Contents
|
The Internet
challenges and displaces traditional forms of communication.
Information technology through World Wide Web
provides and facilitates instant access to a broader international level than
was ever before possible or even imagined. The Internet provides novel ways of
communication and doing business as it generates the ability for information to
be made available simultaneously and instantaneously around the world.[1]
It is a generic argument that Internet technology affected the global trade of
goods and services in undeniable ways as an increasing amount of these
transactions occurs online.
[2] Internet technology makes
it feasible for e-tailers to reach a large number of prospect clients-consumers
throughout the world at the same time and provide them with individual
information. The consequences from a technological and also cultural and
economic viewpoint, resulting from the developments in the area of information
technology are sufficiently known.
[3]
Experts assume that commerce, together with information retrieval, will
be at the centre of Internet use in the future; e-commerce is thus a key
application of the new information technologies.
The special characteristics of the online
medium raise novel issues for sellers and consumers in online commerce. Due to
the inherently international nature of online communications, online
participants are exposed to a multiplicity of jurisdictions. Other
communications technologies make it relatively simple to target commercial
solicitations to a particular geographic area. When sellers make use of the
various modes of online communication, such targeting ranges from the difficult
to the impossible. This geographic indeterminacy raises also severe and
intractable concerns about security and
reliability matters.
[4]
It is, in many cases, unclear how existing regulatory regimes governing
traditional trade practices apply to online commerce.[5]
The impact
of Internet technology, in addition, has recalled privacy issues and will be one
of the greatest civil liberty issues of the next century. The Internet does not
create new privacy issues, but it does make it more difficult to legislate
effectively for existing ones, such as confidentiality, authentication, and the
integrity of the information circulated. Privacy is a challenging topic for
lawyers and legislators since it is necessary to balance rights and find a
socially acceptable consensual solution.
[6]
But, governments worldwide lack the essential
knowledge to deal with the opportunities and problems e-commerce presents.
Therefore, governments must cooperate with both the industry and consumer groups
in order to adopt a flexible interpretation of existing regulatory solutions;
educate the public to use such privacy enhancing technologies properly.
[7]
The Internet generates major new challenges
to the traditional commercial transactions. E-commerce takes place not in a
restricted national level but rather in the international arena. Electronic
commerce transactions are rapidly increasing and consequently, the interest in
commercial activity has raised queries about a coherent regulatory framework to
stimulate consumer confidence. Therefore, an international and particularly
uniform solution is required. However, rather than striving for an international
solution that might be of an inadequate quality level or might take too long to
be achieved, it might be preferable to focus on partial solutions. As EU
represents a wide and quite homogenous market, it might be preferable to examine
thoroughly its legal approach concerning consumer policy.[8]
A European Initiative on Electronic Commerce
In April 1997 the
Commission adopted a Communication entitled “A European Initiative on
Electronic Commerce”,
[9]
intended to identify the key to promote E-commerce in the European Community.
These rather ambitious objectives were:
to
provide widespread, affordable access to the infrastructure;
to
create a favourable regulatory framework for electronic commerce;
to
foster a favourable business environment for electronic commerce;
to
ensure that the global regulatory framework for electronic commerce is coherent
and compatible with that of the EU.
The
European Community has considerable merit on global market and furthermore it
consists of relatively uniform legal framework that principally ruled by the
initiative of single market, which
aims to erect a legal structure that makes national borders essentially
irrelevant to commercial transactions among residents of the member countries.
European Union and Member States’ benefits from electronic commerce will as a
consequence, depend on implementing up-to-date legislation that balances the
needs of the interweaving parties, both business and consumers. The existing
Single Market regulatory framework has proved its worth for traditional forms of
business and has to be expanded further to electronic commerce so as to improve
consumer protection and reinforce trust and confidence to the consumers involved
to e-commerce transactions.
The
ambitious goal regarding e-commerce transactions is to increase trust and
confidence among the concerned parties. A flourishing e-commerce environment
demands both consumers and businesses to be confident and legally assured that
their transaction will not be intercepted or modified at any stage of its
development, that the seller and the buyer are identifiable, and that
transaction mechanisms are accessible, legal and secure.[10]
Uncertainty
about the identity and solvency of suppliers, their actual physical location,
the integrity of information, the protection of privacy and personal data, the
enforcement of contracts at a distance, the reliability of payments, the legal
remedies for faulty transaction or fraud, are considerations heightened in
cross-border trading that still remain the major discouraging factors.
One of the most
important requirements of a valid contract is that it should provide for some
degree of certainty as to the rights and obligations between the contracting
parties. What is required is adequate assurance so that the risks and
obligations are determined and thus the parties can decide further whether or
not to proceed with their agreements.
[11]
If the foremost
aim is to enhance consumer confidence, which is essential for open, competitive,
and cross-border electronic commerce then ensuring consumer protection and
building consumer confidence requires a clear, consistent and predictable legal
framework. As consumers should have meaningful access to redress consistent with
the applicable legal framework, they should be protected from fraudulent,
deceptive, and unfair practices. Similarly, secure technologies such as digital
signatures and digital certificates are some way to meet these challenges.
Digital signatures enable the unambiguous confirmation of the identity of the
sender and the authenticity and integrity of electronic documents. Unique to the
sender and unique to the message sent, digital signatures are verifiable and
non-repudiable. Equally, the exchange of digital certificates (“Internet ID
cards”) through an automatic “digital handshake” between computers
provides assurance about the parties’ identification.
Given its size,
the Single Market potentially offers businesses a “considerable mass” of
customers compared to further global market. Although the idea is to ensure full
access for electronic commerce to the single market, Member States are
responding in different ways. The development of divergent legislative
approaches is not only ineffective given the transfrontier nature of electronic
commerce but also risks fragmenting the Single Market and thus inhibits the
development of electronic commerce in Europe. The existing legal framework has,
in particular, targeted at reducing the risk that new measures, by being
different from one Member State to another, could restrict the free movement of
Information Society services.
Since
it is important to avoid regulatory inconsistency by discouraging divergent
actions at national level, the Union must also ensure that a coherent regulatory
framework for electronic commerce is created at European level. Such a
regulatory framework will inevitably be built on existing Single Market
legislation, which already largely creates the right conditions for online
businesses. As part of that framework, specific measures have already been taken
to respond to new developments. They include the recently adopted Directives
such as: Electronic Commerce Directive, Data Protection Directive, Distance
Selling Directive and Digital Signatures Directive.
[12]
Within Europe, the
Brussels
[13]
and Rome[14] Convention (and Lugano
Convention that extends the validity of these Conventions to the countries of
EFTA)
[15]lay
down the first seeds of consumer protection as they were dealing with special
provisions related to a number of types of contract where one party may require
some protection of its interests because of inequality of bargaining power,
namely consumer contracts.[16]
The basic rule laid down by the Brussels Convention is that a defendant shall be
sued in the State where he is domiciled.[17]
This provision is based on the maxim actor sequitur forum rei (the law
should lean in favour of the defendant) and permits him to have the advantage of
fighting on its territory where he can most easily prepare a defence, as he is
more familiar to its judicial system.
The application of
this rule presupposes that the defendant is domiciled in a contracting state to
the Convention.
[18]Otherwise
the issue of jurisdiction is to be determined by domestic law.[19]Besides,
the latter grant that a supplier with a “branch, agency or establishment” in
a consumer’s country of residence is to be considered as domiciled there.
Alternatively, consumers may choose to bring claims against the other party
either in their country of domicile or that of the supplier, whilst actions
against the consumer may be brought only in the consumer’s country of
domicile.[20]
The rules, indisputably, are generous to consumers. The format and
definitions of these grounds has been considered in detail by the European Court
of Justice and up to now, the grounds of jurisdiction have been applied in the
Convention with a relative degree of confidence. The Convention provides
specific grounds of jurisdiction in Article 5, and in particular for consumers,
Articles 13 –15 inclusive. The special wording of jurisdiction in Article 5
states, inter alia, that:
“A
person domiciled in a Contracting State may, in another Contracting State, be
sued:
1.
in matters relating to a contract, in the courts for the place of performance of
the obligation in question;
2.
…
3.
in matters relating to tort, delict or quasi delict, in the courts for the place
where the harmful event occurred;
4.
…
5.
as regards a dispute arising out of the operation of a branch, agency or other
establishment, in the courts for the place in which the branch, agency or other
establishment is situated”
Generally, in the
content of the Convention there are numerous provisions relating to applicable
law or jurisdiction that specify as such the place of supply. Thus, where the
contract is about supplying physical goods (the e-commerce supply then is
equivalent to mail or telephone order) the localisation of the contract presents
no special problems; but what if it is for digitised goods to be delivered?[21]
At the moment, the
Brussels Convention's definition of consumer is limited. According to the
Brussels Convention, consumer contracts are defined as contracts with a
consumer: for the sale of goods on instalment credit terms[22]
and for loans repayable by instalments, or by any other form of credit, made to
finance the sale of goods[23]
or (as in the provisions contained in the Rome Convention), contracts where a
specific invitation addressed to consumers or advertising was made in the
consumer's state of domicile and the consumer took the steps necessary to
conclude the contract in his state of domicile.[24]
Noteworthy that the provision of services is not included. But, following there
is a section, which covers contracts for both the supply of goods and services.[25]
It was widely
argued that the definition provided in Article 13 was difficult to be
interpreted, particularly from an e-commerce perspective, as it is unclear
whether “advertising” covers advertising of goods and/or services on a
website that can be accessed throughout the EU. Not surprisingly, businesses
frequently argue that Article 13 does not apply to e-commerce and that they can
only be sued in their own courts.[26]
A further dilemma
arising with respect to the application of the first two provisions in the
context of e-commerce concerns the definition of the term “goods”. As a
matter of fact the majority of the difficulties will arise while determining the
meaning of goods in relation to digitised products.[27]
In proportion to
the third provision, the question that arises is whether the e-commerce
transaction is more akin to a consumer “travelling” abroad or to the
business making offers in the consumer's state of domicile. The Council has
tried to address these issues by amending the wording in the proposed revision
of the Convention (“Jurisdiction Proposal”). It has in particular removed
the requirements that the consumer must have taken the steps to conclude the
contract in his Member State of domicile, which would be difficult to determine
in the case of a contract concluded via a website.[28]
A
further approach to the subject of jurisdiction is included in article 14 of the
Brussels Convention in which “the contract has been concluded with a person
who pursues commercial or professional activities in the Member State of the
consumer's domicile or who by any means directs such activities to that Member
State”. The justification for this approach is that the supplier is looking
for customers in that jurisdiction and as a result has to accept the danger that
the national courts will claim jurisdiction over his activities.[29]
Apart from
the Brussels Convention, the Rome Convention also determines the choice of
governing law in Member States of the EU. The general principle stated by
Article 3(1) of the Rome Convention is that “a contract shall be governed by
the law chosen by the parties”.
This choice of law
must, however, be expressed or demonstrated with reasonable certainty by the
terms of the contract or circumstances of the case. There are a number of
mandatory rules provided by the Rome Convention such as those defined by
reference to Article 3(3) which states that there are rules of the law of a
particular country which “cannot be derogated from by contract” these are
for example rules on cartels, competition and restrictive practice, consumer
protection and certain rules concerning carriage.
In particular,
pursuant to Article 5 the choice of law made by the parties can be excluded
altogether or at least shall not have the effect of providing the consumer of
the protection afforded to it by the mandatory rules of the law of the country
in which it has habitual residence. As a result, the choice by the parties of,
for example, less consumer friendly jurisdictions, might be ignored by a Court
in the EU Member State.
In the absence of
a choice of governing law by the parties in a contract, the Rome Convention
(Article 4(1)) stipulates that to the extent that the law applicable to the
contract has not been chosen in accordance with Article 3, the contents shall be
governed by the law of a country “with which it is most closely connected”.
Unfortunately,
the nature of e-commerce transactions complicates to determine whether the
performance of a particular party is characteristic of the contract. In any
event, neither the Brussels nor the Rome Convention will assist if both parties
are non-EU member states.[30]
However, the Brussels and Rome Conventions
were drafted at a time when no one could have foreseen the impact of
international e-commerce. Recently, a number of amendments were proposed to the
Brussels and Rome Conventions in order to be updated and regulate sufficiently
the new needs.
