LegislatingforElectronicTransactions

08 April 2002

Graham Smith




Background

It has become extremely fashionable to legislate for electronic commerce and electronic transactions. Such legislation has been proposed or implemented in, for instance, the United Kingdom, USA, Australia, Bermuda, Guernsey, Hong Kong, India, Ireland, Jersey, the Isle of Man, and Singapore. Some of this legislation is based, to a greater or lesser degree, on the UNCITRAL Model Law on Electronic Commerce. Much E.U. legislation addresses e-commerce in the broadest sense, some of it (for instance parts of the Electronic Commerce Directive) specifically addressing facilitation of electronic transactions.

Removing Obstacles to Electronic Transactions

The most compelling reason to legislate for e-commerce is to reform any existing laws that create obstacles to it. Such obstacles usually consist of laws laying down requirements of form as preconditions to legal effectiveness. Such laws expressly or impliedly stipulate a particular medium (e.g. paper) in which information must be contained. These laws may clearly exclude electronic form, or may create uncertainty as to whether electronic form satisfies the requirements.

A primary objective of electronic commerce legislation is therefore to remove such obstacles and create clarity, cer­tainty and equality of treatment between media. Further, for those areas in which there are no requirements of form in the existing offline environment, the law should naturally permit similar activities to take place online.

It is also important, and may be regarded as an aspect of equality of treatment between media, that while electronic commerce legislation should facilitate electronic transactions it should not require or prescribe their use. This is, however, as we discuss below, easier to state than to achieve.

We also suggest that electronic commerce legislation should create, so far as possible, a single medium-neutral legal environment governing paper and non-paper transac­tions, rather than create separate parallel regimes for paper and electronic form. As far as possible an electronic com­merce actor should not be subjected to a two-stage process of deciding whether his transaction is in paper or electronic form, then complying with the rules that govern that partic­ular form. That is not only unnecessarily burdensome, but is also predicated on an increasingly unmaintainable distinction between paper and electronic form.

For instance, a hard copy may be scanned as a digital image, attached to an email and sent to a mailbox equipped with text-to-voice conversion that enables the recipient to listen to emails. The mailbox also forwards the email and attachment via a fax conversion service to a fax machine which stores the incoming fax on disk and prints it out on demand. What starts and finishes as paper goes through a number of different electronic communication stages. Sim­ilarly, is there any real difference between sending a fax to a memory-resident fax machine, and sending an email to someone who has his email client set to print out the email? In each case it is almost impossible to say whether the transaction is paper or electronic; and whether a paper record is created depends entirely on how the recipient configures his machine.

Achieving certainty

A second reason for legislating may be to create confidence in the legal environment among laypersons and industry. This may involve legislating, even when the majority of lawyers are agreed that the existing legal environment[1] accommodates electronic transactions. The argument in support of the proposition that it is necessary to legislate so as to eliminate even wrongly perceived uncertainties in the legal environ­ment' was well expressed, in relation to electronic signatures, by the Minister introducing the Second Reading of the U.K. Electronic Communications Bill.[2]

"Lawyers argue about whether electronic signatures would be recognised as valid by the courts, but we cannot afford to wait while lawyers argue and the courts decide. Instead, clause 7 will allow businesses and consumers to have confidence in elec­tronic signatures, because it puts beyond doubt that a court can admit evidence of an electronic signature and a certificate in support of that signature not only to establish from whom the communication came, but to establish the date and time at which it was sent and whether it was intended to have legal effect."

The Chair of the U.S. Uniform Electronic Transactions Act drafting committee has stated:

"Legal uncertainty about the enforceability and admissibility of electronic communications and records is inefficient, creates barriers to electronic commerce, and imposes unnecessary costs on participants in legitimate electronic commerce."[3]

Traps to be avoided when legislating for electronic commerce

Generally, e-commerce legislation may be vulnerable to criti­cism for various reasons, including:

  • it prescribes and requires, rather than facilitates the use of electronic communications and form;
  • it deliberately or inadvertently, and without sufficient justification, sets minimum standards that exclude some categories of electronic information from being legally effective;
  • it is explicitly or implicitly biased towards a particular technology or assumed business model;
  • it carries unacceptably high risks of unintended and undesirable consequences;
  • it creates the potential for unnecessary disputes over compliance with new electronic requirements of form;
  • it creates inefficient rules for which it is costly to determine the outcome;
  • it seeks to intervene or regulate in inappropriate ways.

