Risks and Rights for Sri Lankan Consumers in the Digital Age

Article to mark ‘World Consumer Rights Day’ (15 March)


Every day we are moving closer to having almost as many mobile subscribers as there are people on earth. Close to 40% of the world’s population are now ‘online’ and some 750 million households globally are connected to the internet[i]. New devices and platforms such as smartphones are constantly shaping; when, where and how consumers interact, use services and access information. More and more of us are conducting everyday domestic commerce online. Whilst digital consumers benefit through increased choice, improved ease, speed and immediacy, this online commerce poses its own challenges. This article takes a cursory look at the potential risks and challenges confronting the ‘digital age consumer’ and the need to strengthen consumers’ rights in this new arena. Sri Lanka would need to look at its policy and regulatory apparatus to address the emerging challenges confronted by the modern Sri Lankan consumer.


Issues of Privacy in a Surveillance Society


The modern consumer is no longer a faceless entity, consumers leave behind a digital trail of data when- and where-ever they go online; use their mobile phones and even when they use public transport[ii]. This data is most often personally identifiable and could be easily captured, stored, analyzed, shared and has huge and growing commercial value. In this context the incentives to extract more personal information from consumers is growing. Consumers are often unaware that the data is being collected, exactly what data is being collected for, by who, who has access to it, or how the data is being used. They have little or no control over these decisions thus compromising consumer privacy[iii]. Allowing consumers to stipulate data sharing permission; opt-in or opt out-of data collection, sharing and use would come a long way in addressing privacy concerns[iv]. Enacting data protection policies also is vital to redressing privacy related issues.


Unfair Terms of Data-sharing


Some shopping sites collect personal data and sell it to other organizations for their advertising and other use. It has become a highly profitable way of exploiting consumers’ ignorance about the value of their personal data. Currently, the terms under which individuals’ data is captured and shared is set by terms and conditions which consumers have to ‘agree’ to (by ticking a box in an online process) if they want to access the product or service in question. Most consumers do not read these T&Cs, and have no means of influencing their content if they do. Most often consumers have little or no ability or power to control their data, opt-out or negotiate different terms and conditions.


Imperfect Information Disclosure

Information disclosures are often long and complex, and not always easily accessible online. Key pieces of information are sometimes presented in small text, buried in footnotes, or accessible through a series of web links or windows. As a result, consumers, in many instances, do not read some of these vital pieces of information, leading them to suffer detriment in the form of a) dissatisfaction with a product that did not meet expectations; b) surprisingly high bills (i.e. “bill shock”); as well as c) frustration with the procedures and costs that may be incurred in terminating a transaction and trying to obtain redress[v]. With a view towards providing consumers with relevant information that enables them to make informed decisions in e-commerce, work could be conducted on enhancing consumer access and understanding of such information


Information Access and Trustworthiness

Whilst more and more information is available online, a key issue that arises is that; can all this online information be trusted?. The internet can be highly democratic-consumers can have their say and input their views. Alone customer’s complaint can go a long way in gaining attention and force a large corporation to change its policies. The downside however is that it is no longer possible to distinguish between good and poor quality information. There have been well-publicized examples of organizations misleading consumers’ byway paying bloggers to upload positive comments about their organizations/products. Back in 2006, leading US retailer ‘Wal-Mart’ was discovered to having paid two bloggers to post positive comments about Wal-Mart stores as they travelled across the US[vi].

Rights and Responsibilities


e privacyUnderstanding consumer rights and responsibilities is becoming more complex; consumers may unintentionally infringe laws and contracts, and make spending commitments. . Unintentional and contractual legal breaches can arise simply because people find reading and understanding terms and conditions, which can sometimes be excessively complex, difficult. Also digital products delivered in the process of downloading or streaming are not considered to be ‘tangible goods’ and so are exempt from the consumer’s right to redress. As a result, consumers buying digital goods and services are exposed to risks where products are not fit for purpose or undelivered. There have also been instances where organizations link consumer to ‘free’ offers to a commitment to purchase in the future. Consumers may opt-out online to such an agreement, but sometimes there are no obvious reminders and unintended purchases are undoubtedly made.

Protecting the Modern-day Sri Lankan Consumer


Sri Lanka is home to over 20 million mobile phone subscribers and close to 20% of the country’s population uses the internet[vii]. With the embrace of technology more and more Sri Lankans are seen engaging both domestic and international firms through e-business channels in the pursuit of securing their day-to-day needs. Local business can also be seen increasingly embracing online e-business channels to cater to the growing base of digital consumers. Sri Lankan mobile telecommunications service providers have been seen introducing new contactless payment system to exploit the emerging opportunities in the e-commerce sector. In the preceding light given the growing importance of digital consumerism both domestically and globally, it is of critical importance that domestic consumer protection legislation be updated and further bolstered to address the emerging threats on consumer safety. At present the key authority tasked with safeguarding consumer rights is the Consumer Affairs Authority (CAA), however given that digital consumerism also encroaches upon the jurisdiction of ICT and ICT related laws it is important that the CAA work closely with ICT regulators in developing policy.


(Updated: Title change)

[i] International Telecommunications Union (ITU) (2013), The World in 2013: ICT Facts and Figures, ITU, Geneva, Switzerland

[ii] Hopkins C, Mitchell A and Smith P (2012), Defining and defending consumer interests in the digital age, Consumer Focus, UK

[iii] Kuneva M (2008), Key Challenges for Consumer Policy in the Digital Age, Roundtable on Digital Issues

London, Experts of Speech by the European Consumer Commissioner, London

[iv] Brown B, Court D, McGuire (2014), ‘Views from the front lines of the data-analytics revolution’, McKinsey Quarterly, viewed online at <http://www.mckinsey.com/Insights/Business_Technology/Views_from_the_front_lines_of_the_data_analytics_revolution?cid=other-eml-alt-mkq-mck-oth-1403>

[v] OECD (2013), “Empowering and Protecting Consumers in the Internet Economy”, OECD Digital Economy Papers,

No. 216, OECD Publishing

[vii] International Telecommunications Union (ITU) 2013, Measuring the Information Society, ITU, Geneva, Switerland


  • Malathy Knight

    Excellent piece Raveen! One question on policy implementation though: it is highly unlikely that CAA will work closely with either the TRC or the ICTA (or any other institution) in the quest to safeguard consumer rights. History does not support such collaborative efforts – even though the legislation includes the language “concurrent jurisdiction”. Also “developing policy” is not the mandate of the regulator. Additionally, given the way the internet works, policy and regulation more often than not lag behind. Time for a paradigm shift in Sri Lanka’s ICT policy and regulatory space?