Bread & Kaya: 2022 Cyberlaw cases of interest..Pt 2

• A question of technical glitches & breaching of contractual obligations
• Singapore’s First Action against Unknown Persons on Cyberspace

After sharing Part 1 of some interesting cases last week, I conclude my annual review of noteworthy cyberlaw cases with some notable online contract matters and examples of where the Singapore government has filed suit in Malaysia, and, end with some predictions of what I think some 2023 cases will be about.

Online contracts

Last year, I reported about the case of MISC Berhad v Cockett Marine Oil (Asia) Pte Ltd [2021] MLJU 563 where the High Court held that clause to refer any disputes to arbitration is not applicable as the contract containing the clause was provided through a link in the footer of an email to the other side during negotiation (for more details, please refer here).

The Court of Appeal however had overturned the decision on separate reasons. Instead determining whether the arbitration clause applies, the Court of Appeal held that the correct position in law is as follows -

“Where a party challenges the existence of the arbitration agreement, the jurisdiction of the Court is to consider whether prima facie there is an arbitration agreement to resolve disputes. In this respect the jurisdiction of the Court is to decide if the issue on the existence of the arbitration agreement is in dispute and not merely a dubious or frivolous allegation.”

In this regard, the Court of Appeal held that it is the role of the arbitral tribunal to determine its jurisdiction and not that of the High Court. A party who is dissatisfied with the preliminary ruling on its jurisdiction may appeal to the High Court under s. 18(8) of the Arbitration Act. The High Court’s jurisdiction is limited to identifying whether there is prima facie existence of an arbitration agreement and once a prima facie determination is made the matter is to be stayed and referred to arbitration for a full determination on whether there is in fact a binding arbitrations agreement. In the present case, the High Court had exceeded its jurisdiction by purporting to determine conclusively not only that there was a prima facie case existence of an arbitration agreement but to make a factual determination that the same was not enforceable did not bind the parties.

In UOB Kay Hian Securities (M) Sdn Bhd v Lim Woi Keat [2023] 1 LNS 304, the Court dealt with the issue of whether a trader can take advantage of a technical glitch of an online share trading platform, whether the operator of such trading platform was under a contractual obligation to provide a share trading platform that was free from error, flaw, fault and/or defect and if so, whether there was a breach of such a contractual obligation.

The plaintiff operates an online multimarket trading platform/system by the name of UTRADE platform. The defendant is a user of the UTRADE platform with a trading limit of RM250,000. However, due to a technical glitch, his trading limit was unintentionally increased to approximately RM23,700,000. Notwithstanding the glitch, the defendant traded beyond his trading limit by placing orders via the UTRADE Platform and the plaintiff purchased shares based on the defendant's orders. 

Due to the fact that, the defendant had traded above his trading limit and he did not increase the collateral held by the plaintiff for purposes of holding the new shares, the plaintiff had forced sold the new shares and as a result of the force sale, the plaintiff incurred contra-losses of USD579,107.00 (not inclusive interest payable by the defendant). The defendant did not settle the contra-losses, the late payment charge and interest thereon.

The plaintiff claimed that the defendant took advantage of the unintentional increase of the trading limit caused by the glitch and had placed the said orders on his trading account which had thereafter resulted in losses.

The defendant contended that he is not liable for the contra-losses as he had “unintentionally” placed the said orders, he tried to cancel and/or stop the said orders by pressing the “Cancellation Button/Page” of the UTRADE System but was unable to do so; and the plaintiff ought to provide a share trading platform that is free from error, flaw, fault and/or defect.

The defendant counterclaimed against the plaintiff for alleged loss of USD579,110.76 and expenses of RM500,000.00 on the basis that, the plaintiff was negligent or failed to provide a share trading platform that was free from error, flaw, fault and/ or defect.

The first pertinent issue the Court had to deal with is whether the plaintiff’s terms and conditions of the Account Opening Form and the UTRADE platform are applicable to the defendant. Pursuant to the terms and conditions of Account Opening Form and UTRADE platform, the defendant is obliged to indemnify the plaintiff against all losses and expenses (and interest accrued thereon). If it applies, this will mean that the defendant is liable to indemnify the plaintiff for the losses and expenses incurred due to the execution of the said orders that were placed by the defendant, notwithstanding they were above his trading limit.

The Account Opening Form stated that the full terms and conditions of can be found in the plaintiff’s website. The High Court held that the terms and conditions of the Account Opening Form are applicable to the defendant as reasonable notice of the full terms and conditions of the Account Opening Form had been given before or at the time that the defendant signed the Account Opening Form and entered into a contract with the plaintiff. He could access the same by clicking on the hyperlink set out in the Account Opening Form. As such, the full terms and conditions of the Account Opening Form found in the plaintiff's website were incorporated into and formed part of the Account Opening Form and hence was binding upon the defendant.