Facilitation v. Prescription

Extreme caution should be exercised when proposing legisla­tion that lays down new prescriptive rules for electronic commerce, as opposed to removing obstacles and uncertain­ties. Since electronic commerce is a nascent and fast-evolving field the risk of unintended and undesirable consequences as a result of implementing new prescriptive rules is very high.

Caution also has to be exercised even when attempting to legislate only to facilitate electronic commerce by removing obstacles and uncertainty. When legislating to achieve facili­tation it is possible, by laying down minimum standards of, for instance, reliability and permanence with which the relevant records or communications must comply, inad­vertently to introduce new electronic requirements of form. Legislatures have sometimes found the temptation to legis­late for the reliability of electronic records to be overwhelm­ing. We suggest that this temptation should be resisted.

The imposition of more restrictive requirements on-line than off-line is generally undesirable. To specify minimum standards of reliability and permanence in order to conclude a contract electronically, or to adduce electronic evidence of it, would be anomalous in jurisdictions such as the United Kingdom which permit the making of oral contracts. Although an oral contract may be regarded colloquially as being "not worth the paper it is written on" (reflecting the inherent unreliability of oral testimony), a court is still able to find that an oral contract has been concluded. A legal system that permits that should logically also permit electronic contracts to be made using informal means, notwithstanding concerns about unreliability and impermanence of some electronic records.

Even where existing law does set minimum standards in the offline world by legislating for "writing", "signature" and so on there is a risk, when legislating for equivalent minimum standards for electronic communications, of in fact setting higher standards than for paper compliance. In English law, for instance, a pencil cross on a piece of paper can qualify as a signature notwithstanding its impermanence and inherent unreliability. Paper is not an inherently reliable medium. To regard it as inherently reliable when legislating for electronic equivalence can result in the creation of a class of electronic communications outlawed as unreliable, but whose unreli­able paper siblings still benefit from being within the law. Legislation such as that of Singapore, whose avowed purpose is "to facilitate electronic communications by means of reli­able electronic records" (emphasis added)[4],' is unlikely to achieve true equivalence between online and offline trans­actions.

These risks were noted by the Australian Electronic Commerce Expert Group in its Report to the Attorney-­General[5]:

“There is always the temptation, in dealing with the law as it relates to unfamiliar and new technologies to set the standards required of a new technology higher than those which currently apply to paper and to overlook the weaknesses that we know to inhere in the familiar.”

Such “minimum standards” provisions lead to considerable difficulties of definition. They also run the risk of being over technology-specific, since the standards are inevitably drawn with today's technology and communications structures in mind.

Further, the more restrictive and the more widely appli­cable are such “minimum standards”, the greater the risk that a jurisdiction will re-introduce the injustices associated with widespread legal requirements of form. In the United King­dom in 1937 the Sixth Interim Report of the Law Revision Committee[6] set out a number of reasons why most of section 4 of the Statute of Frauds 1677 and section 4 of the Sale of Goods Act 1893[7] should be repealed (as they subsequently were in 1954). Amongst the many criticisms noted, the following was especially powerful:

“ 'The Act', in the words of Lord Campbell . . . 'promotes more frauds than it prevents'. True it shuts out perjury; but it also and more frequently shuts out the truth. It strikes impartially at the perjurer and at the honest man who has omitted a precaution, sealing the lips of both. Mr Justice FitzJames Stephen ... went so far as to assert that 'in the vast majority of cases its operation is simply to enable a man to break a promise with impunity, because he did not write it down with sufficient formality.­’ “

The temptation to legislate for minimum acceptable standards of electronic form should, we suggest, be tempered by the risk of doing injustice by denying a person his rights through failure to comply with a required form. That risk is com­pounded in a new environment in which sophisticated tech­nical knowledge may be required on the part of the user to determine what complies with the electronic requirement of form, such as to identify an appropriately reliable identifica­tion method for an electronic signature (as required by Article 7 of the UNCITRAL Model Electronic Commerce Law).

