Assessing the Role of Governments in Securing E-Business
The Case of Jordan
Ja’far Alqatawna1, Jawed Siddiqi2, Omar Al-Kadi1, Rizik Al-Sayyed1 and Anas Najdawi3, 1The University of Jordan, Amman, Jordan, 2Sheffield Hallam University, Sheffield, UK, 3Princess Sumaya University for Information Technology, Amman, Jordan
Advances in Web technologies have brought about a massive increase in online businesses, but security has significantly lagged behind. We and others argue that governments can and should play a major role in providing a reliable and secure environment for online businesses because they have a major stake in growing the economy. Our finding from previous research indicates that security is usually overlooked; it comes as an afterthought or is perceived from a purely technical dimension. This study attempts to describe and analyze the current role of the government of Jordan in facilitating the security of e-business. Our starting premise is that governments should recognize the full range of socio-technical implications that security may have on the adoption of e-business. This can be achieved by understanding the real security needs and concerns of the various stakeholders at the different e-business stages and then aligning them to its policy and plans. Moreover, we argue that in order for the government to be an effective partner in developing a secure e-business environment, legislating laws and regulations is insufficient; instead, governments must increase security education and awareness, ensure compliance with security standards and regulations, and protect the country’s critical ICT infrastructure.
Keywords
secure e-business; information security; government; policy; legal aspect; Jordan
Information in this chapter
Introduction
According to the Global Information Technology Report (GITR), e-business adoption in Jordan is still in the early stages although the country has been very successful in leveraging information and communication technology (ICT) [1]. However, the report also points out that there is rapidly increasing demand for adopting e-business and that the government lags behind when compared with businesses’ and individual’s readiness to participate. While GITR is one of the few public reports providing valuable data on the diffusion of ICT in many countries, including Jordan, it offers limited information on security aspects of ICT. For instance, it does not assess the government’s contribution in securing a national ICT infrastructure or building a public security awareness. This gap can be filled by exploring how policymakers at the national level should tackle security during the transition into the digital environment. To this end, this study aims to determine the effectiveness of the Jordanian government as a stakeholder in providing security for e-business.
Numerous previous studies in e-business identify government as an important stakeholder [2,3]. Roberts and Toleman [4] speculate that government involvement will affect several dimensions of e-business security, particularly technical, organizational, and legal. From our empirical work involving several case studies in Jordan [5], we have identified three important themes agreed upon by both business and customer stakeholders:
• Security for e-business is overlooked; it comes as an afterthought or is perceived purely as a technical issue.
• It is essential that the government plays an effective role in security.
• Government must put out more effort to meet the expectations of business and customer stakeholders.
The rest of the chapter is organized as follows: The next section provides a review of the literature concerning the role of government in e-business security, Jordan’s Electronic Transaction Law (ETL), and the National e-Commerce Strategy (NCS). The section after that presents the investigation of ETL and NCS in relation to e-business security requirements and discusses the findings. The chapter closes with a brief conclusion and recommendations.
Literature review
The role of government in E-business security
The literature on e-business adoption appears to consider a wide range of stakeholders [6–9]. However, a comprehensive review reported in [8] reveals that in practice researchers are likely to focus on just a few stakeholders, predominantly customers. Hence, they stress the importance of paying more attention to stakeholders such as regulators, suppliers, and investors.
Clearly, government is also an important stakeholder, and a number of studies have explored its role in the context of developed countries. An early paper by Julta et al. [10] investigates the effect of governmental legislation concerning electronic signatures to promote the use of electronic communications on building the public’s confidence in electronic transactions. Van Baal [11] examines the government’s role in devising measures for supporting small and medium-sized enterprises that could stimulate e-business in the trade sector. Roberts and Toleman [4] discuss how governments could improve regulations and compliance effectiveness in order to promote more secure services. A more recent study in the developing world by [3] investigates the effect of support provided by national government institutions and commercial infrastructure on e-business outcomes in Latin America and Sub-Saharan Africa. The findings reveal the need for ICT policies specific to the needs of e-business.
