in trade and transport to lodge standardized information and documents with a single entry point to fulfill all import, export, and transit-related regulatory requirements. If information is electronic, then individual data elements should only be submitted once.13

22. The benefits for establishing a single window have been identified by various organiza-tions. In Recommendation 33, UN/CEFACT describes the general benefits that can accrue to governments and the private sector this way:

The implementation of a Single Window can be highly beneficial for both Governments and trade. For Governments it can bring better risk management, improved levels of se-curity and increased revenue yields with enhanced trader compliance. Trading communi-ties benefit from transparent and predictable interpretation and application of rules, and better deployment of human and financial resources, resulting in appreciable gains in productivity and competitiveness.

The value of such a facility for governments and traders has taken on increased im-portance in the new security environment with its emphasis on advance information and risk analysis.14

LEGAL FRAMEWORK FOR a SINGLE WINDOW 23. However, the importance and necessity for creating an enabling legal infrastructure has emerged as an important element for the success of a single window facility at the national level and, to the extent possible, for a harmonized approach at the regional and international levels. Further, harmonization of the legal framework for purposes of operating a Single Window across borders often requires review of other aspects of the legal environment for the “supply and value chains” and other relevant stakeholders served by the single window.15

24. Also, it is important to identify the essential legal issues related to the creation and opera-tion of a single window in order to fully understand what legal gaps may exist in national laws. This presents an opportunity to consider how the technical architecture16 of the single window can affect the range of legal issues that must be addressed. This exercise is useful to governments that have or are in the process of establishing NSWs, particularly where the potential for enabling cross-border transactions will be a key benefit, as is the case with the CNSW and its participation in the ASW.

13 Recommendation and Guidelines on Establishing a Single Window to Enhance the Efficient Exchange of Information between Trade and Government – Recommendation No. 33, at page 3, (ECE/ TRADE/352, July 2005), available at http://www.unece.org/fileadmin/DAM/cefact/recommendations/rec33/rec33_trd352e.pdf.

14 Id. 15 See, Dr. Bart Schermer, “Legal Issues of Single Window Facilities for International Trade,” UN-

CITRAL CONGRESS – MODERN LAW FOR GLOBAL COMMERCE (July 2007) (hereinafter, “UN/CEFACT Legal Group Paper”) at 4. The paper is available at http://www.uncitral.org/pdf/english/congress/Schermer.pdf.

16 K. Chong, “Legal and Regulatory Aspects of International Single Window Implementation: The ASEAN Experience”, 4 Global Trade and Customs Journal pp. 185–193 (Kluwer Law International, 2009.)

6 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

25. Many of the legal issues noted in this Report are generic to the legal infrastructure for both NSW development and for cross-border (or international) single window development since there can be substantial overlap between them. It is clear, of course, that there are specific areas in which national law operates. For example, the actual creation of the enabling legal infrastructure for the NSW will be firmly based in domestic law and regulation.

26. At the same time, as noted above, it is important to craft the national legal framework in a way that will enable the CNSW to be interoperable with other NSWs within ASEAN and outside ASEAN as well. That is, national legislation, sub-decrees, Proclamations, and/or regulations are essential for authorizing cross-border electronic transactions as well as domestic transactions within the CNSW. As with the technical development of an NSW – one designed to be interoper-able across borders – the national legal infrastructure should be formulated with a view to using international standards to achieve cross-border interoperability.

THE USE OF INTERNATIONAL LEGAL STANDARDS 27. There are a number of international organizations that have been involved in the develop-ment of international legal standards for Single Windows and the related area of electronic com-merce.17 The United Nations Commission on International Trade Law (UNCITRAL), UN/CEFACT, and the World Customs Organization (WCO) have been particularly active in the area of creating new standards for the legal aspects of the Single Window. Most regional efforts focused on Single Window development also look to these international standards for guidance. The work at the United Nations Economic Commission for Asia and the Pacific (UNESCAP), the United Nations Economic Commission for Africa (UNECA), the Asia-Pacific Economic Cooper-ation (APEC) organization, and others have focused on the international texts, model laws, trea-ties, and guidance documents promulgated by these UN and Intergovernmental organizations. Individual countries have often based their Single Window legal development activities on these standards as well.

28. ASEAN, too, has decided that the legal framework of the ASW will be based on interna-tional legal standards. For example, Article 6 of the ASW Agreement18 and Article 5 of the ASW Protocol19 both call for the use of international standards in the development of both the ASW and the NSWs of the AMS. The ASW Legal and Regulatory Working Group (LWG) incorpo-rated this mandate to utilize international legal standards in its work. Consistent with this ap-proach, the LWG approved Terms of Reference for the legal gap analysis includes specific refer-

17 For purposes of this Report, it is assumed that the Cambodia National Single Window is intended to use an “electronic” approach rather than a paper model. As noted in of the Terms of Reference – Legal Analysis for Implementation of National Single Windows approved by the ASW LWG, “In order to take advantage of state of the art technology and technological advances, the ASW and NSWs make use exten-sively of the application of Information and Communication Technology and, to a certain extent, the SW environment can be seen as part of an e-Commerce platform.” (At page 1.)

18 Agreement to Establish and Implement the ASEAN Single Window, Kuala Lumpur, (9 December 2005), available at http://www.asean.org/communities/asean-economic-community/item/agreement-to-establish-and-implement-the-asean-single-window-kuala-lumpur-9-december-2005-2.

19 Protocol to Establish and Implement the ASEAN Single Window, (20 December 2006), available at http://www.asean.org/archive/23084.pdf.

S I N G L E W I N D O W D E V E L O P M E N T S 7

ence to the review of international standards for NSWs. This emphasis, of course, is consistent with the idea that each AMS NSW should have interoperability and interconnectivity with the ASW and with other NSWs within ASEAN and beyond the region.

29. The LWG has been clear about this focus on international standards in work to prepare the draft Protocol on the Legal Framework to Implement the ASEAN Single Window (PLF).20 The draft PLF includes specific reference to international legal texts that may be incorporated in na-tional law related to an AMS’s NSW legal framework.

30. The following sections of this Report looks primarily at the work of UNCITRAL and UN/CEFACT as these two UN organizations have provided substantial and long-term develop-ment work in the areas of the Single Window and electronic transactions. Additionally, these are the two organizations to which the ASW’s LWG has looked for guidance on international legal standards for the ASW.

United Nations Commission on International Trade Law 31. The United Nations General Assembly has given UNCITRAL a general mandate is “to fur-ther the progressive harmonization and unification of the law of international trade.” It is the “core legal body within the United Nations system for international trade law.”21

32. In the field of electronic transactions law, UNCITRAL has completed an important interna-tional convention22 and two Model Laws23 that provide important benchmarks for international standards in the field of electronic transactions law. The United Nations Convention on the Use of Electronic Communications in International Contracting, known as the UN Electronic Communi-cations Convention (ECC), not only provides international legal standards for electronic transac-tions in its substantive provisions (Articles 4 – 14), but also provides a vehicle in Article 20 of the ECC whereby a ratifying State can decide to apply the e-Transactions provisions of the Conven-tion to a wide range of earlier treaties and international agreements to which that State may be a party. This permits a ratifying State to extend the reach of its electronic transactions legal frame-work to other types of international transactions.

20 The LWG has nearly completed its work on the text of the draft Protocol. Annex 2 to this Report in-cludes excerpts from the current version of this draft Protocol for review.

21 Additional information regarding UNCITRAL and its work is available at http://www.uncitral.org/uncitral/en/ index.html.

22 The United Nations Convention on the Use of Electronic Communications in International Contracts was adopted by the UN General Assembly on November 23, 2005. See Resolution Adopted by the General Assembly [on the report of the Sixth Committee (A/60/515)] 60/21. United Nations Convention on the Use of Electronic Communications in International Contracts, Official Records of the General Assembly, 60th Session, A/RES/60/21 (hereinafter, “Electronic Communications Convention.”) Four countries have rati-fied this Convention and sixteen more have signed the Convention. The Convention entered into force on 1 March 2013. The Convention and an explanatory note by the UNCITRAL Secretariat are available online at http://www.uncitral.org/pdf/english/texts/electcom/06-57452_Ebook.pdf.

23 UNCITRAL Model Law on Electronic Commerce with a Guide to Enactment (1996, with additional Article 5 bis done in 1999) and the UNCITRAL Model Law on Electronic Signatures (2001) may be ac-cessed at http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce.html.

8 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

33. In addition, UNCITRAL developed the Model Law on Electronic Commerce (1996), which has been widely used as the framework for enactment of domestic electronic commerce law. Pro-visions of this UNCITRAL Model Law have been enacted and/or inspired legislations in at least 54 countries and in many territories and dependencies. Further, at least 7 ASEAN Member-States have used this UNCITRAL Model Law as the basis for their domestic electronic commerce law and others have indicated that the Model Law has inspired their electronic commerce legal frameworks. Some States have also used the UNCITRAL Model Law on Electronic Signatures (2001) for guidance on domestic law in this area.24 Finally, both UNCITRAL Model Laws have been updated by the ECC to reflect important changes in the use of electronic transactions in in-ternational trade law.

34. UNCITRAL has also prepared an extensive guidance document related to electronic signa-tures entitled Promoting Confidence in Electronic Commerce: Legal Issues on International Use of Electronic Authentication and Signature Methods (2009.)25 Taken together, these texts provide important underlying legal principles in the area of electronic commerce and electronic transac-tions on which the legal framework for the Single Window can be overlaid.

35. To the extent that having an “e-Transactions-ready legal environment” is important to trade and business development (i.e., an enabling electronic transactions legal infrastructure) as well as important to the use of ICT for national and international single window facilities, the UN-CITRAL texts provide important international legal policy guidance. In addition, the ASW LWG has encouraged AMS to consider ratifying the ECC and adopting aspects of the UNCITRAL Model Law on Electronic Commerce for domestic law. The LWG, for example, has noted these texts in the introduction to the latest version of the draft Protocol on the Legal Framework to Im-plement the ASEAN Single Window.

36. Finally, UNCITRAL, and the World Customs Organization26 (WCO) initiated a Joint Legal Task Force (JLTF) to further develop the international legal standards for the international single window. The JLTF explored, building in part on the work done in UN/CEFACT’s Recommenda-tion 35 (see below), the legal issues related to the single window and examined utilizing the UN ECC and the UNCITRAL Model Laws as the underlying electronic commerce legal framework. This work focused not only on the legal issues related to cross-border exchange of data between governments (G2G), but also on legal issues of importance to other stakeholders in the Single window environment, including industry sectors (B2G, G2B, B2B.)

24 Approximately 16 countries, including only 2 AMS, have based some of its electronic commerce law on this Model Law.

25 Available at http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce.html. 26 The Kingdom of Cambodia acceded to the Convention Establishing a Customs Co-operation Council

on 3 April 2001 and is, therefore, a member of the WCO. Besides the cooperative effort with UNCITRAL described here, there are a variety of WCO Single Window guidance documents (including its Single Win-dow Compendium – Volumes 1 and 2) available at http://www.wcoomd.org/en/topics/facilitation/activities-and-programmes/single-window/single-window.aspx.

S I N G L E W I N D O W D E V E L O P M E N T S 9

37. While no final recommendations were adopted by the JLTF, its work has led to closer col-laboration between these two organizations. The WCO is actively involved with the UNCITRAL Working Group IV on Electronic Commerce and participates in the UNCITRAL Plenary Sessions each year.

UN Centre for Trade Facilitation and Electronic Business 38. UN/CEFACT Recommendation 35 on establishing a legal framework for international trade Single Window27 provides important guidance in the NSW area and is part of the basis for the work of the ASEAN LWG over the past several years. The Recommendation includes 4 prin-ciple areas noted on page 6:

Undertake a study (including e-Commerce legal benchmarking and ‘gap analysis’ studies) to determine an appropriate set of measures that may need to be taken to address legal is-sues related to national and cross-border exchange of trade data required for Single Win-dow operations (The International Trade Single Window Legal Framework.) [Emphasis added.]