The Electronic
Commerce Directive,[31]
was adopted in June 2000 and it will be fully implemented by January 2002.The
key reasoning to the adoption of the Directive was the Commission’s venture
driven by the ambitious plan to create a favourable regulatory framework for
electronic commerce within the EU boundaries[32]
as well as to ensure that e-business services benefit from the Internal Market
principles of free movement of services and freedom of establishment. The core
objective of the Directive is to guarantee the free movement of information
society services throughout the internal market through the country of origin
principle of regulation[33]
and simultaneously to ensure a high level of consumer protection, promoting by
that way e-commerce within the EU territory.[34]
Though, the Directive builds creatively on the previously existing
internal market legal framework clarifying and ensuring its effective legal
enforcement rather than imposing new rules.
The first step
towards the concept of consumer confidence could be found in Art.3(1), which
establishes the country of origin principle. Article 3(1) of the Directive
requires that in each Member State the Information Society services shall be
provided by a service provider established on its territory. This principle
suggests that if a provider of electronic business meets the terms of the law of
the Member State where it is established, then that services can be provided
adequately throughout the EU, and consequently there is no need to comply with
the laws of the rest 14 Member States.[35]
Accordingly, for jurisdictional purposes, a provider is located in the place
where it has a fixed establishment from which it pursues an economic activity,
regardless of where websites or servers are placed.
Furthermore, the
basic principle of mutual recognition obliges each EU Member State to accept
that the laws of other Member States provide an adequate level of protection
despite the fact that those laws may be different or less restrictive than its
own law.[36]
Consequently, this granted principle offers a considerable advantage for
businesses based in countries with more liberal commercial legal regime in doing
business on-line in the EU.
[37]
A Member State
will be competent when a service provider is established in it. The Directive
contains detailed rules to determine where a business is established. Article 2
(c) of the Directive defines “established service provider” as the one who
effectively pursues an economic activity using a fixed establishment for an
indefinite period. The Court of Justice has recognised the possibility that the
same service provider is established in several Member States. In such case, the
Member State in which the service provider has the centre of its operations will
be deemed competent. It is also remarked how the presence and use of technical
means (such as the location of the Web Server) will not constitute an
establishment.[38]Additionally,
this significant principle facilitates to reducing risks while contracting
electronically as well as saving considerable legal costs in case of litigation.
On the other hand,
some crucial areas of law are exempted from this provision, including
contractual obligations concerning consumer contracts, intellectual property,
data protection, and the legal conditions applying to unsolicited commercial
communications.
[39]As
stated explicitly, in the derogations set forth in the Annex to the directive,
the following will be excluded from the scope of the country of origin
principle:
-
copyright, neighbouring rights, industrial property rights.
-
emission of electronic money,
-
freedom of the parties to choose the law applicable to the contract,
-
contractual obligations concerning consumer contracts,
-
formal validity of contracts creating or transferring rights in real estate,
-
permissibility of unsolicited commercial communications by electronic mail,
-
certain provisions of insurance legislation,
-
companies set up for the collective investment in transferable shares.
[40]
Although, Article 3(1) establishes the
principle of control by country of origin, the applicability of the existing
rules of Private International Law is reaffirmed.
[41]
Thus, as the provisions of the 1968 Brussels Convention still apply,
[42]
there is currently a major threat to the principle of country of origin
contained in the Directive caused by the revisions of the Brussels Convention
that seems to provide (certainly in respect of consumers) that contracts for the
supply of goods and services will be governed by the laws of the country of
destination. Therefore, the EU has to reconcile the two conflicting principles
contained in the Brussels Convention and the Electronic Commerce Directive.
[43]
Accordingly, the
E-Commerce Directive is reducing the dangers presented by the ephemeral nature
of information society services; in an attempt to build on consumer reliance.[44]Especially, it requires
that providers should specify their geographical address. All Information
Service Providers are to render accessible “in a direct and permanent manner
to their recipients and competent authorities”: information relating to the
name of the service provider, the geographic address at which the service
provider is established. Additional information including email address, with
the objective of allowing the recipient to contact the service provider rapidly
and to communicate with him in a direct and effective manner, is required. Where
the service provider is registered in a trade or similar public register, the
trade register in which the service provider is entered and his registration
number; where the activity is subject to an authorisation scheme, the
particulars of the relevant supervisory authority. Concerning the regulated
professions (lawyers, accountants, doctors): any professional body or similar
institution with which the service provider is registered (Bar Association...),
the professional title and the Member State where it has been granted, a
reference to the applicable professional rules in the Member State of
establishment and the means to access them and most preferably where the service
provider undertakes an activity that is subject to VAT, the identification
number.[45]
The requirements of Article 5 are also
similar to the information requirements of the Directive on distance contracts.[46]
However, unlike the Directive on distance contracts the information requirements
of this Directive apply whether there is a contract concluded or not.[47]
The Directive demonstrates that there is a
considerable need for harmonisation in the area of commercial communications,
including advertising, marketing and sponsorship[48]
that should be subject to certain transparency requirements so as to ensure
consumer confidence and fair-trading. These areas are very differently regulated
within the EU, so the Directive provides that a commercial communication must be
clearly identifiable as such and should set out clearly all terms and conditions
applied;[49]
the natural or legal person on whose behalf the commercial communication is
made,[50]i.e.
a header in the web page that is clearly labelled.
Member States will
need to specify in their legislation that unsolicited commercial communications
such as “spam” e-mail must be clearly identifiable as soon as the recipient
receives it.[53]
Further, service providers will need to observe “opt-out” registers of
addresses of persons who do not wish to receive unsolicited commercial
communications.
The Directive makes special provision for
commercial communications by “regulated professions”, providing “that
Member States shall ensure that the use of commercial communications which are
part of, or constitute, an information society service provided by a member of a
regulated profession is permitted subject to compliance with the professional
rules regarding, in particular, the independence, dignity and honour of the
profession, professional secrecy and fairness towards clients and other members
of the profession”.[54]
A further dubious
point that also discourages potential consumers from entering to electronic
transactions is the uncertainty about the legitimacy of electronic contracts;
whether an electronic contract is legally bound or not. As a response to those
justified concerns, E-commerce Directive has established the validity of
contracts concluded electronically for all Member States. With a few permitted
exceptions (of contracts requiring the involvement of a notary, contracts which
are required to be registered with a public authority to be valid and contracts
governed by family law or the law of succession), Member States must ensure that
their legislation permits contracts to be concluded electronically[55]. But previously, certain
specified information must be given before the contract is concluded.
Member
States have to ensure that the legal requirements applicable to electronic
contracts do not prevent the effective use of electronic contracts or diminish
their legal effect because of the fact that they were concluded electronically.
This requirement will oblige Member States to change many laws that currently
inhibit the use of electronic contracts.
The service provider will also be required to
explain in clear terms the manner of formation of the electronic contract.[56]
The Directive identifies that the contract is concluded when the recipient of
the service has received from the service provider in electronic form an
acknowledgment of receipt of the other party’s acceptance.[57]
Where the recipient is asked to signify acceptance by technological means such
as clicking on an icon, the service provider must promptly acknowledge receipt
of the recipient’s order by electronic means. The order and acknowledgement
are deemed to be received when the parties to which they are addressed are able
to access them. However, it is unclear whether the Directive’s contract
provisions cover one critical issue arising in this area, namely the evidentiary
value of electronic documents. As, in some countries (e.g., Germany),
"written documents" are attributed greater value than other evidence.
Therefore, if electronic contracts are not deemed to be evidenced by
"written documents," as are traditional paper contracts, electronic
contracts (and thus e-commerce) could be disadvantaged.[58]
The
Directive includes extensive provisions related to implementation and
enforcement. The Commission as well as the Member States are to support the
development of codes of conduct.[59]The Directive encourages
the involved parties to dispatch draft national codes so as to be compatible
with the Community law.[60]
The scope of the
Electronic Commerce Directive is broad ranging and generally non controversial.
The Directive on Electronic Commerce was proposed by the Commission in an
attempt to unify disparate regulatory schemes and produce a harmonized,
better-coordinated approach to e-commerce.[61]Both
the European Council and the European Parliament believe that this Directive
should not affect the law applicable to contractual obligations relating to
consumer contracts and should not have the result of depriving the consumer of
the protection afforded to him by the mandatory rules relating to contractual
obligations of the law of the Member State in which he has his habitual
residence.[62]The major criticism that
has been made to the EU legal approach is that the e-commerce initiatives are
dispersed across a range of measures. Due to the ambiguous determination of what
law is in a particular respect, there ambush the potential for internal conflict
in relation to the issue of choice of law.
The Directive, however, will be
a major step forward in increasing the competitiveness of e-commerce within the
EU. It will also allow a great deal of consumer choice through borderless online
commercial transactions. Also, consumers will continue to enjoy a high level of
protection as the Directive does not affect the provisions of other legislation
such as the Distance Selling Directive, the Unfair Contract Terms Directive and
the Product Liability Directive which impose standard set of rules for consumer
protection throughout the EU.[63]
One of the most
serious issues that the Directive has not yet addressed is how to balance the
divergent consumer protection laws that exist in Europe with the new borderless
economy. Currently, consumers wishing for remedy can sue in their country of
residence, based on the consumer laws there. But, on the contrary, European
Internet retailers are strongly opposed to this rule, as they believe their
businesses are being stunted by having to comply with the myriad rules and
regulations of each country. The Directive, however, merely acknowledges that a
resolution to this problem has not yet been decided on.[64]
Consumers
will also retain their rights to sue suppliers for breach of contract in the
consumer's country of domicile under the provisions of the Brussels Convention.
Furthermore contracts concluded between suppliers and consumers who are
domiciled in different countries cannot be used to take away the rights a
consumer would enjoy in his country of domicile, which are protected under the
terms of the Rome Convention.
The crucial point
disclosed in the application of the Electronic Commerce Directive is that the
traditional legal provisions will be sufficiently applied to the regulation of
e-commerce. The European Commission has chosen to use the principles of country
of origin and mutual recognition rather than the full harmonisation of national
laws across the EU as the basis for the Directive because it recognises that
Member States operate a number of widely differing sets of rules governing
marketing, promotions, advertising and sponsorship which are impossible to
harmonise without annihilating electronic commerce in its infancy.[65]
Undoubtedly,
regardless of whether it is the consumer or the business that has to cross a
border in order to obtain legal remedy, cross-border litigation will be
expensive and this cost will only be justified for larger claims. Therefore it
will be necessary to set up complementary Alternative Dispute Resolution
mechanisms, since otherwise access to justice will be practically denied in many
cases.
The necessity of
Alternative Dispute Resolution was recognised in the Electronic Commerce
Directive. Article 16 requires Member States and the Commission to encourage the
drafting at Community level of Codes of Conduct designed to contribute to the
implementation of the substantive provisions of the Directive aiming to provide
a unifying force throughout the EU.[66]Additionally,
under the terms of Article 17(1),(2)the Directive suggests that Member States
shall not impede the use of out of court dispute resolution procedures including
electronic means and encourage adequate procedural safeguards. Member States are
under an obligation to co-operate and shall appoint contact points for this
purpose[67]. These contact points are
to provide practical assistance and information to service providers and
recipients of services with regard to out of court dispute resolution
procedures. However, the Directive does not oblige Member States to set up or
regulate out of court procedures. Presumably, it is envisaged that such
mechanisms will be developed sufficiently on the private sector.[68]
Finally, the
Directive allows Member States to derogate from its provisions on a case by case
basis to impose restrictions on e-commerce services supplied from another Member
State if necessary to protect the public interest on the grounds of the
protection of minors, sexual and racial discrimination, public health or
security and consumer protection. However, such restrictions would need to be
proportionate to their stated objective. Furthermore, the Directive introduces
the important requirement that such restrictions can only be imposed after the
Member State where the service provider is established has been asked to take
adequate measures to meet the above public interest criteria and has failed to
do so and the intention to impose the restrictions has been notified in advance
to the European Commission.
[69]
Draft
Brussels and Rome II Regulations
The Directive on E-Commerce
incorporates the fundamental pillars of the internal market: country of origin
control and mutual recognition. These principles were reaffirmed by the European
Court of Justice in a number of cases on the freedom of goods and services
beginning with the landmark case of Cassis de Dijon.[70]
The Directive declares that
only one law is applicable rather than up to 15 different laws. This is due to
the fact that the concept of mutual recognition obliges each EU Member State to
accept that the laws of the State in which the provider of the services is
established offers an adequate level of protection, even if the laws are
different or less restrictive. This principle will encourage consumers to buy on
line because of the legal certainty provided throughout the EU.
However, this regulatory framework
for e-commerce has recently come under threat from a proposal adopted by the
Commission to replace and update the Brussels and Rome Conventions as EU
Regulations are armoured to new powers under Article 65 of the Amsterdam Treaty.
The new Regulation was approved by the European Union on December 2000.[71]The
new rules of jurisdiction will be enforced throughout Europe from March 2002.