In Jordan there is a paucity of studies involving the role of government in building a secure and trustworthy e-business environment. Abu-Samaha and Abdel Samad [12] studied the reasons why most organizations and individuals in Jordan refrain from using the Internet to exchange products and services or funds online. They concluded that the primary reasons are lack of an advanced and secure technical infrastructure, low volume of Internet users, and limited use of digitized payment methods in Jordanian society (like credit cards). Obeidat and Abu-Shanab [13] identified different categories of barriers to adopting electronic government services among business organizations in Jordan; these were: strategic, technological, organizational, policy, legal, and human factors. Interestingly, the findings of these studies, particularly the latter, concur with our own finding based on empirical work [5]. Similarly Alsmadi [14] has identified many security threats in several Jordanian e-government portals that provide e-services to citizens and businesses. Clearly these weaknesses and problems hinder the expansion of e-government services in Jordan to becoming fully active in e-business in terms of G2C (Government to Consumer) and G2B (Government to Business).
Despite these limitations, through the past decade the Jordanian government has been working hard to increase the country’s electronic readiness to benefit from today’s information society and has recognized the potential benefits that ICT diffusion and e-business adoption can bring to the country. Indeed, Jordan was one of the first countries in the region to pass a special law for online transactions [15]. In 2007 the government policy for ICT called for more efforts to encourage local companies to offer e-services, especially e-commerce services [16]. In response to this policy, the Ministry of Information and Communications Technology (MoICT), in cooperation with other governmental bodies and stakeholders, introduced the National e-Commerce Strategy for 2008 to 2012 in order to provide the necessary framework for implementing those recommendations [17].
Since our research focuses on security relating to e-business adoption strategy, we aim to explore how and to what extent security is addressed in the Electronic Transactions Law [15] and in the government’s National e-Commerce Strategy. In the following subsection, we provide a detailed overview of [15] and the National e-Commerce Strategy.
Overview of the Electronic Transaction Law (ETL): Law No. 85 of 2001
Al-Omari and Al-Omari [18] point out that Jordan was one of the first countries in the region to recognize the importance of legislation that facilitates e-business transactions and pass a special law for online transactions. This temporary law is called Electronic Transactions Law (ETL) No. 85 and represents the single legal reference that can be applied to e-business transactions [15]. Instead of amending existing legislation to recognize online transactions, this law was introduced to be applicable to any transactions that involve electronic processing, transmitting, and storing of data. The law attempts to regulate a number of aspects of e-business such as: electronic contracts, records, messages, and signatures. It also provides a set of articles related to electronic transfer of funds and authenticity of electronic documents. It therefore represents a first effort toward prevention of certain sorts of cybercrime. However, ETL does not provide comprehensive legislation that can ensure the security and trustworthiness of the online environment.
According to article (3) of the ETL, the law was introduced to enable electronic means of conducting online transactions for both governmental and commercial sectors. ETL consists of 7 chapters and 41 articles that cover four areas relevant to secure e-business: electronic documents, including records, contracts and messages; electronic transfer of funds; electronic signatures and digital certificates; and penalties for some kinds of online abuse.
First, regarding the use of electronic documents, the law acknowledges the legal power of different forms of electronic documents and considers them acceptable sources of evidence that cannot be denied just because they are conducted by electronic means. Indeed, according to article (7/a) of ETL “the electronic records, contracts, messages, and signatures shall be considered to produce the same legal consequences resulting from the written documents and signatures in accordance with the provisions of the Laws in force in terms of being binding to the parties concerned or in terms of fitness thereof as an evidential weight.” Similarly, article (8/a) of the law sets the conditions for considering an electronic record to have the same legal effect as its original form. These conditions mainly concern availability, accessibility, and integrity of the data contained in the digital record as well as identification of the originator.
Second, at the core of e-business is the notion of electronic transfer of funds. ETL stipulates a number of provisions for facilitating e-payment. For instance, article (25) recognizes electronic transfer of funds as an acceptable payment method. Only two general conditions are set on financial institutes providing e-payment services: they must comply with other relevant laws of banking as per the Central Bank of Jordan, as well as regulations and instructions that the Central Bank issues to regulate e-payment in the country; and they must ensure the security of the services provided to clients and maintain banking confidentiality.
Third, the law defines “electronic signature” as the only mechanism which provides security and acceptability of the “electronic record,” which the ETL defines as “a record, contract or data message generated, sent, received or stored by electronic means.” It stipulates that the electronic record is valid and deemed secure from a legal point of view only if it is signed by a secure electronic signature generated during the validity period of its digital certificate, which needs to be obtained from an accredited certificates authority. This implies the existence of a Public Key Infrastructure (PKI) for implementing this law.