Use the UN/CEFACT checklist and its guidelines (Annexes I and II) to ensure that the most frequent legal issues related to national and cross-border exchange of trade data are includ-ed in the framework.

Amend existing legislation, regulations, decrees, etc., if necessary, to address the identified legal issues and gaps.

Utilize international standards, international legal instruments, and soft law instruments, where available, throughout the entire process of creating a legally enabling environment for an International Trade Single Window. [Emphasis added.]28

39. Of particular importance to the legal gap analysis is the list of key legal issues included in Annex II – Checklist Guidelines29 of Recommendation 35. This Checklist provides a beginning set of legal issues as well as initial Guidelines for addressing those issues.

40. As noted in Recommendation 35, a number of additional legal issues may arise depending on the actual implementation of the Single Window facility. Thus, the Checklist should be used as the basis for identifying other issues related to data exchanges between Government entities participating in the NSW (G2G transactions) that may need to be analyzed. These issues are also related to B2G and G2B transactions, and to the broader B2B environment both at the national and international levels.

41. The legal areas30 covered in the Checklist of Recommendation 35 include, among others:

27 Recommendation 35 – Establishing a legal framework for international trade Single Window, ECE/TRADE/C/CEFACT/2010/23/Rev. 2 (8 October 2010), available at http://www.unece.org/cefact/recommendations/rec_index.htm.

28 Id., at page 6. 29 Id., at page 8. 30 Id., at pages 8-15.

1 0 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

Legal basis for implementing a Single Window facility SW facility structure and organization Data Protection Authority to access and share data between government agencies Identification, authentication and authorization Data Quality Issues Liability issues (obligations and responsibility) Arbitration and dispute resolution Electronic Documents Electronic archiving Intellectual property rights and database ownership Competition

42. These issues and others are important to the development and implementation of the CNSW and will be discussed in more detail in following sections of this Report. Again, Recom-mendation 35 advises governments that they should review these issues as a starting point when undertaking the legal gap analysis.

UN Economic and Social Commission for Asia and the Pacific (UNESCAP) 43. The United Nations Economic and Social Commission for Asia and the Pacific (UNES-CAP)31 has also worked on the development of a variety of single window and paperless trade issues. UNESCAP published its Electronic Single Window Legal Issues: A Capacity-Building Guide in 2012.32 This very practical Guide builds on the work done at UN/CEFACT and UN-CITRAL and provides guidance on many important legal issues related to both single window and paperless trade issues and trends.

44. Additionally, in May 2012 the UNESCAP Commission adopted Resolution 68/3, Enabling Paperless Trade And The Cross-Border Recognition Of Electronic Data And Documents For In-clusive And Sustainable Intraregional Trade Facilitation.33 After extensive study of trading pat-terns in the Asia-Pacific region, the UNESCAP Secretariat, with the assistance of the United Na-tions Network of Experts for Paperless Trade (UNNExT) developed a draft UNESCAP Agree-ment / Framework Agreement / Framework Arrangement on Facilitation of Cross-Border Paper-less Trade in Asia and the Pacific.34

45. This draft Agreement focuses considerable attention on Single Window legal issues and seeks to create a broad enabling framework for cross-border facilitation of trade transactions. In

31 The Royal Kingdom of Cambodia became a member of UNESCAP on 20 August 1954. 32 UNESCAP, October 2012, available at http://www.unescap.org/publications/detail.asp?id=1518. 33 Available at http://unnext.unescap.org/reso683.asp. 34 The latest version of this draft text is included in the Report of the Ad Hoc Intergovernmental Meeting

on a Regional Arrangement for the Facilitation of Cross-Border Paperless Trade, E/ESCAP/PTA/IGM.1/2, Bangkok, Thailand (30 April 2014). The Report is available at http://unnext.unescap.org/fcpt-igm-report.pdf Additional related materials can be found at http://unnext.unescap.org/reso683.asp

S I N G L E W I N D O W D E V E L O P M E N T S 1 1

this regard, it is similar to the approach that ASEAN Member States are taking in this area as part of the AMS’ efforts to establish the ASEAN Economic Community for regional integration.

46. This work at UNESCAP also builds on the international legal standards for electronic transactions and the international single window noted in the previous sections.

Cambodia NSW: Legal Gap

Analysis

47. Over many years, most countries have developed appropriate customs systems that reflect the types of policy choices that are consistent with their goals for trade facilitation and enforce-ment. These policy choices are usually embodied in national law and regulations. Customs Ad-ministrations are responsible for implementing these laws and regulations and have primary re-sponsibility for border control with respect to the movement of goods across borders, collection of revenues, etc.

48. In recent years there have been extensive efforts by many countries to develop modernized approaches in the Customs area. With the advent of the single window for trade, a new set of le-gal requirements has emerged particularly when the single window is expected to utilize ICT methodologies.

49. The legal framework required for implementation of the CNSW will entail the creation of new laws and/or regulations to operate its NSW legally within Cambodia and to provide the basis for cross-border transactions in the ASW environment as required by the ASW Agreements to which Cambodia is a party.

50. It appears that while Cambodia has initiated various efforts to automate customs operations, including work towards the full implementation of the Automated System for Customs Data (ASYCUDA)35 and its current work in establishing a CNSW, a complete legally enabling frame-work for its CNSW is not currently in place.36

51. Through its participation in the ASW LWG, Cambodia has been able to study the types of policy decisions necessary to move forward to establish the legal framework for its CNSW. The legal considerations that Cambodia may wish to incorporate in its national law are discussed in the following sections.

35 The GDCE has worked on implementing the latest version of ASYCUDAWorld for customs transac-tions in Cambodia. See, http://www.customs.gov.kh/index.php/trade-facilitation/automated-system-asycuda. “The ASYCUDA programme is directed at reforming the customs clearance process. It aims at speeding up customs clearance through the introduction of computerization and simplification of proce-dures and thus minimizing administrative costs to the business community and the economies of countries.” UNCTAD-The ASYCUDA Program, Objectives, available at http://www.asycuda.org/programme.asp.

36 As noted earlier, there may be efforts underway about which information was unavailable at the time of the country visits. To the extent that such laws are in place, naturally, this report will need to be modified appropriately.

L E G A L G A P A N A L Y S I S 1 3

52. This section of the report covers two areas important to development of the overall legal framework for an electronic NSW. The first focuses on the electronic transactions legal landscape in Cambodia. Since Cambodia and the ASW contemplate that an electronic NSW will be estab-lished in each AMS, it is important that the necessary legal foundation for electronic transactions be in place for the operation of the CNSW. This review is not an extensive examination of such law in Cambodia but only those elements that will enable the “electronic” aspects of the CNSW.

53. The second area covered deals with the specifics legal issues related to establishing and operating the CNSW. The basis for this analysis is United Nations Recommendation 3537 and, in particular, Annex II to this UN Recommendation. The reason for doing this is that UN Recom-mendation 35 has been used throughout the discussions of the legal framework for the ASW and is a key international standard and, as noted earlier, the ASW Agreement itself calls for the use of such international standards. Additionally, the ASW LWG used this Recommendation in the de-velopment of the Terms of Reference for the Legal Gap Analysis that it has recommended each AMS undertake. Finally, the draft Protocol on the Legal Framework for Implementing the ASW includes provisions that mirror those found in UN Recommendation 35.38

ELECTRONIC TRANSACTIONS LEGAL DEVELOPMENTS 54. The legal framework of the CNSW should be based on international legal standards as well as the specific needs of Cambodia’s single window policy perspectives that will be reflected in its national law. In addition, the context of the ASW should be used as a benchmark for development of this legal framework in order to meet all of Cambodia’s ASEAN obligations. And since the Cambodia NSW will operate in an electronic environment, as does the ASW, an appropriate legal infrastructure for electronic transactions is also necessary.

55. As noted earlier, an important aspect in the developing the overall legal framework review for an electronic NSW is to insure that the necessary electronic transactions legal foundation is in place so that the CNSW can build on it. It has been noted that a sound electronic transactions le-gal foundation is a sine qua non for operating and electronic NSW. Further, an inconsistent elec-tronic transactions legal environment can slow development and even become a barrier to the ef-fective implementation of the Cambodia NSW as well as creating other barriers to a robust and comprehensive ICT legal framework.

56. As noted earlier, there is a strong emphasis in the ASW Agreement on utilizing internation-al legal standards in the development of the ASW and the NSW of each AMS. The ASW LWG has focused on those legal standards that have been developed by UNCITRAL in its Model Laws

37 See, Recommendation 35 – Establishing a legal framework for international trade Single Window, ECE/TRADE/C/CEFACT/2010/23/Rev. 2 (8 October 2010), available at http://www.unece.org/cefact/recommendations/rec_index.htm.

38 As noted earlier, Annex 2 of this Report contains a compilation of relevant provisions in the PLF that relate to the legal framework for NSWs in AMS.

1 4 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

and the UN Electronic Communications Convention as well as UN Recommendation 35 for the legal framework for the international trade Single Window.39

57. Among the important electronic transactions principles embodied in these international texts and standards are:

Functional Equivalence, that is, national law should make explicit that electronic docu-ments, records, messages, and signatures are the legal equivalents of paper documents, rec-ords, messages and signatures;

Nondiscrimination between electronic documents, records, messages and signatures and their paper equivalents, that is, an electronic document, record, message or signature should not be denied validity solely because it is electronic in format; and,

Technology Neutrality, that is, no one technology should be proscribed in national law such that all other appropriate technologies are excluded from use. This has been particular-ly important in the area of electronic signatures since specifying a legal requirement that a technology-specific approach be used may prevent or slow innovation particularly as new and more effective and cost efficient technologies emerge.

58. Cambodia has been active in the development of its electronic transactions legal framework for some time.40 The Ministry of Commerce has been leading a steering committee drafting an electronic commerce law for Cambodia and this draft is discussed below. The primary concern for purposes of this analysis, of course, are those provisions that provide the enabling electronic transactions foundation for the CNSW.

Draft Law on Electronic Commerce 59. Cambodia’s draft Law on Electronic Commerce41 is a broad enabling law that covers a wide variety of legal areas related to electronic transactions.

60. This draft Law contains 12 Parts and 82 Articles. The 12 Parts are:

Part 1 – General Provisions Part 2 – Validity Of Electronic Communications Part 3 – Communications Process Part 4 – Security Service Providers Part 5 – Intermediaries And Electronic Commerce Service Providers Part 6 – Consumer Protection Part 7 – Government Acts And Transactions

39 UN Recommendation 35 also focuses on the UNCITRAL Model Laws and guidance documents as well as the ECC.

40 See, Review Of E-Commerce Legislation Harmonization In The Association Of Southeast Asian Na-tions, United Nations Conference on Trade and Development (UNCTAD), UNCTAD/DTL/STICT/2013/1 (2013), at 22.

41 The Ministry of Commerce provided a copy of the current version of the draft Law on Electronic Commerce, which was dated March 2014.

L E G A L G A P A N A L Y S I S 1 5

Part 8 – Offences Against The Confidentiality, Integrity And Availability Of Information Systems And Computer Data

Part 9 – Evidence Part 10 – Electronic Payments/Funds Transfers Part 11 – Offences Part 12 – Final Provisions

61. The Purposes and Scope of this draft Law reflect important policy decisions about the na-ture of this Law. Article 1 on Purposes states:

This Law is designed to achieve the following objectives:

a. To facilitate domestic and international electronic commerce by eliminating legal bar-riers and establishing legal certainty;

To encourage the use of reliable forms of electronic commerce;

b. To facilitate electronic filing of documents with Government and to promote efficient delivery of Government services by means of reliable forms of electronic communica-tions;

c. To promote public confidence in the authenticity, integrity and reliability of electronic communications and electronic communications;

d. To deter the commission of certain harmful conduct against, or using, data and infor-mation systems. [Emphasis added.]

