Queen's Business Law Symposium 1998



John D. Gregory(1)

General Counsel

Policy Branch

Business Policy and Planning Division

Ministry of the Attorney General (Ontario)

The principal paper in this session, "Self-Regulation or Government Intervention? The International Business Alliance and the OECD Ministerial Conference on Electronic Commerce", by Robert Keyes and Eric Iankelovic of the Canadian Council for International Business, relates how many big business enterprises around the world cooperated to influence the agenda and the content of the OECD Ministerial Conference held in Ottawa in October 1998. Business interests, and the paper describing them, generally urged governments to keep hands off electronic commerce so that the private sector could develop it freely, using "self-regulation" to ensure that the market forces were to some extent controlled in the public interest.

It is easy enough to agree with the authors' suggestion that the legal framework for electronic commerce should be "transparent, flexible and technology neutral". Few people suggest anything else, except for some advocacy of specific rules to support the use of public key cryptography to create digital signatures. Certainly the OECD Ministerial Conference(2), the United Nations Commission on International Trade Law(3), and domestic law reform efforts in Canada(4), the United States(5), and elsewhere(6), all subscribe to these principles, expressly or in practice.(7)

However, one is perhaps a shade less confident than Messrs Keyes and Iankelovic that self-regulation always means real regulation, or that it operates in the public interest. Not all market sectors are willing or able to regulate themselves adequately; it requires a certain maturity and sense of enlightened self-interest that are not universal. Much of the economic history of the twentieth century has been devoted to finding a productive balance between the untrammeled interests of business and the needs of the communities in which business operates. The same balancing will be required for electronic commerce.

In favour of a light hand

A number of factors militate in favour of a "light hand" in regulating electronic commerce. Here are a few of them:

Society becomes more comfortable with any technology over time, and part of the comfort is confidence that existing legal rules can handle the challenges that seem unique when the technology is new. We have seen this with the telegraph, the telephone and the fax machine. Between the flexibility of the law and the ability of the technology itself to solve some of the problems, it is often safe to wait and see if apparent problems need new law.(8)

Much law, especially commercial law, aims to ensure that current market practices are legally effective, rather than to change them. It is more descriptive than prescriptive. In electronic commerce, the technology and its implementations are changing so quickly that law reformers have a hard time assigning legal consequences to its current state. By the time proposed rules get through the legislatures, the current state exists no more. Legislation therefore risks irrelevance, at best, or a harmful freezing of technology in the stage contemplated when the legislation was conceived. Few if any law reformers advocate slowing down commercial innovation in this field, and certainly not as a by-product of seeking some other goal.

Because electronic commerce passes over borders so easily, enforcing any rules of law, and particularly ones that business finds restrictive or expensive, is very difficult. Governments do not want to drive legitimate business away. One sees this in the caution generally shown on the question of "taxing the Internet"; no one wants to be the first to tax, because of the fear that business will leave the jurisdiction, only to "enter" again via cyberspace, beyond the effective reach of regulators. Likewise, a more activist regulatory program risks chasing businesses to friendlier jurisdictions. At the limit, one may fear a "race to the bottom", where businesses end up in the most hospitable jurisdiction, the one with the lowest standards. This paper addresses in a later section some reasons why this practice may find its own limits.

The best chance of acceptability in these circumstances goes to rules that have achieved some international consensus. Such consensus is usually achieved only for "high level" statements of pretty general principle, not for detailed regulation.

In favour of active regulation

Set against these reasons are some principles that may promote a more activist notion of government action. For example:

The task of government is broader than simply to promote the growth of or interests of business. In one phrase, the concern is "peace, order and good government" for everyone in the territory governed.

The interests of business are not necessarily or always the public's interest. Clearly the public has an interest in a healthy economy that creates jobs and the wealth that can be shared among residents of the country. However, markets can fail, and government may have to help. Knowing when and why markets have failed is its own challenge.

