The Emperor\u27s New Clothes: The Shocking Truth About Digital Signatures and Internet Commerce

This Article critiques a specific set of assumptions about specific application of digital signature technology: that contracts will be formed over the Internet among parties with no prior relationships through reliance on digital signature certificates issued by trusted third parties to establish the identity of the parties. This application for digital signature technology was once seen as both its most ambitious and most promising application because, for parties with no prior knowledge of each other, there is not yet a reliable system of online identities in Internet commerce. Parties with an ongoing commercial relationship can absorb the cost of offline communications such as faxes, telephone calls or face-to-face meetings to negotiate and execute an agreement governing the setting up of a reliable system for online authentication of parties to wholly electronic transactions. Parties that want to rely exclusively on online communications to create the framework for contracting as well as to enter into contracts, however, face a problem of infinite regress: how can the online communications that set up the system for confirming online identities itself be authenticated with nothing more to rely on than online communications? Many supporters of digital signatures believed legislation was essential to cut through this Gordian Knot. Legislation could authorize parties unable to use a prior relationship or offline communications to confirm the validity of online identities to rely on digital signature certificates instead. Much legislation regulating the use of digital signatures is based on an unstated premise: liabilities must be imposed by law because private agreements will not be adequate to the task of regulating this technology. This Article will summarize the original consensus regarding the role of digital signatures in electronic commerce, explain why that consensus was mistaken on many points, describe commercial applications of digital signatures that are gaining market share today and contrast them with the original consensus, and consider the implications of a major misperception of market trends for the future of electronic commerce legislation. A brief description of digital signatures and public key infrastructure is included in the appendix to this article

Emerging Issues in Electronic Contracting, Technical Standards and Law Reform

The explosive growth of electronic commerce transactions in recent years has added fuel to efforts to harmonize international commercial law. Organizations such as the International Institute for the Unification of Private Law (UNIDROIT), the United Nations Commission on International Trade Law (UNCITRAL) and the Hague Conference on Private International Law are all participating in an emerging global debate concerning the changes that should be made to the form or substance of international commercial law to accommodate innovation in the technology of international trade. Many of the important legal issues raised by cross-border electronic commerce in the 1970s and 1980s have already been successfully addressed by law reform at the national level and by the work of international organizations undertaken in the 1990s. The scope of electronic commerce at that time was narrowly confined to electronic funds transfers or the exchange of data messages, and networked computer systems were massive, complex and highly secure systems. Reforms targeted at this type of electronic commerce included establishing new bodies of private law and government regulation to manage the financial risks created by electronic financial services, and the removal of barriers to the use of electronic media in commercial contracts and communications. But innovation in electronic commerce proceeds at breakneck pace, and it is unclear whether the commercial law reforms of the 1990s will be adequate to promote the rational and orderly development of global markets in the future. It is possible that changes now taking place in the electronic contracting technologies may significantly change the terms of this debate. This is because new, more powerful technologies now under development are intended to convert a considerable range of business customs and practice today performed by people into formal algorithms executed by computers. These technologies are being developed to take advantage of the great advances the Internet has made over old-style electronic commerce technologies: global reach, low barriers to entry, intuitive interfaces, and ubiquitous presence. If such new electronic contracting technologies come into widespread use, then the norms embodied in them may come to have the power to control commercial conduct in a manner normally reserved for law. Efforts to reform international commercial law may need to include mechanisms to ensure that should such economic power arise, it would be exercised in a fair manner

Globalization and Standards: The Logic of Two-Level Game

The emergence of a global information architecture has fueled regulatory competition among nations and regions to set information and communication technology (“ICT”) standards. Such regulatory competition can be thought of as a two level game: level one is competition to set ICT standards within a nation or region; level two is competition to set the global ICT standards with reference to local standards. The United States and the European Union are global leaders in setting ICT standards, and compete to set global ICT standards based on different local regulatory cultures: the U.S. is a “liberal market economy” (“LME”) within which informal standard developing processes are perceived as legitimate, while formal standard developing processes are perceived as legitimate within the “coordinated market economies” (“CME”) that tend to dominate EU regulation. In recent decades, informal ICT standard setting organizations (“SDOs”) known as consortia, which are more narrowly focused and less transparent than traditional SDOs have emerged in the U.S. and have come to dominate global ICT regulatory competition. Standards for Radio Frequency Identifiers (“RFID”) provide an example that illustrates this trend. EU regulators now are considering what changes may be needed in the EU system of harmonizing standards and EU regulation in order to reverse this trend. If EU regulators succeed in engaging with selected ICT standards consortia, this might permit CME regulation to prevail over LME regulation in competition to set global ICT standards

Crafting a License to Know from a Privilege to Access

Recognizing a defense to a claim of trespass in Internet cases based on a finding of constructive consent provides a doctrinal basis for privileging some forms of access while acknowledging a right to exclude certain other forms of access. Focusing attention on the public character of the Internet and assigning a clear legal significance to the equipment owner\u27s deliberate choice to participate in that arena provide a more secure legal foundation for such a privilege to access than the functional impairment standard offered by the California Supreme Court. The contours of such a doctrine of constructive consent to Internet access are suggested by the terms of the license eBay offered to Bidder\u27s Edge as discussed below-access by individual Internet users or its functional equivalent. This Article suggests that a defense based on constructive consent can complement the limitation imposed by the California Supreme Court to further limit the scope of trespass doctrine in Internet arenas, increase the predictability of the doctrine\u27s application in new disputes, and help to protect important public interests in free and open access to Internet resources