The rules of this
new Community Regulation do have implications about electronic commerce. One of
the most controversial and important set of rules to be replaced by the
Regulation relate to consumer contracts. In Europe, the new Regulation (the
Brussels I Regulation) will increase and strengthen consumer confidence in terms
of electronic consumer contracts.[72]
Consumers, in
particular, are given the specific right to sue and be sued in their “own”
courts when they have entered into a deal with a firm from another country. This
provision benefits the consumer as being the weaker party in any contract with
an undertaking.[73]
Under the existing Convention, this right arises when the supplier has
advertised the goods or service and the consumer has made the contract in his
own country. The Regulation proposes to extend this right to any circumstance
where the supplier has directed his business towards the consumer’s country,
irrespective of where the contract is concluded.[74]
The proposed
Brussels Regulation gives the Courts of the consumer’s country of habitual
residence jurisdiction over suppliers of goods and services, which are
established in other Member States of the EU in certain circumstances. Article
15(c) (which reflects Article 13 of the amended Brussels Convention) states
that:
“…in
all cases,(where) the contract has been concluded with a person who pursues
commercial or professional activities in the state of the consumer’s habitual
residence or, by any means, directs such activities to that state or to several
states including that state falls within the scope of such activities”.
This Article if
interpreted with the criteria set out in Recital 13 of Brussels Regulation will
trigger the jurisdiction of the consumer’s country of habitual residence in
respect of any e-commerce Web site established in a Member State of the EU
merely because of the fact that it can be accessed by a consumer. E-commerce Web
sites are automatically accessible not just throughout the EU but also
throughout the world. It worth to be mentioned that many of these Web sites have
no physical link with the country of the foreign consumer’s domicile nor do
they specifically solicit consumers in Member States other than the State that
they are established.[75]
The proposed
Regulation has amended the provision concerning the conclusion of consumer
contracts so as to include all situations where a person pursued commercial or
professional activities in a Member State or by any means directs such
activities to that Member State. The explanatory memorandum explains that the
existing rule is too weak since the requirement that all the steps should be
taken in the consumer's state of domicile excluded instances when the consumer
was induced to travel abroad to conclude the contract. Moreover, it explains
that reference to activities pursued in or directed towards a Member State was
intended to include contracts concluded via interactive websites accessible in
the consumer's state of domicile. However, passive websites that inform
consumers about the possibility of goods and services will not activate the
protective provisions. In the latter instance, the consumer is to be treated as
the active party who seeks out the site; just as he might travel to a foreign
market or mall.
The Brussels I
Regulation, which has been reportedly presented as a compromise measure, allows
consumers to use the local Courts and consumer protection laws in their home
country to sue online retailers, even if those retailers are based in another
European country. The measure also facilitates local lawsuits even if the
foreign Web site does not specifically target the home country of the consumer.[76]
The Regulation ensures that Internet
consumers are able to bring cases in their own jurisdiction. This provision does
not assist in cases where the trader is domiciled outside the EC, e.g. in the
US. However, even if the consumer can bring his claim in his own courts, justice
will be out of reach in practical terms if choice of laws issues are raised and
the consumer has to invoke foreign law.
Indisputably, data
protection laws may effect on the development of e-commerce in a rather positive
way, since well-defined privacy laws will increase consumer confidence in
concluding business electronically and thus rising the profits of electronic
commerce.[77] Polling data show that
the majority of consumers believe that their privacy is at risk when they do
business on the Internet.[78]
The ability of technological devices to enable the collection, processing and
distribution of personal data is a major factor behind the public concern about
loss of privacy.[79]Consequently, if online
retailers intend to survive and flourish, it will be partly due to the emergence
of improved technology that helps them to trace users' buying habits better and
to create profiles that could be shared easily among marketers.[80]
On the other hand,
consumers are opposed to the control of their private data from the companies
that already own it. The problem is quite straightforward. Companies need to
glean information that will facilitate sales. Consumers counterclaim the
convenience of secure e-commerce without worrying about having their identities
stolen, being spammed, or having the aggregators of personal data retrieving and
profiting from every detail of their lives. The solution is simple.
Companies could minimise the potential consumers’ fears by complying
with privacy standards. That could denote collecting the same data the companies
always have, but not sharing it with others without first asking permission, or
assuring customers that privacy will be the basis for their online business.[81]
Therefore, it is
essential to assure personal privacy in the networked environment so as
consumers to feel secure while doing business across this new medium. Data and
systems security is one of the central prerequisites for consumer acceptance of
e-commerce. Data protection policy represents a competitive advantage for the
respective vendor since potential customers are seriously interested to the
level of data protection while shopping on line.
According
to the main declarations of the single European Market there should be no limits
to the retrieval of information between Member States. The more legal
divergences are erected the more of a problem it becomes, especially when these
divergences are taking place in what purports to be a common market. Through
Community harmonisation, data subjects are assured of the same minimum level of
protection, sellers are better able to satisfy the compliance requirements of
different countries and there are obviously reduced opportunities for individual
Member States to attract data processing business by promising a lax regulatory
regime.
[82]
However, the enactment of a Data Protection Directive was a general requirement
in order a common legal system corresponding to the territory of the EU to be
founded.
Directive
95/46/EC on the Protection of Personal Data
Directive 95/46/EC
on the Protection of Personal Data[83]
has entered into effect from 25 October 1998, with the aim to establish a
harmonised regulatory framework so as to ensure both a high level of protection
for the privacy of individuals in all EU Member States and
free movement of personal data within the EU. Provision is also made in
the legislation to ensure that personal data is only transferred to countries
outside the EU when its constant protection is guaranteed.
The
core obligation of Member States is included in Article 1: “In accordance with
this Directive Member States shall protect the fundamental rights and freedoms
of natural persons, and in particular their right of privacy, with respect to
the processing of personal data”.
Under
the Directive 95/46 EC, data subjects are granted a number of important rights
including the right to access their data, the right to know where the data
originated (if such information is available), the right to have inaccurate data
rectified, the right of recourse in the event of unlawful processing and the
right to withhold permission to use their data in certain circumstances (for
example, individuals will have the right to opt-out free of charge from being
sent direct marketing material, without providing any specific reason)
[84].
Furthermore,
in order to prevent abuses in the use of personal data, and ensure that data
subjects are informed of the existence of processing operations, the Directive
lays down common rules to be observed by those who collect, hold or transmit
personal data as part of their economic or administrative activities or in the
course of the activities of their association.
[85]In
particular, there is an obligation to collect data only for specified, explicit
and legitimate purposes and to hold it only so long as it remains relevant,
accurate and up-to-date.
[86]
The Directive also
establishes the principle of transparency with regard to the collection of data.
This principle offers individuals the option of whether to provide the
information or not and entitles them to be informed about the identity of the
organisation intending to process the data and the main purpose of such
processing. As a matter of fact, the Directive applies different rules
according to whether information can be easily provided in the normal course of
business activities or whether the data has been collected by third parties. In
the latter case, there is an exemption where the obligation to provide
information is impossible or involves disproportionate effort.
[87]
In the case of
sensitive data, such as an individual's ethnic or racial origin, political or
religious beliefs, trade union membership or data concerning health or sexual
life, the Directive establishes that it can only be processed with the explicit
consent of the individual, subject to a number of public interest exemptions
such as where there is an important public interest (e.g. for medical or
scientific research), where alternative safeguards have to be established.[88]
As the flexibility
of the Directive means that some differences between national data protection
regimes may persist, the Directive recommends the principle that the law of the
Member State where a data processor is established applies in cases where data
is transferred between Member States.[89]
In
the specific case of personal data used exclusively for journalistic, artistic
or literary purposes, the Directive requires Member States to ensure appropriate
exemptions and derogations exist and to strike a balance between guaranteeing
freedom of expression while protecting the individual's right to privacy.
[90]
For cases where
data is transferred to non-EU countries, the Directive includes provisions to
prevent the EU rules from being circumvented. The basic rule is that the non-EU
country receiving the data should ensure an adequate level of protection,
although a practical system of exemptions and special conditions also applies.
The advantage for non-EU countries that can provide adequate protection is that
the free flow of data from all 15 EU states will in future, be assured, whereas
up to now each state has decided on such questions separately.[91]
The EU data
protection regime is specifically based on home country regulation, as the text
in Art.25 demonstrates. All the countries that implement the Directive have, by
definition, an adequate level of privacy protection, and the matter of the data
subject in respect of the transferred data is then a matter for the law of the
new controller’s jurisdiction. The same applies to the non-EU countries to
which data transfer is permitted under Art.25 on the basis that an adequate
level of protection is provided, and the Directive contains provisions under
which the European Commission can declare that particular countries provide
adequate protection.[92]
The uniform
application of the Directive would be in threat if the decision whether third
countries offered an adequate level of protection was to be made by each Member
State. Therefore, it is provided that Member States and the Commission have to
inform each other in any case they feel that a third country does not provide
such a level of adequacy.[93]
In practice, general decisions regarding adequacy will be decided at a Community
level. Article 29 of the Directive establishes a Working Party on the Protection
of Individuals with regard to the Processing of Personal Data.
[94]
In addition, Directive could be
rather meaningless if there was no method to enforcing its provisions. The
Directive requires Member States to provide for the right of every person to
judicial remedy for any breach of the rights guaranteed him by the national law
applicable to the processing in question. This right is without prejudice to any
administrative remedy for which provision may be made, such as the supervisory
authority prior to referral to the judicial authority.[95]Any
person who has suffered damage as a result of an unlawful processing operation
or any act incompatible with the national provisions adopted pursuant to the
Directive is entitled to receive compensation from the controller for the
damaged suffered.
[96]
The EU Data
Privacy Directive has been highly criticised as data transfer restrictions could
seriously impede the future growth of Information Society services. By reverse
reasoning without the legal security of a Union-wide approach, lack of consumer
confidence will certainly undermine the rapid development of the information
society. As a result, the EU moved
towards the adoption of the data protection Directive.
[97]
The Directive’s main intention is to establish a clear and stable regulatory
framework necessary to guarantee free movement of personal data, while leaving
individual EU countries room for manoeuvre in the way the Directive is
implemented.
Free movement of
data is particularly important for all services with a large customer base and
depending on processing personal data, such as distance selling and financial
services. If each Member State had its own set of rules on data protection, for
example on how data subjects could verify the information held on them,
cross-border provision of services, notably over the information superhighways,
would be virtually impossible and the extremely valuable new market opportunity
would be lost.[98]
Likewise, it is very important not to
forget that the Directive, in conjunction with other data protection regulation,[99]has
the mutual goal of both safeguarding privacy in relation to processing of
personal data and facilitating transborder data flow. The importance of the free
flow of such data is further underlined by part of the first sentence of recital
56 “…cross border flows of personal data are necessary for the expansion of
international trade”. Therefore there are no grounds for restricting free flow
of data, provided that the appropriate safeguards are in place.[100]
Almost since the enactment of the EC
Directive, negotiations have been taking place between EU and US in an effort to
ensure compatibility between European data protection standards and the mainly
self-regulatory approach in the US by developing a common set of rules and
principles to safeguard data transactions between the two parties.[101]
The adopted approach may define a “safe harbor” for personal data, a set of
principles that US companies would sign up to on a voluntary basis but to which
they would be bound.[102]
The advantage of this approach is
that the EU through the restrictions posed to the transborder flow of data has
become a leading player in the international IT arena. The EU has the
opportunity formulate a considerable regulatory framework with international
acceptance by providing legal certainty in the demanding area of privacy
safeguarding.
Finally, the
practicality of the Directive’s provisions on transfers to third countries, as
well as any attempted control of such transfers, can be questioned.[103]
The Directive provides no remedy to the individual who is prejudiced by a breach
of these provisions. Any national remedy will be retrospective rather than
prospective. Individuals will generally not be able to prove any particular
transfer took place and once data is transferred, the damage will typically have
occurred. It is also unlikely that Community public authorities will be able to
take any effective action against third-country data processors to which data is
unlawfully transmitted by a controller within the Community.[104]
Additionally, the
Council of Europe in cooperation with the Commission and the International
Chamber of Commerce, have produced a model contract which might be used by data
users in order to achieve the required level of adequacy. The objectives of the
model contract are: to provide an example of one way of resolving the complex
problems which arise following the transfer of personal data subjected to
different data protection regimes; to facilitate the free circulation of
personal data in the respect of privacy; to allow the transfer of data in the
interest of international commerce; o promote a climate of security and
certainty of international transactions involving the transfer of personal data.[105]
Buying goods or
services by means of the Internet expose consumers to particular dangers, due to
their inability to examine the goods or to visit the supplier's premises, and
thus evaluate his reliability, before entering into the transaction.[106] Credit card fraud is a
reluctant concern and another is that the seller may provide insufficient
information. The particular nature of Internet may attract individuals to
buy on impulse without properly thinking about the implications of the
obligations they are entering to. The European Community taking into
consideration all those reasonable fears that arise while consumers contract on
distance along with the strong possibility that individual Member States may
implement very restrictive legislation, while others might encourage contracting
over the Internet leaving it extensively and on purpose unregulated, decided
that distance selling ought to be subject to harmonised regulation throughout
the Community.[107]
Directive
on Distance Selling:
Impact on E-commerce
The first step
towards the notion of harmonised regulatory framework was the adoption of the
Directive on Distance Selling[108],
following the Directive on unfair terms in consumer contracts.[109]
Both will have to be taken into consideration when drafting consumer contracts.