Article 2 on Scope states:

(1) This Law shall apply to all civil and commercial acts, documents and transac-tions as they related to the validity of electronic communications under Part 2, communi-cations process under Part 3, the security service providers under Part 4 and government acts and transactions under Part 7….42

Both Articles note that application of this Law to Government acts and electronic transactions. Thus, it would appear that when enacted, the provisions of this Law will to apply to the CNSW, enabling electronic transactions in the CNSW and providing for the validity of those types of electronic communications utilized in the CNSW.

62. Articles 6 – 11 provide many of the basic enabling electronic transactions provisions that will be needed in the CNSW. These Articles provide for the legal recognition of electronic com-munications (Article 6) including the principle of nondiscrimination; legal recognition of elec-tronic records (Article 7), which contains the principle of functional equivalence; the functional equivalence of electronic signatures (Article 8); requirements for “originals” as electronic records (Article 9); so called “form requirements” (Article 10), which provides that if an electronic doc-ument contains the information that is substantially similar to that provided for in a prescribed paper form, it is the equivalent to the paper form; and electronic record retention requirements (Article 11).

42 There are a number of exceptions to the application of the draft Law. These are typical of the excep-tions in most national electronic commerce/transactions laws as well as the UNCITRAL Model Law on Electronic Commerce and the UN Electronic Communications Convention.

1 6 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

63. Article 12 provides for the use of electronic evidence in legal proceedings under any rules of evidence and emphasizes the principle of nondiscrimination. It states:

(1) In any legal proceedings, nothing in the application of the rules of evidence shall apply so as to deny the admissibility of an electronic communication in evidence:

(a) On the sole ground that it is an electronic communication; or,

(b) If it is the best evidence that the person adducing it could reasonably be expected to obtain, on the grounds that it is not in its original form.

(2) Information in the form of an electronic communication shall be given due evi-dential weight. In assessing the evidential weight of an electronic communication, a court shall have regard to the reliability of the manner in which the electronic communication was generated, stored or communicated, to the reliability of the manner in which the in-tegrity of the information was maintained, to the manner in which its originator was iden-tified, and to any other relevant factor. [Emphasis added.]

64. Part 7 of the draft Law on Electronic Commerce focuses on Governments Acts and Trans-actions. Article 25 – Acceptance of Electronic Communications authorizes the use of electronic communications, documents, records, and signatures for transactions between the public and pri-vate sectors. It states:

(1) Any part of the Government that, pursuant to any law:

(a) Accepts the filing of documents, or requires that documents be created or retained;

(b) Issues any permit, license or approval; or

(c) Provides for the method and manner of payment, may, notwithstanding anything to the contrary in such written law —

(i) Accept the filing of such documents, or the creation or retention of such documents in the form of electronic communications;

(ii) Issue such permit, license or approval in the form of electronic com-munications; or

(iii) Make such payment in electronic form.

65. This provision will enable electronic transactions between the CNSW and traders, brokers, etc. It also permits the use of electronic transactions for Ministries that are involved in the import, export and transit of goods to accept applications and issuance of permits, licenses, etc., that are required for to facilitate import and export activities. Finally, it permits the use of electronic pay-ments where required.

66. Sub-article 2 provides the procedures and requirements that a Government Ministry or agency may establish if it decides to implement electronic transactions under this Article. These can be addressed in the regulations related to the use of electronic systems.

67. However, Sub-article 3 provides, “Nothing in this Law shall by itself compel any part of the Government to accept or issue any document in the form of electronic communications.” To the extent that all Ministries that are engaged in the import, export and transit processes within Cambodia are amenable to the use of electronic transactions, this would not create any barriers to the operation of Cambodia’s electronic NSW. Thus, it will be important to ensure that those in-

L E G A L G A P A N A L Y S I S 1 7

volved Ministries do adopt the Article 25 provisions at least with respect to the CNSW and/or trade facilitation activities related to the import, export and transit of goods.

68. One additional consideration regarding the draft Law on Electronic Commerce is that it does not explicitly provide that electronic transactions and communications may be exchanged between Cambodian Ministries or other Government entities pursuant to Article 25. In the opera-tion of the CNSW, when fully integrated with those Ministries and other Government entities in-volved in the import, export and transit of goods, the CNSW may be the single point of entry for private sector parties (traders, brokers, logistics providers, etc.)43

69. Thus, the submission of applications for licenses, permits, approvals, etc., and the payment of appropriate fees would arguably be made via the CNSW and transmitted electronically to the appropriate Ministries for action. Then, the corresponding approvals, certificates, licenses, per-mits, etc., would be communicated electronically to the CNSW and to traders, brokers, etc. from the CNSW.44

70. Depending on the rules of statutory construction under Cambodian law, it might be possible to argue that electronic communications between Ministries and the CNSW are permitted. For example, Article 1 – Purpose, Sub-article (c) of the Law notes the objective:

To facilitate electronic filing of documents with Government and to promote efficient de-livery of Government services by means of reliable forms of electronic communications.

Further, Article 2 – Scope, sub-article (1) states:

To facilitate electronic filing of documents with Government and to promote efficient de-livery of Government services by means of reliable forms of electronic communica-tions… and government acts and transactions under Part 7….

A broad reading of these sections might be seen as authorizing the exchange of electronic com-munications between Ministries and the CNSW, particularly since the draft Law does not prohibit such exchanges. However, this would depend on the interpretation of the intent of the National Assembly and the Senate when enacting the Law.

71. Another possibility for dealing with this issue would be to include provisions for the ex-change of electronic communications, consistent with the overall provisions of the Law on Elec-

43 Article 1 of the Agreement to Establish and Implement the ASEAN Single Window (Kuala Lumpur, 9 December 2005), to which Cambodia is a Contracting Party, defines a National Single Window as:

2. “National Single Window” (hereinafter “NSW”) is a system, which enables:

a. a single submission of data and information;

b. a single and synchronous processing of data and information; and

c. a single decision-making for customs release and clearance. A single decision-making shall be uniformly interpreted as a single point of decision for the release of cargoes by the Customs on the basis of decisions, if required, taken by Line ministries and agencies and communicated in a timely manner to the Customs.

Additionally, the draft Protocol on the Legal Framework to Implement the ASW adopts this definition in Article 5 – General Definitions.

44 Depending on the technology adopted for the CNSW, of course, this communication may be done in a secure online environment.

1 8 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

tronic Commerce, in the enabling law for the CNSW itself. This possibility is discussed in more detail in the following section of the report on enabling the CNSW.45

Conclusions and Comments 72. The draft Law on Electronic Commerce appears to be well drafted generally as well as with respect to those areas related to the CNSW with the one exception noted above. That is, there does not appear to be an explicit authorization of inter-Ministry electronic communications, which would be important to the operation of the CNSW, although there is no prohibition either. It might be helpful for purposes of the CNSW if an explicit authorization was provided in Part 7 for such electronic communications between Ministries and other Government entities such as the CNSW in order to enhance legal certainty in this area. This might be done by an addition to Arti-cle 25 or the addition of a new Article. With this one caveat in mind, the draft Law should pro-vide the legal foundation on which the electronic CNSW can be established.

73. Further, the draft Law is clearly based on the UNCITRAL Model Law on Electronic Com-merce and the UN Electronic Communications Convention as those international standards would apply to the electronic commerce/transactions portions of the draft Law. The scope of this report is primarily focused on those parts of the draft Law that might support the CNSW, that is, Parts 1-3, 7, and 10. While other parts of the draft Law were reviewed, an in depth analysis of all sections was not possible as of this writing.

74. As noted at the outset, the draft Law is very comprehensive including provisions related to areas such as consumer protection, cyber-crime, electronic evidence, e-commerce service provid-ers, etc. Some countries have adopted separate legislation for each of these areas, often because of the potential complexity of an omnibus law for all areas of electronic transactions. However, Cambodia’s policy decision to move ahead on the basis of a comprehensive law will benefit its efforts in the electronic commerce/ICT domain.

ESSENTIAL LEGAL ELEMENTS OF THE CAMBODIA NSW

Introduction 75. The time-critical questions for Cambodia as it moves forward to meet its ASW Agreement obligations are how to create the necessary legal framework for its NSW and what should be in-cluded in this legal framework. These issues are addressed in the following sections of the report.

76. Additionally, it is highly important that there is strong government support for the CNSW at the highest levels. UN Recommendation 33 on Establishing the Single Window states:

45 It may also be possible to provide a ‘technical’ solution to this issue. For example, if applications for licenses, permits, approvals, etc. are submitted via a secure online portal for the CNSW, each Ministry could simply access the information needed to make decisions and respond via the same online portal. This approach might be consistent with the current draft of the Law on Electronic Commerce although more analysis should be undertaken if this approach is used.

L E G A L G A P A N A L Y S I S 1 9

The most important prerequisites for the successful implementation of a Single Window facility are the political will of the government and the relevant governmental authorities and the full support and participation of the business community. [Emphasis added.]46

A similar view has been expressed on numerous occasions by the WCO.47

77. The reasons for this emphasis on the high level “political will” for establishing a National single window are clear. Since single window development and operation requires the collabora-tion and participation of all ministries and government entities involved in a country’s import, export and transit activities, as well as development of the legal framework for the CNSW, it is important that the most senior Government officials be involved the strategic aspects of single window development and implementation.

78. During the in-country portion of this legal framework assessment, it was noted that Cam-bodia had created a National Single window Steering Committee (NSWSC)48 to address both the technical and legal issues related to the CNSW development. During several of the meetings held with various Ministries and during the Workshop, it was noted that there was some consideration being given to increasing the involvement of senior government officials in the NSWSC. And since the CNSW is not only a key priority for Cambodia’s ASW Agreement commitments, but also an important trade facilitation mechanism for Cambodia, this may enhance the government’s efforts to move the CNSW forward.

79. Finally, the following sections cover the key legal issues that should be addressed by those preparing the legal framework for the CNSW. As noted earlier, they are based on the internation-al standards, particularly UN Recommendation 35, that have been discussed and promoted by the ASW LWG and utilized by many other countries that have or are in the process of developing NSWs. ANNEX II to this Report provides a summary of those provisions in the draft Protocol on the Legal Framework for Implementing the ASW that are reflected in the material below.

National law should authorize Cambodia NSW implementation 80. The law in most countries requires some type of legally enabling framework on the part of the government in order for a NSW to operate. This will be particularly important in the cross-border transactions such as that in the ASW environment where, for example, a transaction initi-ated in an AMS that has not legally enabled its NSW may not be legal in the receiving AMS.

81. Enabling law may take the form of legislation, regulations, and/or decrees, depending on the type of legal system in a particular country. For development of the Cambodia NSW legal

46 Recommendation and Guidelines on Establishing a Single Window to Enhance the Efficient Exchange of Information between Trade and Government – Recommendation No. 33, at page 4, (ECE/ TRADE/352, July 2005), available at http://www.unece.org/cefact/recommendations /rec_index.htm.

47 See e.g., WCO Compendium: How to Build a Single Window, Volume 1: The Executive Guide, World Customs Organization (2011).

48 A copy of this Prakas establishing the NSWSC in the original Khmer was provided. Additionally, the minutes from the first meeting of the NSWSC, which was held on 3 September 2012, were provided. A key conclusion of the meeting was the importance of moving forward on the legal and regulatory framework for the CNSW.

2 0 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

framework, this would include addressing the legal issues discussed throughout this Section of the report.

82. The first key issue is that the NSW should be authorized in national law. This includes au-thorizing the use of electronic documents, records and data messages in the CNSW as well as the exchange of electronic data and communications across borders. Additionally, it anticipates that the overall electronic transactions legal foundation in Cambodia, described in the previous Sec-tion of the report, is in place.

