Contents  

 

Attempts to create consumer confidence

A European Initiative on Electronic Commerce  

Building trust and confidence  

Ensuring full access to the single market  

Brussels and Rome Convention

Electronic Commerce Directive  

The Country of origin principle  

Establishment and information requirements  

Commercial Communications  

Electronic Contracts  

Commenting Electronic Commerce Directive  

Draft Brussels and Rome II Regulations

Protecting online privacy  

Directive 95/46/EC on the protection of Personal data  

Transfer of personal data to third countries  

Criticising Data Privacy Directive  

Contracting on distance 

Directive on Distance Selling: Impact on E-Commerce  

Provision of Information  

Right of Withdrawal  

Security of payment  

Digital Signatures Integrity  

Electronic Signatures Directive  

Validity of electronic signatures  

Certification infrastructure  

Weaknesses of the EU legal approach and implementation  

The EU Model: a blueprint for the rest of the world  

Conclusion  

Bibliography  

 

 

Attempts to create consumer confidence

The Internet challenges and displaces traditional forms of communication. Information technology through World Wide Web provides and facilitates instant access to a broader international level than was ever before possible or even imagined. The Internet provides novel ways of communication and doing business as it generates the ability for information to be made available simultaneously and instantaneously around the world.[1] It is a generic argument that Internet technology affected the global trade of goods and services in undeniable ways as an increasing amount of these transactions occurs online. [2] Internet technology makes it feasible for e-tailers to reach a large number of prospect clients-consumers throughout the world at the same time and provide them with individual information. The consequences from a technological and also cultural and economic viewpoint, resulting from the developments in the area of information technology are sufficiently known. [3]  Experts assume that commerce, together with information retrieval, will be at the centre of Internet use in the future; e-commerce is thus a key application of the new information technologies.

The special characteristics of the online medium raise novel issues for sellers and consumers in online commerce. Due to the inherently international nature of online communications, online participants are exposed to a multiplicity of jurisdictions. Other communications technologies make it relatively simple to target commercial solicitations to a particular geographic area. When sellers make use of the various modes of online communication, such targeting ranges from the difficult to the impossible. This geographic indeterminacy raises also severe and intractable concerns about security and reliability matters. [4] It is, in many cases, unclear how existing regulatory regimes governing traditional trade practices apply to online commerce.[5]

The impact of Internet technology, in addition, has recalled privacy issues and will be one of the greatest civil liberty issues of the next century. The Internet does not create new privacy issues, but it does make it more difficult to legislate effectively for existing ones, such as confidentiality, authentication, and the integrity of the information circulated. Privacy is a challenging topic for lawyers and legislators since it is necessary to balance rights and find a socially acceptable consensual solution. [6]

But, governments worldwide lack the essential knowledge to deal with the opportunities and problems e-commerce presents. Therefore, governments must cooperate with both the industry and consumer groups in order to adopt a flexible interpretation of existing regulatory solutions; educate the public to use such privacy enhancing technologies properly. [7]

The Internet generates major new challenges to the traditional commercial transactions. E-commerce takes place not in a restricted national level but rather in the international arena. Electronic commerce transactions are rapidly increasing and consequently, the interest in commercial activity has raised queries about a coherent regulatory framework to stimulate consumer confidence. Therefore, an international and particularly uniform solution is required. However, rather than striving for an international solution that might be of an inadequate quality level or might take too long to be achieved, it might be preferable to focus on partial solutions. As EU represents a wide and quite homogenous market, it might be preferable to examine thoroughly its legal approach concerning consumer policy.[8]

 

 

A European Initiative on Electronic Commerce

In April 1997 the Commission adopted a Communication entitled “A European Initiative on Electronic Commerce”, [9] intended to identify the key to promote E-commerce in the European Community. These rather ambitious objectives were:

to provide widespread, affordable access to the infrastructure;

to create a favourable regulatory framework for electronic commerce;

to foster a favourable business environment for electronic commerce;

to ensure that the global regulatory framework for electronic commerce is coherent and compatible with that of the EU.

The European Community has considerable merit on global market and furthermore it consists of relatively uniform legal framework that principally ruled by the initiative of single market, which aims to erect a legal structure that makes national borders essentially irrelevant to commercial transactions among residents of the member countries. European Union and Member States’ benefits from electronic commerce will as a consequence, depend on implementing up-to-date legislation that balances the needs of the interweaving parties, both business and consumers. The existing Single Market regulatory framework has proved its worth for traditional forms of business and has to be expanded further to electronic commerce so as to improve consumer protection and reinforce trust and confidence to the consumers involved to e-commerce transactions.

Building trust and confidence

The ambitious goal regarding e-commerce transactions is to increase trust and confidence among the concerned parties. A flourishing e-commerce environment demands both consumers and businesses to be confident and legally assured that their transaction will not be intercepted or modified at any stage of its development, that the seller and the buyer are identifiable, and that transaction mechanisms are accessible, legal and secure.[10] Uncertainty about the identity and solvency of suppliers, their actual physical location, the integrity of information, the protection of privacy and personal data, the enforcement of contracts at a distance, the reliability of payments, the legal remedies for faulty transaction or fraud, are considerations heightened in cross-border trading that still remain the major discouraging factors.

One of the most important requirements of a valid contract is that it should provide for some degree of certainty as to the rights and obligations between the contracting parties. What is required is adequate assurance so that the risks and obligations are determined and thus the parties can decide further whether or not to proceed with their agreements. [11]

If the foremost aim is to enhance consumer confidence, which is essential for open, competitive, and cross-border electronic commerce then ensuring consumer protection and building consumer confidence requires a clear, consistent and predictable legal framework. As consumers should have meaningful access to redress consistent with the applicable legal framework, they should be protected from fraudulent, deceptive, and unfair practices. Similarly, secure technologies such as digital signatures and digital certificates are some way to meet these challenges. Digital signatures enable the unambiguous confirmation of the identity of the sender and the authenticity and integrity of electronic documents. Unique to the sender and unique to the message sent, digital signatures are verifiable and non-repudiable. Equally, the exchange of digital certificates (“Internet ID cards”) through an automatic “digital handshake” between computers provides assurance about the parties’ identification.

   

Ensuring full access to the single market

Given its size, the Single Market potentially offers businesses a “considerable mass” of customers compared to further global market. Although the idea is to ensure full access for electronic commerce to the single market, Member States are responding in different ways. The development of divergent legislative approaches is not only ineffective given the transfrontier nature of electronic commerce but also risks fragmenting the Single Market and thus inhibits the development of electronic commerce in Europe. The existing legal framework has, in particular, targeted at reducing the risk that new measures, by being different from one Member State to another, could restrict the free movement of Information Society services.

 Since it is important to avoid regulatory inconsistency by discouraging divergent actions at national level, the Union must also ensure that a coherent regulatory framework for electronic commerce is created at European level. Such a regulatory framework will inevitably be built on existing Single Market legislation, which already largely creates the right conditions for online businesses. As part of that framework, specific measures have already been taken to respond to new developments. They include the recently adopted Directives such as: Electronic Commerce Directive, Data Protection Directive, Distance Selling Directive and Digital Signatures Directive. [12]

 

 

Brussels and Rome Convention

Within Europe, the Brussels [13] and Rome[14] Convention (and Lugano Convention that extends the validity of these Conventions to the countries of EFTA) [15]lay down the first seeds of consumer protection as they were dealing with special provisions related to a number of types of contract where one party may require some protection of its interests because of inequality of bargaining power, namely consumer contracts.[16] The basic rule laid down by the Brussels Convention is that a defendant shall be sued in the State where he is domiciled.[17] This provision is based on the maxim actor sequitur forum rei (the law should lean in favour of the defendant) and permits him to have the advantage of fighting on its territory where he can most easily prepare a defence, as he is more familiar to its judicial system.

The application of this rule presupposes that the defendant is domiciled in a contracting state to the Convention. [18]Otherwise the issue of jurisdiction is to be determined by domestic law.[19]Besides, the latter grant that a supplier with a “branch, agency or establishment” in a consumer’s country of residence is to be considered as domiciled there. Alternatively, consumers may choose to bring claims against the other party either in their country of domicile or that of the supplier, whilst actions against the consumer may be brought only in the consumer’s country of domicile.[20] The rules, indisputably, are generous to consumers. The format and definitions of these grounds has been considered in detail by the European Court of Justice and up to now, the grounds of jurisdiction have been applied in the Convention with a relative degree of confidence. The Convention provides specific grounds of jurisdiction in Article 5, and in particular for consumers, Articles 13 –15 inclusive. The special wording of jurisdiction in Article 5 states, inter alia, that:

“A person domiciled in a Contracting State may, in another Contracting State, be sued:

1. in matters relating to a contract, in the courts for the place of performance of the obligation in question;

2. …

3. in matters relating to tort, delict or quasi delict, in the courts for the place where the harmful event occurred;

4. 

5. as regards a dispute arising out of the operation of a branch, agency or other establishment, in the courts for the place in which the branch, agency or other establishment is situated”

Generally, in the content of the Convention there are numerous provisions relating to applicable law or jurisdiction that specify as such the place of supply. Thus, where the contract is about supplying physical goods (the e-commerce supply then is equivalent to mail or telephone order) the localisation of the contract presents no special problems; but what if it is for digitised goods to be delivered?[21] 

At the moment, the Brussels Convention's definition of consumer is limited. According to the Brussels Convention, consumer contracts are defined as contracts with a consumer: for the sale of goods on instalment credit terms[22] and for loans repayable by instalments, or by any other form of credit, made to finance the sale of goods[23] or (as in the provisions contained in the Rome Convention), contracts where a specific invitation addressed to consumers or advertising was made in the consumer's state of domicile and the consumer took the steps necessary to conclude the contract in his state of domicile.[24] Noteworthy that the provision of services is not included. But, following there is a section, which covers contracts for both the supply of goods and services.[25]

It was widely argued that the definition provided in Article 13 was difficult to be interpreted, particularly from an e-commerce perspective, as it is unclear whether “advertising” covers advertising of goods and/or services on a website that can be accessed throughout the EU. Not surprisingly, businesses frequently argue that Article 13 does not apply to e-commerce and that they can only be sued in their own courts.[26]

A further dilemma arising with respect to the application of the first two provisions in the context of e-commerce concerns the definition of the term “goods”. As a matter of fact the majority of the difficulties will arise while determining the meaning of goods in relation to digitised products.[27] 

In proportion to the third provision, the question that arises is whether the e-commerce transaction is more akin to a consumer “travelling” abroad or to the business making offers in the consumer's state of domicile. The Council has tried to address these issues by amending the wording in the proposed revision of the Convention (“Jurisdiction Proposal”). It has in particular removed the requirements that the consumer must have taken the steps to conclude the contract in his Member State of domicile, which would be difficult to determine in the case of a contract concluded via a website.[28] 

A further approach to the subject of jurisdiction is included in article 14 of the Brussels Convention in which “the contract has been concluded with a person who pursues commercial or professional activities in the Member State of the consumer's domicile or who by any means directs such activities to that Member State”. The justification for this approach is that the supplier is looking for customers in that jurisdiction and as a result has to accept the danger that the national courts will claim jurisdiction over his activities.[29]

Apart from the Brussels Convention, the Rome Convention also determines the choice of governing law in Member States of the EU. The general principle stated by Article 3(1) of the Rome Convention is that “a contract shall be governed by the law chosen by the parties”.

This choice of law must, however, be expressed or demonstrated with reasonable certainty by the terms of the contract or circumstances of the case. There are a number of mandatory rules provided by the Rome Convention such as those defined by reference to Article 3(3) which states that there are rules of the law of a particular country which “cannot be derogated from by contract” these are for example rules on cartels, competition and restrictive practice, consumer protection and certain rules concerning carriage.

In particular, pursuant to Article 5 the choice of law made by the parties can be excluded altogether or at least shall not have the effect of providing the consumer of the protection afforded to it by the mandatory rules of the law of the country in which it has habitual residence. As a result, the choice by the parties of, for example, less consumer friendly jurisdictions, might be ignored by a Court in the EU Member State.