As for the UTRADE terms and conditions, the terms and conditions for the UTRADE platform were agreed by the defendant before he could create his ID and password. Before logging into the UTRADE platform to carry out any share trading, there will be a statement that "by logging in to the UTRADE, you accept the Terms of use and agree to be bound by them". The defendant in fact had traded actively using the UTRADE platform and therefore bound by its terms and conditions of use regardless of whether he understood the terms or read them or not.

The High Court did not accept the defendant’s evidence that he had unintentionally and/ or erroneously placed the said orders beyond his trading limit. Evidence had shown the placement of an order is not something that can be done within a split second and in one click, the defendant placed the order at 3 different times in 3 different orders and transactions, and he had placed the order price higher than the last traded prices which demonstrated his intent to purchase the shares. Further, the 3^rd order was made after being notified by the plaintiff’s remisier about the glitch.

As for the defendant’s attempt to cancel the first 2 orders, the High Court found that it was not done expeditiously. Further, the terms and conditions of the UTRADE stated that any request to cancel an order is not guaranteed by the plaintiff. An order can only be cancelled if the cancellation requestion is received and effected before an order is matched/executed.

In respect of the defendant’s counterclaim, the High Court dismissed it with cost as, among others, the glitch did not cause the said orders to be made. The defendant took advantage of the glitch and caused such shares to be purchased. The High Court also found that the plaintiff did not breach the contractual terms of the Account Opening Form and the UTRADE platform, there was nothing in there to show that it imposed an obligation on the plaintiff to provide trading platform that is free from error, flaw, fault and/ or defect. There was also nothing to show that there any clauses that could be void for restraining legal proceedings under s. 29 of the Contracts Act 1950.

Anti Fake News Order by Singapore Government against a Malaysian Entity

In LFL Sdn Bhd v Kerajaan Malaysia & Another Case [2022] 3 CLJ 634, the plaintiff sought to challenge a correction direction issued against it by the Singapore Minister of Home Affairs under the Singapore Protection From Online Falsehoods and Manipulation Act 2019 (POFMA). POFMA was enacted to prevent the electronic communication in Singapore of false statements of fact, to suppress support for and counteract the effects of such communication, to safeguard against the use of online accounts for such communication and for information manipulation, to enable measures to be taken to enhance transparency of online political advertisements, and for related matters. It has extra-territorial effect whereby certain offences committed by a person outside of Singapore shall be dealt with as if it had been committed within Singapore.

The plaintiff had issued a press statement on their website regarding the method of execution of death penalty in Singapore. According to the plaintiff, the article was issued in the public interest because there are many Malaysian citizens facing the death penalty at Changi Prison in Singapore and their fair and just treatment is a matter of public concern in Malaysia. The POFMA office notified the plaintiff that, among others, the article contained false statement and the plaintiff shall comply with the correction direction failing which amount to an offence under s. 15 of POFMA. The plaintiff could nevertheless apply to the defendant to vary or cancel the correction direction.

Instead of challenging the correction direction in Singapore, the plaintiff sought to challenge the correction direction in Malaysia, and this resulted in Singapore Minister of Home Affairs and Malaysian Government filing applications to strike out the action.

The High Court allowed the applications and held that the Malaysian Court has no jurisdiction to adjudicate on the validity of the POFMA. The High Court noted that the courts in Malaysia have adopted the theory of ‘restricted’ sovereign immunity rather than absolute sovereign immunity.

Absolute immunity would mean that any proceedings against a foreign state are inadmissible unless that state expressly agrees to waive such immunity whereas, restrictive immunity would mean that the immunity is only available in respect of sovereign activities or governmental acts (acta jure imperil) and not acts of a commercial nature (acta jure gestionis).

The High Court held that Singapore is clothed with sovereign immunity from jurisdiction of the Malaysian Courts, and the act of the Defendant in issuing the correction direction pursuant to the provisions of the POFMA was an act undertaken by the authority of sovereign state of Singapore. This is clearly a governmental act (acta jure imperii) and therefore protected by sovereign immunity.

Singapore’s First Action against Unknown Persons on Cyberspace

In CLM v CLN and others [2022] SGHC 46, the plaintiff had commenced an action to trace and recover 109.83 Bitcoin (“BTC”) and 1497.54 Ethereum (“ETH”) (collectively, the “Stolen Cryptocurrency Assets”) that were allegedly misappropriated from him by unidentified persons (ie, the first defendants), a portion of which has been traced to digital wallets that were controlled by cryptocurrency exchanges with operations in Singapore (ie, the second and third defendants).