83. Further, the CNSW should be authorized to engage in the sharing and exchange of electron-ic data related to all aspects of the import, export, and transit of goods both between the CNSW and government ministries and agencies involved in these processes as well as the exchange of such data with other countries, that is, authorization of the cross-border aspects of the CNSW.49

84. Such authorization of the Cambodia NSW can be undertaken in a number of ways. For ex-ample, the CNSW could be created in national law by adopting new legislation through the Na-tional Assembly and Senate (Chbab). Alternatively, it may be possible to legally enable the CNSW through the use of a Sub-Decree (Anu-Kret) or a Proclamation (Prakas).50 In either case it is important to review other existing laws that may be affected by implementation of the CNSW.

85. For example, various government agencies, such as those responsible for commerce, health agriculture, etc., involved in the import/export process may have applicable laws or regulations that might inhibit their full participation in the electronic CNSW. These barriers should be taken into account when creating the enabling law for the CNSW and eliminated so that the CNSW will be fully functioning from a legal perspective. In one sense, this enabling law, whatever particular form it takes in Cambodia, should be an “omnibus” law, that is, it will enable all relevant minis-tries and government agencies to participate in the CNSW.

86. One possibility may be to issue an Inter-Ministerial Prakas or Proclamation based on Sub-Decree No. 21 dated 01 March 2006 on Trade Facilitation through Risk Management.51 As noted in UN Recommendation 33, a Single Window is an important trade facilitation mechanism.52

49 Some countries that have ratified the Convention Establishing a Customs Cooperation Council have used it as the basis in national law for authorizing the electronic exchange of customs data with other coun-tries’ Customs Administrations. (The Convention is available at http://www.wcoomd.org/en/about-us/legal-instruments/~/media/7E31EB9C9DC24D7984C217508F05D9E8.ashx) This will depend, of course, on how a particular country interprets and implements international treaties that it has ratified. Cambodia be-came a Contracting Party to this Convention on 3 April 2001.

50 A Sub-Decree (Anu-Kret) is adopted by the Council of Ministers and signed by the Prime Minister. It must be in strict conformity with the Constitution and conform to the Law to which it refers. A Proclama-tion (Prakas) is a ministerial or inter-ministerial decision signed by the relevant Minister(s). A Proclama-tion must conform to the Constitution and to the Law or Sub-Decree to which it refers. Hierarchy of Cam-bodian Law (PPT).

51 The author of this Report is not a lawyer admitted to practice in Cambodia and, therefore, further re-view of any legal conclusions related to specific issues in Cambodian law should be reviewed by local counsel.

52 UN Recommendation No. 33, at page 3, states, “The Single Window is therefore a practical application of trade facilitation concepts meant to reduce non-tariff trade barriers and can deliver immediate benefits to all members of the trading community.”

L E G A L G A P A N A L Y S I S 2 1

Further, the new World Trade Organization (WTO) Agreement on Trade Facilitation includes the single window53 Thus, legally enabling the CNSW through an Inter-Ministerial Prakas based on existing trade facilitation law should be explored. Naturally, as noted earlier, it will need to in-clude all ministries that will be involved in the CNSW and address the issues noted below as well as the cross-border aspects of the CNSW’s interoperability with the ASW.

Electronic signatures, certification authorities, mutual recognition 87. Although this Report looked at the existing electronic transaction legal framework in the previous Section, it is useful to look more closely at the specific areas that can be addressed in implementing the CNSW, at least by way of background information for the drafters of any ena-bling instruments for the CNSW.

88. The use of electronic signatures54 (including digital signatures) and certification authorities are aspects of the legal infrastructure that should be considered when creating the enabling legal environment of the CNSW. Mutual recognition of certification authorities (who certify certain digital signatures) may be important, of course, in cross-border transactions as well. The ASW LWG is considering how to deal with mutual recognition legal issues in the ASW environment.55

89. It should be noted that Article 25 of the draft Law on Electronic Commerce authorizes Government entities to determine what type of electronic signatures will be utilized in it electron-ic communications processes. Sub-article 2 provides, in relevant part:

(2) In any case where a part of the Government decides to perform any of the functions in sub-article (1) (i), (ii) or (iii), such agency may specify:

….

(b) Where such electronic communications have to be signed, the type of electronic sig-nature required;

…. [Emphasis added.]

This provision will provide flexibility to the CNSW in determining the appropriate model for

53 See, WTO Agreement on Trade Facilitation (ATF), 6 December 2013 (WT/MIN(13)/W/8), available at https://mc9.wto.org/system/files/documents/w8_0.pdf. Article 10, Clause 4 (Single Window) ¶ 4.1 states, “Members shall endeavour to establish or maintain a single window, enabling traders to submit doc-umentation and/or data requirements for importation, exportation or transit of goods through a single entry point to the participating authorities or agencies.”

54 See, Promoting Confidence in Electronic Commerce: Legal Issues on International Use of Electronic Authentication and Signature Methods (2009), UNCITRAL Secretariat, available at http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce.html. This guidance document, taken as a whole, provides a broad and very useful discussion of most of the relevant electronic signature methodologies as well as the important legal considerations associated with each. A complete exploration of the various technologies associated with electronic signatures, of course, is beyond the scope of this Re-port.

55 The ASEAN Secretariat and the ACTI Project, at the request of the ASW Technical Working Group (TWG) is tentatively planning a one-day workshop, possibly in August 2014, to review the issues related to mutual recognition of electronic and digital signatures in the cross-border ASW environment. More details will be available from the ASEAN Secretariat.

2 2 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

those electronic documents and communications submitted to, exchanged with relevant Minis-tries, and processed in the CNSW.

90. Additionally, Part 9 (Electronic Evidence) of the draft Law on Electronic Commerce pro-vides additional guidance on the use of electronic signatures in Articles 49 (Electronic Signature) and 50 (Electronic Signature Requirements.) Regarding cross-border electronic transactions, Ar-ticles 52 (Admissibility of Electronic Records from Other Countries) and 53 (Recognition of For-eign Electronic Documents and Signatures) also provides some guidance.

91. Finally, Article 54 (Interpretation in Accordance with Internationally Accepted Principles) in Part 9 of the draft Law provides for how these Articles should be interpreted. It states:

The provisions of this part shall be interpreted and enforced in light of the internationally accepted principles of technological neutrality and of functional equivalence. [Emphasis added.]

As noted in the discussion of the draft Law on Electronic Commerce, this provision reinforces the overall reliance on the use of the UNCITRAL principles for electronic transactions and, therefore it is well based on international standards.

92. Of course, the term ‘electronic signature’ is broad and encompasses various types of “sig-natures” in electronic formats and the methods used to create them. The primary purpose for these types of signatures is to provide the equivalent to handwritten signatures and other types of de-vices (for example, seals and rubber signature stamps) used in the paper environment for authen-ticating such signatures.56 In its 2009 guidance document, the UNCITRAL Secretariat defines several broad categories of electronic signatures and authentication methods. They include:

Electronic signatures that are based on the knowledge of the user or the recipient, for ex-ample, a person knowing certain passwords or personal identification numbers (PINs). These might include clickable “OK” or “I confirm” boxes used on secure websites where the user has already logged in using a password or PIN;

E-signatures that are based on the physical features of the user, for example, biometrics such as an individual’s handwritten signature using a digital pen on a digitizing pad;

Those based on the possession of an object (sometimes called a “token”) by the user, for example, the codes or other information stored on a magnetic card; and,

Other various types of authentication and signature methods that might also be used to in-dicate the originator of an electronic communication such as a facsimile of a handwritten signature or a name typed at the bottom of an electronic message or email).57

93. The type of electronic signature required should be based on the level of security that is needed for a particular transaction. Not all transactions require the highest level of security

56 See, Explanatory Note by the UNCITRAL Secretariat on the United Nations Convention on the Use of Electronic Communications in International Contracts, ¶ 149.

57 See, Promoting Confidence in Electronic Commerce: Legal Issues on International Use of Electronic Authentication and Signature Methods (2009), UNCITRAL Secretariat, available at http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce.html, ¶ 16.

L E G A L G A P A N A L Y S I S 2 3

(which may carry with it very high costs.) For example, one of higher levels of “digital signa-tures” are those created using asymmetric cryptography such as that used in public key infrastruc-ture (PKI) methods combined with certification of the signatures by a third party (usually called a “trusted third party.”) “Digital Signatures”, it may be noted, are a subset of electronic signatures and this is usually the name given to technological applications that use asymmetric cryptog-raphy, which are also called ‘public key encryption systems.”58

94. Public Key Infrastructure or PKI systems generally involve the use of 2 “keys.” One key is private and only the sender of the message or document knows it; the other is a public key, which is provided to the recipient(s) of digitally electronic messages or documents. A complex mathe-matical formula or prime number algorithm based on the private key creates the public key. Thus, the two keys are “associated” or complement each other. The sender digitally ‘signs’ the message or document using the private key and if the recipient’s public key matches the digital signature, the receiver can be reliably certain that the message is from the person claiming to be the sender.

95. But a private key and a public key are simply a pair two numbers and are not automatically associated with any particular person. Thus, there may need to be some way of associating the keys with a particular sender or to verify that the digitally signed message or document is indeed from the person it claims to be associated. Certification Authorities (CA), also called certification service providers (CSPs)as in the UNCTRAL Model Law on Electronic Signatures, add value in PKI systems by providing the linkage between the two keys.

96. A CA can issue a “certificate” (an electronic record) that shows the public key and the name of the certificate subscriber as the subject of the certificate and, usually, confirms that the subscriber is the owner of the private key associated with the public key. The primary purpose of the certificate is to bind the public key with a particular signatory. This enables the recipient to further verify that the signature is valid and that some portion of the data message has not been changed or modified since it was digitally signed.59

97. In the cross-border or international trade environment (such as the ASW), there may be a need to determine whether a CA in a different country is authorized to provide a valid certificate for a particular electronic signature. While a party may know the CAs in his own country, the question may arise as to how to “trust” the certificate issued by a CA outside the country since he may not know, for example, what standards are used to establish CAs in that country?

98. One approach that has been adopted in a few countries that have requirements for digital signatures with certificates has been not to accept foreign CA certificates unless that CA has an office in the receiving country and has been accredited by the domestic national authority. This is considered by some to be a less than trade-friendly approach and can increase the costs of cross-border trade. It can also result in trading partner countries placing similar requirements for CA from those countries. Finally, some have noted that creating this type of requirement could create trade barriers that might violate a country’s obligations under various treaties including Fair Trade Agreements.

58 Id., ¶¶ 24-52. 59 Id.

2 4 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

99. One solution that has emerged is the use of Mutual Recognition Agreements (MRAs) be-tween countries under which the CA certificates (or designated CAs) from one country are ac-cepted by the other. That is, they have reciprocity under the MRA. Often, the terms of an MRA described the standards that CAs must meet in each country and require that that each country’s appropriate authority audit designated CAs on a regular basis.

100. Under Article 19 of the draft Law on Electronic Commerce, the Ministry of Posts and Tele-communications (MPTC) is required to issue, “…regulations, rules, instructions, and guidelines, as well as operating procedures….” for Security Service Providers, or CAs, in Cambodia. To the extent that the CNSW may utilize certificates for the submission or exchange of electronic com-munications, the NSWSC should collaborate with the MPTC on issues relevant to the CNSW.

101. In the ASW context, the LWG has been considering adopting an MRA as part of the overall Protocol on the Legal Framework for Implementing the ASW. This would result in a reduction in costs associated with operating within the ASW environment for the AMS that are participating this MRA approach.

102. For the GDCE and the CNSW, the choice of the particular type of electronic signature or signature system will depend on a variety of factors. These include national policy decisions about the use of electronic signatures in electronic commerce, the desired level of security needed for and risks associated with transactions in the CNSW. A further consideration may be the costs associated with implementing various electronic signature methods as well. But where a high lev-el of security is needed or where the risks associated with particular transactions are high, the GDCE and the CNSW may require a higher level of electronic signature and may be able to es-tablish appropriate requirements in the regulations for the CNSW.

