Feedback to SSRN (Beta)
What type of feedback would you like to send?
Abstract: Electronic Contracting - understood broadly to include both the Internet downloading of free or purchased software and the use of rolling contracts (shrink-wrap or terms in the box) in the sale of computers or the lease of software - has raised problems, based in part on the novelty of the transactional forms, and in part on the now-standard issue of unread terms in standardized contracts. This article, part of a conference relating to the legal regulation of new property and new technologies, offers an overview of the distinctly different approaches to Electronic Contracting of the U.S. and the European Union. The American legal system has tried, at times awkwardly, to fit the new transactions into existing doctrinal categories, leaving protection of consumers primarily to market mechanisms. The E.U. has responded through significant governmental intervention, at least for consumer contracts: expressing requiring some terms in consumer transactions, while prohibiting many others.
contract law, european union law, rolling contracts, unfair contract terms directive, distance selling directive, shrink wrap, browse wrap, UCITA
Abstract: This article examines the role of law reform in promoting the development of technical standards for the authentication of parties engaged in Internet commerce. Law reforms intended to improve the security of Internet commerce can only succeed if they address business, technical and legal issues simultaneously. The EU has used commercial law reform and formal standard development to coordinate work on authentication standards, while the US has allowed the market to determine what type of authentication technology is appropriate and has left the development of standards to private consortia. While the EU approach may solve collective action problems more effectively, the US approach may discover end user requirements and may allow business judgments about risk to inform the law more effectively. Neither approach has yet resolved the authentication problems facing businesses engaged in online commerce.
electronic commerce, Internet commerce, authentication, digital signature, public key infrastructure, electronic signature, identity management, commercial law, New Approach, internal market, regulatory competition, regulatory effectiveness, network effects, network externalities, collective action
Abstract: This article analyzes legislation recently enacted in China to promote the use of electronic commerce among Chinese businesses. It reviews the terms of regulations to promote the use of accounting software by Chinese firms, the electronic commerce enabling provisions of the 1999 Contract Law and the 2004 Electronic Signature Law in light of their relationship to China's economic development goals and their impact on Chinese businesses. It contrasts the success of the accounting software regulations with the limited impact of the Contract Law provisions and the dim prospects for the Electronic Signature Law. While law reform generally may be of limited use as a policy instrument to promote the use of electronic commerce technologies by Chinese businesses as long as the transition to a market economy remains incomplete, these case studies suggest that law reform based on an accurate understanding of the conditions Chinese businesses face has a better chance of success than legislation based on foreign models which in turn were based on conditions in developed market economies which differ significantly from those in China's transition economy.
electronic commerce, Internet, authentication, digital signature, electronic signature, identity management, standard development, Electronic Signature Law, Electronic Signature Directive, UNCITRAL, People's Republic of China
Abstract: Network effects created by the use of electronic commerce technologies may put pressure on the community of the Muslim faithful to assimilate into global markets that do not comply with the requirements of Islamic law. At the same time, however, they hold the promise of greater access to global markets constituted in a manner that comports with Islamic law. There are significant structural differences in commercial transactions conducted in conformity with Islamic law and those conducted according to Western secular norms. As a result, the automation of Islamic commercial transactions will require the development and implementation of significantly different technical standards. Many Muslim countries now have low penetration rates for electronic commerce technologies, and the development of technical standards to support automated transaction processing in a manner that conforms to Islamic law does not appear to be a policy priority in those countries. If such standards are developed, then strategy and relative bargaining power will determine whether secular Western organizations wishing to trade with Islamic organizations are required to implement both Western and Islamic technologies in order to gain access to markets in Islamic nations, or organizations in Islamic nations are required to implement both in order to gain access to global markets.
