Art. 39.3 of the Law on Public Procurement provides that with regard to purchase of periodicals on electronic carriers as well as purchase of information provision services by international and (or) foreign information organizations can be carried out through single source method whereby the government decides on the supplier not through a tender process but an ad hoc decision. This is allowed to take place when a tender fails to lead to the conclusion of a public procurement contract. The decisions on single-sourcing are reported to be not transparent nor competitive and to provide opportunities for corruption practices where only the companies known to the contracting authorities will be the successful ones.

It is reported that there are difficulties in practice to apply to public tenders, for example due to the structure of Kazakhstan's e-procurement system. Moreover, there seems to be a general push to support local suppliers through public purchases. It is also reported that the requirement of a digital signature certificate for foreign bidders negatively affects the principle of open eligibility.

According to Art. 7.6 of the Informatization Law, the central executive body carrying out state regulation in the field of electronic industry orders the creation of a unified register of trusted software and electronic products. According to Art. 54.3.1, for the purposes of state security, only such approved software may be used for public procurement, as well as for critical objects of information and communication infrastructure, both state or private and including the telecommunication infrastructure.

According to Art. 7.6 of the Informatization Law, the central executive body carrying out state regulation in the field of electronic industry orders the creation of a unified register of trusted software and electronic products. According to Art. 54.3.1, for the purposes of state security, only such approved software may be used for public procurement, as well as for critical objects of state and private information and communication infrastructures, including telecommunication infrastructures. To become part of the register, the software applicant must transfer: (i) source program codes for accounting and storage; (ii) source program codes (if any) and; (iii) a set of configurations for the licensed software of "e-government" information technology objects, as stated paragraphs 10, 11, 12 and 13 of the Order of the Minister of Defense and Aerospace Industry of the Republic of Kazakhstan No. 53/НК (Rules for the formation and maintenance of a register of trusted products of the electronics and software industry, as well as the criteria for including products of the electronics industry and trusted software in the register of trusted products of the electronics and software industry).

Kazakhstan is a signatory of the World Trade Organization (WTO) Information Technology Agreement (ITA) of 1996, but is not a signatory of its 2015 expansion (ITA II).

India has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

India has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

The Consumer Protection (E-Commerce) Rules, 2020 provides a comprehensive framework for consumer protection that also applies to online transactions. The Rules introduced in 2020 established several requirements such as displaying requirements for the name and details of sellers, details of returns, refunds, exchange, warranty, and guarantee. In addition, requires sellers on the platform to provide an undertaking affirming the accuracy of descriptions, images, and other content of the goods or services on the platform, including that they correspond directly with the appearance, nature, quality, and purpose.

India has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

According to Art. 2 of the Processing and Settlement of Export-related receipts facilitated by Online Payment Gateways from 2011, the Reserve Bank of India restricts export-related payments for goods and services through online payment gateways. It is reported that PayPal had to limit payments for export-related payments above 500 USD. From July 2013, this limit has been increased to USD 10,000.

In addition, according to Section 2 of the Storage of Payment System Data Directive, all payment data held by payment companies should be held in local facilities. Furthermore, according to section 5 of the directive, data must be stored only in India after processing and should be deleted from systems abroad and brought back to India no later than 24 hours after processing. Any subsequent activity such as settlement processing after payment processing done outside India, must be undertaken on a real-time basis pursuant to which the data must be stored only in India. However, The RBI has clarified that banks, especially foreign banks, can continue to store banking data abroad but in respect to domestic payment transactions, the data must be stored only in India.

Following a negative response from international payment companies such as MasterCard, Visa, and American Express, the RBI has proposed (in "Frequently Asked Questions" of its website) to ease this restriction, so as to allow payment firms to store data offshore, as long as a copy was kept in India. The RBI has further clarified that for cross-border transaction data consisting of a foreign component and a domestic component, a copy of the domestic component may be stored abroad if required.

It is reported that the de minimis threshold, that is the minimum value of goods below which customs do not charge duties, is USD 4, below the 200 USD threshold recommended by the International Chamber of Commerce (ICC).

According to Section 2 of the Companies Act of 2013, foreign companies relating to B2B, B2C e-commerce, data interchange and other digital supply transactions, web-based marketing, database services, online services such as telemarketing, telecommuting, telemedicine, education and information research and all related data communication services, even when not incorporated in India, should register in India when they are engaged in business in the country.

According to the Consolidated FDI Policy Circular of 2016 and 2017, India permits up to 100 percent Foreign Direct Investment (FDI) in business-to-business (“marketplace-based”) electronic commerce, i.e. "providing an information technology platform by an e-commerce entity on a digital & electronic network to act as a facilitator between buyer and seller." However, India prohibits foreign investment in business-to-consumer (or “inventory-based”) electronic commerce, also defined as "e-commerce activity where the inventory of goods and services is owned by e-commerce entity and is sold to the consumers directly".
When a marketplace e-commerce entity exercises ownership or control over the inventory, the business is categorized into the inventory-based model. Additionally, India implemented regulations that expressly prohibit subsidiaries of foreign-owned marketplace-based electronic commerce sites from selling products on their parent companies’ sites. The rules also prohibit exclusivity arrangements by which electronic commerce retailers can offer a product on an exclusive basis.
The only exceptions for FDI in inventory-based electronic commerce are for food-product retailing and single-brand retailers that meet certain conditions, including the operation of physical stores in India. According to the Consolidated FDI Policy Circular of 2020, retail trading through e-commerce can also be undertaken before opening physical stores, subject to the entity opening physical stores within two years from the start of online retail. Overall, it is reported that these narrow exceptions limit the ability of many electronic commerce service suppliers to serve the Indian market.

According to Section 84A of the Information Technology Act, the Government may, for secure use of the electronic medium and for promotion of e-governance and e-commerce, prescribe the modes or methods for encryption. However, no rules have been introduced under this section.