The Directive on the protection of consumers in respect of distance contracts
has an obvious application to the Internet. Its objective is to “approximate
the laws, regulations and administrative provisions of the Member States
concerning distance contracts between consumers and suppliers”.[110]
The Directive is
stated to be of major importance for the European Union as cross-border distance
selling could be one of the main tangible results of the completion of the
internal market. It is essential to smooth operation of the internal market so
as to enable consumers to contract with business outside their country, even if
there is a subsidiary in the consumer’s country of residence.[111]
The Distance
Selling Directive is dealing with the protection of consumers in respect of
distance contracts. Distant contracts include sales concluded through the use of
telephone or fax and are extended to apply to contracts formed over Internet.
The Directive provides a minimum set of common rules for the benefit of
consumers, requiring certain fundamental information before the contract is
concluded. The main burden is on the supplier of the goods or services to prove
compliance; therefore he would be cautious to ensure that terms and conditions
of sale at least meet the terms of the Directive.[112]
A
consumer complying with the meaning of the Directive is an individual who does
not make the contact in the course of his trade, business or profession and a
supplier is a person (natural or legal) who makes the contact in a commercial or
professional capacity.[113]
So the definition of consumer might exclude only commercial purchasers who are
buying goods in the direct course of their business. By classifying as consumers
those commercial purchasers buying “incidental” goods would sufficiently
explain the rationale of the Directive as a measure for the unification of the
internal market.[114]
The Directive can be seen as an attempt to consolidate the internal market by
giving non-expert consumers the confidence to buy across border. The main
concern in respect of distance contracts revolves around the fact that these
purchases are often made “in the dark”.[115]
Whereas the consumer is not able to see the product or ascertain the nature of
the service provided before concluding the contract.[116]The
goods or services maybe of lower quality than the consumer expected; the seller
may be disreputable, even fraudulent.
In detail, a
distance contract is one concerning goods or services between a supplier and a
consumer under an organised distance sales or service provision scheme
established by the supplier who, for the purposes of contract, makes
“exclusive use” of one or more means of distance communication, up to and
including the moment the contract is concluded.[117]
The meaning of “exclusive use” is rather vague and unclear. In view of the
consumer protection rationale of the Directive, it is likely to be interpreted
restrictively. Therefore, a supplier who demonstrates a product in person, but
sells it at a distance would be included to the provisions of the Directive.[118]All
negotiations and contacts must take place by distance communication, which
includes electronic mail, videotext, videophone, television and fax machines as
well as traditional forms of distance selling such as by post, catalogue, etc.[119]
The outcome appear
to be that a distance contract is any contract concluded by any means where the
consumer and supplier (or their respective agents) do not meet face to face
prior to conclusion of the contract. However, the Directive does not apply to
some contracts including certain contracts relating to financial services,
automatic vending machines, in relation to land and auction sales.[120]
Also, contracts concluded by telecommunications operators through the use of
public telecommunication systems are excluded.
[121]
The most
vital provision in respect of consumer confidence is that certain information
must be provided to the consumer before the contract is concluded. Information
about the supplier, the main characteristics of the goods or services, the
price, delivery costs, payment details and existence of the right to withdrawal.[122] In addition, the
supplier should inform the consumer of “the cost of using the means of
distance communication where it is calculated other than at the basic rate”, a
requirement clearly aimed at contracts for the use of distance communications
such as premium rate telephone services.[123]
Information must be provided in a clear and comprehensible manner, having
regard to the principles of good faith in commercial transactions. Regarding the
Internet or electronic mail, the provision of prior information should not be
onerous and can be easily incorporated into the supplier’s website or email
message.
Recognising that
“information disseminated by certain electronic technologies is often
ephemeral in nature insofar as it is not received on a permanent medium”,[124]
Article 5 states that the consumer must receive handwritten confirmation or
confirmation in another durable medium (for example, by downloading a computer
file) of the information described above, at the latest at the time of delivery
of the good. So, the demand of the information to be in writing is also met in
case this information is available and accessible to the consumer in any other
durable medium (e.g., a Web-page). Noteworthy that failure to comply with this
requirement may extend the period during which the consumer may withdraw from
the contract.[125]
The effect of this
provision is that paper and similar physical media will last for some time, even
where contracts are made via telephone, Internet or other methods of
telecommunication. Accordingly, the requirement can also be satisfied by
including the required information in a delivery note sent with the goods. The
only exceptional case where written confirmation is not required is where the
required information has already been supplied to the consumer in written form,
but even then the consumer must receive a second written notice providing
details of the supplier's address, after sales service and guarantees, the right
to withdraw from the contract, and the mechanism for terminating the contract if
it is of indeterminate duration or to exceed one year.[126]
However, further on Article 5 an alternative to written information is not mentioned; in case information about the right of withdrawal is concerned: “written information on the conditions and procedures for exercising the right of withdrawal”. This must be in writing and another durable medium is not an alternative. This simply means that the consumer must be confronted with a written notice and should not simply be able to click on a button to “skip” the information provisions. Receiving a notice of cancellation by post gives one more cause for reflection and also may alert others, such as spouses, to potential consumer’s intended plans. Inconsiderable problems could also result if one could simply sign-up on line for credit contracts and ignore any cancellation notices by the mere click of a button. For these reasons the requirement for writing is useful for cancellation notices.[127]
But on the other
hand, this demand is rather troublesome and cannot be met when goods are
delivered electronically (e.g., downloaded software). The Directive does not
explicitly define the supply of information, computer code or software over the
Internet as either services or goods .The issue in question is that there is
some confusion as to the status of computer code or software.
Software or computer code, which is stored and supplied on a physical medium
such as a tape or disk, would most probably be treated as a good .The value is
in the intangible information contained in the medium and not the medium itself.
The confusion arises when information, computer code or software is supplied
electronically over the Internet as a stream of bits. If it is held as a good,
then Art.5 (1) might present a problem, as the benefits sought by transacting
over the Internet, of paperless transactions, are reduced. If it is held as a
service then Art.5 (1) may not apply through Art.5 (2).[128]
Thus, it seems to be on Art. 5 that most arguments will be raised between those
who want to place estoppels in the way of Internet trading as they support
traditional communication with the consumer as being more important even if this
means some increased “paperwork”, and those who, conversely, are able to
foresee the benefits and profits relating to “paperless” e-commerce
transactions. [129]
The
right of withdrawal is a basic element on the “distance-selling” contract.
The geographical address of the supplier to which the consumer may address
complaints, must be clearly mentioned.[130]
Further information such as relating to after sales service and the effect of
cancelling the contract must be also provided. But, the provisions of the
Directive, which apply to information, the right of withdrawal and the
obligation to execute an order within 30 days[131],
are excluded in certain contracts where a right of withdrawal would
impose an unfair burden on the supplier, like for the supply of perishables and
for the provision of accommodation, transport, catering or leisure.
Moreover,
supporting consumers’ rights; the Directive suggests that the consumer is not
obliged to give a reason for his withdrawal. Since this is a minimum, Member
States are allowed to define in their legislation a longer period. The
withdrawal is without costs, except the costs for returning. The time for the
supplier to perform is rather long, namely 30 days. However, this is a maximum,
so at that point, Member States are allowed to define in their legislation a
shorter period.
According to the
Directive, Member States should prohibit so-called inertia selling.[132]
A possible way to regulate this is to give the consumer the right to keep the
goods without having to pay for it. The rights of the Directive are binding and
the European consumers are not permitted to waive their rights under this
Directive.[133]
The consumer may not waive the
rights conferred on him by the transposition of this Directive into national
law..[134] Accordingly, the
Directive will override any contradictory choice of law or other contractual
provisions between the European consumer and a non-member country as the
law applicable to the contract if the latter has close connection with the
territory of one or more Member States.
In its early
implementation the Distance Selling Directive, mainly the requirement to provide
prior information about the contract to the consumer in written form presented
several problems for businesses that wished to sell goods or supply services to
consumers,. This prerequisite would automatically negate some of the benefits of
contracting over the Internet, explicitly the elimination or reduction of large
amount of paperwork.[135]This
has now changed to a requirement to provide the required information in any way
appropriate to the means of communication,[136]a
vast improvement on the previous versions.
The
Directive also provides that two forms of technology-automated calling systems
and fax machines- may be used only with the prior consent of the consumer: what
might be referred as an “opt-in” system. Automated calling systems involve
the use of a computer system to call numbers and on answer play a pre-recorded
message to the recipient. Although reportedly used extensively in the US, such
technologies are effectively prohibited in some European countries. In the case
of other forms of communication, it is provided that these are to be made only
when the consumer has not indicated a clear objection to receipt the
solicitations. The operation of an “opt-out” system would be compatible for
this requirement.
[137]
The
rationale behind the selection of specific prohibited technologies is not clear.
Recital 17 of the Directive asserts that the consumer’s right to privacy
should extend to “freedom from certain particularly intrusive means of
communication”. It is difficult to argue, that a pre-recorded telephone
message is intrinsically more intrusive than other forms of telephone
canvassing.
[138]
Additionally,
another significant issue on distance sales is the security of payment.
Consumers are often, and generally in the case of buying goods, required to pay
prior to delivery. Using credit and debit cards to finance distance selling is
raising fears that where card details are given to a supplier and transactions
authorised without proper authentication, cards may be subject to fraudulent
abuse. Doubt about payment security is one of the greatest impediments to the
development of online shopping. The Directive recognises these dangers but its
provisions to deal with them are rather weak and vague. Article 8 requires
Member States to ensure that where fraudulent use has been made of a
consumer’s card in the context of a distance contract covered by the Directive
“appropriate measures exist to allow a consumer to request cancellation of a
payment”, and to be recredited with sums paid. But there is no certain
definition of payment card in the content of the Directive.
Fraudulent use of
payment cards is only one part of the problem of security of payments. Another,
at least as important, is the risk of supplier insolvency to which the
pre-paying consumer is exposed. Pre-paying purchasers of services have no
protection. Exceptionally, it may be possible to argue that consumer
pre-payments are held on trust to satisfy their orders, so that in the event of
non-performance the consumer is entitled to recover some or all of the payment.
Despite these possibilities, however, there is a real risk that pre-paying
consumers will be unable to recover their payments if the supplier becomes
insolvent without performing the contract. The Directive therefore, ignores the
problem and leaves a real impediment to confidence in distance contracting
unregulated.
[139]
The Directive has
significant implications for online suppliers in relation to their web design
and the rights of customers to cancel orders and claim refunds. The burden is on
the supplier to demonstrate compliance with the distance selling legislation.
Failure to comply will not only render contracts with consumers unenforceable,
but will also result in the commission of an offence. There are, therefore, some
important issues for website designers, and in relation to back office order
fulfilment procedures where goods are bought and sold on the Internet. The
Directive leaves enforcement of consumer protection measures to individual
Member States and it remains to be seen what regulations the Member States will
provide in this respect.[140]
The Directive has been
highly criticised as notwithstanding it has entered into force in June 1997 it
does not mention clearly the World Wide Web as means of concluding distance
selling contracts and does not appear to have been extracted with this specific
technology in mind since trade in the Internet was rather insignificant by that
time. On the other hand, the rapidly changing nature of technology is
acknowledged by the Directive[141]
although commentators argued that an omission like this will cause difficulties
for the implementation.
[142]
In practice, that omission has been remedied by interpreting the
Directive quite broadly so as to include contracts concluded by electronic means
of communication.
Although the Distance Selling Directive has
gone a long way towards improving consumer protection, it is not enough. In some
countries it has not yet been implemented and in many cases compliance is
inadequate.
Every form of trade requires trust
and confidence between the participants. The ability to be sure who is your
contracting partner, what is exactly agreed upon, what is the exact content of
the transaction, when the transaction takes place, creates and bolsters trust
between the partners.