In the absence of a choice of governing law by the parties in a contract, the Rome Convention (Article 4(1)) stipulates that to the extent that the law applicable to the contract has not been chosen in accordance with Article 3, the contents shall be governed by the law of a country “with which it is most closely connected”.

Unfortunately, the nature of e-commerce transactions complicates to determine whether the performance of a particular party is characteristic of the contract. In any event, neither the Brussels nor the Rome Convention will assist if both parties are non-EU member states.[30] 

However, the Brussels and Rome Conventions were drafted at a time when no one could have foreseen the impact of international e-commerce. Recently, a number of amendments were proposed to the Brussels and Rome Conventions in order to be updated and regulate sufficiently the new needs.  

Electronic Commerce Directive

The Electronic Commerce Directive,[31] was adopted in June 2000 and it will be fully implemented by January 2002.The key reasoning to the adoption of the Directive was the Commission’s venture driven by the ambitious plan to create a favourable regulatory framework for electronic commerce within the EU boundaries[32] as well as to ensure that e-business services benefit from the Internal Market principles of free movement of services and freedom of establishment. The core objective of the Directive is to guarantee the free movement of information society services throughout the internal market through the country of origin principle of regulation[33] and simultaneously to ensure a high level of consumer protection, promoting by that way e-commerce within the EU territory.[34]  Though, the Directive builds creatively on the previously existing internal market legal framework clarifying and ensuring its effective legal enforcement rather than imposing new rules.

 

The Country of origin principle

The first step towards the concept of consumer confidence could be found in Art.3(1), which establishes the country of origin principle. Article 3(1) of the Directive requires that in each Member State the Information Society services shall be provided by a service provider established on its territory. This principle suggests that if a provider of electronic business meets the terms of the law of the Member State where it is established, then that services can be provided adequately throughout the EU, and consequently there is no need to comply with the laws of the rest 14 Member States.[35] Accordingly, for jurisdictional purposes, a provider is located in the place where it has a fixed establishment from which it pursues an economic activity, regardless of where websites or servers are placed.

Furthermore, the basic principle of mutual recognition obliges each EU Member State to accept that the laws of other Member States provide an adequate level of protection despite the fact that those laws may be different or less restrictive than its own law.[36] Consequently, this granted principle offers a considerable advantage for businesses based in countries with more liberal commercial legal regime in doing business on-line in the EU. [37]

A Member State will be competent when a service provider is established in it. The Directive contains detailed rules to determine where a business is established. Article 2 (c) of the Directive defines “established service provider” as the one who effectively pursues an economic activity using a fixed establishment for an indefinite period. The Court of Justice has recognised the possibility that the same service provider is established in several Member States. In such case, the Member State in which the service provider has the centre of its operations will be deemed competent. It is also remarked how the presence and use of technical means (such as the location of the Web Server) will not constitute an establishment.[38]Additionally, this significant principle facilitates to reducing risks while contracting electronically as well as saving considerable legal costs in case of litigation.

On the other hand, some crucial areas of law are exempted from this provision, including contractual obligations concerning consumer contracts, intellectual property, data protection, and the legal conditions applying to unsolicited commercial communications. [39]As stated explicitly, in the derogations set forth in the Annex to the directive, the following will be excluded from the scope of the country of origin principle:

- copyright, neighbouring rights, industrial property rights.

- emission of electronic money,

- freedom of the parties to choose the law applicable to the contract,

- contractual obligations concerning consumer contracts,

- formal validity of contracts creating or transferring rights in real estate,

- permissibility of unsolicited commercial communications by electronic mail,

- certain provisions of insurance legislation,

- companies set up for the collective investment in transferable shares. [40]

Although, Article 3(1) establishes the principle of control by country of origin, the applicability of the existing rules of Private International Law is reaffirmed. [41] Thus, as the provisions of the 1968 Brussels Convention still apply, [42] there is currently a major threat to the principle of country of origin contained in the Directive caused by the revisions of the Brussels Convention that seems to provide (certainly in respect of consumers) that contracts for the supply of goods and services will be governed by the laws of the country of destination. Therefore, the EU has to reconcile the two conflicting principles contained in the Brussels Convention and the Electronic Commerce Directive. [43]  

 

Establishment and information requirements

Accordingly, the E-Commerce Directive is reducing the dangers presented by the ephemeral nature of information society services; in an attempt to build on consumer reliance.[44]Especially, it requires that providers should specify their geographical address. All Information Service Providers are to render accessible “in a direct and permanent manner to their recipients and competent authorities”: information relating to the name of the service provider, the geographic address at which the service provider is established. Additional information including email address, with the objective of allowing the recipient to contact the service provider rapidly and to communicate with him in a direct and effective manner, is required. Where the service provider is registered in a trade or similar public register, the trade register in which the service provider is entered and his registration number; where the activity is subject to an authorisation scheme, the particulars of the relevant supervisory authority. Concerning the regulated professions (lawyers, accountants, doctors): any professional body or similar institution with which the service provider is registered (Bar Association...), the professional title and the Member State where it has been granted, a reference to the applicable professional rules in the Member State of establishment and the means to access them and most preferably where the service provider undertakes an activity that is subject to VAT, the identification number.[45]

The requirements of Article 5 are also similar to the information requirements of the Directive on distance contracts.[46] However, unlike the Directive on distance contracts the information requirements of this Directive apply whether there is a contract concluded or not.[47] 

   

Commercial Communications

The Directive demonstrates that there is a considerable need for harmonisation in the area of commercial communications, including advertising, marketing and sponsorship[48] that should be subject to certain transparency requirements so as to ensure consumer confidence and fair-trading. These areas are very differently regulated within the EU, so the Directive provides that a commercial communication must be clearly identifiable as such and should set out clearly all terms and conditions applied;[49] the natural or legal person on whose behalf the commercial communication is made,[50]i.e. a header in the web page that is clearly labelled.

The Directive classifies certain requirements on commercial communications of a service provider: they must be clearly identifiable as such, their origin must be clearly stated, and promotional offers, competitions or games, where permitted by the Member State in which the service provider is established, shall be presented accurately and unequivocally.[51] Especially, promotional offers (but gambling) can be used to sell goods and services as long as they are transparent. The Directive suggests that hyperlinked web page icons will be sufficient to identify those from whom communications are made and to satisfy the requirement to provide easy access to the conditions of promotional offers.[52]

Member States will need to specify in their legislation that unsolicited commercial communications such as “spam” e-mail must be clearly identifiable as soon as the recipient receives it.[53] Further, service providers will need to observe “opt-out” registers of addresses of persons who do not wish to receive unsolicited commercial communications.

The Directive makes special provision for commercial communications by “regulated professions”, providing “that Member States shall ensure that the use of commercial communications which are part of, or constitute, an information society service provided by a member of a regulated profession is permitted subject to compliance with the professional rules regarding, in particular, the independence, dignity and honour of the profession, professional secrecy and fairness towards clients and other members of the profession”.[54]

 

Electronic Contracts

A further dubious point that also discourages potential consumers from entering to electronic transactions is the uncertainty about the legitimacy of electronic contracts; whether an electronic contract is legally bound or not. As a response to those justified concerns, E-commerce Directive has established the validity of contracts concluded electronically for all Member States. With a few permitted exceptions (of contracts requiring the involvement of a notary, contracts which are required to be registered with a public authority to be valid and contracts governed by family law or the law of succession), Member States must ensure that their legislation permits contracts to be concluded electronically[55]. But previously, certain specified information must be given before the contract is concluded.

 Member States have to ensure that the legal requirements applicable to electronic contracts do not prevent the effective use of electronic contracts or diminish their legal effect because of the fact that they were concluded electronically. This requirement will oblige Member States to change many laws that currently inhibit the use of electronic contracts.

The service provider will also be required to explain in clear terms the manner of formation of the electronic contract.[56] The Directive identifies that the contract is concluded when the recipient of the service has received from the service provider in electronic form an acknowledgment of receipt of the other party’s acceptance.[57] Where the recipient is asked to signify acceptance by technological means such as clicking on an icon, the service provider must promptly acknowledge receipt of the recipient’s order by electronic means. The order and acknowledgement are deemed to be received when the parties to which they are addressed are able to access them. However, it is unclear whether the Directive’s contract provisions cover one critical issue arising in this area, namely the evidentiary value of electronic documents. As, in some countries (e.g., Germany), "written documents" are attributed greater value than other evidence. Therefore, if electronic contracts are not deemed to be evidenced by "written documents," as are traditional paper contracts, electronic contracts (and thus e-commerce) could be disadvantaged.[58]

The Directive includes extensive provisions related to implementation and enforcement. The Commission as well as the Member States are to support the development of codes of conduct.[59]The Directive encourages the involved parties to dispatch draft national codes so as to be compatible with the Community law.[60]

   

 

Commenting Electronic Commerce Directive

The scope of the Electronic Commerce Directive is broad ranging and generally non controversial. The Directive on Electronic Commerce was proposed by the Commission in an attempt to unify disparate regulatory schemes and produce a harmonized, better-coordinated approach to e-commerce.[61]Both the European Council and the European Parliament believe that this Directive should not affect the law applicable to contractual obligations relating to consumer contracts and should not have the result of depriving the consumer of the protection afforded to him by the mandatory rules relating to contractual obligations of the law of the Member State in which he has his habitual residence.[62]The major criticism that has been made to the EU legal approach is that the e-commerce initiatives are dispersed across a range of measures. Due to the ambiguous determination of what law is in a particular respect, there ambush the potential for internal conflict in relation to the issue of choice of law.

The Directive, however, will be a major step forward in increasing the competitiveness of e-commerce within the EU. It will also allow a great deal of consumer choice through borderless online commercial transactions. Also, consumers will continue to enjoy a high level of protection as the Directive does not affect the provisions of other legislation such as the Distance Selling Directive, the Unfair Contract Terms Directive and the Product Liability Directive which impose standard set of rules for consumer protection throughout the EU.[63]

One of the most serious issues that the Directive has not yet addressed is how to balance the divergent consumer protection laws that exist in Europe with the new borderless economy. Currently, consumers wishing for remedy can sue in their country of residence, based on the consumer laws there. But, on the contrary, European Internet retailers are strongly opposed to this rule, as they believe their businesses are being stunted by having to comply with the myriad rules and regulations of each country. The Directive, however, merely acknowledges that a resolution to this problem has not yet been decided on.[64]

Consumers will also retain their rights to sue suppliers for breach of contract in the consumer's country of domicile under the provisions of the Brussels Convention. Furthermore contracts concluded between suppliers and consumers who are domiciled in different countries cannot be used to take away the rights a consumer would enjoy in his country of domicile, which are protected under the terms of the Rome Convention.

The crucial point disclosed in the application of the Electronic Commerce Directive is that the traditional legal provisions will be sufficiently applied to the regulation of e-commerce. The European Commission has chosen to use the principles of country of origin and mutual recognition rather than the full harmonisation of national laws across the EU as the basis for the Directive because it recognises that Member States operate a number of widely differing sets of rules governing marketing, promotions, advertising and sponsorship which are impossible to harmonise without annihilating electronic commerce in its infancy.[65]

Undoubtedly, regardless of whether it is the consumer or the business that has to cross a border in order to obtain legal remedy, cross-border litigation will be expensive and this cost will only be justified for larger claims. Therefore it will be necessary to set up complementary Alternative Dispute Resolution mechanisms, since otherwise access to justice will be practically denied in many cases.