Identification, authentication, and authorization 103. Access to the CNSW, whether by private sector traders and brokers or by government min-istry staff, should be controlled. This is important for many reasons including data protection, quality and accuracy, data integrity, and information security within the CNSW. The ability to properly identify, authenticate, and authorize those who will have access to the CNSW requires appropriate regulatory procedures.

104. Common definitions of “identification, authentication, and authorization” include:

Identification: This is the ability to reliably and consistently identify those individuals who seek to access the CNSW whether they are traders or personnel from other government or-ganizations who may need to obtain information from or provide information to the CNSW. For example, a simple “user id” could be assigned to each individual who is per-mitted to access the CNSW.

Authentication: After establishing a method for identifying a particular user, it is important to determine that the identity presented is assigned to the person who is using it. A common way to determine that the person who has entered a ‘user id’ is for that person to then enter a “password” that is known only to that person and the ‘system’ into which it is entered. This is the process of identification verification. Thus, when someone tries to log onto the Cambodia NSW system using a particular user id, the entry of the correct password will

L E G A L G A P A N A L Y S I S 2 5

grant access to the CNSW. Put differently, the user id uniquely identifies the user to the system and the password can be used to verify or authenticate the identity of the user at-tempting to log onto the CNSW.

Another example involves the use of a bankcard to withdraw funds from a personal bank account. First, the account holder inserts the card into the bank machine. The card is a ‘to-ken’ that provides the “identity” of the person seeking to withdraw the funds. But how does the bank know that the person in possession of the card is really the owner, that is, how can the bank “authenticate” the person’s identity? Again, the most common way to do this is for the individual to enter a “password” that only that individual and the bank knows.

Authorization: This is the act of granting permission for someone or something to conduct an action in the CNSW. Even when the identity and authentication process has indicated who someone is, authorization may be needed to establish what he or she is allowed to do. In the Cambodia NSW, for example, some individuals may be authorized to input data to the CNSW but not to view or change other data that may be held in the CNSW.

105. In the course of establishing the regulations for operation of the CNSW, it is important to provide for the process of identification, authentication and authorization for each class of indi-viduals who will be permitted to access the CNSW. For example, different classes of individuals might include, private sector traders/brokers, employees of the GDCE, employees of other gov-ernment Ministries and organizations, enforcement authorities, etc.

106. The processes and procedures for establishing access to the CNSW can be established, as noted earlier, through regulation that will be used by all Ministry employees accessing the CNSW. Such regulations can also be included in any Memoranda of Understanding (MOU) that are established between the CNSW (or the GDCE) and each participating ministry. Similarly, processes for access provided to traders and brokers (or other private sector entities) can be in-cluded in an “End-User Agreement” or other similar document executed by private parties. Such Agreements can be established, for example, when a private sector entity registers to participate in the CNSW.

107. At the ASW level, participants will know that the NSW in each AMS has established such regulations and procedures in order to be assured that access to a NSW is controlled for infor-mation and data security as well as other related reasons noted above. Thus, it will be important to incorporate these features in the CNSW.60

Data quality regulations 108. Data quality (that is, the integrity or completeness and accuracy of the data or information) in the CNSW is critical for many reasons. For example, if valuation or origin information is in-correctly entered (that is, there is a data input error) on an electronic declaration, this might have an impact on possible duties or taxes to be assessed. Thus, the data input must be accurate and errors avoided. The integrity of the data input, that is, the data is complete and that no data is

60 Under the draft Protocol on the Legal Framework to Implement the ASEAN Single Window, there is a requirement that all users of an ASEAN Member State’s NSW be included in a Registry that is updated regularly.

2 6 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

missing is also important. Therefore, it is important to establish controls over the data input pro-cess as well as responsibility for data entry and processing within the CNSW. Proper audit trails and recording mechanisms for this should be established in regulations for the Cambodia NSW operations.

109. These regulations would provide guidelines for data entry and responsibility for errors submitted on electronic forms to the CNSW as well as subsequent processing of data within the CNSW. It may also be useful to develop regulations for error correction in the event that incorrect data is submitted by, for example, a trader or broker,61 or where there has been a data input error made within the GDCE or another government organizations accessing the CNSW.62

Data protection 110. UN Recommendation 35 includes a discussion of the issue of data protection, that is, pro-tecting information and data within the single window from unauthorized access or dissemina-tion, and notes that this is of vital importance.63 There are both technical and legal issues related to this aspect of the CNSW and data protection is particularly important in the ASW environment. On the legal dimension, issues of information security (for example, the various technical measures for protecting information and data) and data protection intersect with those related to trade confidentiality and privacy laws.

111. There are several aspects of data protection that should be considered. First is the question of what data and information need to be protected or secured and second is the issue of what types of information security measures could be implemented to protect that data and infor-mation. Regarding what information needs to be protected, the CNSW, like other single window facilities, is likely to process sensitive data and information. For example, the CNSW may con-tain personally identifiable information (PII), trade-sensitive data, confidential business infor-mation, and possibly information related to national security. It may also have trade secret infor-mation about companies participating in the system, as well as private data for banks, insurers, and other parties.64

112. As the Cambodia NSW develops over time, it may also contain financial information used in connection with the collection of duties, taxes, and fees. It may also contain sensitive (and even classified) law enforcement information used primarily by government officials to enforce a wide variety of civil and criminal laws enacted for a broad range of purposes from ensuring food safety and public health to combating terrorism, money laundering and narcotics trafficking. Thus, en-

61 The types of errors contemplated here are simply unintentional errors, that is, they do not amount to at-tempts to commit fraud or other violations of the customs or other laws

62 63 See, Recommendation 35 – Establishing a legal framework for international trade Single Window,

ECE/TRADE/C/CEFACT/2010/23/Rev. 2 (8 October 2010), available at http://www.unece.org/fileadmin/DAM/cefact/recommendations/rec35/Rec35_ECE_TRADE_401_EstablishingLegalFrameworkforSingleWindow_E.pdf Annex II, at pages 11-12.

64 See, L. Thomson, Legal Infrastructure Issues in Privacy, Information Security and Information Sharing Practical Steps for the Development a Secure Trade Data System, presented at the 6th Meeting of the ASW Working Group on Legal & Regulatory Matters, Da Lat, Viet Nam (16-17 February 2009), at pages 4-5.

L E G A L G A P A N A L Y S I S 2 7

suring appropriate protection of this type of data and information data and information is funda-mental to protecting the information assets of the Cambodian government as well as private sec-tor participants in the CNSW.65

113. The CNSW should provide information security protections that are commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disclosure, theft or loss of sensitive information collected or used in the system. Thus, it is important that the CNSW regulations provide that appropriate security features must be in place to protect not only sensitive information in the CNSW but also data that is transmitted through the ASW network.66

114. In order to design appropriate security for the ASW, it is necessary to first assess the securi-ty risks to the system. For example, this can be done by analyzing:

Vulnerability — a weakness that may be exploited

Threat — an event or action that may cause harm

Risk — the probability that a threat will exploit a vulnerability with resulting damage

Countermeasure — actions, e.g. technology or procedure that reduce or eliminate vulnera-bility or a threat.67

115. While this type of analysis is usually employed from a technical perspective, it is useful for those drafting the regulations for the CNSW work with the CNSW systems developers and other government organizations involved. This can insure that the information security needs for pro-tecting data and information processed in the CNSW are in place and that these protections meet the legal standards for interoperability with the ASW environment.68

116. The types of information security needs for the CNSW should include a variety of consid-erations. For example some of the general categories of issues that are being incorporated into the laws of some countries legal requirements for data protection and reflect emerging best practices are:

Establish secure user authentication protocols.

65 Id. 66 Id., at page 6. 67 Id. 68 In the draft PLF, Article 9 – Information Security and Confidentiality provides that,

3. Each Member State shall establish in its domestic laws and regulations, protection from unlawful disclosure of confidential information that may be shared by the NSWs of other Member States pursuant to this Protocol. Such information shall be used only for the purposes specified, and shall not be otherwise disclosed without the specific permission of the Party providing the information.

4. Where confidential information is shared between NSWs, Member States of both the transmitting and receiving NSWs shall ensure that there is no unlawful disclosure of such in-formation.

This is a mandatory requirement and should be addressed in the enabling legal document for the CNSW.

2 8 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

Implement secure access control measure that restrict access to personal and confidential information to those who need such access to perform their duties related to the CNSW.

To the extent technically feasible, encrypt all transmitted records and files containing such data or information that will travel across all public networks (e.g., open Internet networks) and encrypt all data that may be transmitted wirelessly.

Monitor systems for unauthorized use of or access to personal or other sensitive trade data.

Encrypt all such information that may be stored on laptop computers or other portable de-vises (e.g., small thumb drive devices.)

Utilize firewall and operating system security patches that are reasonably designed to main-tain the integrity of the data and information.

Use regularly updated versions of system security agent software that includes malware against viruses.

Provide education and training for all Cambodian Government employees who access the CNSW on the proper use of computer security systems and the importance of information security.69

117. These represent just a sample of the types of issues that can be addressed in the data protec-tion and information security areas of the CNSW and, as appropriate, GDCE regulations for the CNSW. And since employees of other government organizations may also have access to or re-ceive information from the CNSW, these regulations should apply to those organizations as well.

118. For example, one approach would be to establish what are called Memoranda of Under-standing (MOUs) and Information Security Agreements (ISAs) between the GDCE, as the lead agency for the CNSW, and other government organizations that incorporate these requirements. This is an approach that the ASW LWG has discussed in its meetings and Workshops. It is clear from these LWG meetings that these issues of data protection and information security are im-portant to AMS and to the development of the ASW and to the NSWs of individual AMS.

119. As noted above, part of data protection is concerned with “privacy” issues. As noted in UN Recommendation 35,

“The issue of data protection is closely related to that of privacy (e.g., personal data protection) as well as the protection of proprietary company data and confi-dential trade data. When personal data is processed by a Single Window facility it must be determined whether this is in compliance with all relevant data protec-tion laws.”70

120. Some national legal regimes may distinguish between “privacy” issues, particularly those related to personally identifiable information, and “confidentiality” issues related to both trade

69 Thomson, L., Editor, DATA BREACH AND ENCRYPTION HANDBOOK, at pages 110-111 (American Bar Association 2011.)

70 See, Recommendation 35 – Establishing a legal framework for international trade Single Window, An-nex II at pages 10-11.

L E G A L G A P A N A L Y S I S 2 9

data and business information. Cambodia may wish to consider how these two areas should be addressed nationally and in the cross-border environments, particularly since they are important issues in the ASW environment. In this regard, the adoption of international legal standards and best practices is advisable.71

121. Some countries outside the ASEAN region that are (or could become) trading partners with Cambodia may have such laws or regulations protecting both trade confidentiality and privacy. Countries or regions (e.g., the European Union) that have strong privacy and trade confidentiality laws will often consider the legal protections, as well as technical security measures, where cross-border NSW transactions are involved in deciding on whether to engage in single window or oth-er trade transactions with a particular country.

122. This is also an important consideration for the LWG as it works towards addressing the overall legal framework for the ASW in the draft PLF. It is worth noting that several AMS have been actively working toward the development of a general data privacy legal regime through the Asia-Pacific Economic Cooperation organization’s Data Privacy Pathfinder program. The Path-finder provides a very enabling approach to data privacy and is based on the 1980 Organization for Economic Development and Cooperation (OECD) Guidelines on Data Privacy.72

Data retention and electronic archiving 123. As in the paper environment for customs operations and other government ministry partici-pation in the import, export and transit of goods, retaining records and filings is an important as-pect of trade administration and enforcement. It is no less important in the electronic environ-ment. All of the foregoing issues related to the electronic CNSW will be relevant. Not only do the technical aspects of data security and protection need to be addressed, but the legal aspects must be considered as well. That is, ensuring that archived data is secure and maintained in a form and format that will be usable and legally enforceable at a later date is essential. The ASW LWG is also considering this issue and the possible need to establish a standard for secure data retention policy in cross-border transactions.