As electronic
forms of communication and documentation are used extensively, the demand to
trust is highlighted and must be legally supported and assured. Building such
trust and confidence is prerequisite to encourage businesses and consumers in
order to contract electronically. It implies the use of secure technologies such
as digital signatures, digital certificates and secure electronic payment
mechanisms, and a predictable legal and institutional framework to support these
technologies.[143]
An adequate legal
framework for electronic signatures is widely seen as an essential factor for
the development of electronic commerce. In the business world, there has been an
ever-increasing interest in ensuring that electronic communications meet the
requirements of authenticity, integrity and confidentiality. A handwritten
signature has traditionally been the best guarantee of the first two of these
qualities in a document as it uniquely verifies the person from whom the
document originates, and indicates assent to the content of text appearing above
it. Confidentiality has had to be assured by enclosing the document in a sealed
envelope. However, envelopes can be opened and resealed; so forgery is always a
threatening possibility. Technological developments offer a more rigid guarantee
of achieving all of these qualities via the use of cryptography.[144]
Secure
technologies, such as digital signatures and digital certificates challenge
sufficiently the requirements of secure e-commerce transactions. Digital
signatures enable the unambiguous confirmation of the identity of the sender and
the authenticity and integrity of electronic documents. Unique to the sender and
unique to the message sent, digital signatures are verifiable and undisputable.
Similarly, the exchange of Internet certificates through an automatic “digital
handshake” between computers provides assurance that the parties are these who
they say they are and helps to assess whether the service provided and the goods
or services delivered are genuine.[145]
Generally, digital
signatures apply cryptographic techniques to enable arrangements similar to
handwritten signatures in unsecured data networks as well as a mean to guarantee
that a signature cannot be forged. This is necessary since information stored on
a digital medium can be copied exactly which means that the information
contained in the copy resembles to its original in any way. Like hand-written
signatures, a digital signature could be used in agreements and other legal acts
to enable parties to an e-contract to verify that the transactions entered into
between them are indeed being entered into by the parties that they believe they
are transacting with.[146]
Additionally, attempts to alter an
electronic signature are easily detectable and the document’s authenticity can
be then doubted; attempts to decrypt an encrypted document should prove
impossible if a sufficiently secure encryption program has been used.[147]
Traditionally both
business practice and the law do require commercial agreements to be evidenced.
The reason for this derives from the desire to ensure certainty. Certainty is a
great demand and concern that threatens the viability of e-commerce. A possible
solution is to apply the existing law to e-commerce, but it is clear from the
applicable legislation throughout the Member States that existing law does not
deal adequately with electronic signatures.
[148]
Many individual
Member States already have, or are preparing legislation concerning electronic
signatures. Because of the divergent legal approaches, the Draft Directive on
Electronic Signatures[149]
has been adopted in an attempt to minimise the barriers to cross border trade
that the existing legal differences might create.[150]
The Directive includes specific provision, in accordance with the principle of
mutual recognition, for the Community-wide validity of certificates issued in
the Member States, thus stimulating a single market for certification service
providers.[151]
Electronic
Signatures Directive
The Electronic
Signatures Directive was adopted on December 1993 and Member States have to
implement the Directive in national legislation before 19 July 2001. The aim of
the electronic signatures Directive is to support the integrity of the encrypted
communications by regulating the provision of encryption services and
recognising the validity of contracts entered into between parties using these
services.
One of the main
objectives of the draft Electronic Signatures Directive is to ensure and support
non-discrimination between electronic and handwritten signatures by removing
obstacles arising from the diverging laws that have been introduced in various
Member States. The Directive’s intention is to “enable” the use of
electronic signatures within the European Union by focusing on the essential
requirements for certification services, but leaving detailed implementation
provisions to Member States. This approach is consistent with the Commission's
legislative policy regarding subsidiarity, proportionality and legislative
simplification.
The detailed
provisions of the Directive implement the above-mentioned general objectives.
Article 2(1) provides a definition of an “electronic signature” as a
signature in digital form, in, or attached to or logically associated with, data
used by the signatory to indicate the signatory’s approval of the content of
that data and which meets the following requirements:(a) is uniquely linked to
the signatory,(b)is capable of identifying the signatory,(c)is created using
means that the signatory can maintain under his sole control; and (d)is linked
to the data to which it relates in such a manner that it is revealed if the data
is subsequently altered. Likely, the provided definition seems to have been
extracted to foresee future technological developments.[152]
Validity
of electronic signatures
Article 5
lays down the specific circumstances in which electronic signatures are to be
valid, enforceable and legally effective just as their handwritten
equivalents. For simple electronic signatures the provisions are entirely
negative – Member States are to ensure that signatures of this type are not
denied validity, enforceability and effectiveness solely on the grounds that
they are in electronic form or are not certified. However, Member States are
free to refuse to recognise electronic signatures for any other reason.[153]
On the contrary,
certified advanced electronic signatures are given more favourable status. Under
Art. 5(1) an electronic signature will receive the benefit of a higher level of
validity if it is based on a qualified certificate which was created using a
secure-signature creation device. To be a qualified certificate, the certificate
must link the signature verification data used to the signatory and confirm his
identity, and be issued by a certification service provider who meets the
requirements of Annex II. Additionally, the certificate itself must comply with
Annex I.[154]
The rest of
the Directive is dealing with ensuring that national laws establishing the
certification infrastructure do not prevent the free movement of electronic
signature services within the European Community. Thus, Member States may not
introduce compulsory prior authorisation for Certification Authorities, although
voluntary accreditation schemes are permitted, and the intra-Community
cross-border provision of certification services and products may not be
restricted.[155] Certification service
provider is defined under Article 2(6) as “a person or entity which issues
certificates or provides other services related to electronic signatures related
to the public”. However, under Article 3(2) Member States may encourage
voluntary accreditation schemes provided the conditions upon which they are
established are objective, transparent, proportionate and non-discriminatory. In
practice, such accreditation will be evidenced to the draft Directive by the
compliance with Annex II. Similarly, compliance with Annex II is likely
to be demonstrated by acquiring a licence from a European accreditation
authority or one recognised by the relevant EU body.[156]
Under
the proposed Directive there will be pan-European regulation of the way in which
electronic signatures are recognised. The most prevalent method of signature
recognition in the EU is known as public-key cryptography, which is where
consumers on the Internet as proof of their identity use an unforgeable computer
code. Additionally, “Certification Service Providers” will act as a trusted
third party who will guarantee the integrity of the signatures provided by their
service. However, the electronic signatures Directive is striving to be
technology-neutral so as to cover any possible method of recognition.[157]
The involvement of
Certification Authorities as Trusted Third Parties clearly gives a greater
measure of assurance concerning the reliability of an encrypted message. This
notion is recognised in the Directive,[158]
which refers to the notion of a “qualified certificate”: A digital
attestation which links a signature verification device to a person, confirms
the identity of that person and meets the requirements laid down in Annex I.[159]
Annex I refers to the items of information, which must be provided in a digital
attestation.
Article 4 ensures
that there is a free circulation of electronic signature products in the
European Union and that there are no restrictions on the services originating in
any Member State if they comply with the Directive. In addition, under Article 7
foreign certificates may be recognised if the certification service provider is
accredited in a Member State, or if a provider established in the European Union
and meeting Annex II requirements guarantees the foreign certificate or the
certificate or the provider is recognised under a bilateral or multilateral
agreement between the European Union and the third country or international
organisation.
Only if these
requirements have been complied with, then Member States can ensure that a
certification service provider is not liable for errors in the information
included in the qualified certificate provided to the person whom the
certificate is issued (if the certification service provider can demonstrate
that it has taken all reasonably practical measures to verify that information).
The certification service provider may indicate in the qualifying certificate
limits on the uses of a certain certificate and the provider shall not be liable
for damages arising from a contrary use of the qualified certificate that
includes limits on its uses[160].
Providers may also indicate in the qualified certificate a limit on the value of
the transactions for which the certificate is valid and the provider will not be
liable for damages in excess of that value limit.[161]
A
final point about the electronic signatures Directive is relating to data
protection provisions; The Directive repeats that certification service
providers are subject to the provisions of the Data Protection Directive. Member
States are obliged to ensure certification service providers respect data
protection legislation and individual privacy.[162]
However,
under Article 8 Member States are required to ensure that certification service
providers collect personal data only directly from data subjects and only in so
far as it is necessary for the purposes of issuing a certificate. The data may
not be collected or processed for other purposes without the consent of the data
subject. Also under this Article the data subject at his or her request can
require the certification service provider to indicate a pseudonym instead of
the signatory’s name in the certificate.[163]
Obviously, this provision could cause problems in relation to investigations by
public authorities to reveal possible criminal offences. Thus, a certification
authority would be entitled to transfer the real name of the data subject as
part of an investigation provided that the data subject is informed as soon as
possible after the investigation has been completed.[164]
Opponents of this
provision have commented that sensitive material conveyed using a signature
would be accessible to government officials. However, there has been no
indication that a requirement of certification will be the compulsory access to
communications by any authorities. The voluntary nature of the certification
process is intended to ensure that the integrity of communications will be
legally protected and recognised without the need for any official registration
of the encryption service.
In
order to ensure protection on an international level, the EU proposal includes
mechanisms for co-operation with third countries on mutual recognition of
certificates on the basis of bilateral and multilateral agreements.
[165]
Finally, the
Directive will not apply to electronic signatures exclusively used within closed
systems nor will it restrict the freedom of choice of parties to agree to terms
and conditions under which they will accept electronically signed data subject
to the provisions of national law.[166]
Generally, the Directive venture to be
technologically neutral and makes no reference to any particular form of
encryption but refers extensively to the role of certification agencies or of
cryptography service providers in order to increase user confidence by verifying
the identity and status of persons using encryption technology.[167]
The explosion of
electronic commerce, particularly on the Internet, has virtually eliminated the
barriers to cross-border trade. So long as the seller has the necessary
technology to transmit his message in a language understandable in another
country, transactions can be made and money can, virtually, be exchanged
instantaneously. Online computer services facilitate the exchange of information
between distant consumers and merchants allowing them to communicate as easy as
if they were next-door neighbours. The Internet revolution has been
proved in legal terms a kind of a challenge. As the popularity of Internet as
communication medium grows, the problems will, as a consequence, grow with it.
All of the problems of enforcing consumer rights in cross-border trade are not
only present in electronic commerce, but they are also compounded.
Since launching its e-Europe Initiative,[168]
the European Union (EU) has enacted a series of measures designed to promote
e-commerce in Europe. The adopted legislation
reflects the efforts made in the EU to promote, or at least not to restrain
e-commerce while taking into consideration the consumer interests and concerns.
E-commerce will not be able to develop fully unless there is certainty that
transactions conducted by electronic means are legally valid and enforceable,
and that sufficient safeguards are incorporated for its users.
The
European Commission believes that
uniform rules within the EU will boost confidence in e-commerce and force Europe
into a knowledge-based economy. Yet, many obstacles stand in the way towards a
uniform legislative framework, including divergent consumer protection laws and
gaps in the implementing legislation of the 15 Member States.[169]
Indisputably, the
main problem that impedes progress in the area of consumer friendly regulatory
framework within the European Union is the fact that wide variety of legislation
affects e-commerce. Plethora of Regulations, Directives and assorted amendments
are adopted and most of the times are quite inconsistent. These contrasting laws
are seldom cross-referenced, reviewed or aggregated for coherency. It is
therefore, difficult to determine whether the laws are operating together or at
cross-purposes. The formulation of legislation is conflicting between
liberalisation and protectionism. The EU, in an ambitious attempt to balance the
divergent and rather incompatible interests of consumers and vendors, is
perplexed between consumer protection law and market favoured provisions,
reducing legal coherence. This inconsistence is particularly apparent in the
text of numerous Directives regulating e-commerce transactions, regarding the
clarity of the place where the transaction has taken place and its legal
effects. These problems are even more evident when that rather unclear Community
law has to be transposed to national law. This lack of co-ordination between the
existing consumer and non-consumer measures was recognised by the Treaty of
Amsterdam, in the Article 153(2), providing that “consumer protection
requirements shall be taken into account in defining and implementing other
Community policies and activities”.
Perhaps the most
controversial issue concerning the regulation of e-commerce in respect of the
consumer’s protection has arisen in connection with the E-commerce Directive.
The question of which law governs consumer electronic contracts is not clearly
denoted in the content of the E-Commerce Directive. Within the EU, the governing
law of contracts is generally dealt with by the 1980 Rome Convention, which
permits the parties to decide on the governing law, with the exception of the
law governing consumer contracts. In this specific case, the choice of law may
not deprive the consumer from the protection of certain “mandatory rules” of
the law of the state of his residence. These obligatory rules cannot be
derogated by contract or by any national law, and typically include provisions
about unfair terms in standard form contracts along with obligations of the
supplier to provide certain information for certain types of transactions.
