Legal Risks of E-Commerce in Light of Reliance on Artificial Applications: Analytical Study
DOI:
https://doi.org/10.35246/h5hqvn79Keywords:
Electronic Commercial Law, Legal Liability of Artificial Intelligence, E-Consumer Protection, Legal Compliance in E-Commerce, Digital Risk Governance, Electronic Contracts and TransactionsAbstract
AI has become central to e-commerce, becoming the source of essential functions such as dynamic pricing and product ranking, fraud detection, and customer support. However, this deep integration introduces systemic legal risks that challenge traditional commercial law frameworks. This study looks at these complexities, which include data protection, deceptive design, bias in the algorithms, and product safety in the light of EU law, US enforcement, and the NIST AI Risk Management Framework. The study claims that harms associated with AI must cease to be perceived as singular technical malfunctions, but as a set of threats to consumer freedom, market justice, and contractual reliability. Among the main challenges to note are the jurisdictional complexity, the asymmetry of evidence, and the high lifecycle governance standards as required by the EU AI Act (European Union, 2024; Yaşar, 2024).To avoid these risks, the article recommends proportionate governance to technological avoidance. The most important compliance controls are AI inventories, data mapping, pre- and post-deployment testing, vendor audit rights and human escalation pathways .The identification with the Personal Data Protection Law (PDPL), SDAIA regulations, and the Saudi E-Commerce Law are crucial in the broader Saudi context. Placing local needs in the context of global best practices, platforms can help reduce the litigation risk and increase consumer confidence, which directly supports the digital transformation objectives of Saudi Vision 2030 (European Union, 2024; Saudi Data & Artificial Intelligence Authority [SDAIA], 2023).
Downloads
References
. Directive (EU) 2022/2555 of the European Parliament and of the Council of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive).
II. Directive (EU) 2024/2853 of the European Parliament and of the Council of 13 June 2024 on liability for defective products and repealing Council Directive 85/374/EEC (Product Liability Directive).
III. European Data Protection Board. (2023). Guidelines 03/2022 on deceptive design patterns in social media platform interfaces: How to recognize and avoid them (Version 2.0).
IV. European Union Agency for Cybersecurity. (2023). ENISA threat landscape for artificial intelligence.
V. Federal Trade Commission. (2023). Privacy and data security update.
VI. Future of Privacy Forum. (2022). A guide to understanding automated decision-making and profiling under the GDPR.
VII. Kingdom of Saudi Arabia, Ministry of Commerce. (2019). E-Commerce Law and Implementing Regulations.
VIII. National Institute of Standards and Technology. (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0) (NIST AI 100-1).
IX. Organization for Economic Co-operation and Development. (2025). Intellectual property issues in artificial intelligence trained on scraped data. OECD Artificial Intelligence Papers.
X. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).
XI. Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market for Digital Services and amending Directive 2000/31/EC (Digital Services Act).
XII. Regulation (EU) 2023/988 of the European Parliament and of the Council of 10 May 2023 on general product safety, amending Regulation (EU) No 1025/2012 and repealing Directive 2001/95/EC and Council Directive 87/357/EEC (General Product Safety Regulation).
XIII. Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) No 300/2008, (EU) No 167/2013, (EU) No 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act).
XIV. Saudi Data & Artificial Intelligence Authority (SDAIA). (2023). Implementing Regulations of the Personal Data Protection Law (PDPL).
XV. Saudi Data & Artificial Intelligence Authority (SDAIA). (2024). Regulations on the transfer of personal data outside the Kingdom and enforcement guidance under the PDPL.
XVI. US Copyright Office. (2023). Copyright registration guidance: Works containing AI-generated material.
XVII. United Nations Conference on Trade and Development. (2024). Digital Economy Report 2024: AI, platforms and consumer protection in cross-border e-commerce.
XVIII. Yaşar, H. (2024). The EU Artificial Intelligence Act and its implications for consumer-facing platforms. European Journal of Consumer and Market Law, 13(2), 101–120.
XIX. European Commission. (2024). Guidance on the application of EU consumer and marketing law to dark patterns and personalized interfaces in e-commerce.
XX. DLA Piper. (2024). Data protection laws in Saudi Arabia: Overview of the Personal Data Protection Law and enforcement roadmap. In the Data Protection Laws of the World (Saudi Arabia chapter).
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright and Licensing:
For all articles published in Journal of Legal Sciences, copyright is retained by the authors. Articles are licensed under an open access Creative Commons CC BY 4.0 license, meaning that anyone may download and read the paper for free. In addition, the article may be reused and quoted provided that the original published version is cited. These conditions allow for maximum use and exposure of the work.
Reproducing Published Material from other Publishers: It is absolutely essential that authors obtain permission to reproduce any published material (figures, schemes, tables or any extract of a text) which does not fall into the public domain, or for which they do not hold the copyright. Permission should be requested by the authors from the copyrightholder (usually the Publisher, please refer to the imprint of the individual publications to identify the copyrightholder).
Permission is required for: Your own works published by other Publishers and for which you did not retain copyright.
Substantial extracts from anyones' works or a series of works.
Use of Tables, Graphs, Charts, Schemes and Artworks if they are unaltered or slightly modified.
Photographs for which you do not hold copyright.
Permission is not required for: Reconstruction of your own table with data already published elsewhere. Please notice that in this case you must cite the source of the data in the form of either "Data from..." or "Adapted from...".
Reasonably short quotes are considered fair use and therefore do not require permission.
Graphs, Charts, Schemes and Artworks that are completely redrawn by the authors and significantly changed beyond recognition do not require permission.
Obtaining Permission
In order to avoid unnecessary delays in the publication process, you should start obtaining permissions as early as possible. If in any doubt about the copyright, apply for permission. Journal of Legal Sciences cannot publish material from other publications without permission.
The copyright holder may give you instructions on the form of acknowledgement to be followed; otherwise follow the style: "Reproduced with permission from [author], [book/journal title]; published by [publisher], [year].' at the end of the caption of the Table, Figure or Scheme.