Finally, in terms of secure e-business, some means is required to prevent related abuse. The ETL stipulates provisions related to some cybercrimes which mainly focus on illegal use of digital certificates. Both imprisonment and fines have been introduced as penalties for illegal online acts such as the creation of security certificates for fraudulent purposes. Penalties have also been introduced for organizations involved in the process of securing electronic records. For instance article (37) stipulates that “any entity engaged in the practice of securing documents which submits false information in a registration application, or discloses confidential information of any of its clients, or violates the regulations and instructions issued pursuant to this Law documents shall be subject to a fine of no less than (5000) five thousand dinars.” In article (38) the law goes further, introducing punishment for any act considered a crime committed by electronic means.
Overview of the National E-commerce Strategy
The National e-Commerce Strategy represents the governmental plan for developing e-commerce in Jordan. The strategy defines e-commerce as “transactions between consumers and businesses or between businesses associated with the development or trade of goods and services over telecommunications or broadcast network,” which implies that this strategy is intended to cover all e-business modes, including business to customer, business to business, and internal business automation. The strategy was drawn up based on a SWOT analysis (of Strengths, Weaknesses, Opportunities, and Threats) carried out between July and October 2007 to assess the current state of e-business in the country. The strategy’s vision, goals, and objectives have been set with the intention of making Jordan “a leading e-commerce centre in the region through the exploitation of its information technology capacity and the creativity of its people” [17]. Five major factors were identified as reasons why e-commerce had not taken off in Jordan:
• lack of supportive legislation
• lack of e-commerce awarenes;
To overcome these impediments a set of enablers and their associated actions were identified. These are shown in Table 8.1.
Table 8.1
Enablers of the National e-Commerce Strategy [17]
| Enablers | Enabling Actions |
| The Law | Provide an effective legal framework for the development of e-commerce including the validity of digital signatures, consumer protection, cybercrime, and various changes to the e-transaction law. |
| Security | Increase general awareness of the need for information and personal security among companies that trade electronically. |
| Electronic payments | Develop fully operational payment gateway and associated banking services for use with internet and mobile phone payments. |
| Tax | Develop systems and processes for simplified tax audits. |
| Awareness | Encourage general awareness throughout society, and specifically among lawyers, judges, SMEs, government officials, and banking staff. |
| Skills | Develop commercial and technical e-commerce skills among SMEs and ICT firms; develop commercial and legal e-commerce skills among lawyers, judges and tax officials. |
| Customs | Introduce rapid customs clearance via associated IT systems. |
| Employment | Provide employment opportunities to meet youth aspirations. |
| The IT sector | Develop capacity in e-commerce, e-commerce software, and services for fixed and mobile sectors; promote sector skills. |
| Availability and use of ICT infrastructure and services | Encourage competitive supply and widespread adoption of broadband; improve affordability of ICT; introduce 3 G mobile services; support competition and diversity in international telecommunications. |
| Logistics and transport infrastructure | Develop warehousing and packing facilities; remove impediments to the development of air and land freight hubs. |
| Catalogues and content | Establish capacity in e-commerce content development. |
| Finance and investment | Improve links between investors and entrepreneurs. |
| Government | Advance the use of e-procurement in government. |
In the next section we assess to what extent these government initiatives, namely, the Electronic Transaction Law and the National e-Commerce Strategy, meet the requirements for e-business security. We show that they have a number of limitations that make them inadequate to provide the required legal setup.
Security in Jordan’s E-business initiatives: An analysis
Analysing ETL in relation to E-business security
The Electronic Transaction Law (ETL) is clearly an important step toward increasing the adoption of e-business in the Jordan because it provides a suitable legal framework for such activities. However, our analysis reveals that several issues related to e-business as well as security are not addressed in this law. These limitations render the current legal situation inadequate for providing a secure e-business environment.
One major drawback we identified is that the law is not mandatory; therefore, it is applicable only if participating parties agree to apply it. Indeed, article (5/a) states: “unless a provision in this Law states otherwise, the provisions of this Law shall apply to the transactions on which the parties thereto agree to implement the transactions thereof through electronic means.” Similarly, article (5/b) requires a new agreement between the parties for every new transaction. According to Al-Ibraheem and Tahat [19], this is because ETL uses as its model the United Nations Commission on International Trade Law (UNCITRAL [20]), which requires explicit consent from the parties that are going to perform transactions by electronic means. While this provides some sort of flexibility for the parties transacting online, it also means that the law might never be implemented, hence failing to regulate e-business.