Similar provisions are found in the text of Distance Selling Directive.
When the
Commission announced that, under the Electronic Commerce Directive, the
governing principle would be that the law of the country of origin of the
supplier would govern, there was an outcry from consumer interest groups.
Whereas those involved in e-commerce argued that exposing online merchants to
the consumer protection laws of all 15 Member States would impede the
development of e-commerce in the EU. But finally, it became clear that the
existing provisions relating to the law of consumer contracts would not be
changed.[170]
The Commission
must assemble the applicable laws and develop a coherent "framework
code" for the electronic marketplace. The existing regulatory framework
is not adequate and cannot be substitute for an integrated codification
that is internally consistent and works toward a set of common goals.
Further, a significant disadvantage concerns
the time required by the European Union to enact and implement legislation,
since the expanding coverage of EU e-commerce law is dependent upon effective
enforcement. The average timetable for adopting a Directive is two to three
years, and then another two or three years for implementation in the Member
States. This time is a considerable drawback compared with the rapid
developments in e-commerce. But it is rather idealistic to suppose that a
solution could be found soon. While the Commission has to move more
quickly in this rapidly evolving area, adopting flexible and up-to-date
legislation it seems unlikely in the near future. The European Union’s
legislative process is designed to be deliberative, enabling Member States to
weigh in, their constituent interests before national sovereignty is usurped by
Community law.
The European Union
Institutions, particularly the Commission, have to lead in promoting e-commerce
while protecting the consumer interests. As e-commerce is becoming truly
borderless trade in Europe, individual Member States can lay little claim to
autonomous legislative authority. A uniform legal approach is therefore
necessary, and the only question is how the Community-wide authority could
contribute effectively.
An option is to be
adopted a “World Government Model” regulating specifically e-commerce,
although the existing legal regimes throughout the world appear too
heterogeneous to join forces and develop global rules to regulate markets and
resolve disputes. But, as some countries favour strong policies of free speech
and individual rights, while others are more inclined to take an active role as
protector of their citizens, it seems rather unrealistic to be agreed such a
uniform model and then to be of global acceptance.
Then again,
self-regulation as a control mechanism is not advisable as a possible solution.
The medieval Law Merchant, in which traders developed their own regulatory
system with little regard to national borders, is analogous to self-regulation
schemes. But, circumstances are
quite different today. National legal systems are more developed and have
efficient mechanisms to challenge borderless trade. There is, thus, no lack of
legal authority, no empty space to be completed. The problem is lack of
coherence and coordination among the various legal regimes that would regulate a
given act or transaction. Moreover, self-regulation is more effective when
regulating dealings among a small number of traders who know each other. But, as
the electronic marketplace covers a large, disparate and, to some extent,
anonymous collection of buyers and sellers, self-regulation alone is unlikely to
police the market effectively.
A further possible alternative could be
business agreement to develop Codes of Conduct regulating areas that relieve
consumers’ fears and bolster consumer confidence (including transparency and
identification, data protection, security of transactions, authentication,
commercial communications, distance selling, cancellation policies, and
redress). These Codes should also provide mechanisms for enforcement, monitoring
and also surveillance of their provisions. Similarly, third party certification
systems that provide “seals” and “trustmarks” to certify that vendors
could comply with a defined code of conduct. Specified enforcement provisions
could be developed through competition in the market and could be used widely by
Internet vendors. But, it is arguable whether
consumers could rely upon such a business-oriented Code of Conduct, as rather
profit could be their motive and not truly consumer protection guaranties. Thus,
since the European Union Member States have more common legal traditions and
therefore, are more likely to agree upon a suitable regulatory framework. EU
Directives governing e-commerce transactions are an outstanding example of
regulatory framework of broad recognition.
Cross-border transactions are problematic,
especially from the consumer viewpoint due to uncertainty concerning the
applicable law and the differences between national laws. Implicitly,
Internet requires either a novel model of regulation or further-development of
the existing ones. Whereas in the traditional trading place there has been much
debate about the advantages and disadvantages of self-regulation, the Internet
forces to accept it as a necessary aspect requiring immediate and rather uniform
regulation. Additionally, formal or informal enforcement procedures will have to
be agreed by cross-border institutions.
If the major goal
is to facilitate e-commerce transactions and at the same time to introduce such
a legal framework that would apply to Internet transactions so as to achieve the
desired consumer confidence then the applicable legal regime in the European
Union is quite clear and could be a useful model for global regulation.
Positively
thinking, European Union institutions are ideally capable to deal with
e-commerce issues. After all, this multi-national community has been created for
the express purpose of eliminating barriers to cross-border trade in Europe, and
over the years the Treaty of Rome has been amended to expand the powers of
European Union institutions to the point where only few areas of commerce are
beyond their reach.
As a part of the ambitious effort to building trust and confidence among the “electronic-consumers”, the Commission has presented numerous Directives and Proposals for Directives relating to electronic commerce transactions, which then have to be adapted by the European Member States into national law. The main incentive of the EU Directives is to endorse and promote E-commerce. Directive 2000/31/EC on certain legal aspects of Information Society Services and in particular, Electronic Commerce in the Internal Market of September 1999 (the E-Commerce Directive) is a prime example reflecting that endeavour, since it provides legal certainty to operators that their transactions will be regulated, in principle, by just one authority (that of their country of origin). Other important Directives include the Directive on Distance Contracts (Directive 97/7/EC), relating to consumer agreements concluded through the use of distance communication technology; the Data Protection Directive (Directive 95/46/EC) on the protection of natural persons during processing of personal data and relating to free data transfer; the electronic signatures (Directive 99/93/EC) on a Community framework for electronic signatures.
In
terms of harmonisation, the various adopted Directives, undoubtedly, increase
the level of harmonisation within the EU, by requiring each Member State to
enforce them through detailed national statutes. It is significant, however,
that the European Directives, such as the Data Protection Directive, have also
forced other countries to adopt similar legislation in order to conform to the
EU standards. A wide range of countries with extensive trade relations with the
EU might lack “adequate” protection of privacy, and thus, might encounter
limits on the transfers of personal information. The last few years, data
protection laws enacted or were seriously considered in European countries
outside of the EU, and in far-flung countries such as Argentina, Brazil, Canada,
and New Zealand. The possibility of “inadequate” protection has also been
used as an argument for enacting new privacy legislation in the United States.
It
is evident that the EU Directives have played a prominent role in encouraging
similar legislation around the globe. As the Internet helps individuals conduct
international transactions with unparalleled ease, the concerns that are latent
about the uncertain, “unregulated” means of communication are potentially
large. If the incentive is the proliferation of e-commerce then the existing
concerns relating to safe commercial transactions have to be removed. Consumers
have to feel safe while contracting on line. Although the EU legal framework is
not the most complete, since it has some “legal unclarities”, it is on the
other hand, well constructed towards an ambitious attempt to regulate all the
possible subjects addressed. But conflicts can arise as countries seek to
restrict activities in one part of the Web that are legal elsewhere.
These Directives
will likely have significant repercussions for the Internet, and will require
companies worldwide to make adjustments in operational concepts. The Directives
are currently, a source of tension between the United States, which has taken a
comparatively “hands off” approach legislatively, and the EU, which appears
eager to expand its reach in order to protect its citizens. How EU legislation
is enforced, and the legal principles regarding jurisdiction over remote
Internet activities, will be debatable field for the present time and possibly
for the near and distant future.
However, it is very important for the economic future of Europe not to be left behind in the race to establish legal suggestions in the electronic marketplace. Whilst, the majority of European governments have a long tradition of intervention and regulation of commerce, in particular leaning towards protection of consumers and small businesses, this “troublesome” new medium requires urgent regulation and the adopted EU legislation is balancing successful among the divergent interests of both consumers and vendors. Thus, the development of European e-commerce regulatory framework is likely to be a prominent model and become a stable basis that will strengthen consumer confidence and boost e-commerce globally.
Bibliography
Books
Akdeniz,
Y. &Walker, C.,
“Whisper who dares: encryption, privacy rights and the new world disorder”,
in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society,
Longman, 2000
Bainbridge,
D., Introduction
to Computer Law, Longman, 4th edition, 2000
Cate,
F. H.,
Privacy in the information age, Washington D.C. Brookings Institution
Press, 1997
Charlesworth,A.,
“Not National vs. International but Commercial vs. Individual”, in Edwards,
L. & Waelde, Ch., Law and the Internet a framework for electronic
commerce, Oxford-Portland Oregon, Hart Publishing, 2000
Charlesworth,A.,
“The governance of the Internet in Europe”, in Akdeniz, Y., Walker, C. and
Wall, D. (eds), The Internet, Law and Society, Longman, 2000
Dickie,J.,
Internet and Electronic Commerce Law in the European Union,
Oxford-Portland Oregon, Hart Publishing,1999
Eden,
P.,
“Electronic commerce- Law and Policy”, in Akdeniz, Y., Walker, C. and Wall,
D. (eds), The Internet, Law and Society, Longman, 2000
Edwards,L.&Waelde,Ch.,
Law and the Internet a framework for electronic commerce, Oxford-Portland
Oregon, Hart Publishing, 2000
Hogg,
M.,
“Secrecy and Signatures-Turning the legal Spotlight on Encryption and
Electronic Signatures”, in Edwards, L. &Waelde, Ch., Law and the
Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart
Publishing, 2000
Kelleher,D.&
Murray,K.,
IT Law in the European Union, London, Sweet and Maxwell,1999
Lloyd,
I., Legal
Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths,
2000
Lloyd,
I. J.,
Information Technology Law, London-Edinburgh-Dublin, Butterworths, 3rd
edition, 2000
Lubbock,M.&
Krosch,L.,
E-commerce : doing business electronically? London, Stationery Office,
2000
Reed,
A.,
“Jurisdiction and choice of Law in a borderless electronic environment”, in
Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society,
Longman, 2000
Reed,
Ch. & Angel J.,
Computer Law, London, Blackstone Press, 4th edition, 2000
Reed,
Ch., Internet
Law: Text and Materials, London-Edinburgh-Dublin, Butterworths, 2000
Rowland,
D. &MacDonald, E.,
Information Technology Law, London-Sydney, Cavendish Publishing, 2nd
edition, 2000
Spinello,R.A.,
Cyberethics-Morality and Law in Cyberspace, Sudbury, Massachusetts, Jones
& Bartlett Pub.,2000
Swire,
P. & Litan, R.,
None of your business-World Data Flows, Electronic Commerce and the European
Privacy Directive, Washington D.C., Brookings Institution Press, 1998
Wacks,R.,
The protection of privacy, London,Oxford, Sweet Maxwell,1980
Wacks,R.,
Personal information: privacy and the law,Clarendon Press, 1993
Akdeniz,Y., “UK Government Policy on Encryption”, Web Journal of Current Legal Issues, 1/1997 http://webjcli.ncl.ac.uk/1997/issue1/akdeniz1.html
Akdeniz,Y.