The necessity of Alternative Dispute Resolution was recognised in the Electronic Commerce Directive. Article 16 requires Member States and the Commission to encourage the drafting at Community level of Codes of Conduct designed to contribute to the implementation of the substantive provisions of the Directive aiming to provide a unifying force throughout the EU.[66]Additionally, under the terms of Article 17(1),(2)the Directive suggests that Member States shall not impede the use of out of court dispute resolution procedures including electronic means and encourage adequate procedural safeguards. Member States are under an obligation to co-operate and shall appoint contact points for this purpose[67]. These contact points are to provide practical assistance and information to service providers and recipients of services with regard to out of court dispute resolution procedures. However, the Directive does not oblige Member States to set up or regulate out of court procedures. Presumably, it is envisaged that such mechanisms will be developed sufficiently on the private sector.[68]

Finally, the Directive allows Member States to derogate from its provisions on a case by case basis to impose restrictions on e-commerce services supplied from another Member State if necessary to protect the public interest on the grounds of the protection of minors, sexual and racial discrimination, public health or security and consumer protection. However, such restrictions would need to be proportionate to their stated objective. Furthermore, the Directive introduces the important requirement that such restrictions can only be imposed after the Member State where the service provider is established has been asked to take adequate measures to meet the above public interest criteria and has failed to do so and the intention to impose the restrictions has been notified in advance to the European Commission. [69]

 

   

 

Draft Brussels and Rome II Regulations

          The Directive on E-Commerce incorporates the fundamental pillars of the internal market: country of origin control and mutual recognition. These principles were reaffirmed by the European Court of Justice in a number of cases on the freedom of goods and services beginning with the landmark case of Cassis de Dijon.[70]

          The Directive declares that only one law is applicable rather than up to 15 different laws. This is due to the fact that the concept of mutual recognition obliges each EU Member State to accept that the laws of the State in which the provider of the services is established offers an adequate level of protection, even if the laws are different or less restrictive. This principle will encourage consumers to buy on line because of the legal certainty provided throughout the EU.

          However, this regulatory framework for e-commerce has recently come under threat from a proposal adopted by the Commission to replace and update the Brussels and Rome Conventions as EU Regulations are armoured to new powers under Article 65 of the Amsterdam Treaty. The new Regulation was approved by the European Union on December 2000.[71]The new rules of jurisdiction will be enforced throughout Europe from March 2002.

The rules of this new Community Regulation do have implications about electronic commerce. One of the most controversial and important set of rules to be replaced by the Regulation relate to consumer contracts. In Europe, the new Regulation (the Brussels I Regulation) will increase and strengthen consumer confidence in terms of electronic consumer contracts.[72]

Consumers, in particular, are given the specific right to sue and be sued in their “own” courts when they have entered into a deal with a firm from another country. This provision benefits the consumer as being the weaker party in any contract with an undertaking.[73] Under the existing Convention, this right arises when the supplier has advertised the goods or service and the consumer has made the contract in his own country. The Regulation proposes to extend this right to any circumstance where the supplier has directed his business towards the consumer’s country, irrespective of where the contract is concluded.[74]

The proposed Brussels Regulation gives the Courts of the consumer’s country of habitual residence jurisdiction over suppliers of goods and services, which are established in other Member States of the EU in certain circumstances. Article 15(c) (which reflects Article 13 of the amended Brussels Convention) states that:

“…in all cases,(where) the contract has been concluded with a person who pursues commercial or professional activities in the state of the consumer’s habitual residence or, by any means, directs such activities to that state or to several states including that state falls within the scope of such activities”.

This Article if interpreted with the criteria set out in Recital 13 of Brussels Regulation will trigger the jurisdiction of the consumer’s country of habitual residence in respect of any e-commerce Web site established in a Member State of the EU merely because of the fact that it can be accessed by a consumer. E-commerce Web sites are automatically accessible not just throughout the EU but also throughout the world. It worth to be mentioned that many of these Web sites have no physical link with the country of the foreign consumer’s domicile nor do they specifically solicit consumers in Member States other than the State that they are established.[75]

The proposed Regulation has amended the provision concerning the conclusion of consumer contracts so as to include all situations where a person pursued commercial or professional activities in a Member State or by any means directs such activities to that Member State. The explanatory memorandum explains that the existing rule is too weak since the requirement that all the steps should be taken in the consumer's state of domicile excluded instances when the consumer was induced to travel abroad to conclude the contract. Moreover, it explains that reference to activities pursued in or directed towards a Member State was intended to include contracts concluded via interactive websites accessible in the consumer's state of domicile. However, passive websites that inform consumers about the possibility of goods and services will not activate the protective provisions. In the latter instance, the consumer is to be treated as the active party who seeks out the site; just as he might travel to a foreign market or mall.

The Brussels I Regulation, which has been reportedly presented as a compromise measure, allows consumers to use the local Courts and consumer protection laws in their home country to sue online retailers, even if those retailers are based in another European country. The measure also facilitates local lawsuits even if the foreign Web site does not specifically target the home country of the consumer.[76] 

The Regulation ensures that Internet consumers are able to bring cases in their own jurisdiction. This provision does not assist in cases where the trader is domiciled outside the EC, e.g. in the US. However, even if the consumer can bring his claim in his own courts, justice will be out of reach in practical terms if choice of laws issues are raised and the consumer has to invoke foreign law. 

 

 

 

Protecting online privacy

Indisputably, data protection laws may effect on the development of e-commerce in a rather positive way, since well-defined privacy laws will increase consumer confidence in concluding business electronically and thus rising the profits of electronic commerce.[77] Polling data show that the majority of consumers believe that their privacy is at risk when they do business on the Internet.[78] The ability of technological devices to enable the collection, processing and distribution of personal data is a major factor behind the public concern about loss of privacy.[79]Consequently, if online retailers intend to survive and flourish, it will be partly due to the emergence of improved technology that helps them to trace users' buying habits better and to create profiles that could be shared easily among marketers.[80]

On the other hand, consumers are opposed to the control of their private data from the companies that already own it. The problem is quite straightforward. Companies need to glean information that will facilitate sales. Consumers counterclaim the convenience of secure e-commerce without worrying about having their identities stolen, being spammed, or having the aggregators of personal data retrieving and profiting from every detail of their lives. The solution is simple.                               Companies could minimise the potential consumers’ fears by complying with privacy standards. That could denote collecting the same data the companies always have, but not sharing it with others without first asking permission, or assuring customers that privacy will be the basis for their online business.[81]

Therefore, it is essential to assure personal privacy in the networked environment so as consumers to feel secure while doing business across this new medium. Data and systems security is one of the central prerequisites for consumer acceptance of e-commerce. Data protection policy represents a competitive advantage for the respective vendor since potential customers are seriously interested to the level of data protection while shopping on line.

According to the main declarations of the single European Market there should be no limits to the retrieval of information between Member States. The more legal divergences are erected the more of a problem it becomes, especially when these divergences are taking place in what purports to be a common market. Through Community harmonisation, data subjects are assured of the same minimum level of protection, sellers are better able to satisfy the compliance requirements of different countries and there are obviously reduced opportunities for individual Member States to attract data processing business by promising a lax regulatory regime. [82] However, the enactment of a Data Protection Directive was a general requirement in order a common legal system corresponding to the territory of the EU to be founded.

   

 

Directive 95/46/EC on the Protection of Personal Data

Directive 95/46/EC on the Protection of Personal Data[83] has entered into effect from 25 October 1998, with the aim to establish a harmonised regulatory framework so as to ensure both a high level of protection for the privacy of individuals in all EU Member States and  free movement of personal data within the EU. Provision is also made in the legislation to ensure that personal data is only transferred to countries outside the EU when its constant protection is guaranteed.

The core obligation of Member States is included in Article 1: “In accordance with this Directive Member States shall protect the fundamental rights and freedoms of natural persons, and in particular their right of privacy, with respect to the processing of personal data”.

Under the Directive 95/46 EC, data subjects are granted a number of important rights including the right to access their data, the right to know where the data originated (if such information is available), the right to have inaccurate data rectified, the right of recourse in the event of unlawful processing and the right to withhold permission to use their data in certain circumstances (for example, individuals will have the right to opt-out free of charge from being sent direct marketing material, without providing any specific reason) [84].

Furthermore, in order to prevent abuses in the use of personal data, and ensure that data subjects are informed of the existence of processing operations, the Directive lays down common rules to be observed by those who collect, hold or transmit personal data as part of their economic or administrative activities or in the course of the activities of their association. [85]In particular, there is an obligation to collect data only for specified, explicit and legitimate purposes and to hold it only so long as it remains relevant, accurate and up-to-date. [86]

The Directive also establishes the principle of transparency with regard to the collection of data. This principle offers individuals the option of whether to provide the information or not and entitles them to be informed about the identity of the organisation intending to process the data and the main purpose of such processing. As a matter of fact, the Directive applies different rules according to whether information can be easily provided in the normal course of business activities or whether the data has been collected by third parties. In the latter case, there is an exemption where the obligation to provide information is impossible or involves disproportionate effort. [87]

In the case of sensitive data, such as an individual's ethnic or racial origin, political or religious beliefs, trade union membership or data concerning health or sexual life, the Directive establishes that it can only be processed with the explicit consent of the individual, subject to a number of public interest exemptions such as where there is an important public interest (e.g. for medical or scientific research), where alternative safeguards have to be established.[88]

As the flexibility of the Directive means that some differences between national data protection regimes may persist, the Directive recommends the principle that the law of the Member State where a data processor is established applies in cases where data is transferred between Member States.[89]

 In the specific case of personal data used exclusively for journalistic, artistic or literary purposes, the Directive requires Member States to ensure appropriate exemptions and derogations exist and to strike a balance between guaranteeing freedom of expression while protecting the individual's right to privacy. [90]   

Transfer of personal data to third countries

For cases where data is transferred to non-EU countries, the Directive includes provisions to prevent the EU rules from being circumvented. The basic rule is that the non-EU country receiving the data should ensure an adequate level of protection, although a practical system of exemptions and special conditions also applies. The advantage for non-EU countries that can provide adequate protection is that the free flow of data from all 15 EU states will in future, be assured, whereas up to now each state has decided on such questions separately.[91] 

The EU data protection regime is specifically based on home country regulation, as the text in Art.25 demonstrates. All the countries that implement the Directive have, by definition, an adequate level of privacy protection, and the matter of the data subject in respect of the transferred data is then a matter for the law of the new controller’s jurisdiction. The same applies to the non-EU countries to which data transfer is permitted under Art.25 on the basis that an adequate level of protection is provided, and the Directive contains provisions under which the European Commission can declare that particular countries provide adequate protection.[92] 

The uniform application of the Directive would be in threat if the decision whether third countries offered an adequate level of protection was to be made by each Member State. Therefore, it is provided that Member States and the Commission have to inform each other in any case they feel that a third country does not provide such a level of adequacy.[93] In practice, general decisions regarding adequacy will be decided at a Community level. Article 29 of the Directive establishes a Working Party on the Protection of Individuals with regard to the Processing of Personal Data. [94]

          In addition, Directive could be rather meaningless if there was no method to enforcing its provisions. The Directive requires Member States to provide for the right of every person to judicial remedy for any breach of the rights guaranteed him by the national law applicable to the processing in question. This right is without prejudice to any administrative remedy for which provision may be made, such as the supervisory authority prior to referral to the judicial authority.[95]Any person who has suffered damage as a result of an unlawful processing operation or any act incompatible with the national provisions adopted pursuant to the Directive is entitled to receive compensation from the controller for the damaged suffered. [96]

   

Criticising Data Privacy Directive

The EU Data Privacy Directive has been highly criticised as data transfer restrictions could seriously impede the future growth of Information Society services. By reverse reasoning without the legal security of a Union-wide approach, lack of consumer confidence will certainly undermine the rapid development of the information society. As a result, the EU moved towards the adoption of the data protection Directive. [97] The Directive’s main intention is to establish a clear and stable regulatory framework necessary to guarantee free movement of personal data, while leaving individual EU countries room for manoeuvre in the way the Directive is implemented.

Free movement of data is particularly important for all services with a large customer base and depending on processing personal data, such as distance selling and financial services. If each Member State had its own set of rules on data protection, for example on how data subjects could verify the information held on them, cross-border provision of services, notably over the information superhighways, would be virtually impossible and the extremely valuable new market opportunity would be lost.[98]

          Likewise, it is very important not to forget that the Directive, in conjunction with other data protection regulation,[99]has the mutual goal of both safeguarding privacy in relation to processing of personal data and facilitating transborder data flow. The importance of the free flow of such data is further underlined by part of the first sentence of recital 56 “…cross border flows of personal data are necessary for the expansion of international trade”. Therefore there are no grounds for restricting free flow of data, provided that the appropriate safeguards are in place.[100]

          Almost since the enactment of the EC Directive, negotiations have been taking place between EU and US in an effort to ensure compatibility between European data protection standards and the mainly self-regulatory approach in the US by developing a common set of rules and principles to safeguard data transactions between the two parties.[101] The adopted approach may define a “safe harbor” for personal data, a set of principles that US companies would sign up to on a voluntary basis but to which they would be bound.[102]

          The advantage of this approach is that the EU through the restrictions posed to the transborder flow of data has become a leading player in the international IT arena. The EU has the opportunity formulate a considerable regulatory framework with international acceptance by providing legal certainty in the demanding area of privacy safeguarding.