124. Establishing the necessary regulatory framework for data retention and electronic archiving anticipates decisions on a number of legal issues. For example, many countries have established data retention schedules for certain types of information. This includes distinctions between data related to regulatory filings and data involving personally identifiable information.

125. In the latter case, governments will sometimes define the maximum time for which such data may be retained and then require that it be destroyed. It is possible that the GDCE, as well as other Ministries already have certain criteria for retention of information and data in the paper environment. And depending on national policies, these criteria could also be adapted to the elec-tronic environment of the CNSW.

71 Id. 72 OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980), avail-

able at http://www.oecd.org/sti/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm.

3 0 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

126. Electronic archiving, that is, the storage of electronic data and information, covers a wide range of areas. For example, it includes definition of the formats in which data will be stored, re-quirements of national law such as dealing with “originals” that might be needed for subsequent use in an enforcement proceeding or in relation to possible civil disputes or, on a short timeframe, in post-clearance audit procedures. An important issue here will be the choice of the technology utilized for data storage, which will be based on the legal requirements for its subsequent use, for example, as evidence in a legal proceeding.

127. CNSW regulations should take into account legal criteria as well as the technical require-ments for achieving the desired storage and archiving security. As a starting point, particularly in light of ongoing developments with the ASW, Cambodia could establish regulations that are flex-ible and enabling. If changes are required by, for example, the Protocol on the Legal Framework for the Implementation of the ASW when it is completed and becomes effective, the Cambodia NSW will be able to quickly adapt its regulations to meet those needs.

128. Finally, these regulations should require that information and data exchanged with other ASW NSWs (or other NSWs outside the ASEAN region) is retained and stored effectively in the event that there is a dispute regarding the underlying transaction processed by the CNSW. Again, national law should provide the overarching legal framework but the GDCE and the CNSW will need to address the specific legal issues in the CNSW enabling law and its implementing regula-tions.

Access to and sharing of CNSW data 129. Law and regulations providing for the access to and sharing of customs and trade data in-formation between government ministries and agencies should be addressed. For example, it is not always clear that one governmental organization is permitted to share data and information with another or, conversely, to provide such information to another governmental agency. Fur-ther, privacy or confidentiality laws or regulations in some countries prohibit the sharing of cer-tain types of information between government organizations except when permitted by law.

130. These issues should also be reviewed in the context of possible cross-border transactions. In many countries, access and sharing considerations related to the NSW have had to be author-ized in national law before information can be shared or exchanged with another customs admin-istration. This is an important consideration for the ASW since Cambodia will be involved in sharing data with other government organizations within Cambodia as well as exchanging such information with other governments. As noted earlier, other AMS will need to know that data sharing is legally permitted within Cambodia to insure that transactions processed through the CNSW have legal validity.

Legal liability and dispute resolution 131. There are a number of ways in which potential liability73 can arise within the CNSW envi-ronment. For example, errors in data input can create liability for traders utilizing the Cambodia

73 In this section, only civil liability issues are discussed. Criminal and related customs enforcement ac-tivities, while undoubtedly covered in existing Cambodian law, are beyond the scope of this analysis.

L E G A L G A P A N A L Y S I S 3 1

NSW and that liability may result in other countries where the data from the Cambodia NSW is used in a receiving country’s NSW. Such errors could be related to valuations, certificates of origin, certain import or export licenses or permits, and so on.

132. Another way in which liability can arise is in the operation of the CNSW. For example, delays resulting in the CNSW being ‘out-of-service’ could delay release of goods that are time-sensitive either under the contract between private parties or as related to the goods themselves such as spoilage of food goods. To the extent that the CNSW is not meeting performance stand-ards (including ‘system availability targets’, that is the percentage of time the system must be op-erating during a certain time frame), liability may arise.

133. Further, liability may arise from some forms of data breaches, that is, where external bad actors have illegally gained access to the Cambodia NSW and stolen or otherwise compromised confidential information and data. While criminal sanctions may apply to these ‘hackers’, there may still be civil liability should it be proved in a legal dispute that the damages that resulted to, for example, private sector traders, could have been avoided if the proper data protection and se-curity methods had been employed by the Cambodia NSW.

134. Finally and from an international perspective, there may be performance criteria established for the ASW that will need to be met, for example, in the area of NSW system availability for each ASEAN Member State’s NSW. This issue is currently under discussion in both the ASW LWG and ASW TWG and such issues may be incorporated into both the technical area as well as in the ASW draft PLF. However, it may not as yet be clear how these issues will be handled for the unique situation related to the ASW.

135. It should be noted that where such potential liability for damages may arise within Cambo-dia, it would be Cambodian domestic law and policy considerations that govern as a matter of national sovereignty. It will be important to consider how national law would operate in these circumstances and determine whether some appropriate methods should be established for limit-ing this liability. For example, if the CNSW uses legal agreements (e.g., ‘end-user agreements’) with traders who utilize the CNSW, it may be possible to limit government liability for such er-rors or to create an indemnity system of some type to deal with this.

136. It is also important to consider alternative dispute resolution (ADR) mechanisms to deal with liability issues that may arise. Given the costs of any type of litigation in many countries, there are significant cost and time advantages to establishing some type of binding arbitration arrangement in which these types of claims can be settled expeditiously. Additionally, these types of ADR agreements may be particularly valuable where potential liability arises outside of Cam-bodia and the legal jurisdiction of the dispute is in another country.

Intellectual property rights and database ownership 137. Intellectual property rights (IPR) issues can arise in the context of the CNSW. Two sets of issues arise. First are those related to ‘ownership’ of the data that is in the CNSW and what IPR do these owners have. For example, if a trader submits information electronically to the CNSW, presumably the trader owns that information and, depending on the confidentiality rules estab-lished in Cambodia, that information should remain confidential to that trader.

3 2 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

138. At the same time, the Cambodian government and the GDCE (or CNSW) in particular may also have ownership rights in the databases that are maintained in the CNSW. These issues will need to be evaluated.

139. A second set of IPR issues relate to the actual development of the Cambodia NSW includ-ing all of the software development as well as any firmware, middleware, and hardware associat-ed with the CNSW. There may be other IPR considerations related to the overall systems aspects of the CNSW.

140. For example, IPR issues often arise when a third-party software developer or a vendor providing systems hardware provides products and/or services to the Cambodia NSW. One ques-tion is who “owns” the software that is developed under a software development contract. Many times developers wish to retain ownership of the software and provide a license to the user. While license agreements (which are really just contracts) may vary considerably, some provide that only the developer can make changes to the software, which would “lock” the user into only us-ing that developer. Other licenses state that if a user makes some special modification or upgrade to the software, the developer owns the rights to those modifications and may use and license them to others. Thus, careful attention needs to be placed on the terms of any license agreements for developing components of the CNSW.

141. Additionally, careful attention must be paid to the warranties that are provided with both software and hardware that is sold or licensed to the Cambodia NSW. For example, it is important to have warranties from the vendor stating that the vendor is the sole owner of the IPR related to the software and/or hardware and that it will indemnify Cambodia for any claims made against it by third-parties, for example, for patent infringement. Such indemnities should cover all possible damages as well as litigation costs whether the claim succeeds or not. Naturally, not all vendors will agree to all of these terms so there is a process of negotiation that may be needed. But it is important to look at these issues.

Competition law issues 142. As noted in UN Recommendation 35,

Consideration should be given to the potential that Single Window operations may be structured so that concerns about antitrust and protectionism may result. These possibili-ties, though unlikely, can give rise to concerns by those who may utilize an international Single Window facility and be disabling to trade development and facilitation.74

143. It is important that the operation of the Cambodia NSW does not result in what could be considered anticompetitive behavior by creating trade barriers that are inconsistent with Cambo-dia’s international treaty obligations (including any bilateral and multilateral free trade agree-ments.) For example, Cambodia is a member of the WTO75 and, therefore, the structure and oper-ation of its NSW should address issues that might arise in the WTO context.

74 See, Recommendation 35 – Establishing a legal framework for international trade Single Window, An-nex II at pages 10-11.

75 The Royal Kingdom of Cambodia became a member of the WTO on 13 October 2004.

L E G A L G A P A N A L Y S I S 3 3

Conclusions 144. Each of the legal areas discussed above represent areas that need to be addressed in more detail. Despite the efforts of the GDCE, the opportunities to meet with all other ministries and government agencies was limited by time. On the other hand, some of the substantive legal areas noted can be addressed, for the CNSW at least, through a number of means, such as Prakas, regu-lations, etc.

145. Other areas noted above, for example, data quality and identification, authentication, and authorization procedures, could simply be established in regulations and then included as part of Memoranda of Understanding between those Government Agencies participating in the CNSW.

146. At the least, these issues (and perhaps others) should be examined further and perhaps compared with the terms contained in the Protocol for the Legal Framework for the ASW.76

76 See infra, ANNEX II.

Comments and Recommenda-

tions

INTRODUCTION 147. Having signed the ASW Agreement and the ASW Protocol, Cambodia has undertaken to establish its National Single window and to do so in a way that will create interoperability, both technically and legally, with the ASW. It has identified the benefits of establishing an electronic single window for trade and participating in the ASW. Moving forward with the analysis of pos-sible gaps in the legal infrastructure of the CNSW is an important step in creating a robust ena-bling legal environment to help it achieve its short-term obligations to the ASW but also its long-er-term goals for growth and development in international trade and paperless trade.

148. For Cambodia, it is necessary to fully enable the CNSW in national law. This may be done through new legislation or issuance of an Inter-Ministerial Prakas, depending on the most appro-priate approach for this in Cambodia. The key consideration, however, is that the CNSW be firm-ly established under Cambodian law. This is ordinarily the most direct route to providing legal certainty for those entities that will participate in the CNSW and will give similar legal assurance to those outside Cambodia who will interact with the CNSW.

149. An important consideration for the CNSW legal development effort will be how the CNSW interacts with Cambodia’s electronic commerce law. As noted throughout this report, having an underlying electronic commerce law foundation is essential for building the necessary legal framework to enable the Cambodia NSW. Given not only the domestic importance of CNSW, but also its international aspects, it is beneficial to use international standards for both the CNSW as well as the national law for electronic commerce.

150. The work that Cambodia has undertaken so far in the electronic transactions domain does seem to focus on using UNCITRAL instruments as the basis for its draft Law on Electronic Commerce currently under consideration. Additionally, and although not necessary for enabling the electronic commerce legal framework, there are a number of benefits to be attained should Cambodia also chose to ratify the UN Electronic Communications Convention.77 For example, the ECC updates the UNCITRAL Model Laws on Electronic Commerce and Electronic Signa-tures. Thus, it takes advantage of the advances in technologies and legal approaches since the original development of the Model Laws.

77 Should Cambodia decide that it wishes to proceed towards ratification of the ECC, it is possible that UNCITRAL may be able to directly assist Cambodia, should this be desirable, to achieve this goal.

C O M M E N T S A N D R E C O M M E N D A T I O N S 3 5

151. And while enacting the substantive provisions of the ECC, as some countries have done, is a positive approach, this alone does not provide full interoperability from an electronic com-merce/transactions law viewpoint in cross-border transactions with parties in other countries that have ratified the Convention. Further, the ECC, through its Article 20 provisions, also provides a ratifying state with the option of applying the provisions of the Convention to other international agreements into which it has become a Contracting Party.

152. For example, if Cambodia became a Contracting Party to the ECC, it could make a declara-tion that it would apply the ECC to other ASEAN Agreements, which would attain the benefits of utilizing electronic commerce and ICT methods to those international agreements without having to go through a process of modifying them.78

153. Finally, there are certainly challenges ahead for establishing the appropriate legal environ-ment for the CNSW, as has been the case for other AMS, and it is not necessarily an easy process. But by organizing quickly and focusing on the key issues that are essential for implementation, the process can move forward at an appropriate pace.