A further factor making a large part of this law ineffective is the lack of regulations and instructions on how to implement and enforce some of its provisions. For instance, the validity of an electronic signature is linked, under this law, to the validity of the digital certificate, which needs to be issued by a competent and licensed certificate authority. According to article (40/b) the Cabinet will issue the necessary regulations for implementing the provision related to “the procedure for issuing security certificates, the authority competent to do such and the application fees.” As another example, article (29), relates to the security of electronic transfer of funds. It specifies that the Central Bank of Jordan is responsible for maintaining and ensuring the safety of the banking environment in Jordan. Unfortunately, as of this writing, regulations to support both of these articles have still not been issued [21].
This lack of supportive regulations concerning the security of online transactions hinders the establishment of a secure e-business infrastructure and increases the legal uncertainty for both businesses and citizens. Furthermore, the absence of these regulations makes it impossible to establish even a basic security infrastructure. In the contrary, many developed countries such as the UK, the United States, and most of the European Union states have established a set of directives and regulations for digital signatures and certificates authorities that support the adoption of online transactions in those parts of the world [22].
ETL is also very limited with regard to cybercrime, mainly addressing the illegal use of digital certificates. It introduces a penalty of up to one year’s imprisonment for any illegal act conducted online. However, the law does not distinguish among the many forms of cybercrime, which differ in terms of type, intention, and severity. Under the current law there is no difference between a simple computer penetration targeting any machine over the Internet, which can be committed by an individual, and an organized denial of service attack targeting large e-business portals. Considering the nature and diversity of cybercrime, these provisions fail to recognize the wide range of real risks associated with e-business environments and fail to deal with each type of these crimes according to its nature and impact.
The Jordanian constitution appears to respects citizens’ privacy in the physical world; however, there is no equivalent treatment for online privacy. For instance, Internet cafés, which are very popular in the country, are requested by law to collect personal data from the Internet users and must disclose this data if the government so requests: “In March 2008, Jordan began increasing restrictions on the country’s Internet cafés. Under the pretext of maintaining security, Internet cafés were installed with cameras to monitor users, and Internet café owners were required to register the IP number of the café, the users’ personal data, the time of use and the data of Web sites explored” (see [23] p. 3).
According to the Economic and Social Commission for Western Asia (ESCWA) [24,25], lack of data protection laws and absence of disclosure control mechanisms are the major cause of privacy problems in many countries, including Jordan: “While most advanced countries have devised laws that protect privacy and data, all ESCWA member countries still lack standards and regulations to protect personal privacy and data, with the exception of general laws that are applied in certain cases” ([24] p. 38).
Furthermore, the absence of laws and regulations to protect the rights of customers engaging in e-business transactions represents a serious obstacle to building customer trust in this form of transaction. Consumer protection includes many issues such as product liability, privacy rights, fraud and misrepresentation [24]. Unfortunately, these issues are not covered under the current legal framework, which contributes to the legal uncertainty of the e-business environment. The authors of [19] point out the obvious absence of legislation that covers standards, procedures, techniques, infrastructures, and security guidelines for e-business that the commercial sector should follow in order to ensure security.
We therefore conclude that the current legal framework is inadequate to provide a secure e-business environment. It has failed to address several fundamental issues: enforcement, supportive regulations for establishing security infrastructure, cybercrimes, privacy, and online customer protection. Moreover, from our empirical research [5] we know that these issues are of significant concern for a wide range of stakeholders. Addressing these issues is essential for providing the comprehensive legal framework required for today’s complex e-business environment.
Analyzing security within the National E-commerce Strategy
The government’s strategy to develop e-business covers a wide range of areas, including legislation, local ICT industry, infrastructure, and financial services, and its actions target a wide range of stakeholders, including customers and service providers as well as government departments. It appears that all of these stakeholders’ requirements could be fulfilled. However, some important questions remain: How and to what extent is security addressed by the National e-Commerce Strategy? Is it comprehensive enough to fulfill the requirements? Here we explore these questions.