Finally, the practicality of the Directive’s provisions on transfers to third countries, as well as any attempted control of such transfers, can be questioned.[103] The Directive provides no remedy to the individual who is prejudiced by a breach of these provisions. Any national remedy will be retrospective rather than prospective. Individuals will generally not be able to prove any particular transfer took place and once data is transferred, the damage will typically have occurred. It is also unlikely that Community public authorities will be able to take any effective action against third-country data processors to which data is unlawfully transmitted by a controller within the Community.[104]

Additionally, the Council of Europe in cooperation with the Commission and the International Chamber of Commerce, have produced a model contract which might be used by data users in order to achieve the required level of adequacy. The objectives of the model contract are: to provide an example of one way of resolving the complex problems which arise following the transfer of personal data subjected to different data protection regimes; to facilitate the free circulation of personal data in the respect of privacy; to allow the transfer of data in the interest of international commerce; o promote a climate of security and certainty of international transactions involving the transfer of personal data.[105]   

 

 

Contracting on distance

Buying goods or services by means of the Internet expose consumers to particular dangers, due to their inability to examine the goods or to visit the supplier's premises, and thus evaluate his reliability, before entering into the transaction.[106] Credit card fraud is a reluctant concern and another is that the seller may provide insufficient information. The particular nature of Internet may attract individuals to buy on impulse without properly thinking about the implications of the obligations they are entering to. The European Community taking into consideration all those reasonable fears that arise while consumers contract on distance along with the strong possibility that individual Member States may implement very restrictive legislation, while others might encourage contracting over the Internet leaving it extensively and on purpose unregulated, decided that distance selling ought to be subject to harmonised regulation throughout the Community.[107]

   

Directive on Distance Selling: Impact on E-commerce

The first step towards the notion of harmonised regulatory framework was the adoption of the Directive on Distance Selling[108], following the Directive on unfair terms in consumer contracts.[109] Both will have to be taken into consideration when drafting consumer contracts. The Directive on the protection of consumers in respect of distance contracts has an obvious application to the Internet. Its objective is to “approximate the laws, regulations and administrative provisions of the Member States concerning distance contracts between consumers and suppliers”.[110]

The Directive is stated to be of major importance for the European Union as cross-border distance selling could be one of the main tangible results of the completion of the internal market. It is essential to smooth operation of the internal market so as to enable consumers to contract with business outside their country, even if there is a subsidiary in the consumer’s country of residence.[111]

The Distance Selling Directive is dealing with the protection of consumers in respect of distance contracts. Distant contracts include sales concluded through the use of telephone or fax and are extended to apply to contracts formed over Internet. The Directive provides a minimum set of common rules for the benefit of consumers, requiring certain fundamental information before the contract is concluded. The main burden is on the supplier of the goods or services to prove compliance; therefore he would be cautious to ensure that terms and conditions of sale at least meet the terms of the Directive.[112]

A consumer complying with the meaning of the Directive is an individual who does not make the contact in the course of his trade, business or profession and a supplier is a person (natural or legal) who makes the contact in a commercial or professional capacity.[113] So the definition of consumer might exclude only commercial purchasers who are buying goods in the direct course of their business. By classifying as consumers those commercial purchasers buying “incidental” goods would sufficiently explain the rationale of the Directive as a measure for the unification of the internal market.[114] The Directive can be seen as an attempt to consolidate the internal market by giving non-expert consumers the confidence to buy across border. The main concern in respect of distance contracts revolves around the fact that these purchases are often made “in the dark”.[115] Whereas the consumer is not able to see the product or ascertain the nature of the service provided before concluding the contract.[116]The goods or services maybe of lower quality than the consumer expected; the seller may be disreputable, even fraudulent.

In detail, a distance contract is one concerning goods or services between a supplier and a consumer under an organised distance sales or service provision scheme established by the supplier who, for the purposes of contract, makes “exclusive use” of one or more means of distance communication, up to and including the moment the contract is concluded.[117] The meaning of “exclusive use” is rather vague and unclear. In view of the consumer protection rationale of the Directive, it is likely to be interpreted restrictively. Therefore, a supplier who demonstrates a product in person, but sells it at a distance would be included to the provisions of the Directive.[118]All negotiations and contacts must take place by distance communication, which includes electronic mail, videotext, videophone, television and fax machines as well as traditional forms of distance selling such as by post, catalogue, etc.[119]

The outcome appear to be that a distance contract is any contract concluded by any means where the consumer and supplier (or their respective agents) do not meet face to face prior to conclusion of the contract. However, the Directive does not apply to some contracts including certain contracts relating to financial services, automatic vending machines, in relation to land and auction sales.[120] Also, contracts concluded by telecommunications operators through the use of public telecommunication systems are excluded. [121]

   

Provision of Information

The most vital provision in respect of consumer confidence is that certain information must be provided to the consumer before the contract is concluded. Information about the supplier, the main characteristics of the goods or services, the price, delivery costs, payment details and existence of the right to withdrawal.[122] In addition, the supplier should inform the consumer of “the cost of using the means of distance communication where it is calculated other than at the basic rate”, a requirement clearly aimed at contracts for the use of distance communications such as premium rate telephone services.[123] Information must be provided in a clear and comprehensible manner, having regard to the principles of good faith in commercial transactions. Regarding the Internet or electronic mail, the provision of prior information should not be onerous and can be easily incorporated into the supplier’s website or email message.

Recognising that “information disseminated by certain electronic technologies is often ephemeral in nature insofar as it is not received on a permanent medium”,[124] Article 5 states that the consumer must receive handwritten confirmation or confirmation in another durable medium (for example, by downloading a computer file) of the information described above, at the latest at the time of delivery of the good. So, the demand of the information to be in writing is also met in case this information is available and accessible to the consumer in any other durable medium (e.g., a Web-page). Noteworthy that failure to comply with this requirement may extend the period during which the consumer may withdraw from the contract.[125]

The effect of this provision is that paper and similar physical media will last for some time, even where contracts are made via telephone, Internet or other methods of telecommunication. Accordingly, the requirement can also be satisfied by including the required information in a delivery note sent with the goods. The only exceptional case where written confirmation is not required is where the required information has already been supplied to the consumer in written form, but even then the consumer must receive a second written notice providing details of the supplier's address, after sales service and guarantees, the right to withdraw from the contract, and the mechanism for terminating the contract if it is of indeterminate duration or to exceed one year.[126]

However, further on Article 5 an alternative to written information is not mentioned; in case information about the right of withdrawal is concerned: “written information on the conditions and procedures for exercising the right of withdrawal”. This must be in writing and another durable medium is not an alternative. This simply means that the consumer must be confronted with a written notice and should not simply be able to click on a button to “skip” the information provisions. Receiving a notice of cancellation by post gives one more cause for reflection and also may alert others, such as spouses, to potential consumer’s intended plans. Inconsiderable problems could also result if one could simply sign-up on line for credit contracts and ignore any cancellation notices by the mere click of a button. For these reasons the requirement for writing is useful for cancellation notices.[127]

But on the other hand, this demand is rather troublesome and cannot be met when goods are delivered electronically (e.g., downloaded software). The Directive does not explicitly define the supply of information, computer code or software over the Internet as either services or goods .The issue in question is that there is some confusion as to the status of computer code or software. Software or computer code, which is stored and supplied on a physical medium such as a tape or disk, would most probably be treated as a good .The value is in the intangible information contained in the medium and not the medium itself. The confusion arises when information, computer code or software is supplied electronically over the Internet as a stream of bits. If it is held as a good, then Art.5 (1) might present a problem, as the benefits sought by transacting over the Internet, of paperless transactions, are reduced. If it is held as a service then Art.5 (1) may not apply through Art.5 (2).[128] Thus, it seems to be on Art. 5 that most arguments will be raised between those who want to place estoppels in the way of Internet trading as they support traditional communication with the consumer as being more important even if this means some increased “paperwork”, and those who, conversely, are able to foresee the benefits and profits relating to “paperless” e-commerce transactions. [129]

 

 

Right of Withdrawal

The right of withdrawal is a basic element on the “distance-selling” contract. The geographical address of the supplier to which the consumer may address complaints, must be clearly mentioned.[130] Further information such as relating to after sales service and the effect of cancelling the contract must be also provided. But, the provisions of the Directive, which apply to information, the right of withdrawal and the obligation to execute an order within 30 days[131], are excluded in certain contracts where a right of withdrawal would impose an unfair burden on the supplier, like for the supply of perishables and for the provision of accommodation, transport, catering or leisure.

Moreover, supporting consumers’ rights; the Directive suggests that the consumer is not obliged to give a reason for his withdrawal. Since this is a minimum, Member States are allowed to define in their legislation a longer period. The withdrawal is without costs, except the costs for returning. The time for the supplier to perform is rather long, namely 30 days. However, this is a maximum, so at that point, Member States are allowed to define in their legislation a shorter period.

According to the Directive, Member States should prohibit so-called inertia selling.[132] A possible way to regulate this is to give the consumer the right to keep the goods without having to pay for it. The rights of the Directive are binding and the European consumers are not permitted to waive their rights under this Directive.[133]  The consumer may not waive the rights conferred on him by the transposition of this Directive into national law..[134] Accordingly, the Directive will override any contradictory choice of law or other contractual provisions between the European consumer and a non-member country as the law applicable to the contract if the latter has close connection with the territory of one or more Member States.

In its early implementation the Distance Selling Directive, mainly the requirement to provide prior information about the contract to the consumer in written form presented several problems for businesses that wished to sell goods or supply services to consumers,. This prerequisite would automatically negate some of the benefits of contracting over the Internet, explicitly the elimination or reduction of large amount of paperwork.[135]This has now changed to a requirement to provide the required information in any way appropriate to the means of communication,[136]a vast improvement on the previous versions.

The Directive also provides that two forms of technology-automated calling systems and fax machines- may be used only with the prior consent of the consumer: what might be referred as an “opt-in” system. Automated calling systems involve the use of a computer system to call numbers and on answer play a pre-recorded message to the recipient. Although reportedly used extensively in the US, such technologies are effectively prohibited in some European countries. In the case of other forms of communication, it is provided that these are to be made only when the consumer has not indicated a clear objection to receipt the solicitations. The operation of an “opt-out” system would be compatible for this requirement. [137]

The rationale behind the selection of specific prohibited technologies is not clear. Recital 17 of the Directive asserts that the consumer’s right to privacy should extend to “freedom from certain particularly intrusive means of communication”. It is difficult to argue, that a pre-recorded telephone message is intrinsically more intrusive than other forms of telephone canvassing. [138]  

Security of payment

Additionally, another significant issue on distance sales is the security of payment. Consumers are often, and generally in the case of buying goods, required to pay prior to delivery. Using credit and debit cards to finance distance selling is raising fears that where card details are given to a supplier and transactions authorised without proper authentication, cards may be subject to fraudulent abuse. Doubt about payment security is one of the greatest impediments to the development of online shopping. The Directive recognises these dangers but its provisions to deal with them are rather weak and vague. Article 8 requires Member States to ensure that where fraudulent use has been made of a consumer’s card in the context of a distance contract covered by the Directive “appropriate measures exist to allow a consumer to request cancellation of a payment”, and to be recredited with sums paid. But there is no certain definition of payment card in the content of the Directive.