Islamic law, network effect, electronic commerce, fiqh, standard setting
Abstract: Contract law provides a framework within which economic relationships can be established and administered, while electronic commerce (e-commerce) provides tools for reducing the costs of those activities. Application of traditional contract law concepts to e-commerce may result in uncertainty which may diminish the efficiency gains from technological innovation. This paper looks at the impact of e-commerce on the governance structures of commercial relationships generally, and in three specific major areas of commercial activity that have been most affected by e-commerce in recent decades. With regard to business-to-consumer electronic commerce and issues related to the security of e-commerce (including electronic signatures), "liberal market economies" (LME) such as the US have treated the growth of e-commerce as an opportunity for further deregulation of markets, while "coordinated market economies" (CME) including most EU members have responded with significant new regulations. By contrast, both LMEs and CMEs have allowed market forces to determine the direction of business-to-business e-commerce developments.
electronic commerce, business-to-business, business-to-consumer, electronic signature
Abstract: Two important features of European integration have been a deepening commitment to in-formation privacy as a fundamental human right, and the successful integration of technical standards into the regulatory framework to support the growth of the internal market. This paper will explore the costs and benefits of trying to integrate technical standards into European data protection laws as a possible strategy to enhance compliance and enforcement efforts. Adapting the successful "New Approach" model for harmonizing industrial standards to the dynamic and volatile ICT markets will be difficult, however. While product standards are commonly used to achieve social regulation goals, it is unclear whether ICT standards can be used in a similar manner. Accepting the discipline imposed by "better regulation" principles, and adopting new perspectives on the legitimacy of regulatory bodies, might increase the chances that ICT standards can be harmonized with data protection laws, which in turn might increase the practical impact of those laws.
data protection, privacy, information privacy, technical standards, ICT standards, technical barriers to trade, electronic signatures, tandardizaiton, standardisation, standard setting, standard developing
Abstract: The question of what constitutes "spyware" is controversial because many programs that are adware in the eyes of their distributors may be perceived as spyware in the eyes of the end user. Many of these programs are loaded on the computers of end users after the end user has agreed to the terms of a license presented in a click-through interface. This paper analyzes whether it might be possible to reduce the volume of unwanted software loaded on end users' computers by applying contract law doctrine more strictly. Unwanted programs are often bundled with programs that the end user wants, but the disclosure that additional programs will be downloaded is usually buried deeply within dense form contracts. Even though this makes it difficult for end users to recognize that they are agreeing to have multiple programs installed at once and that some of those programs may be objectionable, US courts are unlikely to invalidate those disclosures. This is because in business to consumer online contracting cases in the US, courts have tended to be very deferential to the intentions of the merchants in designing the contract interfaces. In the EU, by contrast, such conduct by software distributors would not be binding on consumers. Under unfair contract terms laws in place in EU member states, consumer objections to bundled software could not be overridden by terms hidden in standard form contracts.
contract, spyware, unfair contract terms, software, malware, shrinkwrap, clickwrap, browsewrap
Abstract: Standard developing organizations (SDOs) can help unify uncoordinated economic activities and conflicting business interests by supporting the growth of viable systems of self-regulation. This paper considers three organizations that have successfully combined the roles of SDO and self-regulatory organization: the National Automated Clearing House Association (NACHA), which manages an electronic funds transfer network; the Electronic Benefits and Services Council (EBSC), which manages a system for clearing electronic food stamps; and the Federation for Identity and Cross-Credentialing Systems (FIXs), which manages a system for authenticating government employees and contractors entering defense facilities. The operation of each organization is examined in light of criteria for effective self-regulation, and of market adoption rates for the standards each organization produces. The paper shows how differences in market conditions and the maturity of the technologies being standardized have resulted in varying degrees of success among the three organizations.
Standard Developing Organization, Self-Regulation, Standard Setting Organization, Electronic Commerce, Electronic Payments, Authentication
Abstract: National consumer protection laws, some of which date back to the 19th century and many of which date back to the 1960s and 1970s, often fail to address any of the new problems facing consumers as a result of rapid technological innovation and the rapid expansion of ICT product markets. In order to meet these challenges, new consumer protection laws that differ not merely in substance but in form may be required. One such new form might result from the formal, explicit harmonization of ICT standards developed by private parties responding to global market forces with national consumer protection laws. The conflict of interests between copyright owners in using "digital rights management" or "technical protection measures" to prevent unauthorized copying by end users and the interest of consumers in enjoying the full benefits of limitations on the rights of copyright owners (such as "fair use" under US copyright laws) is one area where such a new form of consumer protection law might be introduced. An analysis of the 2006 French law "Loi sur le Droit d'Auteur et les Droits Voisins dans la Societe de l'Information" (DADVSI) suggests what the costs and benefits of such an approach might be.