154. Considerable efforts have been underway in Cambodia to promote customs reform and modernization. A substantial Work Plan was created for the 2009-2013 period to address these areas.79 An important part of this program has been the implementation of the Automated System for Customs Data (ASYCUDA) developed by the United Nations Committee for Trade and De-velopment (UNCTAD).80 The GDCE is utilizing ASYCUDAWorld, which is the latest version of this widely deployed trade facilitation/automation.

155. This effort is part of Cambodia’s overall Action Plan for enhancing trade and investment. Within the Revised 12-point Action Plan for Trade Facilitation and Investment, the stated vision for the CNSW is described as:

Cambodia has developed and implemented a National Single Window Program based on the principles of single submission, single processing and single clearance. The initiative will be managed in a phased way by the GDCE building on the ASYCUDA processing system and involving all key stakeholders.81

78 Naturally, these declarations would only apply with respect that other Contracting Parties to the ECC made similar declarations on the same Agreements. For example, there is one AMS that has ratified the ECC and at least 2 others that seem close to doing so. If each of these AMS made a declaration to apply the ECC to, for example, the ASW Agreement, the issues of legal interoperability would be reduced signifi-cantly, if not eliminated, as between those AMS.

79 See, Work Programs 2009-2013, available at http://www.customs.gov.kh/index.php/customs-reform-and-modernization/reforms-strategy-and-work-plan/work-plan-2009-2013.

80 See, Automated System for Customs Data – ASYCUDA, which is available for review at http://www.customs.gov.kh/index.php/trade-facilitation/automated-system-asycuda.

81 Document available at http://www.moc.gov.kh/Tradeswap/userfiles/file/uploadedfiles/Job/10-12%20Point%20Action%20Plan%20for%20Trade%20Facilitation%20-%20FINAL6_8_2013_2_42_43.pdf.

3 6 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

156. Dr. Kun Nhem, Deputy Director General of Customs, has pointed to these efforts as a sig-nificant emphasis in Cambodia’s strategic development approach and noted Cambodia’s various efforts in establishing the legal and institutional mechanisms for doing this.82

157. The following sections deal with an approach to accomplishing Cambodia’s goals with re-spect to establishing its NSW and meeting its ASW obligations.

RECOMMENDATIONS 158. Following are recommendations for proceeding with the implementation of the legal framework for the Cambodia NSW. They focus on several of the important legal issues to be ad-dressed as well as some observations regarding of an organizational approach that may help en-sure that all issues and concerns are considered and that the project moves forward on a timely basis.

159. It is possible that some of the recommendations made in this report have already been con-sidered. Others may be in the planning stages. Since this report was based on the information available at the June 2014 in-county meetings, some of these recommendations may simply con-firm the direction that the Cambodia NSW development work is taking.

Draft Law on Electronic Commerce 160. As noted earlier in this report, Cambodia is in the process of developing its electronic commerce law. Having in place an electronic commerce/transactions law is essential as an under-lying legal foundation for operating an electronic NSW. And in addressing this, it is important to incorporate international standards as recommended by the ASW LWG and as noted above.

161. Cambodia’s draft Law on Electronic Commerce, development of which is being lead by the MOC, appears to be largely based on international standards, primarily the UNCITRAL Model Laws and the UN Electronic Communications Convention. It promotes the key principles of func-tional equivalence, nondiscrimination, and technology neutrality common in international stand-ards. Generally, this Law should provide much of the needed legal framework for electronic transactions in the CNSW.

162. Two issues, however, should be addressed. First, Article 25 of the draft Law provides gov-ernment entities with the authority to use electronic documents and communications that are submitted to it. From an e-government perspective, this seems to imply that it applies to such transactions between a government entity and a private sector party. While this Article does not exclude the exchange of electronic documents and communications between government entities, it may be useful to clarify this issue so as to provide legal certainty about those electronic transac-tions between Government entities, for example, between the CNSW and those ministries inter-acting with it.83

82 Dr. Kun Nhem, “Status and Challenges of Single Window and Paperless Trade Implementation in Cambodia”, UNESCAP Asia-Pacific Trade Facilitation Forum 2010 (Oct. 2010 - Kuala Lumpur, Malay-sia.)

83 See, discussion at ¶¶ 68-71.

C O M M E N T S A N D R E C O M M E N D A T I O N S 3 7

163. The second concern is raised in Sub-article 3 of Article 25 that provides, “Nothing in this Law shall by itself compel any part of the Government to accept or issue any document in the form of electronic communications.” This, of course, is a policy decision that needs to be ad-dressed for the CNSW. A key element of the CNSW is that all ministries involved in the import, export, and transit of goods be able to interact electronically with the CNSW. And while it may take time to develop the technical capability for each ministry to participate electronically, it may not be helpful to the full operation of the CNSW unless all ministries do engage electronically with the CNSW.84

164. Finally, it is important to enact the draft Law on Electronic Commerce as soon as possible. The MOC, it was noted at our meeting, hoped that this Law would be enacted by the end of 2014. Additionally, the officials with whom we met at the National Bank of Cambodia (NBC) were also anxious to see this Law enacted. Once this is done, the NBC can issue appropriate regulations for electronic financial transactions. As noted in Article 25, ministries that accept payments manually may accept electronic payments once the Law on Electronic Commerce is enacted, which would be helpful to the full implementation of the CNSW as well.

Cambodia NSW Legal Framework 165. Development of the enabling legal environment for the CNSW itself will include both na-tional legal issues specific to Cambodia’s trading goals and the adoption of international legal standards for the CNSW. Since the work of the ASW LWG also focuses on adopting international legal standards, close attention to the continuing work of the LWG should assure that these inter-national legal standards are adapted for the Cambodia NSW legal framework.85 This can be done, for example, by working to include those international legal standards that the ASW LWG has already endorsed as central to its efforts.

166. The specific enabling law for the CNSW should include elements discussed in this Report and that follow the UN Recommendation 35 Guidelines.86 For example, the enabling law should address, among others issues:

Data protection and information security issues Authority to access and share data between government agencies Identification, authentication and authorization for access to the CNSW The use of electronic signatures Arbitration and dispute resolution Electronic documents and communications Data retention and electronic archiving Intellectual property rights and database ownership

84 See, ¶ 67. 85 For example, the draft PLF, which is nearly completed, can provide this guidance. See ANNEX II for

relevant excerpts from the PLF. 86 See also, draft Protocol on the Legal Framework for Implementing the ASW for additional guidance.

3 8 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

167. Some additional elements noted in UN Recommendation 35, for example, data quality, lia-bility issues, competition, etc., could be addressed through regulations established by the CNSW and/or the GDCE, as the lead agency operating the CNSW.

168. In the area of electronic sharing and accessing data between governmental organizations, it will be important to recognize existing regulations and criteria that different government entities may have already established. For example, the confidentiality regulations in one agency may be different than those in others. The CNSW regulations should recognize these factors and, to the extent possible, establish a standard for data security that is no less rigorous than that established in other governmental organizations. Conversely, where the CNSW will requires a higher level of security, for example, due to requirements for participating in the ASW, each governmental or-ganization should establish regulations and controls to conform to the higher standard.

169. The development of legislation that is passed by the National Assembly and Senate may be a time-consuming process, as is true in many countries, it may be appropriate to develop and is-sue an Inter-Ministerial Prakas. As noted above87 such a Prakas could be based on Sub-Decree No. 21 dated 01 March 2006 on Trade Facilitation through Risk Management. Since the CNSW is an important trade facilitation mechanism, such a Prakas based on this Sub-Decree may fulfill the legal requirements for enabling the CNSW.

Development of regulations and Agreements 170. After the fundamental legal framework for the CNSW is established, additional regulations may be necessary to implement the CNSW functions. While it is likely that existing customs reg-ulations and rules, as well as those for other ministries, are firmly established for the ‘paper envi-ronment,’ the transition to the use of ICT methodologies may entail upgrading of these regula-tions and rules to accommodate the ‘electronic document and communications environment.’

171. In this regulatory framework for the CNSW, additional aspects of the CNSW will need to be considered and developed. For example, the development of MOUs88 and ISAs may be needed to facilitate the legal and secure exchange of information and data electronically between the CNSW, the GDCE, and various Ministries and Government entities involved in the import/export processes within Cambodia. The use of such MOUs and ISA should be enabled in the national law for the CNSW or through the regulations established for the CNSW.

172. Care should be taken that each government organization with which an MOU and/or ISA is established is also authorized by law to engage in such exchanges with the CNSW and that the regulations for each are also updated for the electronic environment. As noted earlier, it does ap-pear that when enacted, the draft Law on Electronic Commerce will provide the legal basis for each Ministry to participate ‘electronically’ but other areas may need to be addressed as well.

87 See, discussion at ¶ 86. 88 While referred to as MOUs, they are sometimes called by other terminology, e.g., Service Level Ar-

rangements.

C O M M E N T S A N D R E C O M M E N D A T I O N S 3 9

173. Additionally, regulations for the participation of private sector entities in the CNSW may be needed. For example, Cambodia may decide to create “end-user agreements” between the CNSW and traders/brokers and other private sector entities that will define the legal relationship between the parties. This will provide legal certainty for all those private sector entities engaged in cross-border trade through the CNSW. These agreements should provide for all of the terms of use under which traders may participate in the Cambodia NSW. Further, these agreements can contain the mechanism for dispute resolution so that claims can be addressed without expensive and sometimes costly and time-consuming litigation processes.

174. If Cambodia determines that it will operate its NSW as a joint public-private partnership or that it might outsource primary functions of the CNSW to a private entity (but not, for example, the essential enforcement functions of customs), legal agreements will be necessary to govern the contractual obligations and responsibilities for the parties. These would include service level agreements (SLA), confidentiality agreements, IPR agreements, etc. It may be useful to define the scope of these agreements in the regulatory framework for the CNSW as well.

CNSW Organizational Mechanisms 175. Given the amount of intersection and coordination with and between various government organizations that will be necessary in creating the overall legal environment necessary for the CNSW, it is quite important that the institutional arrangements for developing the CNSW legal framework be at a high government level.

176. Cambodia has established a Steering Committee for the National Single Window in 2008 as well as a National Single Window Project Team89 and a Technical Advisory Group.90 It may be important to review the level of these groups to insure that the work of developing the CNSW legal framework will be addressed by appropriate Government officials in all Ministries.

177. Additionally, It is always difficult to estimate the amount of time that will be needed to complete all of the legal components for the CNSW that have been described in this report. Much will depend on the amount of time that key personnel involved can devote to the effort. Addition-ally, the actual drafting of legal documents, regulations, and other needed agreements will require participation by expert staff resources within various Cambodia governmental organizations. A Legal Working Group under the Steering Committee for the National Single Window may be the appropriate group to undertake such work. Depending on the availability of resources, it would be possible to complete the primary legal development process in 6-8 months.

CONCLUDING COMMENTS 178. There are a number of final points that should be made. First, it is clear from the process of developing the Legal Review for the Cambodia NSW that there is substantial momentum and enthusiasm to move forward quickly in operationalizing the CNSW. The GDCE officials in-

89 Prakas on The Formation of the National Single Window Project Team (NSW.PT), No. 282 SHV.BrK.AKR (14 June 2012).

90 Prakas on The Formation of the National Single Window Technical Advisory Group (NSW.TAG), No. 283 SHV.BrK.AKR (14 June 2012).

4 0 A S S E S S M E N T O F L E G A L F R A M E W O R K F O R C A M B O D I A N A T I O N A L S I N G L E W I N D O W

volved have demonstrated a sound resolve and commitment to this effort. There was very helpful cooperation from all those who participated in the individual Ministry meetings, the preliminary briefing, and the Workshop. Additionally, the participants from the private sector were also hope-ful that the CNSW would move forward quickly.

179. Second, the time available for the in-country visit was limited and, therefore, not every as-pect of the legal framework could be fully addressed. However, the key areas were addressed.