Clearly, there has been an attempt to address two barriers to the lack of confidence in e-business: the absence of an adequate legal framework and the absence of security awareness among potential online users. The government’s National e-Commerce Strategy incorporates two action plans to address these two limitations. The inadequate legal framework especially relates to customer protection and the security of e-transactions; as we have discussed, the Electronic Transaction Law (ETL) is not able to ensure sufficient online security. One of the government’s action plans was to amend the current ETL to cover issues such as confidentiality of e-transactions, spamming prevention, dispute resolution, and effective enforcement measures. Moreover, the action plan included promulgating three new laws: a cyber crime law, a consumer protection law, and a law to establish credit bureau facilities in Jordan. The second action plan, intended to leverage security for e-business, focused on increasing security awareness among potential online companies, including publishing security guidelines for online companies. The target was to have 90 percent of online merchants conforming to these guidelines two years from the issuing date. Unfortunately that date was left unspecified!
The government’s National e-Commerce Strategy with its proposed action plan is clearly a significant step in assuring e-business security and eliminating the relevant stakeholders’ concerns. It has addressed some important issues, especially in relation to legislation that promotes a secure online environment. However, the strategy still has a number of interrelated deficiencies, which can be observed at the strategic,governance, and action levels of the strategy. We now discuss these deficiencies and their possible implications.
Looking at the strategy’s goals and objectives, it appears that securing the e-business environment was perceived not as a strategic goal but as an obstacle that could simply be removed by offering security guidelines to online companies and passing a certificate authority law and other relevant laws and regulations. This limited understanding of the role of security and its implications could be the reason that the strategy does not take a comprehensive and systematic approach to addressing wider security issues. Not having security as a strategic goal can increase the chance that it will be overlooked in many areas associated with the implementation of the strategy. We illustrate with three notable examples.
At the infrastructure level, the government seems to want to invest heavily in providing citizens with physical ICT infrastructures without paying much attention to how to secure these infrastructures, which are required by e-business adopters. For instance, the strategy emphasizes the availability and affordability of e-payment systems, broadband, and wireless services, but does not require service providers, such as ISPs and telecommunication companies, to secure these services. This means that security could be overlooked in these critical infrastructures. The ICT infrastructure section of the action plan states that MoICT, in collaboration with telecommunication operators and local ISPs, would ensure the availability of the ICT infrastructure necessary for e-business services; unfortunately, none of the actions relates to the security of ICT infrastructure.
In the second and fourth goals of the strategy, the government aims to make Jordan a regional leader for IT services and a strong competitor in the digital economy. Yet security is not integrated into the process of achieving these goals and unfortunately is not considered as a competitive advantage. Therefore, we think that these goals are unlikely to be achieved, since security of IT services is an important factor for companies who want to provide their customers with a high quality, reliable service. This lack of security could lead to Jordan being excluded from the benefits of such opportunities, thereby negatively impacting its strategic goals. Moreover, even though the government owns this strategy, the absence of a governance framework for information security shows that the government does not want to take responsibility toward ensuring security. Indeed the strategy clearly states that “as an implementer of e-commerce strategy, however, Government’s roles and responsibilities are limited. This strategy lays down objectives for Government to meet in areas such as the law associated with e-commerce, taxation and customs. Government can facilitate, promote, propose, recommend and sometimes fund, but seldom command or require action by the private sector.”
The action plan PLURAL? associated with the National e-Commerce Strategy includes many actions to raise e-business awareness in different sectors and among a wide range of stakeholders. However, in practice these actions focus only on the benefits of e-business; none of them emphasizes the need to build information security awareness especially among stakeholders such as customers, judges, lawyers, and government officials. This limited focus on raising security awareness in the business community means that it is failing to fulfill the government own ICT policy which states: “Government requires that users (both residential and small business) be supported by the provision of advice on the safe use of the Internet and the protection of children, in order to promote consumer confidence in the use of ICT, while avoiding risks and protecting human rights. This function should be led by the MoICT and should include participation by other relevant public and private stakeholders” [16]. As a consequence, it has not been possible to build citizens’ security awareness, which could increase their levels of confidence and equip them with skills for protecting their online security, thereby elevating their trust in e-business. Our empirical work [5] strongly suggests that all stakeholders need to be involved and therefore the strategy needs to recognize the importance of information security awareness at different levels of society for cultivating a security culture, which, we propose, would contribute to enhancing the security of e-business.