Fraudulent use of payment cards is only one part of the problem of security of payments. Another, at least as important, is the risk of supplier insolvency to which the pre-paying consumer is exposed. Pre-paying purchasers of services have no protection. Exceptionally, it may be possible to argue that consumer pre-payments are held on trust to satisfy their orders, so that in the event of non-performance the consumer is entitled to recover some or all of the payment. Despite these possibilities, however, there is a real risk that pre-paying consumers will be unable to recover their payments if the supplier becomes insolvent without performing the contract. The Directive therefore, ignores the problem and leaves a real impediment to confidence in distance contracting unregulated. [139]

The Directive has significant implications for online suppliers in relation to their web design and the rights of customers to cancel orders and claim refunds. The burden is on the supplier to demonstrate compliance with the distance selling legislation. Failure to comply will not only render contracts with consumers unenforceable, but will also result in the commission of an offence. There are, therefore, some important issues for website designers, and in relation to back office order fulfilment procedures where goods are bought and sold on the Internet. The Directive leaves enforcement of consumer protection measures to individual Member States and it remains to be seen what regulations the Member States will provide in this respect.[140]

The Directive has been highly criticised as notwithstanding it has entered into force in June 1997 it does not mention clearly the World Wide Web as means of concluding distance selling contracts and does not appear to have been extracted with this specific technology in mind since trade in the Internet was rather insignificant by that time. On the other hand, the rapidly changing nature of technology is acknowledged by the Directive[141] although commentators argued that an omission like this will cause difficulties for the implementation. [142]   In practice, that omission has been remedied by interpreting the Directive quite broadly so as to include contracts concluded by electronic means of communication.

Although the Distance Selling Directive has gone a long way towards improving consumer protection, it is not enough. In some countries it has not yet been implemented and in many cases compliance is inadequate.

 

   

Digital Signatures Integrity

          Every form of trade requires trust and confidence between the participants. The ability to be sure who is your contracting partner, what is exactly agreed upon, what is the exact content of the transaction, when the transaction takes place, creates and bolsters trust between the partners.

As electronic forms of communication and documentation are used extensively, the demand to trust is highlighted and must be legally supported and assured. Building such trust and confidence is prerequisite to encourage businesses and consumers in order to contract electronically. It implies the use of secure technologies such as digital signatures, digital certificates and secure electronic payment mechanisms, and a predictable legal and institutional framework to support these technologies.[143]

An adequate legal framework for electronic signatures is widely seen as an essential factor for the development of electronic commerce. In the business world, there has been an ever-increasing interest in ensuring that electronic communications meet the requirements of authenticity, integrity and confidentiality. A handwritten signature has traditionally been the best guarantee of the first two of these qualities in a document as it uniquely verifies the person from whom the document originates, and indicates assent to the content of text appearing above it. Confidentiality has had to be assured by enclosing the document in a sealed envelope. However, envelopes can be opened and resealed; so forgery is always a threatening possibility. Technological developments offer a more rigid guarantee of achieving all of these qualities via the use of cryptography.[144]

Secure technologies, such as digital signatures and digital certificates challenge sufficiently the requirements of secure e-commerce transactions. Digital signatures enable the unambiguous confirmation of the identity of the sender and the authenticity and integrity of electronic documents. Unique to the sender and unique to the message sent, digital signatures are verifiable and undisputable. Similarly, the exchange of Internet certificates through an automatic “digital handshake” between computers provides assurance that the parties are these who they say they are and helps to assess whether the service provided and the goods or services delivered are genuine.[145]

Generally, digital signatures apply cryptographic techniques to enable arrangements similar to handwritten signatures in unsecured data networks as well as a mean to guarantee that a signature cannot be forged. This is necessary since information stored on a digital medium can be copied exactly which means that the information contained in the copy resembles to its original in any way. Like hand-written signatures, a digital signature could be used in agreements and other legal acts to enable parties to an e-contract to verify that the transactions entered into between them are indeed being entered into by the parties that they believe they are transacting with.[146]

          Additionally, attempts to alter an electronic signature are easily detectable and the document’s authenticity can be then doubted; attempts to decrypt an encrypted document should prove impossible if a sufficiently secure encryption program has been used.[147]

Traditionally both business practice and the law do require commercial agreements to be evidenced. The reason for this derives from the desire to ensure certainty. Certainty is a great demand and concern that threatens the viability of e-commerce. A possible solution is to apply the existing law to e-commerce, but it is clear from the applicable legislation throughout the Member States that existing law does not deal adequately with electronic signatures. [148]

Many individual Member States already have, or are preparing legislation concerning electronic signatures. Because of the divergent legal approaches, the Draft Directive on Electronic Signatures[149] has been adopted in an attempt to minimise the barriers to cross border trade that the existing legal differences might create.[150] The Directive includes specific provision, in accordance with the principle of mutual recognition, for the Community-wide validity of certificates issued in the Member States, thus stimulating a single market for certification service providers.[151]

   

Electronic Signatures Directive

The Electronic Signatures Directive was adopted on December 1993 and Member States have to implement the Directive in national legislation before 19 July 2001. The aim of the electronic signatures Directive is to support the integrity of the encrypted communications by regulating the provision of encryption services and recognising the validity of contracts entered into between parties using these services.

One of the main objectives of the draft Electronic Signatures Directive is to ensure and support non-discrimination between electronic and handwritten signatures by removing obstacles arising from the diverging laws that have been introduced in various Member States. The Directive’s intention is to “enable” the use of electronic signatures within the European Union by focusing on the essential requirements for certification services, but leaving detailed implementation provisions to Member States. This approach is consistent with the Commission's legislative policy regarding subsidiarity, proportionality and legislative simplification.

The detailed provisions of the Directive implement the above-mentioned general objectives. Article 2(1) provides a definition of an “electronic signature” as a signature in digital form, in, or attached to or logically associated with, data used by the signatory to indicate the signatory’s approval of the content of that data and which meets the following requirements:(a) is uniquely linked to the signatory,(b)is capable of identifying the signatory,(c)is created using means that the signatory can maintain under his sole control; and (d)is linked to the data to which it relates in such a manner that it is revealed if the data is subsequently altered. Likely, the provided definition seems to have been extracted to foresee future technological developments.[152]

   

Validity of electronic signatures

Article 5 lays down the specific circumstances in which electronic signatures are to be valid, enforceable and legally effective just as their handwritten equivalents. For simple electronic signatures the provisions are entirely negative – Member States are to ensure that signatures of this type are not denied validity, enforceability and effectiveness solely on the grounds that they are in electronic form or are not certified. However, Member States are free to refuse to recognise electronic signatures for any other reason.[153]

On the contrary, certified advanced electronic signatures are given more favourable status. Under Art. 5(1) an electronic signature will receive the benefit of a higher level of validity if it is based on a qualified certificate which was created using a secure-signature creation device. To be a qualified certificate, the certificate must link the signature verification data used to the signatory and confirm his identity, and be issued by a certification service provider who meets the requirements of Annex II. Additionally, the certificate itself must comply with Annex I.[154]

   

Certification infrastructure

The rest of the Directive is dealing with ensuring that national laws establishing the certification infrastructure do not prevent the free movement of electronic signature services within the European Community. Thus, Member States may not introduce compulsory prior authorisation for Certification Authorities, although voluntary accreditation schemes are permitted, and the intra-Community cross-border provision of certification services and products may not be restricted.[155] Certification service provider is defined under Article 2(6) as “a person or entity which issues certificates or provides other services related to electronic signatures related to the public”. However, under Article 3(2) Member States may encourage voluntary accreditation schemes provided the conditions upon which they are established are objective, transparent, proportionate and non-discriminatory. In practice, such accreditation will be evidenced to the draft Directive by the compliance with Annex II. Similarly, compliance with Annex II is likely to be demonstrated by acquiring a licence from a European accreditation authority or one recognised by the relevant EU body.[156]

  Under the proposed Directive there will be pan-European regulation of the way in which electronic signatures are recognised. The most prevalent method of signature recognition in the EU is known as public-key cryptography, which is where consumers on the Internet as proof of their identity use an unforgeable computer code. Additionally, “Certification Service Providers” will act as a trusted third party who will guarantee the integrity of the signatures provided by their service. However, the electronic signatures Directive is striving to be technology-neutral so as to cover any possible method of recognition.[157]

The involvement of Certification Authorities as Trusted Third Parties clearly gives a greater measure of assurance concerning the reliability of an encrypted message. This notion is recognised in the Directive,[158] which refers to the notion of a “qualified certificate”: A digital attestation which links a signature verification device to a person, confirms the identity of that person and meets the requirements laid down in Annex I.[159] Annex I refers to the items of information, which must be provided in a digital attestation.

Article 4 ensures that there is a free circulation of electronic signature products in the European Union and that there are no restrictions on the services originating in any Member State if they comply with the Directive. In addition, under Article 7 foreign certificates may be recognised if the certification service provider is accredited in a Member State, or if a provider established in the European Union and meeting Annex II requirements guarantees the foreign certificate or the certificate or the provider is recognised under a bilateral or multilateral agreement between the European Union and the third country or international organisation.

Only if these requirements have been complied with, then Member States can ensure that a certification service provider is not liable for errors in the information included in the qualified certificate provided to the person whom the certificate is issued (if the certification service provider can demonstrate that it has taken all reasonably practical measures to verify that information). The certification service provider may indicate in the qualifying certificate limits on the uses of a certain certificate and the provider shall not be liable for damages arising from a contrary use of the qualified certificate that includes limits on its uses[160]. Providers may also indicate in the qualified certificate a limit on the value of the transactions for which the certificate is valid and the provider will not be liable for damages in excess of that value limit.[161]

A final point about the electronic signatures Directive is relating to data protection provisions; The Directive repeats that certification service providers are subject to the provisions of the Data Protection Directive. Member States are obliged to ensure certification service providers respect data protection legislation and individual privacy.[162]

However, under Article 8 Member States are required to ensure that certification service providers collect personal data only directly from data subjects and only in so far as it is necessary for the purposes of issuing a certificate. The data may not be collected or processed for other purposes without the consent of the data subject. Also under this Article the data subject at his or her request can require the certification service provider to indicate a pseudonym instead of the signatory’s name in the certificate.[163] Obviously, this provision could cause problems in relation to investigations by public authorities to reveal possible criminal offences. Thus, a certification authority would be entitled to transfer the real name of the data subject as part of an investigation provided that the data subject is informed as soon as possible after the investigation has been completed.[164]

Opponents of this provision have commented that sensitive material conveyed using a signature would be accessible to government officials. However, there has been no indication that a requirement of certification will be the compulsory access to communications by any authorities. The voluntary nature of the certification process is intended to ensure that the integrity of communications will be legally protected and recognised without the need for any official registration of the encryption service.

In order to ensure protection on an international level, the EU proposal includes mechanisms for co-operation with third countries on mutual recognition of certificates on the basis of bilateral and multilateral agreements. [165]

Finally, the Directive will not apply to electronic signatures exclusively used within closed systems nor will it restrict the freedom of choice of parties to agree to terms and conditions under which they will accept electronically signed data subject to the provisions of national law.[166]

Generally, the Directive venture to be technologically neutral and makes no reference to any particular form of encryption but refers extensively to the role of certification agencies or of cryptography service providers in order to increase user confidence by verifying the identity and status of persons using encryption technology.[167]

 

   

Weaknesses of the EU legal approach and implementation

The explosion of electronic commerce, particularly on the Internet, has virtually eliminated the barriers to cross-border trade. So long as the seller has the necessary technology to transmit his message in a language understandable in another country, transactions can be made and money can, virtually, be exchanged instantaneously. Online computer services facilitate the exchange of information between distant consumers and merchants allowing them to communicate as easy as if they were next-door neighbours. The Internet revolution has been proved in legal terms a kind of a challenge. As the popularity of Internet as communication medium grows, the problems will, as a consequence, grow with it. All of the problems of enforcing consumer rights in cross-border trade are not only present in electronic commerce, but they are also compounded.

Since launching its e-Europe Initiative,[168] the European Union (EU) has enacted a series of measures designed to promote e-commerce in Europe. The adopted legislation reflects the efforts made in the EU to promote, or at least not to restrain e-commerce while taking into consideration the consumer interests and concerns. E-commerce will not be able to develop fully unless there is certainty that transactions conducted by electronic means are legally valid and enforceable, and that sufficient safeguards are incorporated for its users.