Electronical commerce legislation, if it is to remove uncertainty, should be clear. The E.U. Distance Selling Direc­tive illustrates the problems that can be caused by lack of clarity in legislating for e-commerce. Article 5 of the Directive specifies information that the consumer must receive by way of confirmation of the transaction. The consumer must receive "written confirmation or confirmation in another durable medium available and accessible to him" of the relevant information. However, this is not defined so as to make clear which electronic forms would comply with this. To leave a point of such significance open to serious doubt in legislation promulgated with e-commerce specifically in mind is most undesirable.

The Evolution of Electronic Transactions Legislation

Electronic transactions legislation typically allows and legis­lates for electronic versions of traditional legal concepts such as contract, document, record, notice, instrument, signature, attestation, sealing and notarisation. Such legislation typi­cally also seeks to translate into the electronic environment traditional legislative requirements of form and process such as writing, record and document retention requirements, requirements to produce documents, service and delivery of documents and aspects of sending and receipt of documents such as time and place of sending and receipt.

Legislation may also address issues such as the liability of electronic intermediaries, the ability to use encryption and more esoteric issues such as the use of electronic agents.

Early legislation in, for instance, the field of electronic signatures, was highly technology specific. Typically it legis­lated for the use of digital signatures based on public key encryption. Such legislation was criticised on the basis not only that it sought to enshrine particular, unproven, techno­logies in legislation, but also that it sought to legislate for particular assumed business models that would not evolve naturally in the marketplace.[8] Such legislation was highly prescriptive, tending to legislate for high levels of reliability and security.[9]

Such legislation was also medium-specific, in that it effectively established separate regimes for electronic and non-electronic transactions. As we have noted above, the increasing convergence of electronic and non-electronic transactions means that the attempt to distinguish between the two is already relatively meaningless. [10]

Following the criticism of earlier electronic transactions and signature legislation, more recent legislation has tended to be more technology neutral and more facilitative. Thus legislation such as the E.U. Electronic Signatures Directive recognises the legal effectiveness and admissibility in evi­dence of all forms of electronic signature (including, for instance, typing one's name at the end of an email). Sim­ilarly, the UNCITRAL Model Law on Electronic Commerce does not seek to enshrine a particular technology for elec­tronic signatures.

Nonetheless, legislation such as these still tend to lean in favour of enshrining minimum standards. This is reflected in the favourable treatment permitted given in the E.U. Elec­tronic Signatures Directive to "advanced" electronic sig­natures (which are somewhat akin to the old PKI digital signature model). Article 7 of the UNCITRAL Model Law provides that where the law requires a signature of a person, that requirement is met if (inter alia) the method used to identify the person and indicate the person's approval of the information is "as reliable as was appropriate for the purpose for which the message was generated or communicated in the light of all the circumstances including any relevant agree­ment". Thus, although not enshrining any particular technol­ogy, this provision contemplates a hierarchy of electronic signatures of differing reliability, some of which will not satisfy legal requirements in relation to some types of trans­action. The same criticism can be made of the draft UNCI­TRAL Model Law on Electronic Signatures, which adopts the same terminology. Much of this draft Model Law is also predicated on the existence of business and technology models based on certifying reliable signatures. Since as yet it is not known whether these models will prove to embody an appropriate balance of cost, benefit and ease of use, the assumption may or may not turn out to be justified.

Some of the most recent legislation takes a further step forward by being wholly technology neutral, more medium neutral and highly facilitative. Legislation of this type con­tains, for instance, broad electronic signature definitions with no minimum standards. This can be seen in, for instance, the U.S. Uniform Electronic Transactions Act (UETA) and the U.S. Federal "E-SIGN" legislation.[11] The definition of "elec­tronic signature" used in section 7 of the United Kingdom Electronic Communications Act 2000 is also broadly facili­tative, although slightly more restrictive than that used in the U.S. legislation.