et al.,
Cryptography and Liberty: “Can the Trusted Third Parties be Trusted? A
Critique of the Recent UK Proposals” http://elj.warwick.ac.uk/jilt/cryptog/97_2akdz/default.htm
Angel, J., “Why use Digital Signatures for Electronic Commerce?”, Commentary,1999 (2) , (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/99-2/angel.html
Barofsky,A.,
“The European Commission's Directive on Electronic Signatures: Technological
“Favoritism” Towards Digital Signatures” ,(2000) 24 Boston College
International and Comparative Law Review,p.145
Bogle,Ph.&Mitchell,E., “E-commerce legislation in the EU” http://www.elbornes.com/articles/ecomleg.htm
Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html
Brady,M., “Reality Check: The State of E-Commerce”, E-Commerce Times, 11July 2000,http://www.ecommercetimes.com/perl/story/3738.html
British Bankers Association “Replacing the Brussels Convention”, Issue 34, http://www.bba.org.uk/html/1212.html
Brownsword,
R. & Howells, G.,
“Consumer Protection on the Internet: The Impact of the Information
Technology” Journal of Contemporary Issues in Law,
http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm
Charlesworth,A.,
“Clash of the Data Titans: US and EU Data Privacy Regulation” (2000) 6
European Public Law pages 253-274
Charlesworth,A.,
“Implementing the European Data Protection Directive 1995 in UK Law: The Data
Protection Act 1998” (1999) 16 (3) Government Information Quarterly 203
Commission
of the European Communities
“Boosting customers’ confidence in electronic means of payment in the single
market”, Brussels 1997 COM (97) 353
Commission
of the European Communities
“Globalisation and the Information Society/The Need for Strengthened
International Coordination”, Brussels 1998, COM (98) 50
Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm
Dejoie,L. A., “Significant European Developments”, International Law & The Internet, http://www.mwn.com/publicat/articles/inteuro.html
Diedrich,F., “A Law of the Internet? Attempts to Regulate Electronic commerce” http://elj.warwick.ac.uk/jilt/00-3/diedrich.html
Directive
2000/31/EC Electronic commerce:
“Commission welcomes
final adoptions of legal framework Directive”
Dorsey
& Whitney
Intellectual Property Practice Groups “Regulating E-Commerce in Europe: The
Rhetoric and the Reality”, Intellectual Property Law
March 2001, http://www.dorseylaw.com/updates/IPMar2001.asp
Electronic
Commerce:
“Commission proposes legal framework”, December 1998,Single Market News, No
15,p.16-17
European
Commission,
“Ensuring security and trust in electronic communication: towards a European
framework for digital signatures and encryption: communication from the
Commission”, COM (1997) 503
EU Committee of the American Chamber of Commerce Position Paper on the Working Document on “The Processing of personal data and the protection of privacy in the electronic communication sector”, 19 May 2000, http://www.eucommittee.be/pop/pop2000/Icts/icts38.htm
EU
Electronic Commerce Directive: Introduction
http://www.geocities.com/SiliconValley/Network/5054/marcos/directiva/ecomdirintro_en.htm
Foss, M.& Bygrave, L. A., “International Consumer Purchases through the Internet: Jurisdictional Issues pursuant to European Law”, ECLIP ESPRIT Project 27028,
Electronic Commerce Legal Issues
Platform,
http://www.jura.uni-muenster.de/eclip/documents/NRCCL_consumer_jurisdiction.pdf
Freeman D.J.,“IBA world women lawyers conference -Jurisdiction and the Internet”,March2001, http://www.djfreeman.co.uk/litigati/pubs/seminars/iba2001.shtml
Gillies,L., “A Review of the New Jurisdiction Rules for Electronic Consumer Contracts within the European Union”, Commentary, 2001(1) The Journal of Information Law and Technology (JILT) http://elj.warwick.ac.uk/jilt/01-1/gillies.html
Hatlestad, L., “Online privacy matters”, Red Herring,16 January 2001 http://www.redherring.com/index.asp?layout=story&channel=50000005&doc_id=1760015576
Hörnle, J., “The European Union Takes Initiative in the Field of E-Commerce”, Commentary 2000 (3) The Journal of Information, Law and Technology (JILT). http://elj.warwick.ac.uk/jilt/00-3/hornle.html
Jones,
P.,
“Privacy and the Private Sector: Law at the crossroads of evolution” (2000)
6 European Public Law pages 275-301
Kesarev,K., “Digital Signatures And Encryption in The European Union”, November 1998, http://www.tml.hut.fi/Studies/Tik-110.300/1998/Essays/crypto_eu.html#2.1
Kosten, F. & Pounder, Ch., “The EC Data Protection Directive 1995: An Analysis” (1996) 2 Web Journal of Current Legal Issues http://webjcli.ncl.ac.uk/1996/issue2/kosten2
Lloyd,I., “An Outline of the European Protection Directive”,(1996)JILT http://elj.warwick.ac.uk/jilt/dp/intros/default.htm
Lodder,A.R., “Electronic Contracts and Signatures: National Civil Law in the EU will change drastically soon”,15th BILETA Conference: “Electronic datasets and Access to Legal Information”, April 2000, http://www.bileta.ac.uk/00papers/lodder.html
McCullagh, A. et al, “Signature Stripping: A Digital Dilemma”, 2001 (1), The Journal of Information, Law and Technology, (JILT), http://elj.warwick.ac.uk/jilt/01-1/mccullagh.html
Maxeiner, J. R., “Freedom of Information and the EU Data Protection Directive” (1995) 48 (1) Federal Communications Law Journal http://www.law.indiana.edu/fclj/pubs/v48/no1/maxeiner.html
Misquitta, A., “Electronic Signatures”, Spring 1999, http://www.farrer.co.uk/briefings/ecommerce/signatur.html
Morrison,D.S., “EC's e-commerce directive may be too indirect” ,Red Herring, 19 May 2000,http://www.redherring.com/index.asp?layout=story&channel=20000002&doc_id=1170012317
Morrison&Foerster LLP “ Amended Proposal for an Electronic Commerce Directive” (10/99) http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I
Nehf,J.P.,
“Borderless Trade and the Consumer Interest: Protecting the Consumer in the
Age of E-Commerce” (1999) 38Columbia Journal of Transnational Law, p.457
Ortiz, J., “Regulatory vacuum could stifle e-commerce growth” http://www.financialexpress.com/fe/daily/20000725/fco25011.html
Pearson, H.E., “E-Commerce Legislation: Recent European Community Developments”, Journal of Internet Law, http://www.gcwf.com/articles/journal/jil_aug00_1.html
Petersen,
S. B., “Your
Life as an Open Book: Has Technology Rendered Personal Privacy Virtually
Obsolete?”(1995) 48(1) Federal Communications Law Journal http://www.law.indiana.edu/fclj/pubs/v48/no1/petersen.html,
website visited on 17.7.2001
Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium” 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm
Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html
Regan, K., “EU OK's E-Commerce Dispute Law” http://www.EcommerceTimes.com/perl/story/5635.html
Reith,
T.,
“Consumer confidence: the key to successful E-Commerce in global
marketplace”(2001), 24 Suffolk Transnational Law Review 467
Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html
Rothchild,J.
“Protecting the Digital Consumer: The Limits of Cyberspace Utopianism”,
(1999)74 Indiana Law Journal, p.893
Seminerio,M. “EU privacy plan talks continue to end of year” ZDNet News,2 November 1998, http://www.zdnet.com/zdnn/stories/news/0,4586,2158908,00.html
Singleton,S., “Privacy as Censorship: A Skeptical view of proposals to Regulate Privacy in the Private Sector” Cato Institute, Policy Analysis No 295, 22 January 1998 http://www.cato.org/pubs/pas/pa-295.html
Spar,D. & Busgang, J., “Ruling Commerce in the Networld” http://www.ascusc.org/jcmc/vol2/issue1/commerce.html
Stravitz,H.B.,
“Personal
Jurisdiction in Cyberspace: Something More is Required on the Electronic Stream
of Commerce”(1998),49 South Carolina Law Review,p.925
Swindells,C.& Henderson,K., “Legal Regulation of Electronic Commerce” http://elj.warwick.ac.uk/jilt/98-3/swindells.html
Swire,P.P.,
“Of
Elephants, Mice, and Privacy: International Choice of Law and the Internet” ,
International Lawyer, August 1998,
http://www.osu.edu/units/law/swire1/elephants.htm
The White House: “A Framework for Global Electronic Commerce”, (1997) http://www.ecommerce.gov/framewrk.htm
Töpper,A., “Confidence in e-commerce?” Workshop Results Third Annual Assembly of Consumer Associations in Europe, 23 & 24 November 2000, Brussels http://europa.eu.int/comm/dgs/health_consumer/events/event32_wrks4_rep1_en.html
UK Information Technology “Consumer contracts and jurisdiction - changes to the Brussels Convention”, February 2001, articles in association with Bristows, http://www.icclaw.com/devs/uk/it/ukit_060.htm
United Nations UNCITRAL model law on electronic commerce with guide to enactment 1996 with additional article 5 as adopted in 1998 http://www.uncitral.org/english/texts/electcom/ml-ec.htm
Wagner,J., “Despite Consumer Confidence, Security Issues Remain” http://www.internetnews.com/ec-news/article/0,,4_712111,00.html
White,
A.,
“Control of Transborder Data Flow: Reactions to the European Data Protection
Directive”, (1997) 5 International Journal of Law and Information Technology,
p. 230
Youngerwood,A.& Mann,S., “Extra Armoury for Consumers: The New Distance Selling Regulations”, Commentary 2000 (3) The Journal of Information, Law and Technology (JILT), http://elj.warwick.ac.uk/jilt/00-3/youngerwood.html
[1] Reed, A., “Jurisdiction and choice of Law in a borderless electronic environment”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.104
[2] Eden, P., “Electronic commerce- Law and Policy’’, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.318
[3] Commission of the European Communities “Globalisation and the Information Society/The Need for Strengthened International Coordination”, Brussels 1998, COM (98) 50
[4] Stravitz,H.B., “Personal Jurisdiction in Cyberspace: Something More is Required on the Electronic Stream of Commerce”(1998),49 South Carolina Law Review,p.925
[5] Rothchild,J. “Protecting the Digital Consumer:The Limits of Cyberspace Utopianism”, (1999)74 Indiana Law Journal, p.893
[6] Akdeniz,Y. et al., Cryptography and Liberty: “Can the Trusted Third Parties be Trusted ?A Critique of the Recent UK Proposals” http://elj.warwick.ac.uk/jilt/cryptog/97_2akdz/default.htm
[7] Reith, T., “Consumer confidence: the key to successful E-Commerce in global marketplace”(2001), 24 Suffolk Transnational Law
Review 467
[8] Töpper,A., “Confidence in e-commerce?’’ Workshop Results Third Annual Assembly of Consumer Associations in Europe, 23 & 24 November 2000, Brussels http://europa.eu.int/comm/dgs/health_consumer/events/event32_wrks4_rep1_en.html
[9] Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm
[10] Kelleher,D.& Murray,K., IT Law in the European Union, London, Sweet and Maxwell,1999,p.85
[11]
Reed, Ch. & Angel J., Computer Law, London, Blackstone
Press, 4th edition, 2000,p.301
[12]
Communication to the European Parliament, the Council, the Economic
and Social Committee and the Committee of the Regions “A European
Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm
[13] Brussels Convention on jurisdiction and the enforcement of judgments in civil and commercial matters, 27 September 1968, OJ L299/32,1968.