The European Commission believes that uniform rules within the EU will boost confidence in e-commerce and force Europe into a knowledge-based economy. Yet, many obstacles stand in the way towards a uniform legislative framework, including divergent consumer protection laws and gaps in the implementing legislation of the 15 Member States.[169]

Indisputably, the main problem that impedes progress in the area of consumer friendly regulatory framework within the European Union is the fact that wide variety of legislation affects e-commerce. Plethora of Regulations, Directives and assorted amendments are adopted and most of the times are quite inconsistent. These contrasting laws are seldom cross-referenced, reviewed or aggregated for coherency. It is therefore, difficult to determine whether the laws are operating together or at cross-purposes. The formulation of legislation is conflicting between liberalisation and protectionism. The EU, in an ambitious attempt to balance the divergent and rather incompatible interests of consumers and vendors, is perplexed between consumer protection law and market favoured provisions, reducing legal coherence. This inconsistence is particularly apparent in the text of numerous Directives regulating e-commerce transactions, regarding the clarity of the place where the transaction has taken place and its legal effects. These problems are even more evident when that rather unclear Community law has to be transposed to national law. This lack of co-ordination between the existing consumer and non-consumer measures was recognised by the Treaty of Amsterdam, in the Article 153(2), providing that “consumer protection requirements shall be taken into account in defining and implementing other Community policies and activities”.

Perhaps the most controversial issue concerning the regulation of e-commerce in respect of the consumer’s protection has arisen in connection with the E-commerce Directive. The question of which law governs consumer electronic contracts is not clearly denoted in the content of the E-Commerce Directive. Within the EU, the governing law of contracts is generally dealt with by the 1980 Rome Convention, which permits the parties to decide on the governing law, with the exception of the law governing consumer contracts. In this specific case, the choice of law may not deprive the consumer from the protection of certain “mandatory rules” of the law of the state of his residence. These obligatory rules cannot be derogated by contract or by any national law, and typically include provisions about unfair terms in standard form contracts along with obligations of the supplier to provide certain information for certain types of transactions. Similar provisions are found in the text of Distance Selling Directive.

When the Commission announced that, under the Electronic Commerce Directive, the governing principle would be that the law of the country of origin of the supplier would govern, there was an outcry from consumer interest groups. Whereas those involved in e-commerce argued that exposing online merchants to the consumer protection laws of all 15 Member States would impede the development of e-commerce in the EU. But finally, it became clear that the existing provisions relating to the law of consumer contracts would not be changed.[170]

The Commission must assemble the applicable laws and develop a coherent "framework code" for the electronic marketplace. The existing regulatory framework    is not adequate and cannot be substitute for an integrated codification that is internally consistent and works toward a set of common goals.

Further, a significant disadvantage concerns the time required by the European Union to enact and implement legislation, since the expanding coverage of EU e-commerce law is dependent upon effective enforcement. The average timetable for adopting a Directive is two to three years, and then another two or three years for implementation in the Member States. This time is a considerable drawback compared with the rapid developments in e-commerce. But it is rather idealistic to suppose that a solution could be found soon. While the Commission has to move more quickly in this rapidly evolving area, adopting flexible and up-to-date legislation it seems unlikely in the near future. The European Union’s legislative process is designed to be deliberative, enabling Member States to weigh in, their constituent interests before national sovereignty is usurped by Community law.

 

 

The EU Model: a blueprint for the rest of the world

The European Union Institutions, particularly the Commission, have to lead in promoting e-commerce while protecting the consumer interests. As e-commerce is becoming truly borderless trade in Europe, individual Member States can lay little claim to autonomous legislative authority. A uniform legal approach is therefore necessary, and the only question is how the Community-wide authority could contribute effectively.

An option is to be adopted a “World Government Model” regulating specifically e-commerce, although the existing legal regimes throughout the world appear too heterogeneous to join forces and develop global rules to regulate markets and resolve disputes. But, as some countries favour strong policies of free speech and individual rights, while others are more inclined to take an active role as protector of their citizens, it seems rather unrealistic to be agreed such a uniform model and then to be of global acceptance.

Then again, self-regulation as a control mechanism is not advisable as a possible solution. The medieval Law Merchant, in which traders developed their own regulatory system with little regard to national borders, is analogous to self-regulation schemes.  But, circumstances are quite different today. National legal systems are more developed and have efficient mechanisms to challenge borderless trade. There is, thus, no lack of legal authority, no empty space to be completed. The problem is lack of coherence and coordination among the various legal regimes that would regulate a given act or transaction. Moreover, self-regulation is more effective when regulating dealings among a small number of traders who know each other. But, as the electronic marketplace covers a large, disparate and, to some extent, anonymous collection of buyers and sellers, self-regulation alone is unlikely to police the market effectively.

A further possible alternative could be business agreement to develop Codes of Conduct regulating areas that relieve consumers’ fears and bolster consumer confidence (including transparency and identification, data protection, security of transactions, authentication, commercial communications, distance selling, cancellation policies, and redress). These Codes should also provide mechanisms for enforcement, monitoring and also surveillance of their provisions. Similarly, third party certification systems that provide “seals” and “trustmarks” to certify that vendors could comply with a defined code of conduct. Specified enforcement provisions could be developed through competition in the market and could be used widely by Internet vendors. But, it is arguable whether consumers could rely upon such a business-oriented Code of Conduct, as rather profit could be their motive and not truly consumer protection guaranties. Thus, since the European Union Member States have more common legal traditions and therefore, are more likely to agree upon a suitable regulatory framework. EU Directives governing e-commerce transactions are an outstanding example of regulatory framework of broad recognition.

 

   

Conclusion

Cross-border transactions are problematic, especially from the consumer viewpoint due to uncertainty concerning the applicable law and the differences between national laws. Implicitly, Internet requires either a novel model of regulation or further-development of the existing ones. Whereas in the traditional trading place there has been much debate about the advantages and disadvantages of self-regulation, the Internet forces to accept it as a necessary aspect requiring immediate and rather uniform regulation. Additionally, formal or informal enforcement procedures will have to be agreed by cross-border institutions. 

If the major goal is to facilitate e-commerce transactions and at the same time to introduce such a legal framework that would apply to Internet transactions so as to achieve the desired consumer confidence then the applicable legal regime in the European Union is quite clear and could be a useful model for global regulation.

Positively thinking, European Union institutions are ideally capable to deal with e-commerce issues. After all, this multi-national community has been created for the express purpose of eliminating barriers to cross-border trade in Europe, and over the years the Treaty of Rome has been amended to expand the powers of European Union institutions to the point where only few areas of commerce are beyond their reach.

As a part of the ambitious effort to building trust and confidence among the “electronic-consumers”, the Commission has presented numerous Directives and Proposals for Directives relating to electronic commerce transactions, which then have to be adapted by the European Member States into national law. The main incentive of the EU Directives is to endorse and promote E-commerce. Directive 2000/31/EC on certain legal aspects of Information Society Services and in particular, Electronic Commerce in the Internal Market of September 1999 (the E-Commerce Directive) is a prime example reflecting that endeavour, since it provides legal certainty to operators that their transactions will be regulated, in principle, by just one authority (that of their country of origin).  Other important Directives include the Directive on Distance Contracts  (Directive 97/7/EC), relating to consumer agreements concluded through the use of distance communication technology; the Data Protection Directive (Directive 95/46/EC) on the protection of natural persons during processing of personal data and relating to free data transfer; the electronic signatures (Directive 99/93/EC) on a Community framework for electronic signatures.

In terms of harmonisation, the various adopted Directives, undoubtedly, increase the level of harmonisation within the EU, by requiring each Member State to enforce them through detailed national statutes. It is significant, however, that the European Directives, such as the Data Protection Directive, have also forced other countries to adopt similar legislation in order to conform to the EU standards. A wide range of countries with extensive trade relations with the EU might lack “adequate” protection of privacy, and thus, might encounter limits on the transfers of personal information. The last few years, data protection laws enacted or were seriously considered in European countries outside of the EU, and in far-flung countries such as Argentina, Brazil, Canada, and New Zealand. The possibility of “inadequate” protection has also been used as an argument for enacting new privacy legislation in the United States.

It is evident that the EU Directives have played a prominent role in encouraging similar legislation around the globe. As the Internet helps individuals conduct international transactions with unparalleled ease, the concerns that are latent about the uncertain, “unregulated” means of communication are potentially large. If the incentive is the proliferation of e-commerce then the existing concerns relating to safe commercial transactions have to be removed. Consumers have to feel safe while contracting on line. Although the EU legal framework is not the most complete, since it has some “legal unclarities”, it is on the other hand, well constructed towards an ambitious attempt to regulate all the possible subjects addressed. But conflicts can arise as countries seek to restrict activities in one part of the Web that are legal elsewhere.

These Directives will likely have significant repercussions for the Internet, and will require companies worldwide to make adjustments in operational concepts. The Directives are currently, a source of tension between the United States, which has taken a comparatively “hands off” approach legislatively, and the EU, which appears eager to expand its reach in order to protect its citizens. How EU legislation is enforced, and the legal principles regarding jurisdiction over remote Internet activities, will be debatable field for the present time and possibly for the near and distant future.

However, it is very important for the economic future of Europe not to be left behind in the race to establish legal suggestions in the electronic marketplace. Whilst, the majority of European governments have a long tradition of intervention and regulation of commerce, in particular leaning towards protection of consumers and small businesses, this “troublesome” new medium requires urgent regulation and the adopted EU legislation is balancing successful among the divergent interests of both consumers and vendors. Thus, the development of European e-commerce regulatory framework is likely to be a prominent model and become a stable basis that will strengthen consumer confidence and boost e-commerce globally.

 

 

 

 

 

 

 

 

 

 

 

Bibliography

Books

Akdeniz, Y. &Walker, C., “Whisper who dares: encryption, privacy rights and the new world disorder”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000

Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000

Cate, F. H., Privacy in the information age, Washington D.C. Brookings Institution Press, 1997

Charlesworth,A., “Not National vs. International but Commercial vs. Individual”, in Edwards, L. & Waelde, Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000

Charlesworth,A., “The governance of the Internet in Europe”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000

Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999

Eden, P., “Electronic commerce- Law and Policy”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000

Edwards,L.&Waelde,Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000

Hogg, M., “Secrecy and Signatures-Turning the legal Spotlight on Encryption and Electronic Signatures”, in Edwards, L. &Waelde, Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000

Kelleher,D.& Murray,K., IT Law in the European Union, London, Sweet and Maxwell,1999

Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000

Lloyd, I. J., Information Technology Law, London-Edinburgh-Dublin, Butterworths, 3rd edition, 2000

Lubbock,M.& Krosch,L., E-commerce : doing business electronically? London, Stationery Office, 2000

Reed, A., “Jurisdiction and choice of Law in a borderless electronic environment”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000

Reed, Ch. & Angel J., Computer Law, London, Blackstone Press, 4th edition, 2000

Reed, Ch., Internet Law: Text and Materials, London-Edinburgh-Dublin, Butterworths, 2000

Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000

Spinello,R.A., Cyberethics-Morality and Law in Cyberspace, Sudbury, Massachusetts, Jones & Bartlett Pub.,2000

Swire, P. & Litan, R., None of your business-World Data Flows, Electronic Commerce and the European Privacy Directive, Washington D.C., Brookings Institution Press, 1998

Wacks,R., The protection of privacy, London,Oxford, Sweet Maxwell,1980

Wacks,R., Personal information: privacy and the law,Clarendon Press, 1993

 

 

Articles

Akdeniz,Y., “UK Government Policy on Encryption”, Web Journal of Current Legal Issues, 1/1997 http://webjcli.ncl.ac.uk/1997/issue1/akdeniz1.html

Akdeniz,Y. et al., Cryptography and Liberty: “Can the Trusted Third Parties be Trusted? A Critique of the Recent UK Proposals” http://elj.warwick.ac.uk/jilt/cryptog/97_2akdz/default.htm

Angel, J., “Why use Digital Signatures for Electronic Commerce?”, Commentary,1999 (2) , (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/99-2/angel.html

Barofsky,A., “The European Commission's Directive on Electronic Signatures: Technological “Favoritism” Towards Digital Signatures” ,(2000) 24 Boston College International and Comparative Law Review,p.145

Bogle,Ph.&Mitchell,E., “E-commerce legislation in the EU” http://www.elbornes.com/articles/ecomleg.htm

Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html

Brady,M., “Reality Check: The State of E-Commerce”, E-Commerce Times, 11July 2000,http://www.ecommercetimes.com/perl/story/3738.html

British Bankers Association “Replacing the Brussels Convention”, Issue 34, http://www.bba.org.uk/html/1212.html

Brownsword, R. & Howells, G., “Consumer Protection on the Internet: The Impact of the Information Technology” Journal of Contemporary Issues in Law,

http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm

Charlesworth,A., “Clash of the Data Titans: US and EU Data Privacy Regulation” (2000) 6 European Public Law pages 253-274

Charlesworth,A., “Implementing the European Data Protection Directive 1995 in UK Law: The Data Protection Act 1998” (1999) 16 (3) Government Information Quarterly 203

Commission of the European Communities “Boosting customers’ confidence in electronic means of payment in the single market”, Brussels 1997 COM (97) 353

Commission of the European Communities “Globalisation and the Information Society/The Need for Strengthened International Coordination”, Brussels 1998, COM (98) 50

Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm

Dejoie,L. A., “Significant European Developments”, International Law & The Internet,  http://www.mwn.com/publicat/articles/inteuro.html

Diedrich,F.,  “A Law of the Internet? Attempts to Regulate Electronic commerce” http://elj.warwick.ac.uk/jilt/00-3/diedrich.html

Directive 2000/31/EC Electronic commerce: “Commission  welcomes   final adoptions of legal framework Directive”

Dorsey & Whitney Intellectual Property Practice Groups “Regulating E-Commerce in Europe: The Rhetoric and the Reality”, Intellectual Property Law

March 2001, http://www.dorseylaw.com/updates/IPMar2001.asp

Electronic Commerce: “Commission proposes legal framework”, December 1998,Single Market News, No 15,p.16-17

European Commission, “Ensuring security and trust in electronic communication: towards a European framework for digital signatures and encryption: communication from the Commission”, COM (1997) 503

EU Committee of the American Chamber  of  Commerce  Position   Paper   on    the Working Document on “The Processing of personal data and the protection  of   privacy in the electronic communication sector”, 19 May 2000,  http://www.eucommittee.be/pop/pop2000/Icts/icts38.htm

EU Electronic Commerce Directive: Introduction

http://www.geocities.com/SiliconValley/Network/5054/marcos/directiva/ecomdirintro_en.htm

Foss, M.& Bygrave, L. A., “International Consumer Purchases through the Internet: Jurisdictional Issues pursuant to European Law”, ECLIP ESPRIT Project 27028, 

Electronic Commerce Legal Issues Platform,

http://www.jura.uni-muenster.de/eclip/documents/NRCCL_consumer_jurisdiction.pdf

Freeman D.J.,“IBA world women lawyers conference -Jurisdiction and the Internet”,March2001, http://www.djfreeman.co.uk/litigati/pubs/seminars/iba2001.shtml

Gillies,L., “A Review of the New Jurisdiction Rules for Electronic Consumer Contracts within the European Union”, Commentary, 2001(1) The Journal of Information Law and Technology (JILT) http://elj.warwick.ac.uk/jilt/01-1/gillies.html

Hatlestad, L., “Online privacy matters”, Red Herring,16 January 2001 http://www.redherring.com/index.asp?layout=story&channel=50000005&doc_id=1760015576

Hörnle, J., “The European Union Takes Initiative  in  the  Field  of  E-Commerce”,  Commentary 2000 (3) The Journal of Information, Law and Technology (JILT). http://elj.warwick.ac.uk/jilt/00-3/hornle.html

Jones, P., “Privacy and the Private Sector: Law at the crossroads of evolution” (2000) 6 European Public Law pages 275-301

Kesarev,K., “Digital Signatures And Encryption in The European Union”, November 1998, http://www.tml.hut.fi/Studies/Tik-110.300/1998/Essays/crypto_eu.html#2.1

Kosten, F. & Pounder, Ch., “The EC Data Protection Directive 1995: An Analysis” (1996) 2 Web Journal of Current Legal Issues http://webjcli.ncl.ac.uk/1996/issue2/kosten2

Lloyd,I., “An Outline of the European Protection Directive”,(1996)JILT http://elj.warwick.ac.uk/jilt/dp/intros/default.htm

Lodder,A.R., “Electronic Contracts and Signatures: National Civil Law in the EU will change drastically soon”,15th BILETA Conference: “Electronic datasets and Access to Legal Information”, April 2000,    http://www.bileta.ac.uk/00papers/lodder.html

McCullagh, A. et al, “Signature Stripping: A Digital Dilemma”, 2001 (1), The Journal of Information, Law and Technology, (JILT), http://elj.warwick.ac.uk/jilt/01-1/mccullagh.html

Maxeiner, J. R., “Freedom of Information and the EU Data Protection Directive” (1995)  48 (1) Federal Communications Law Journal http://www.law.indiana.edu/fclj/pubs/v48/no1/maxeiner.html

Misquitta, A., “Electronic Signatures”, Spring 1999, http://www.farrer.co.uk/briefings/ecommerce/signatur.html

Morrison,D.S., “EC's e-commerce directive may be too indirect” ,Red Herring, 19 May 2000,http://www.redherring.com/index.asp?layout=story&channel=20000002&doc_id=1170012317

Morrison&Foerster LLP “ Amended  Proposal  for  an   Electronic   Commerce Directive”  (10/99) http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I

Nehf,J.P., “Borderless Trade and the Consumer Interest: Protecting the Consumer in the Age of E-Commerce” (1999) 38Columbia Journal of Transnational Law, p.457

Ortiz, J., “Regulatory vacuum could stifle e-commerce growth” http://www.financialexpress.com/fe/daily/20000725/fco25011.html

Pearson, H.E., “E-Commerce  Legislation:  Recent  European  Community Developments”, Journal of Internet Law, http://www.gcwf.com/articles/journal/jil_aug00_1.html

Petersen, S. B., “Your Life as an Open Book: Has Technology Rendered Personal Privacy Virtually Obsolete?”(1995) 48(1) Federal Communications Law Journal http://www.law.indiana.edu/fclj/pubs/v48/no1/petersen.html, website visited on 17.7.2001

Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium” 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm

Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html

Regan, K., “EU OK's E-Commerce Dispute Law” http://www.EcommerceTimes.com/perl/story/5635.html

Reith, T., “Consumer confidence: the key to successful E-Commerce in global marketplace”(2001), 24 Suffolk Transnational Law Review 467

Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html

Rothchild,J. “Protecting the Digital Consumer: The Limits of Cyberspace Utopianism”, (1999)74 Indiana Law Journal, p.893

Seminerio,M. “EU privacy plan talks continue to end of year” ZDNet News,2 November 1998, http://www.zdnet.com/zdnn/stories/news/0,4586,2158908,00.html

Singleton,S., “Privacy as Censorship: A Skeptical view of proposals to Regulate Privacy in the Private Sector” Cato Institute, Policy Analysis No 295, 22 January 1998 http://www.cato.org/pubs/pas/pa-295.html

Spar,D. & Busgang, J., “Ruling Commerce in the Networld” http://www.ascusc.org/jcmc/vol2/issue1/commerce.html

Stravitz,H.B., “Personal Jurisdiction in Cyberspace: Something More is Required on the Electronic Stream of Commerce”(1998),49 South Carolina Law Review,p.925

Swindells,C.& Henderson,K., “Legal Regulation of Electronic Commerce” http://elj.warwick.ac.uk/jilt/98-3/swindells.html

Swire,P.P., “Of Elephants, Mice, and Privacy: International Choice of Law and the Internet” , International Lawyer, August 1998,

http://www.osu.edu/units/law/swire1/elephants.htm

The White House: “A Framework for Global Electronic Commerce”, (1997) http://www.ecommerce.gov/framewrk.htm

Töpper,A., “Confidence in e-commerce?” Workshop Results Third Annual Assembly of Consumer Associations in Europe, 23 & 24 November 2000, Brussels http://europa.eu.int/comm/dgs/health_consumer/events/event32_wrks4_rep1_en.html

UK Information Technology “Consumer contracts and jurisdiction - changes to the Brussels Convention”, February 2001, articles in association with Bristows,  http://www.icclaw.com/devs/uk/it/ukit_060.htm

United Nations UNCITRAL model law on electronic commerce with guide to  enactment 1996 with additional article 5 as adopted in 1998 http://www.uncitral.org/english/texts/electcom/ml-ec.htm

Wagner,J., “Despite Consumer Confidence, Security Issues Remain” http://www.internetnews.com/ec-news/article/0,,4_712111,00.html

White, A., “Control of Transborder Data Flow: Reactions to the European Data Protection Directive”, (1997) 5 International Journal of Law and Information Technology, p. 230

Youngerwood,A.& Mann,S., “Extra Armoury for Consumers: The New Distance Selling Regulations”, Commentary 2000 (3) The Journal of Information, Law and Technology (JILT), http://elj.warwick.ac.uk/jilt/00-3/youngerwood.html



[1]           Reed, A., “Jurisdiction and choice of Law in a borderless electronic environment”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.104

[2]           Eden, P., “Electronic commerce- Law and Policy’’, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.318

[3]           Commission of the European Communities “Globalisation and the Information Society/The Need for Strengthened International Coordination”, Brussels 1998, COM (98) 50

[4]           Stravitz,H.B., “Personal Jurisdiction in Cyberspace: Something More is Required on the Electronic Stream of Commerce”(1998),49 South Carolina Law Review,p.925

[5]           Rothchild,J. “Protecting the Digital Consumer:The Limits of Cyberspace Utopianism”, (1999)74 Indiana Law Journal, p.893

[6]           Akdeniz,Y. et al., Cryptography and Liberty: “Can the Trusted Third Parties be Trusted ?A Critique of the Recent UK Proposals” http://elj.warwick.ac.uk/jilt/cryptog/97_2akdz/default.htm  

[7]           Reith, T., “Consumer confidence: the key to successful E-Commerce in global marketplace”(2001), 24 Suffolk Transnational Law 

Review 467

[8]           Töpper,A., “Confidence in e-commerce?’’ Workshop Results Third Annual Assembly of Consumer Associations in Europe, 23 & 24 November 2000, Brussels http://europa.eu.int/comm/dgs/health_consumer/events/event32_wrks4_rep1_en.html

[9]            Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm

[10]          Kelleher,D.& Murray,K., IT Law in the European Union, London, Sweet and Maxwell,1999,p.85

[11]          Reed, Ch. & Angel J., Computer Law, London, Blackstone Press, 4th edition, 2000,p.301  

[12]          Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm 

[13]          Brussels Convention on jurisdiction and the enforcement of judgments in civil and commercial matters, 27 September 1968, OJ L299/32,1968.