The differing approaches to electronic commerce legisla­tion are explained not only by evolving views about what such legislation should aim to achieve, but also the variety of legal systems with differing requirements of form in the offline environment.

Jurisdictions that place great store by formal require­ments of notarisation, sealing and so on to validate tradi­tional transactions [12] are likely to be naturally inclined towards replicating such systems in the electronic environ­ment. Those jurisdictions such as the United Kingdom, on the other hand, that traditionally impose few requirements of form in the offline environment are likely to be more open to the view that electronic transactions legislation should be broadly facilitative and not prescriptive.

We have noted above that one of the objections to the prescriptive approach is that the imposition of minimum standards creates new electronic requirements of form and that such requirements can be used by the unscrupulous to evade what would otherwise be binding legal obligations. The UNCITRAL Model Law on Electronic Commerce has been influential and certain of its electronic requirements of form have been widely reproduced in legislation. For instance, the U.S. E-SIGN legislation (which on the question of signatures is extremely facilitative), defines "writing" as involving an "electronic record ... in a form which is capable of being retained and accurately reproduced for later reference . . . ". This is similar to the UNCITRAL provision, that where the law requires information to be in writing that requirement is met by a data message if "the information contained therein is accessible so as to be useable for subsequent reference".

However, these types of provisions will inevitably lead to debate, uncertainty and costly court arguments about whether any particular electronic record satisfies the require­ment. For instance, a document saved in a common word processing format may appear differently, even using the same word processor software, depending on what fonts are installed on the software and how it is configured. We suggest that formal requirements of this sort are unhelpful. A useful comparison may be drawn with section 178 of the United Kingdom Copyright Designs and Patents Act 1988 which defines writing for the purposes of Part 1 of that Act as including "any form of notation or code, whether by hand or otherwise and regardless of the method by which, all medium in or on which, it is recorded".

We have already mentioned the UNCITRAL Model Law electronic signature provision. Such a provision will inevit­ably engender immense uncertainty as to the type of sig­nature that is appropriate for a particular type of transaction. It also suffers from the problem that it requires the user to assess the reliability of the proposed type of signature and therefore to be familiar with electronic and digital signature technologies. This is wholly unrealistic. Few IT experts understand these technologies, let alone non-expert users.

Efficient and Inefficient Rules

We have referred to some difficulties with technology-specific approaches. There is also danger in creating rules that require technological investigation to determine the outcome of the rule. This investigation is inevitably costly and results in an inefficient rule. A good example of such a rule is the UNCITRAL Model Law provisions regarding time of receipt of an electronic message. For an information system which has not been designated by the recipient, UNCITRAL Article 15 provides that the message is deemed received "when the data message enters an information system of the addressee". Such a rule may be practicable where two large companies with IT departments are communicating electronically with each other on a pre-agreed basis. If necessary, the two companies can keep gateway logs that can be examined to determine when the relevant event occurred. However, a rule such as this is wholly unrealistic for a home PC user. A rule that requires IT experts to be employed to determine (if it can be done at all) the deemed time of receipt of a message is, we suggest, inappropriate, costly and inefficient.

In the offline world, rules about service and delivery of documents tend to provide for a presumption of service or delivery after the expiry of a conventional period after, for instance, posting, and do not investigate when the post office actually delivered the item. Such a factual investigation tends to take place only if the alleged recipient wishes to challenge actual receipt, if at all. [12a]

The Australian Electronic Transactions Act 1999 pro­vides for receipt "when the electronic communication comes to the attention of the addressee".[13] Again, conventional rules of service tend to focus on an easily ascertainable event, such as posting or delivery, to establish a presumption of service, and not to enquire except perhaps in the case of a challenge to the presumption when the individual actually became aware of it.

When considering appropriate rules of delivery and receipt for electronic communications, as with offline provi­sions both the efficiency of the rule and justice to the recipient have to be taken into account and an appropriate balance achieved.