[14] Rome Convention on the Law applicable to Contractual Obligations, 19 June 1980, OJ L 266/1, 1980
[15] European Free Trade Area, members of EFTA are currently Iceland, Liechtenstein, Norway, Switzerland
[16] Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.264
[17] Brussels Convention Art. 2(1)
[18] Foss, M.& Bygrave, L. A. “International Consumer Purchases through the Internet: Jurisdictional Issues pursuant to European Law”, ECLIP ESPRIT Project 27028, Electronic Commerce Legal Issues Platform, http://www.jura.uni-muenster.de/eclip/documents/NRCCL_consumer_jurisdiction.pdf
[19] Brussels Convention art.4
[20] Brussels Convention art.14
[21] Reed, Ch., Internet Law: Text and Materials, London-Edinburgh-Dublin, Butterworths, 2000,p.192
[22] Brussels Convention Art.13 (1)
[23] Brussels Convention Art.13(2)
[24] Brussels Convention Art.13(3a)
[25] Brownsword, R. & Howells, G., “Consumer Protection on the Internet: The Impact of the Information Technology” Journal of Contemporary Issues in Law, http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm
[26] UK Information Technology “Consumer contracts and jurisdiction - changes to the Brussels Convention”, articles in association with Bristows, February 2001 http://www.icclaw.com/devs/uk/it/ukit_060.htm
[27] Foss, M.& Bygrave, L. A. “International Consumer Purchases through the Internet: Jurisdictional Issues pursuant to European Law”, ECLIP ESPRIT Project 27028, Electronic Commerce Legal Issues Platform, http://www.jura.uni-muenster.de/eclip/documents/NRCCL_consumer_jurisdiction.pdf
[28] Hörnle, J., “The European Union Takes Initiative in the Field of E-Commerce”, Commentary 2000 (3) The Journal of Information, Law and Technology (JILT). http://elj.warwick.ac.uk/jilt/00-3/hornle.html
[29]
Rowland, D. &MacDonald, E., Information Technology Law,
London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.265
[30]
Freeman D.J.,“IBA world women lawyers conference -Jurisdiction and
the Internet”,March 2001, http://www.djfreeman.co.uk/litigati/pubs/seminars/iba2001.shtml
[31] Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market Official Journal L 178, 17/07/2000 p. 1-16
[32] Pearson, H.E. “E-Commerce Legislation: Recent European Community Developments” http://www.gcwf.com/articles/journal/jil_aug00_1.html
[33] Article 1 and 3
[34] Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm
[35] Ortiz, J., “Regulatory vacuum could stifle e-commerce growth” http://www.financialexpress.com/fe/daily/20000725/fco25011.html
[36] Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm
[37] Bogle,Ph.&Mitchell,E., “E-commerce legislation in the EU” http://www.elbornes.com/articles/ecomleg.htm
[38] Recital 19
[39] Morrison&Foerster LLP “Amended Proposal for an Electronic Commerce Directive (10/99)’’ http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I
[40]
EU Electronic Commerce Directive: Introduction
http://www.geocities.com/SiliconValley/Network/5054/marcos/directiva/ecomdirintro_en.htm
[41] Article 4
[42]
EU Electronic Commerce Directive: Introduction
http://www.geocities.com/SiliconValley/Network/5054/marcos/directiva/ecomdirintro_en.htm website visited on 5.7.2001
[43] Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm, website visited on 20.7.2001
[44] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing1999,p.24
[45] Morrison & Foerster LLP “Amended Proposal for an Electronic Commerce Directive (10/99)’’ http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I website visited on 20.7.2001
[46] Article 4 and 5 of the Directive on Distance contracts
[47] The relevant provisions of the Directive on distance contracts applies only where there is a contractual or pre-contractual relationship
[48] Article 11
[49] Lubbock,M.& Krosch,L., E-commerce : doing business electronically? London, Stationery Office, 2000,p.21
[50] Article 6(a) and (b)
[51] Lubbock,M.& Krosch,L., E-commerce : doing business electronically? London, Stationery Office, 2000,p.21
[52] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.26
[53] Article 7(1)
[54] Article 8(1)
[55] Article 9
[56] Article 10
[57] Article 11(1)
[58] Morrison&Foerster LLP “Amended Proposal for an Electronic Commerce Directive” (10/99) http://www.mofo.com/mofocgi/gendisplaylong?pubs,0668EUROPECOMM,MMEDIA,I
[59] Article 16
[60] Article 16(b). See also Directive 98/34 EC, OJ 1998 L204/37, as amended by Directive 98/48 EC, OJ 1998 L217/18, which provides that voluntary agreements to which a public authority is party must be notified in accordance with the terms of the Directive
[61] Nehf, J.P., “Borderless Trade and the Consumer Interest: Protecting the Consumer in the Age of E-Commerce” (1999) 38Columbia Journal of Transnational Law, p.457
[62] Eden, P., “Electronic commerce- Law and Policy’’, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.363
[63] Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm
[64] Morrison,D.S., “EC's e-commerce Directive may be too indirect’’ ,Red Herring, 19 May 2000 http://www.redherring.com/index.asp?layout=story&channel=20000002&doc_id=1170012317
[65] Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm
[66] Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.278
[67] Article 19(2)
[68] Hörnle, J., “The European Union Takes Initiative in the Field of E-Commerce”, Commentary 2000 (3) The Journal of Information, Law and Technology (JILT). http://elj.warwick.ac.uk/jilt/00-3/hornle.html
[69] Pullen, M., “E-commerce Directive and the Internal Market Internet Law and Policy Forum Jurisdiction: Building Confidence in a Borderless Medium”, 26-27 July 1999 http://www.ilpf.org/confer/present99/pullen_int.htm
[70] Case 120/78,Rewe-Zentrlale AG v. Bundesmonopolverwaltung für Branntwein (1979)ECR 649
[71] Council Regulation (EC) No 44/2001 of 22 December 2000 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters, Official Journal L 012, 16/01/2001 p.1-23
[72]
Gillies, L., “A Review of the New Jurisdiction Rules for Electronic
Consumer Contracts within the European Union’’, Commentary, 2001(1) The
Journal of Information Law
[73] Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.278
[74] British Bankers Association “Replacing the Brussels Convention”, Issue 34, http://www.bba.org.uk/html/1212.html
[75] Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.265
[76] Regan, K., “EU OK's E-Commerce Dispute Law’’ http://www.EcommerceTimes.com/perl/story/5635.html
[77] Swire, P. & Litan, R., None of your business-World Data Flows, Electronic Commerce and the European Privacy Directive, Washington D.C., Brookings Institution Press, 199,p.88
[78] Survey, “Information Technology and Data Protection” Eurobarometer 46.1(January 1997),
[79] Akdeniz, Y. &Walker, C., “Whisper who dares: encryption, privacy rights and the new world disorder”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), The Internet, Law and Society, Longman, 2000,p.318
[80] Swire, P. & Litan, R., None of your business-World Data Flows, Electronic Commerce and the European Privacy Directive, Washington D.C., Brookings Institution Press, 1998,p.77
[81] Hatlestad, L., “Online privacy matters”, Red Herring, 16 January 2001 http://www.redherring.com/index.asp?layout=story&channel=50000005&doc_id=1760015576
[82] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing1999,p.56
[83] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Official Journal L 281, 23/11/1995 p.31- 50
[84] Recital 30
[85] Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000,p.366
[86] Lloyd, I., “An Outline of the European Protection Directive”, (1996) JILT http://elj.warwick.ac.uk/jilt/dp/intros/default.htm
[87] Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html
[88] Cate, F. H., Privacy in the information age, Washington D.C., Brookings Institution Press, 1997 p.37
[89] Cate, F. H., Privacy in the information age, Washington D.C., Brookings Institution Press, 1997 p.41
[90] Maxeiner, J. R., “Freedom of Information and the EU Data Protection Directive’’ (1995) 48 (1) Federal Communications Law Journal http://www.law.indiana.edu/fclj/pubs/v48/no1/maxeiner.htm
[91] Cate, F. H., Privacy in the information age, Washington D.C., Brookings Institution Press, 1997 p.41
[92] Reed, Ch., Internet Law: Text and Materials, London-Edinburgh-Dublin, Butterworths, 2000,p.231
[93] Article 25(3)
[94] Lloyd, I. J., Information Technology Law, London-Edinburgh-Dublin, Butterworths, 3rd edition, 2000,p.189
[95] Article 22
[96] Article 23(1)
[97] Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html
[98] Rotenberg, M., “EC Adopts Privacy Directive”, 26 July 1995 http://www.cni.org/Hforums/roundtable/1995-03/0038.html
[99] e.g. the Council of Europe Convention, which attempts to reconcile the notion of effective data protection with the ideal of free flow of information, as set out in the European Convention on Human Rights,Art.10. In pursuance of this Art.12 of the Convention, on automatic processing of data, contains provisions allowing restriction of transborder data flows “except where the regulations of the other party provide an equivalent protection (for the personal data)
[100] Rowland, D. &MacDonald, E., Information Technology Law, London-Sydney, Cavendish Publishing, 2nd edition, 2000,p.377
[101] Kelleher,D.& Murray,K., IT Law in the European Union, London, Sweet and Maxwell,1999,p.255
[102] Seminerio,M., “EU privacy plan talks continue to end of year” ZDNet News,2 November 1998, http://www.zdnet.com/zdnn/stories/news/0,4586,2158908,00.html,
[103] White, A., “Control of Transborder Data Flow: Reactions to the European Data Protection Directive”, (1997) 5 International Journal of Law and Information Technology, p. 230
[104]
Dickie,J., Internet and Electronic Commerce Law in the European
Union, Oxford-Portland Oregon, Hart Publishing,1999,p.64
[105]
Lloyd,
I. J., Information Technology Law, London-Edinburgh-Dublin,
Butterworths, 3rd edition, 2000,p.192
[106] Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html
[107] Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000,p.271-272
[108] Directive 97/7/EC of the European Parliament and of the Council of 20 May 1997 on the protection of consumers in respect of distance contracts - Official Journal L 144, 04/06/1997 p.19-27
[109]
Council
Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts
[110] Article 1
[111] Recital 3
[112] Eden, P. “Electronic commerce- Law and Policy”, in Akdeniz, Y., Walker, C. and Wall, D. (eds), ‘The Internet, Law and Society’, Longman, 2000, p.363
[113] Article 2(2)
[114] The legal base of the Directive is Article 95 of the EC Treaty, which provides that the Community may take measures as is necessary for the development of internal market.
[115] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.92
[116] Recital 14
[117] Article 2(1)
[118] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p.93
[119] Article 10
[120] Article 3(1)
[121] Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html , website visited on 6.7.2001
[122] Article 4
[123] Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html, website visited on 6.7.2001
[124]
Recital
13
[125] Article 6(1)
[126] Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html , website visited on 6.7.2001
[127]
Brownsword, R. & Howells, G., “Consumer Protection on the
Internet: The Impact of the Information Technology” Journal of
Contemporary Issues in Law,
http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm
[128] Reed, Ch. & Angel J., Computer Law, London, Blackstone Press, 4th edition, 2000,p.327
[129]
Brownsword, R. & Howells, G., “Consumer Protection on the
Internet: The Impact of the Information Technology” Journal of
Contemporary Issues in Law,
http://jsis.artsci.washington.edu/programs/europe/Netconference/HowellsPaper.htm
[130] Bainbridge, D., Introduction to Computer Law, Longman, 4th edition, 2000,p.273
[131] Article 7
[132] Article 9
[133] Dejoie,L. A., “Significant European Developments”, International Law & The Internet http://www.mwn.com/publicat/articles/inteuro.html,
[134] Article 12
[135] Reed, Ch. & Angel J., Computer Law, London, Blackstone Press, 4th edition, 2000,p.327
[136] Article 4(2)
[137] Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000,p.270
[138]
Lloyd,
I., Legal Aspects of the Information Society, London-Edinburgh-Dublin,
Butterworths, 2000,p.270
[139] Bradgate,R., “The EU Directive On Distance Selling”,(1997) Web Journal of Current Legal Issues, http://webjcli.ncl.ac.uk/1997/issue4/bradgat4.html
[140] Distance Selling Directive http://www.dla.com/ecommerce/dist.htm,
[141] Recital 9
[142]
Kelleher,D.& Murray,K., IT Law in the European Union,
London, Sweet and
[143] Angel, J., “Why use Digital Signatures for Electronic Commerce?”, Commentary,1999 (2) , (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/99-2/angel.html
[144] Hogg, M., “Secrecy and Signatures-Turning the legal Spotlight on Encryption and Electronic Signatures’’, in Edwards, L. &Waelde, Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000,p.38
[145] Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157, para. 36 http://www.cordis.lu/esprit/src/ecomcom.htm,
[146] Kesarev,K., “Digital Signatures And Encryption in The European Union”, November1998,http://www.tml.hut.fi/Studies/Tik-110.300/1998/Essays/crypto_eu.html#2.1 ,
[147] Hogg, M., “Secrecy and Signatures-Turning the legal Spotlight on Encryption and Electronic Signatures’’, in Edwards, L. &Waelde, Ch., Law and the Internet a framework for electronic commerce, Oxford-Portland Oregon, Hart Publishing, 2000,p.38
[148] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p. 35
[149]
Directive 1999/93/EC of the European Parliament and of the Council of
13 December 1999 on a Community framework for electronic signatures
Official Journal L 013, 19/01/2000 p.12 –20
[150] Dickie,J., Internet and Electronic Commerce Law in the European Union, Oxford-Portland Oregon, Hart Publishing,1999,p. 37
[151] Article 4
[152] Angel, J., “Why use Digital Signatures for Electronic Commerce?”, Commentary,1999 (2) , (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/99-2/angel.html,
[153] Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html,
[154] Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html,
[155] Article 3
[156] Reed, C., “What is a signature?” 2000 (3), (JILT), The Journal of Information, Law and Technology, http://elj.warwick.ac.uk/jilt/00-3/reed.html,
[157] Misquitta, A., “Electronic Signatures”, Spring 1999, http://www.farrer.co.uk/briefings/ecommerce/signatur.html,
[158] Lloyd, I., Legal Aspects of the Information Society, London-Edinburgh-Dublin, Butterworths, 2000, p. 264
[159] Article 2(10)
[160] Article 6(3)
[161] Article 6(4)
[162] Recital 24
[163] Article 8(3)
[164] Misquitta, A., “Electronic Signatures”, Spring 1999, http://www.farrer.co.uk/briefings/ecommerce/signatur.html,
[165] Article 7
[166] Recital 16
[167]
Lloyd,
I., Legal Aspects of the Information Society, London-Edinburgh-Dublin,
Butterworths, 2000, p. 261
[168] Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions “A European Initiative in Electronic Commerce” COM (97) 157 http://www.cordis.lu/esprit/src/ecomcom.htm,
[169] Dorsey & Whitney Intellectual Property Practice Groups “Regulating E-Commerce in Europe: The Rhetoric and the Reality”, Intellectual Property Law, March 2001, http://www.dorseylaw.com/updates/IPMar2001.asp,
[170] Pearson, H.E., “E-Commerce Legislation: Recent European Community Developments’’, Journal of Internet Law, http://www.gcwf.com/articles/journal/jil_aug00_1.html,