[14]          Rome Convention on the Law applicable to Contractual Obligations, 19 June 1980, OJ L 266/1, 1980

[15]          European Free Trade Area, members of EFTA are currently Iceland, Liechtenstein, Norway, Switzerland

[16]          Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.264

[17]          Brussels Convention Art. 2(1) 

[18]          Foss, M.& Bygrave, L. A. “International Consumer Purchases through the Internet: Jurisdictional Issues pursuant to European Law”, ECLIP ESPRIT Project 27028, Electronic Commerce Legal Issues Platform, http://www.jura.uni-muenster.de/eclip/documents/NRCCL_consumer_jurisdiction.pdf

[19]          Brussels Convention art.4

[20]          Brussels Convention art.14

[21]          Reed, Ch., Internet Law: Text and Materials, London-Edinburgh-Dublin, Butterworths, 2000,p.192 

[22]          Brussels Convention Art.13 (1)

[23]          Brussels Convention Art.13(2)

[24]          Brussels Convention Art.13(3a)

[25]          Brownsword, R. & Howells, G., “Consumer Protection on the Internet: The Impact of the Information Technology” Journal of Contemporary Issues in Law, http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm 

[26]          UK Information Technology “Consumer contracts and jurisdiction - changes to the Brussels Convention”, articles in association with Bristows, February 2001 http://www.icclaw.com/devs/uk/it/ukit_060.htm 

[27]         Foss, M.& Bygrave, L. A. “International Consumer Purchases through the Internet: Jurisdictional Issues pursuant to European Law”, ECLIP ESPRIT Project 27028, Electronic Commerce Legal Issues Platform, http://www.jura.uni-muenster.de/eclip/documents/NRCCL_consumer_jurisdiction.pdf

[28]         Hörnle, J., “The European Union Takes Initiative  in  the  Field  of  E-Commerce”,  Commentary 2000 (3) The Journal of Information, Law and Technology (JILT). http://elj.warwick.ac.uk/jilt/00-3/hornle.html

[29]          Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.265  

[30]          Freeman D.J.,“IBA world women lawyers conference -Jurisdiction and the Internet”,March 2001, http://www.djfreeman.co.uk/litigati/pubs/seminars/iba2001.shtml

[31]          Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market Official Journal L 178, 17/07/2000 p. 1-16

[32]          Pearson, H.E. “E-Commerce Legislation: Recent European Community Developments” http://www.gcwf.com/articles/journal/jil_aug00_1.html

[33]          Article 1 and 3

[34]          Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm

[35]          Ortiz, J., “Regulatory vacuum could stifle e-commerce growth” http://www.financialexpress.com/fe/daily/20000725/fco25011.html 

[36]          Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm 

[37]          Bogle,Ph.&Mitchell,E., “E-commerce legislation in the EU” http://www.elbornes.com/articles/ecomleg.htm

[38]          Recital 19

[39]          Morrison&Foerster LLP “Amended  Proposal  for   an  Electronic    Commerce Directive (10/99)’’ http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I  

[40]          EU Electronic Commerce Directive: Introduction

http://www.geocities.com/SiliconValley/Network/5054/marcos/directiva/ecomdirintro_en.htm

[41]          Article 4

[42]          EU Electronic Commerce Directive: Introduction

http://www.geocities.com/SiliconValley/Network/5054/marcos/directiva/ecomdirintro_en.htm website visited on 5.7.2001

[43]          Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm, website visited on 20.7.2001

[44]             Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing1999,p.24

[45]             Morrison & Foerster LLP “Amended Proposal  for   an  Electronic   Commerce Directive (10/99)’’ http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I  website visited on 20.7.2001

[46]          Article 4 and 5 of the Directive on Distance contracts

[47]          The relevant provisions of the Directive on distance contracts applies only where there is a contractual or pre-contractual relationship

[48]          Article 11

[49]          Lubbock,M.& Krosch,L., E-commerce : doing business electronically? London, Stationery Office, 2000,p.21

[50]          Article 6(a) and (b)

[51]          Lubbock,M.& Krosch,L., E-commerce : doing business electronically? London, Stationery Office, 2000,p.21

[52]          Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.26 

[53]          Article 7(1)

[54]          Article 8(1)

[55]          Article 9

[56]          Article 10

[57]          Article 11(1)

[58]          Morrison&Foerster LLP “Amended  Proposal  for   an   Electronic   Commerce Directive” (10/99) http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I

[59]          Article 16

[60]          Article 16(b). See also Directive 98/34 EC, OJ 1998 L204/37, as amended by Directive 98/48 EC, OJ 1998 L217/18, which provides that voluntary agreements to which a public authority is party must be notified in accordance with the terms of the Directive

[61]          Nehf, J.P., “Borderless Trade and the Consumer Interest: Protecting the Consumer in the Age of E-Commerce” (1999) 38Columbia Journal of Transnational Law, p.457 

[62]          Eden, P., “Electronic commerce- Law and Policy’’, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.363

[63]          Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm  

[64]          Morrison,D.S., “EC's e-commerce Directive may be too indirect’’ ,Red Herring, 19 May 2000 http://www.redherring.com/index.asp?layout=story&channel=20000002&doc_id=1170012317 

[65]          Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm 

[66]          Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.278 

[67]          Article 19(2)

[68]          Hörnle, J., “The European Union Takes Initiative in  the  Field  of  E-Commerce”,  Commentary 2000 (3) The Journal of Information, Law and Technology (JILT). http://elj.warwick.ac.uk/jilt/00-3/hornle.html

[69]          Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm

[70]          Case 120/78,Rewe-Zentrlale AG v. Bundesmonopolverwaltung für Branntwein (1979)ECR 649

[71]          Council Regulation (EC) No 44/2001 of 22 December 2000 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters, Official Journal L 012, 16/01/2001 p.1-23

[72]          Gillies, L., “A Review of the New Jurisdiction Rules for Electronic Consumer Contracts within the European Union’’, Commentary, 2001(1) The Journal of Information Law and Technology (JILT) http://elj.warwick.ac.uk/jilt/01-1/gillies.html

[73]          Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.278

[74]          British Bankers Association “Replacing the Brussels Convention”, Issue 34, http://www.bba.org.uk/html/1212.html

[75]          Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.265 

[76]          Regan, K., “EU OK's E-Commerce Dispute Law’’ http://www.EcommerceTimes.com/perl/story/5635.html

[77]          Swire, P. & Litan, R., None of your business-World Data Flows, Electronic Commerce and the European Privacy Directive, Washington D.C., Brookings Institution Press, 199,p.88 

[78]          Survey, “Information Technology and Data Protection” Eurobarometer 46.1(January 1997), 

[79]         Akdeniz, Y. &Walker, C., “Whisper who dares: encryption, privacy rights and the new world disorder”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.318 

[80]          Swire, P. & Litan, R., None of your business-World Data Flows, Electronic Commerce and the European Privacy Directive, Washington D.C., Brookings Institution Press, 1998,p.77 

[81]          Hatlestad, L., “Online privacy matters”, Red Herring, 16 January 2001 http://www.redherring.com/index.asp?layout=story&channel=50000005&doc_id=1760015576

[82]          Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing1999,p.56

[83]          Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Official Journal L 281, 23/11/1995 p.31- 50

[84]          Recital 30

[85]          Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000,p.366

[86]          Lloyd, I., “An Outline of the European Protection Directive”, (1996) JILT http://elj.warwick.ac.uk/jilt/dp/intros/default.htm

[87]          Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html

[88]          Cate, F. H., Privacy in the information age, Washington D.C., Brookings Institution Press, 1997 p.37

[89]          Cate, F. H., Privacy in the information age, Washington D.C., Brookings Institution Press, 1997 p.41

[90]          Maxeiner, J. R., “Freedom of Information and the EU Data Protection Directive’’ (1995) 48 (1) Federal Communications Law Journal http://www.law.indiana.edu/fclj/pubs/v48/no1/maxeiner.htm

[91]          Cate, F. H., Privacy in the information age, Washington D.C., Brookings Institution Press, 1997 p.41

[92]          Reed, Ch., Internet Law: Text and Materials, London-Edinburgh-Dublin, Butterworths, 2000,p.231

[93]          Article 25(3)

[94]          Lloyd, I. J., Information Technology Law, London-Edinburgh-Dublin, Butterworths, 3rd edition, 2000,p.189

[95]          Article 22

[96]          Article 23(1)

[97]          Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html

[98]          Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html

[99]          e.g. the Council of Europe Convention, which attempts to reconcile the notion of effective data protection with the ideal of free flow of information, as set out in the European Convention on Human Rights,Art.10. In pursuance of this Art.12 of the Convention, on automatic processing of data, contains provisions allowing restriction of transborder data flows “except where the regulations of the other party provide an equivalent protection (for the personal data)

[100]        Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.377 

[101]         Kelleher,D.& Murray,K., IT Law in the European Union, London, Sweet and Maxwell,1999,p.255

[102]         Seminerio,M., “EU privacy plan talks continue to end of year” ZDNet News,2 November 1998, http://www.zdnet.com/zdnn/stories/news/0,4586,2158908,00.html,

[103]         White, A., “Control of Transborder Data Flow: Reactions to the European Data Protection Directive”, (1997) 5 International Journal of Law and Information Technology, p. 230

[104]         Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.64 

[105]         Lloyd, I. J., Information Technology Law, London-Edinburgh-Dublin, Butterworths, 3rd edition, 2000,p.192 

[106]         Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html  

[107]         Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000,p.271-272

[108]         Directive 97/7/EC of the European Parliament and of the Council of 20 May 1997 on the protection of consumers in respect of distance contracts - Official Journal L 144, 04/06/1997 p.19-27    

[109]         Council Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts Official Journal L 095, 21/04/1993 p.29 -34

[110]         Article 1

[111]         Recital 3

[112]         Eden, P. “Electronic commerce- Law and Policy”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), ‘The Internet, Law and Society’, Longman, 2000, p.363 

[113]         Article 2(2)

[114]         The legal base of the Directive is Article 95 of the EC Treaty, which provides that the Community may take measures as is necessary for the development of internal market.

[115]             Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.92

[116]         Recital 14

[117]         Article 2(1)

[118]             Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.93

[119]         Article 10

[120]         Article 3(1)

[121]             Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html , website visited on 6.7.2001

[122]         Article 4

[123]             Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html, website visited on 6.7.2001

[124]         Recital 13

            [125]         Article 6(1)

[126]             Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html , website visited on 6.7.2001

[127]             Brownsword, R. & Howells, G., “Consumer Protection on the Internet: The Impact of the Information Technology” Journal of Contemporary Issues in Law,

http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm

[128]         Reed, Ch. & Angel J., Computer Law, London, Blackstone Press, 4th edition, 2000,p.327

[129]         Brownsword, R. & Howells, G., “Consumer Protection on the Internet: The Impact of the Information Technology” Journal of Contemporary Issues in Law,

http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm 

[130]         Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000,p.273

[131]         Article 7

[132]         Article 9

[133]         Dejoie,L. A., “Significant European Developments”, International Law & The Internet  http://www.mwn.com/publicat/articles/inteuro.html,

[134]         Article 12

[135]         Reed, Ch. & Angel J., Computer Law, London, Blackstone Press, 4th edition, 2000,p.327

[136]         Article 4(2)

[137]         Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.270

[138]         Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.270  

[139]         Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html 

[140]         Distance Selling Directive http://www.dla.com/ecommerce/dist.htm

[141]         Recital 9

[142]         Kelleher,D.& Murray,K., IT Law in the European Union, London, Sweet and Maxwell, 1999,p.140  

[143]         Angel, J., “Why use Digital Signatures for Electronic Commerce?”, Commentary,1999 (2) , (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/99-2/angel.html

[144]         Hogg, M., “Secrecy and Signatures-Turning the legal Spotlight on Encryption and Electronic Signatures’’, in Edwards, L. &Waelde, Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000,p.38

[145]             Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157, para. 36  http://www.cordis.lu/esprit/src/ecomcom.htm, 

[146]             Kesarev,K., “Digital Signatures And Encryption in The European Union”, November1998,http://www.tml.hut.fi/Studies/Tik-110.300/1998/Essays/crypto_eu.html#2.1

[147]         Hogg, M., “Secrecy and Signatures-Turning the legal Spotlight on Encryption and Electronic Signatures’’, in Edwards, L. &Waelde, Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000,p.38 

[148]             Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p. 35 

[149]             Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures
Official Journal L 013, 19/01/2000 p.12 –20

[150]             Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p. 37

[151]         Article 4

[152]         Angel, J., “Why use Digital Signatures for Electronic Commerce?”, Commentary,1999 (2) , (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/99-2/angel.html

[153]         Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html,  

[154]         Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html, 

[155]         Article 3

[156]         Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html

[157]          Misquitta, A., “Electronic Signatures”, Spring 1999, http://www.farrer.co.uk/briefings/ecommerce/signatur.html

[158]         Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000, p. 264 

[159]         Article 2(10)

            [160]         Article 6(3)

            [161]         Article 6(4)

[162]         Recital 24

[163]         Article 8(3)

[164]         Misquitta, A., “Electronic Signatures”, Spring 1999, http://www.farrer.co.uk/briefings/ecommerce/signatur.html,

[165]         Article 7

[166]         Recital 16

[167]         Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000, p. 261 

[168]         Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm,

[169]         Dorsey & Whitney Intellectual Property Practice Groups “Regulating E-Commerce in Europe: The Rhetoric and the Reality”, Intellectual Property Law, March 2001, http://www.dorseylaw.com/updates/IPMar2001.asp, 

  [170]             Pearson, H.E., “E-Commerce Legislation: Recent European Community Developments’’, Journal of Internet Law, http://www.gcwf.com/articles/journal/jil_aug00_1.html,