A recent example of a conventional rule to determine service of an email notice is contained in regulation 10 of the Consumer Protection (Distance Selling) Regulations 2000. This provides that a cancellation notice given by a consumer is to be treated as properly given if the consumer "sends it by electronic mail, to the business electronic mail address last known to the consumer (in which case it is to be taken to have been given on the day on which it is sent)". Here can be seen an attempt to replicate the traditional concept of the last known business address, coupled with an attempt to avoid the need for technical (although not all factual) enquiries. However, it may be commented that the notion of when an email is "sent" is by no means as simple as may first appear. What if the sender presses the send button, but the email remains in the Outbox for some period until the system is ready to forward it through a gateway to the outside world? What if the sender presses the send button, but sets a time delay? Considerations such as these have led to UNCITRAL-­style formulations such as when the message enters or leaves a person's information system. But as we have pointed out, these have their own problems. It will probably only be with experience of applying early attempts at rules that the appropriate balance can be achieved.

Facilitating without Requiring the Use of Electronic Transactions

While the facilitative approach to electronic transactions has been gaining ground, that approach is not free of difficulties. The main problem is how to facilitate use of electronic form, while avoiding legislation that compels the use of electronic form or means. In the case of a bilateral transaction, one party's facilitation is the other party's compulsion.

While, as enacted in some jurisdictions, it is possible to provide that use of electronic form in bilateral transactions requires the other party's consent, that substantially reduces the utility of the legislation from the point of view of the party who wishes to use electronic form. But the alternative amounts to compelling the other party to use electronic form.

The problem is especially acute where the document or communication has direct legal consequences, such as serv­ice of proceedings, statutory notices and so on. Take, for example, the case of a company receiving notices under companies legislation. Should a company be entitled to insist on receiving hard copy notices? If so, does that apply whether or not the company has electronic facilities such as an email address? If it is prepared to accept electronic notices, should it be entitled to specify particular rules and processes for receipt of such notices, including its own rules as to when they will be deemed received?

These questions do raise extremely difficult issues which have only recently been seriously addressed.[14]

There are also often questions about whether facilitation should apply to transactions with government in the same way as for transactions between private persons.

These difficulties have led to two widely differing approaches. First there is the "macro" approach of the UFTA and U.S. E-SIGN legislation, which is to legislate, as an overlay over existing legislation, a broad and wide-ranging facilitation of electronic form and means. This has been done in the knowledge that it may lead to potential anomalies. As the Chair of the Drafting Committee for UETA put it:

'”. . . UETA preserves the requirements concerning the manner of sending, posting, displaying, formatting, etc. contained in other State law. If other State law requires information to be furnished in a conspicuous manner, UETA §8 states that you can furnish the information electronically, but must do so in a conspicuous manner. If other State law requires the information to appear in purple ink sprinkled with glitter, you can furnish the information electronically only if you can assure that it appear to the recipient in purple sprinkled with glitter."[15]

The alternative, "micro" approach is that adopted by the United Kingdom in section 8 of the Electronic Communica­tions Act 2000. This provides a rule-making power whereby existing legislation can be amended to provide for electronic form and means on a case-by-case basis. This allows for the elimination of anomalies and unintended consequences. However, it suffers from the disadvantage of potential institu­tional inertia, bearing in mind the massive amount of legisla­tion that may have to be amended on a case-by-case basis. [16]

Typical examples of exclusions from the "macro" approach are areas such as real property, wills and testamen­tary instruments, trusts, negotiable instruments, documents of title and powers of attorney. The E-SIGN legislation carries the exclusions into other fields such as proximity require­ments concerning warnings and notices, notices of cancella­tion or termination of utility services, notice of default, foreclosure, eviction, etc. in relation to an individual's pri­mary residence, notice of cancellation or termination of health or life assurance, notice of product recall and any document required to accompany transportation or handling of hazardous materials and the like.