The Court granted the plaintiff an ex parte proprietary injunction against the first defendant from, among others, dealing with the Stolen Cryptocurrency Assets, and a worldwide freezing injunction. The Singapore High Court dealt with two (2) interesting and novel points of law.

First, can stolen cryptocurrency assets be the subject of a proprietary injunction?

Second, does the court have jurisdiction to grant interim orders against persons whose identities are presently unknown?

In respect of the first question, the Singapore High Court held that there is nothing in their Rules of Court (Cap 322, R5, 2014 Rev Ed) (“ROC”) that requires a defendant to be specifically named. O 2 r 1 of the ROC expressly provides that even if the commencement of proceedings against persons unknown contravenes the ROC, such a contravention is treated as a mere irregularity, and will not result in the nullification of proceedings unless the court exercises its discretion to order the same.

Like how our Court had relied on O. 89 of the Malaysian Rules of Court 2012, the Singapore High Court held that O. 81 of the ROC allows for a reference to persons unknown in summary proceedings for possession of land.

Hence, the Court held that it has the jurisdiction to grant interim orders against the first defendants, who are persons unknown.

Interestingly, the Singapore High Court referred to our High Court case of Zschimmer & Schwarz GmbH & Co KG Chemische Fabriken v Persons Unknown & Anor [2021] 7 MLJ 178 which had quoted my commentary in para [8.098] to [8.100] of my book “Foong's Malaysia Cyber, Electronic Evidence and Information Technology Law” regarding actions against persons unknown.

Further, the Singapore High Court held that the description of the first defendant must be sufficiently certain as to identify both those who are included and those who are not. In the present case, the plaintiff has sufficiently defined the first defendant as “any person or entity who carried out, participated in or assisted in the theft of the Plaintiff’s Cryptocurrency Assets on or around 8 January 2021, save for the provision of cryptocurrency hosting or trading facilities”.

In respect of the second question, the Singapore High Court held that there is a serious arguable case that the plaintiff has a proprietary interest. Cryptocurrencies are a form of property. The Singapore High Court held that the balance of convenience lay in favour of granting the proprietary injunction.

If it were not granted, there would be a real risk that the first defendants would dissipate the Stolen Cryptocurrency Assets, which would prevent the plaintiff from recovering those assets even if he successfully obtained a judgment in his favour. Conversely, even if the plaintiff’s case were later refuted, the first defendants would only suffer losses arising from their inability to deal with the Stolen Cryptocurrency Assets, which could be compensated by way of damages. For more details about the case, please click here.

Closing

In 2023, we can expect more interesting developments in the cyberlaw and IT sphere.

• The use of AI based software such as ChatGPT is steadily increasing and even made it mark in an Indian Court’s grounds of judgment. In Jaswinder Singh @ Jassi v State of Punjab and another (2023:PHHC:044541), the Court reproduced a result from a question regarding jurisprudence on bail for assault with cruelty. The Court said that the reference to ChatGPT is only intended to present a broader picture on bail jurisprudence, where cruelty is a factor.

However, the use of ChatGPT by a lawyer in the United States caused trouble to himself and his law firm. In Mata v. Avianca, Inc. (1:22-cv-01461), a lawyer presented cases provided by ChatGPT which are not in existence to the District Court of New York. This resulted in a show cause notice being issued to him. He and his firm were later fined US$5,000 (RM22,935).

• Stalking is finally criminalised in Malaysia. Beginning 31 May 2023, under s. 507A of the Penal Code, whoever repeatedly by any act of harassment, intending to cause, or knowing or ought to know that the act is likely to cause, distress, fear or alarm to any person of the person's safety, commits an offence of stalking, and is liable to imprisonment for a term which may extend to three years or with fine or with both. Such act of harassment includes communicating or attempting to communicate with a person in any manner or by any means. Electronic communications such as instant messages and emails would fall under this category.
• Messaging service provider, Telegram’s alleged refusal to engage with the Ministry of Communications and Digital over several complaints of pornography and sale of drugs on the platform raised the issue of what the Ministry can do against Telegram. I commented that the Government has the power to block access to a platform through s. 263 of the Communications and Multimedia Act 1998. However, our laws are not adequate enough to deal with online harm. Singapore has already introduced numerous provisions to deal with online harm and this includes, the POFMA, Protection From Harassment Act (POHA) and the upcoming Online Criminal Harms Bill.

Our statutory provisions governing cyberlaws are outdated. We cannot rely on ss. 211, 233 and 263 of the Communications and Multimedia Act 1998 and the Penal Code to deal with cyber offences. The punishments provided by these statutes are usually fine and/or imprisonment.

The use of these provisions is sometimes akin to killing a fly with a sledgehammer. Cyber offences or those involved in the same may be dealt with through other means, such as, issuance of enforcement notice, imposing financial additional obligations or sanctions, and throttling of access to platforms.