Discussion
The analysis of our study revealed that the Jordan government’s limited view of security has impacted its plans and initiatives to promote an attractive e-business climate. The first government attempt to address security was through the Electronic Transaction Law (ETL). Our analysis revealed that EFL is, however, inadequate to provide a secure e-business environment, since it fails to address several security issues that are concerns of a wide range of stakeholders. These issues include online privacy and data protection, online customer protection, and security of e-business infrastructure. Besides, the lack of supportive rules and regulations to implement and enforce some provisions in ETL, especially the ones relating to establishing certificate authorities, render a large part of ETL inactive and therefore unable to fulfill its goal.
The National e-Commerce Strategy, introduced seven years later, represents acknowledgment by the government that the existing legal framework was hindering the adoption of e-business in the country and its attempt to correct this situation through actions to reform the current legal setup to better facilitate e-business. These actions include promulgating three new laws: a cyber crime law, a consumer protection law, and a law to establish credit bureau facilities in Jordan. Nevertheless, the strategy fails to perceive security outside the legal dimension. While the government has acknowledged the relation between security and citizens’ trust in e-business, its proposed action plan does not go beyond providing security guidelines to online companies, and the legal role predominates.
Our analysis suggests that security was not viewed as an essential part of the strategy or as a competitive advantage. This has had two major implications. First, security has been overlooked in many areas at the implementation level of the strategy. This is notable in the action plan which covered areas such as stakeholders’ awareness and ICT infrastructure but lacked any plan to address associated security aspects. Second, there is no national security governance framework to establish a set of roles and responsibilities that the government and other relevant stakeholders need to exercise to ensure security of the e-business environment. In such a situation, it is difficult to know who is in charge of what, and security is left to the judgment of the individual parties involved in e-business.
This analysis highlights the absence of an effective governmental role with respect to government’s responsibility to regulate the digital environment to protect both businesses and customers. Accordingly, we recommend that the government should contribute in building awareness of security issues at both organizational and individual levels. For instance, our study found that the lack of a government monitoring role has two implications. On the business side, nobody checks whether or not private companies are capable from a security point of view of doing business online, which can impact negatively on a business’s perceived responsibility toward security. On the other hand, lack of monitoring increases customers’ feelings of distrust in the electronic environment, especially in the absence of a legal setup to protect online customers [26].
Conclusion and recommendations
This chapter has attempted to describe and analyze the current role of the government in the security of e-business in Jordan. Based on the findings, our study suggests that the government should recognize the full range of socio-technical implications that security and the lack of security may have on the adoption of e-business. This can be achieved by understanding the real security needs and concerns of the various stakeholders at different e-business stages. The government then needs to align and integrate these requirements with its policy and plans. Our findings also suggest that in order for the government to be an effective partner in developing a secure e-business environment, it is not enough to limit its role to promulgating laws and regulations addressing security issues; rather, government should take a multifaceted role, which might include, in addition to legislation, increasing security education and awareness, monitoring, ensuring compliance with security standards and regulations, and protecting the country’s critical ICT infrastructure.
There have been numerous previous studies highlighting the role of governments and policy makers in the diffusion of e-business; however this study has scrutinized the role of government in the adoption of e-business particularly with respect to security-related actions. An early paper by Molla and Licker [27] argues that government must have an important role in encouraging the private sector in the country to adopt e-business by providing supportive infrastructure, legal and regulatory frameworks, policies, and strategies. However, in practice government support varies from country to country, and it is below the threshold in many developing countries [25]. We therefore strongly argue that the government represents an important if not the primary security stakeholder in the adoption of e-business, with a number of responsibilities that need to be fulfilled to ensure security and protect online customer rights. Its responsibility starts with regulating e-business in the country and enacting the laws that protect customer privacy and security. It can force online merchants to follow best practices in security and to provide their customers with some level of security assurance. For instance, in many developed countries laws force online retailers to disclose their privacy and security practices to their customers in order to increase transparency and trust levels. Our findings also suggest that government needs have greater a stake in building public knowledge of security related matters through national awareness.
References
1. World Economic Forum. Global information technology report 2008–2009 Mobility in a networked world 2009.
2. Papazafeiropoulou A, Pouloudi A, Currie, W. Applying the stakeholder concept to electronic commerce: extending previous research to guide government policy makers. In: Proceedings of the Annual Hawaii International Conference on System Sciences; 2001. p. 122–122.
3. Okoli C, Mbarika V, McCoy S. The effects of infrastructure and policy on e-business in Latin America and Sub-Saharan Africa. Eur J Inf Syst. 2010;19(1):5–20.