The E-SIGN provisions for consumer consent to use of electronic records state that a consumer may consent to the use of an electronic record where a statute requires informa­tion to be provided or made available to a consumer in writing. The writing requirement is satisfied if the consumer has affirmatively consented and not withdrawn that consent and, prior to consenting, a clear and conspicuous statement has been provided satisfying a lengthy list of statutory requirements.

Conclusion

In summary, it is suggested that electronic transactions legislation should be facilitative and technology neutral. It should also be medium neutral, avoiding the creation of new electronic requirements of form and avoiding the temptation to legislate for reliability. However, such legislation has to respect the rights of recipients of electronic records and communications and reconcile the inherent conflict between sender and recipient's rights. Legislation should seek efficient and just solutions to the problems raised by the facilitating electronic form and means. That may require a very different approach to electronic transactions legislation than has been common in many countries to date.

This article is an excerpt from the third edition of Internet Law and Regulation (Sweet and Maxwell, 2002). The author wishes to thank the States of Guernsey for permission to re-use and adapt portions of a report-prepared in 1999-2000 in connection with the island's then proposed electronic transactions legislation.

First published in the April 2002 issue of Computer and Telecommunications Law Review.

[1] A similar situation occurred in the early 1980s regarding the copyright protection of computer programs as literary works. There was no doubt among lawyers expert in the field that computer programs were protected. However, the software industry was not content until the Copyright Act was amended to make this clear.
[2] Hansard, November 29. 1999, col. 46.
[3] Professor Patricia Blumfeld Fry, "Impressions on California's Changes to the Uniform Electronic 'Transactions Act", Electronic Commerce and Law Report, December 22, 1999.
[4] Electronic Transactions Bill 1998, s.3(a)
[5] Electronic Commerce: Building the Legal Framework, March 31, 1998. See also the comments of Laddie J. in Re a debtor (No. 2021 of 1995) [1996] 2 All E.R. 345, at 351b.
[6] May 1937. Cmd. 5449.
[7] Which laid down, inter alia, a requirement of writing as a condition of the enforceability of contracts for the sale of goods of the value of £10 or upwards.
[8] See, e.g. C. Bradford Biddle, “Legislating Market Winners", World Wide Web Journal, Vol. II Issue 3, Summer 1997 (www.w3j.com/ 7/s3.biddle.wrap.html).
[9] The Utah Digital Signature Act 1995 was the first USA state legislation. For surveys of U.S. and international digital and elec­tronic signature legislation from 1997 onwards refer to the Internet Law and Policy Forum Electronic Authentication Working Group (www.ilpf.org/groups/index.htm#authentication).
[10] It should be noted, for instance, that the most recent definition of an electronic signature (in the U.S. UETA and E-SIGN legislation), encompasses electronic signature of a non-electronic document. This differs from the definitions in the E.U. Electronic Signatures Directive and the U.K. Electronic Communications Act 2000, which only encompass electronic signature of an electronic document.
[11] Electronic Signatures in Global and National Commerce Act, Pub. L. No. 106-229.
[12] See, for instance, the presentations at the Joint Keidanren/ Internet Law and Policy Forum Workshop on Electronic Signatures and Authentication held in Tokyo in November 1999, especially those describing the Japanese “Inkan” seal system (www.ilpf.org/events/keidanren/).
[12a] See e.g. Godwin v. Swindon Borough Council, CA, The Inde­pendent, October 19, 2001.
[13] s.14.
[14] The US. E-SIGN legislation contains the most comprehensive attempt so far to address the issues. In the U.K. some of the difficulties involved in facilitating electronic transactions can be seen from the fact that legislation addressing one area alone (commu­nication with shareholders and filing returns at Companies House), the Companies Act 1985 (Electronic Communications) Order 2000, runs to 32 sections and two schedules.
[15] Professor Patricia Blumfeid Fry, "A Preliminary Analysis of Federal and State Electronic Commerce Laws”, Electronic Commerce and Law Report, Vol. 5 No. 7, July 12, 2000.
[16] At the time of writing only the Companies Act 1985 (Electronic Communications) Order 2000 has been made. Others are under consideration, including one permitting electronic conveyancing.

Authors