Making XML Pay: Revising Existing Electronic Payments Law to Accommodate Innovation

Many businesses today are rushing to embrace e-Business technologies in a mad scramble to remain competitive. Only a few years ago, simply using email instead of faxes or phone calls, converting a purchasing system to EDI technology, or building a corporate Web site might have seemed like important advances in the use of new information technologies. Businesses are now moving beyond such electronic commerce technologies and trying to integrate their disparate information systems and business processes into a comprehensive new e-Business structure. At the heart of this new model for business organization is the idea that information and resources should be able to flow to where they are most needed at a moment\u27s notice. Such fluidity in access and control over information and resources is very difficult to achieve in traditional hierarchical corporate organizations. By adopting new technologies, including XML, businesses can set up a more flexible, decentralized form of organization that can be more nimble in recognizing and responding to changing market conditions. The assimilation of these and other electronic commerce technologies into established businesses permits those businesses to provide goods and services to existing customers more efficiently. For example, General Electric, one of the world\u27s largest diversified manufacturing companies, has used electronic commerce technologies to reduce the amount of time required to process purchase orders and to reduce the cost paid for materials by using a secure Internet site to link customers and suppliers to manufacturing resource planning software. Efficiencies of this type are generally referred to as a function of supply chain reengineering when they take place in traditional manufacturing industries between purchasers and vendors, or value chain reengineering when the same type of efficiencies are sought more generally throughout more diverse types of organization and industries. eXtensible Markup Language (XML) is a new standard that governs the way information is organized and exchanged. Use of the XML standard in organizing the information businesses need to conduct business would permit greater use of electronic searching technologies to identify potential trading partners, greater use of automated processes in negotiating the terms of transactions, and greater automation in tracking the execution and fulfillment of transactions after deals are struck. A major stumbling block on the path to realizing the e-Business model is the difficulty most businesses face when trying to integrate electronic payment processes into other business processes. Financial transactions normally need to be controlled with more rigorous security procedures than other transactions. Financial markets were early adopters of electronic communications technologies, and as a result have a huge installed base of older technologies that are very reliable and stable. These legacy computer systems, however, integrate poorly with newer Internet based systems developed for other business processes. As a result, most businesses in the United States still rely heavily on paper checks as their primary payment device, even for transactions entered into electronically. The adoption of XML standards by retail merchants and financial service providers will create new risks and opportunities for consumers using electronic funds transfers. In consumer markets, one challenge posed by the adoption of new technologies such as XML is designing appropriate human-computer interfaces rather than achieving interoperability among existing computer systems. In addition, new technologies will facilitate greater reliance by consumers on new automated contracting processes such as electronic agent software. Unlike the law that governs business-to-business electronic funds transfers, the law and regulations governing consumer electronic funds transfers often reflect anachronistic models of technology and consumer protection. Since the mid-1990s, federal regulations governing consumer electronic funds transfers have been under review and are in the process of being updated. It is possible that even very recent revisions may soon appear anachronistic in light of the rapid pace of innovation in business processes. Regulators should not focus on preserving the form of existing consumer protection regulations, but on advancing their underlying objective of consumer empowerment in new environments. The development of new user interfaces for payments products should include information that helps consumers understand the functional differences between different forms of electronic payments, and the different risks that may be associated with each. Consumers, consumer advocates, and regulators will need to contribute to the standard-setting processes to make sure that the concerns and preferences of consumers are reflected in standards that gain widespread acceptance

Social Networks and Electronic Commerce in China

Communication technologies that make up the emerging global information infrastructure have the power to regulate online behavior. Social networks in Chinese society have survived the growth of formal legal institutions and liberalization of China\u27s economy, but it is not clear whether they can survive the regulatory pressures created by global information technology networks. The spread of electronic commerce technologies in China may strengthen legal institutions and open local markets to international competition, but is likely to be resisted by all the same interests that resist those changes in other contexts. The Chinese response to the spread of electronic commerce might take several forms: assimiliation; marginalization; or localization of new forms of commercial activity that rely on new technologies

Contracting Spyware by Contract

The question of what constitutes spyware is controversial because many programs that are adware in the eyes of their distributors may be perceived as spyware in the eyes of the end user. Many of these programs are loaded on the computers of end users after the end user has agreed to the terms of a license presented in a click-through interface. This paper analyzes whether it might be possible to reduce the volume of unwanted software loaded on end users\u27 computers by applying contract law doctrine more strictly. Unwanted programs are often bundled with programs that the end user wants, but the disclosure that additional programs will be downloaded is usually buried deeply within dense form contracts. Even though this makes it difficult for end users to recognize that they are agreeing to have multiple programs installed at once and that some of those programs may be objectionable, US courts are unlikely to invalidate those disclosures. This is because in business to consumer online contracting cases in the US, courts have tended to be very deferential to the intentions of the merchants in designing the contract interfaces. In the EU, by contrast, such conduct by software distributors would not be binding on consumers. Under unfair contract terms laws in place in EU member states, consumer objections to bundled software could not be overridden by terms hidden in standard form contracts