consumer protection, standards, digital rights management, technical protection members, ICT
Abstract: The emergence of a global information architecture has fueled regulatory competition among nations and regions to set information and communication technology (ICT) standards. Such regulatory competition can be thought of as a two level game: level one is competition to set ICT standards within a nation or region; level two is competition to set the global ICT standards with reference to local standards. The United States and the European Union are global leaders in setting ICT standards, and compete to set global ICT standards based on different local regulatory cultures: the U.S. is a “liberal market economy” (LME) within which informal standard developing processes are perceived as legitimate, while formal standard developing processes are perceived as legitimate within the “coordinated market economies” (CME) that tend to dominate EU regulation. In recent decades, informal ICT standard setting organizations (SDOs) known as consortia, which are more narrowly focused and less transparent than traditional SDOs have emerged in the U.S. and have come to dominate global ICT regulatory competition. Standards for Radio Frequency Identifiers (RFID) provide an example that illustrates this trend. EU regulators now are considering what changes may be needed in the EU system of harmonizing standards and EU regulation in order to reverse this trend. If EU regulators succeed in engaging with selected ICT standards consortia, this might permit CME regulation to prevail over LME regulation in competition to set global ICT standards.
information and communication technologies, regulatory competition, standard developing organization
Abstract: In 2007, France created the Regulatory Authority for Technical Measures (l’Autorité de Régulation des Mesures Techniques or ARMT), an independent regulatory agency charged with promoting the interoperability of digital media distributed subject to "technical protection measures" (TPM) (also known as "digital rights management" technologies (DRM)), and used by French consumers. ARMT was established in part to rectify what French lawmakers perceived as an imbalance in the rights of copyright owners and end users created when the European Copyright Directive ("EUCD") was transposed into French law as the "Loi sur le Droit d’Auteur et les Droits Voisins dans la Société de l’Information" (DADVSI). ARMT is both a traditional independent regulatory agency and a novel attempt to develop a new governance structure at the national level to address global information economy challenges. The fear that other national governments might follow suit seems to have helped to cool enthusiasm for TPM among some businesses. This paper notes parallels between the limitations imposed on ARMT and those imposed on the first modern independent regulatory agencies that emerged in the United States in the late 19th and early 20th centuries. Using that history as a guide, it is not surprising that the ARMT’s exercise of authority has been limited during its early years; it remains possible that ARMT may become a model for legislation in other countries. It took decades before the first American independent regulatory agencies exercised real authority, and their legitimacy was not established beyond question until Roosevelt’s "New Deal." Even though information society institutions now evolve at a faster pace, national governments are sure to require more time to develop effective, legitimate ways to insure that global information and communication technology (ICT) standards conform to their national social policies.
Abstract: Security breach notification laws (SBNLs) have clearly succeeded in bringing the issue of inadequate information security to the attention of American consumers, but it is not clear whether have succeeded in creating stronger incentives for American businesses to invest in better security for databases of sensitive personal information. This paper reviews the development of new governance approaches to regulation, including “responsive regulation,” “smart regulation” and “better regulation” and then applies new governance criteria to SBNLs to show why they are unlikely to have much impact on the information security policies of many American businesses. This paper reviews the practical problems that any business faces when trying to secure large quantities of sensitive personal information, and outlines what a “better regulation” approach to information security regulation targeting sensitive personal information might include.
Abstract: The US has taken a sectoral approach to information privacy law, resulting in a patchwork of different information privacy rights that vary widely in their scope and strength, and lacks either a general right of data protection or special protections for a defined category of sensitive data. A sectoral approach to information security law is now emerging in the US, and it is producing a patchwork of different duties to protect the security of certain types of personal information. When US information privacy law and information security law are considered together, what appears to be emerging is a de facto category of sensitive data, namely personal information that is subject to stringent information security requirements. Unlike the de jure concept of sensitive data defined by EU law which is intended to block the collection, processing or transfer of certain categories of personal information in order to guarantee fundamental dignitary interests, the new US duty to secure sensitive information represents a minor modification of the current practice of treating personal financial information as a commodity.
privacy, data protection, information security, sensitive data, information privacy
© 2009 Social Science Electronic Publishing, Inc. All Rights Reserved. Terms of Use Privacy Policy This page was served by apollo 2 in 0.140 seconds.