180. Finally, there is likely to be a need for continued engagement on the legal issues for the CNSW over time as well as capacity building initiatives not only for government officials whose Ministries will be active in making the CNSW successful, but also the stakeholders in the private sector who will benefit from participation in the CNSW.

Appendix A. Cambodia NSW

Legal Gap Analysis Workshop

Agenda

CAMBODIA NATIONAL SINGLE WINDOW LEGAL GAP ANALYSIS WORKSHOP

Phnom Penh, Cambodia, June 26, 2014

Time Activities

08:30–09:00 Participant Registration

09.00–09:30 Welcome and Opening Remarks General Department of Customs and Excise Professor William Luddy

09.30–10.15 Group Photo/Tea Break

10:15–11.00 Session 1: Overview Presentation of Relevant Single Window International Legal Standards Presenter: Professor William Luddy

11.00–12.00 Session 2: Presentation on the Preliminary Findings of the Cambodia National Single Window Legal Framework Review Presenter: Professor William Luddy

12:00–13.30 Lunch

13.30–15.00 Session 3: General Discussion of Findings Professor William Luddy

15.00–16.00 Tea Break

16.00–16.30 Session 4: Continuation of Discussion as needed Professor William Luddy

16:30–17.00 Session 5: Conclusions and Closing Professor William Luddy General Department of Customs and Excise

Appendix B. Excerpts from

Protocol for Legal Framework to

Implement the ASW

Following are excerpts from the most recent version of the draft Protocol on the Legal Frame-work for the Implementation of the ASEAN Single Window. The ASW LWG has essentially com-pleted its work on this text and it has been submitted to the ASW Steering Committee. There is one Article of the draft PLF that is still under consideration. However, the majority of the text is complete.

The excerpts below represent those areas that are similar to many of the legal issues contained in UN Recommendation 35 and other materials that have been cited in the Report.

PROTOCOL ON THE LEGAL FRAMEWORK TO IMPLEMENT

THE ASEAN SINGLE WINDOW

The Governments of Brunei Darussalam, the Kingdom of Cambodia, the Republic of Indonesia, the Lao People’s Democratic Republic (hereinafter referred to as “Lao PDR”), Malaysia, the Re-public of the Union of Myanmar, the Republic of the Philippines, the Republic of Singapore, the Kingdom of Thailand and the Socialist Republic of Viet Nam, Member States of the Association of South East Asian Nations (hereinafter collectively referred to as “Member States” or individu-ally as “Member State”);

* * *

RECOGNISING the importance of establishing an enabling legal framework based on interna-tional standards and best practices for the implementation of the ASW as mandated in Article 6 of the ASW Agreement;

NOTING that Member States have also committed in Article 5 of the ASW Protocol to utilizing international standards and best practices reflected in international conventions and agreements;

* * *

NOTING relevant principles and recommendations developed by International bodies such as UNCITRAL Model Law on Electronic Commerce, UN/CEFACT Recommendation 35 and the United Nations Convention on the Use of Electronic Communications in International Contracts

B - 2 A P P E N D I X B

(hereinafter “UN Electronic Communications Convention”) for purposes of transactions between NSWs within the ASW environment.

HAVE AGREED AS FOLLOWS:

PART I

SPHERE OF APPLICATION

Article 1

Scope of Application

* * *

3. Such transactions [between NSWs in the ASW environment] that are contemplated in the Protocol shall comply with the technical and operational criteria to be agreed by ASEAN Member States.

* * *

Article 3

Objectives

This Protocol aims to provide legal coverage of the technical aspects and operations, in-teractions, and electronic processing of transactions between NSWs within the ASW environ-ment, taking into account the relevant international standards and best practices recommended by international agreements and conventions concerning trade facilitation and modernization of cus-toms techniques and practices.

* * *

PART II

GENERAL PROVISIONS

Article 5

General Definitions

* * *

2. “National Single Window” (hereinafter “NSW”) is a system, which enables:

a. A single submission of data and information;

b. A single and synchronous processing of data and information; and

c. A single decision-making for customs release and clearance. A single decision-making shall be uniformly interpreted as a single point of decision for the release of cargoes by the Customs on the basis of decisions, if required, taken by Line minis-tries and agencies and communicated in a timely manner to the Customs.

E X C E R P T S F R O M P R O T O C O L F O R L E G A L F R A M E W O R K T O I M P L E M E N T A S W B - 3

* * *

4. “Confidential information” means data and/or information that is considered confidential if the data conveys any of the following:

(i) Trade Secret information that may give one entity a competitive advantage over another;

(ii) Financial information including banking and insurance information;

(iii) Proprietary information of any type;

(iv) Personally identifiable information (PII);

(v) Law enforcement information;

or that is otherwise protected from disclosure under the law of the Member State.

* * *

PART III

ASW AND NSW OPERATIVE PROVISIONS

Article 6

Sharing and Exchange of Data and Information

1. Member States shall establish and maintain domestic law and regulations91 that enables the operation of their NSWs and permits cross-border exchange of trade and customs-related data and information between NSWs that Member States have specifically agreed to exchange for purposes of the ASW. Such exchange shall be subject to the consent of the trader submitting the data and information, where such consent is required by domestic law, and shall be made in ac-cordance with this Protocol.

2. Member States shall establish policies and regulations for the sharing, use, and dissemi-nation of NSW data and information for domestic government usage that are consistent with the provisions of this Protocol.

3. Member States agree that data and information provided by a Member State’s NSW to another Member State’s NSW through the ASW environment shall be used and maintained only in furtherance of this Protocol and the objectives of the ASW.

4. For the purposes of the ASW, Member States shall recognize trade and customs-related information and data exchanged within the ASW for customs clearance and release, to be agreed by Member States.

91 In adopting or maintaining laws and regulations referred under this provision, Member States may de-cide to ensure that the transfer of information and/or data within the ASW environment will be subject to comparable safeguards to those it applies in its own jurisdiction.

B - 4 A P P E N D I X B

Article 7

Service Level Requirements

* * *

2. Each Member State shall establish service level requirements for its NSW to carry out transactions in a timely manner.

* * *

Article 9

Information Security and Confidentiality

1. Each Member State shall ensure that its NSW protect the security and confidentiality of the information and data in its NSW information system.

2. Each Member State shall further ensure that the use of data and information received through the ASW environment shall be for lawful and authorized purposes consistent with the terms of this Protocol.

3. Each Member State shall establish in its domestic laws and regulations, protection from unlawful disclosure of confidential information that may be shared by the NSWs of other Mem-ber States pursuant to this Protocol. Such information shall be used only for the purposes speci-fied, and shall not be otherwise disclosed without the specific permission of the Party providing the information.

4. Where confidential information is shared between NSWs, Member States of both the transmitting and receiving NSWs shall ensure that there is no unlawful disclosure of such infor-mation.

* * *

6. Each Member State shall ensure that its NSW provide information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disclosure, theft or loss of confidential information that is provided by other NSWs pursuant to this Protocol. Information security will include, but not be limited to, technical, managerial and operational security controls that are appropriate for the type of data and information for which it is responsible.

7. Each Member State shall ensure that its NSW adopt information security controls and procedures (technical, operational and managerial) for access to information and data contained in their respective NSWs.

* * *

9. Member States shall jointly develop security incident management procedures for the purposes of information security in the ASW environment.

E X C E R P T S F R O M P R O T O C O L F O R L E G A L F R A M E W O R K T O I M P L E M E N T A S W B - 5

* * *

Article 11

NSW Registration and Authentication of Private Sector Users

1. Member States shall register all non-governmental entities, including individuals, com-panies, and organizations, that will be permitted access to their NSWs for purposes of providing or receiving information and/or documents in electronic data format to or from its NSW and shall establish authentication procedures in relation to registered users.

2. Member States shall maintain a secure and updated electronic registry, listing all author-ized registrants that are permitted to submit to or receive information from their respective NSWs and shall not permit access to their respective NSWs by any unauthorized person or entity.

3. Authorized registrants of a Member State’s NSW shall not be permitted access to infor-mation or data other than such information or data that is authorized by law, rules, regulations and policies.

Article 12

Integrity of Data

1. Member States shall adopt data integrity requirements and measures that will ensure the integrity of electronic information and data that is processed in their respective NSWs and trans-mitted in the ASW environment.

2. Such data integrity requirements and measures, where appropriate, shall also be applied to the transmission of information and data through the ASW environment.

3. Each Member State shall ensure that the data integrity requirements and measures adopt-ed to assure the integrity of electronic information and data will provide for mechanisms, among others, that enable the recipients of electronic information and data to determine whether such information and data is complete and has not been altered in the process of transmission.

4. Each Member State shall ensure that its NSW adopt such data integrity requirements and measures to electronic archiving and data retention as well as with those for authentication pur-poses as provided for in this Protocol.

Article 13

Data Retention Requirements

1. Recognizing the importance of retaining information and data that is submitted to and/or processed by an NSW or through the ASW for subsequent use, Member States agree to adopt minimum schedules for data retention, archiving, and data disposal for each type of data that is processed in their respective NSWs.

2. Member States agree to establish technical standards and procedures for maintaining au-thenticated electronic documents and data and for retaining such documents and data, per the re-quirements of paragraph 1, in a secure environment in their respective NSWs.

B - 6 A P P E N D I X B

3. In the event that a dispute arises in which one Member State has received electronic in-formation or data from another Member State’s NSW and has archived such information or data as provided for in paragraphs 1 and 2 of this Article, the Member State receiving such electronic information or data will, subject to its domestic laws and regulations, upon request of the sending Member State provide a copy of it, upon payment of a fee as may be prescribed, in a timely and a secure manner to the Member State in which such dispute has arisen; provided, however, no Member State shall be required to provide information or data beyond that which had been pro-vided to it by the requesting Member State.

PART IV

ADDITIONAL PROVISIONS

Article 14

Protection of Intellectual Property Rights and Data Ownership

1. The protection of intellectual property rights of technological products and services being developed by Member States for the ASW or which is contained in any information that is ex-changed under this Protocol shall be enforced in conformity with the respective national laws, rules and regulations of the Member States and with other international agreements signed by Member States.

* * *

Article 15

Legal Effect of Electronic Information and Data in Civil and Criminal Proceedings

1. Each Member State shall adopt procedures for the authentication of NSW electronic doc-uments, information, and data that shall be used or processed within the NSW and transmitted in the ASW environment.

2. Subject to domestic laws, rules and regulations of each Member State from time to time in force, authenticated electronic documents produced in connection with transactions under this Protocol may be admissible as evidence of any fact stated therein.

* * *

Article 24

Force Majeure92

1. In the event that an event or circumstance which is beyond the control and without the fault or negligence of Member State affected and which by the exercise of reasonable diligence the Member State was unable to prevent, provided that event or circumstance is limited to the following:

(a) Earthquakes, flood, fire or other physical natural disasters;

92 [Ed. Note: This Article is still under consideration and has not been finally accepted.]

E X C E R P T S F R O M P R O T O C O L F O R L E G A L F R A M E W O R K T O I M P L E M E N T A S W B - 7

(b) War, invasion, acts of foreign enemies, hostilities (whether war be declared or not) acts of terrorism, civil war, rebellion, revolution, insurrection; and

(c) Declared national security emergencies (“events of force majeure”).

2. Such Member State is not responsible for any failure to perform its obligations under this Protocol, if it is prevented or delayed in performing those obligations by an event of force majeure.

3. Where there is an event of force majeure, the Member State prevented from or delayed in performing its obligations under this Protocol shall immediately notify the other Member States giving full particulars of the event of force majeure and the reasons for the event of force majeure preventing it from, or delaying it in performing its obligations under this Protocol; and that Mem-ber State shall use its reasonable efforts to mitigate the effect of the event of force majeure.

4. Upon cessation of the event of force majeure, the Member State affected shall as soon as reasonably practicable recommence the performance of its obligations under this Protocol.

5. Each Member State shall establish a business continuity plan to address the event of force majeure.