4. Roberts B, Toleman M. The role of government in e-business adoption. In: Al-Hakim L, editor, eds. Global e-government: Theory, applications and benchmarking Information Quality Management. Hershey, PA, United States: IGI Publishing (IGI Global); 2007; p. 65–84.
5. Alqatawna J. Multi-stakeholders inquiry for securing e-business environments: a socio-technical security framework [PhD thesis] England: SHU; 2010.
6. Pouloudi A. Aspects of the stakeholder concept and their implications for information systems development. Hawaii International Conference on System Sciences. Citeseer; 1999. p. 254–254.
7. Shankar V, Urban GL, Sultan F. Online trust: a stakeholder perspective, concepts, implications, and future directions. J Strateg Inf Syst. 2002;11(3):325–344.
8. Chua CEH, Straub DW, Khoo HM, Kadiyala S, Kuechler D. The evolution of e-commerce research: a stakeholder perspective. J Electron Commerce Res. 2005;6(4):262–281.
9. Flechais I, Sasse MA. Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-science. Int J Hum-Comput Stud. 2009;67(4):281–296.
10. Jutla D, Bodorik P, Dhaliwal J. Supporting the e-business readiness of small and medium-sized enterprises: approaches and metrics. Internet Res. 2002;12(2):139–164.
11. Van Baal S. Governmental support for e-business in Germany: the trade sector’s perspective. Workshop on the Role of Government in Promoting Electronic Business, hosted by the German Institute for Economic Research, Berlin; 2005.
12. Abu-Samaha AM, Abdel Samad Y. Challenges to the Jordanian electronic government initiative. J Bus Syst, Governance Ethics. 2007;2(32007):101–104.
13. Obeidat RA, Abu-Shanab EA. Drivers of e-government and e-business in Jordan. J Emerg Technol Web Intell. 2010;2(3):204–211.
14. Alsmadi I. Security challenges for expanding e-governments. Int J Adv Sci Technol. 2011;37(5):47–60.
15. ETL. Electronic transactions law no. 80 of 2001. Jordan; 2001.
16. ICT-policy. Statement of government policy on information and communication technology and postal sectors Jordan. [Internet] [Cited 2012 Jun 1]. Retrieved from: <http://www.moict.gov.jo/>; 2007.
17. MoICT. Jordan national e-commerce strategy 2008–2012. Jordan, Ministry of Information and Communication Technology (MoICT). [Internet]. [Cited 2013 Apr 24]. Retrieved from: <http://www.moict.gov.jo/MoICT_National_E-Commerce_Strategy.aspx>; 2008.
18. Al-Omari A, Al-Omari H. E-government readiness assessment model. J Comput Sci. 2006;2(11):841–845.
19. Al-Ibraheem M, Tahat H. Regulating electronic contracting in Jordan. 21st BILETA Conference: globalisation and Harmonisation in Technology Law; 2006.
20. The United Nations Commission on international trade law (UNCITRAL). [Internet]. Retrieved from: <www.uncitral.org>.
21. NIS. The National Information System. [Internet]. [Cited 2013 Apr 24]. Retrieved from: <http://www.lob.gov.jo/ui/main.html>; 2013.
22. Wang M. Do the regulations on electronic signatures facilitate international electronic commerce? A critical review. Comput Law & Secur Rev. 2007;23(1):32–34.
23. OpenNet (2009). Internet filtering in Jordan. OpenNet initiative. [Internet]. [Accessed on 2012 June 1] Retreived from: <http://opennet.net/research/profiles/jordan>.
24. ESCWA. Regional profile of the information society in western Asia. [Internet]. 2007. [Cited 2013Apr 24]. Retrieved from: <http://www.escwa.un.org/information/pubdetails.asp>.
25. ESCWA. Regional profile of the information society in western Asia. [Internet]. 2011. [Cited 2013 Apr 24.] <http://www.escwa.un.org/information/pubdetails.asp>.
26. Privacy International. Surveillance Monitor 2007 -International country rankings; 2007. <https://www.privacyinternational.org/reports/surveillance-monitor-2007-international-country-rankings>.
27. Molla A. Licker PS Perceived e-readiness factors in e-commerce adoption: an empirical investigation in a developing country. Int J Electron Commerce. 2005;10(1):83–110.