The principal paper speaks frequently of what "the private sector" wants. It is important to note that the private sector does not consist solely of business, especially big international business of the kinds involved in lobbying the OECD. Consumers are the private sector, and voluntary associations, and charities, and non-governmental organizations, and indeed "citizens" who deal with each other and the state for many reasons and in many relationships that are not commercial. Government action does not always regulate or restrict the private sector; sometimes it helps one part of the private sector in dealings with another. The OECD Ministers heard from labour groups and consumer groups as well as business groups. Even these groupings do not encompass all the interests that might promote legitimate state action.

Many of these arguments apply to any government regulation of business, electronic or not. The context changes and the balance may change, but they do not change so radically that what we have learned before must be set aside.

Options for intervention

Governments have a number of ways of intervening, and a number of places where they may intervene. It may be helpful to think of a couple of fundamental distinctions in possible government action, with different policy and practical considerations in each.

Public or private law?

The first distinction is that between public law and private law matters. The outline of recent law reform initiatives(9) dealt almost exclusively with private law issues. The public law area is the one most likely to create controversy, and the one most likely to be seen as undue interference. Some areas of public law that affect electronic commerce include taxation, as noted earlier; intellectual property, particularly copyright and trade marks; trade law, including technical standards as possible non-tariff barriers to international commerce; privacy; competition; content regulation, whether in the interests of criminal justice (child pornography, hate literature) or cultural promotion (Canadian content, language laws); and equality of access. Ensuring widespread access to the Internet as the tool of electronic commerce is more a social policy than a legal issue, but some states intervene in the e-commerce marketplace by levying charges on service providers, for example, to subsidize access by others.

Private law matters, generally speaking, affect the rights between parties to a transaction rather than the public at large. Such matters are often resoluble by contract between the parties - "private law" in a pure sense. However, law reform is sometimes necessary because not all private law questions are amenable to contract. Not all electronic communications have "another side" with whom to contract; they may be addressed to the world at large, or impracticably large numbers for agreements as to the legal effects of the communications.

Sometimes the parties to a contract are in severely unequal bargaining positions, so their agreement may simply be so unfair to the weaker party that the law will not support it, or that the law must intervene to protect the vulnerable. This concern is of course not unique to electronic commerce, and to some extent it may be handled by the general law of unconscionability. Some jurisdictions have proposed technical standards to private law reform in order to ensure that the weaker contracting party may not be driven to accept an unfair risk.(10)

Sometimes the policy behind a form requirement, such as that a document be in writing or signed, is so strong that private parties are not allowed to opt out of the requirement by agreement. Even law reform efforts sometimes stop before such a policy. Article 4 of the United Nations Model Law on Electronic Commerce(11) does not allow parties to opt out of the standards for electronic documents set out in Chapter II of Part One. The general permission to use electronic documents in the new Illinois Electronic Commerce Security Act of 1998(12) is qualified so it will not apply to an existing rule of law where the general permission is "clearly inconsistent with the manifest intent" of the lawmaking body or repugnant to the context of the same body of law".

Contracting parties are restricted in their ability to tailor private law to their needs where a public element plays a role, most often in a requirement that a document be filed on a public register. The legal effect of the material may depend on filing. Without law reform or at least an administrative action of a public body, the parties will not be able to file their material in electronic form.

Regulation or validation?

Another distinction to keep in mind in evaluating the desirability of government "intervention" is that between intervention to regulate and intervention to validate. This distinction overlaps to some extent, but not completely, the public law/private law divide just discussed. In addition, the division between regulation and validation is not watertight, any more than the line between public and private law. The categories nevertheless seem helpful in understanding the response of the business world to certain kinds of law reform.

The clients may not always make this distinction in the first instance. Lawyers frequently hear the question, "Is it legal?" The question may mean "Is it permitted?", a question about criminal consequences. However, it may also mean "is it enforceable?", a questions about civil consequences. The first variant deals with regulation, the second with validation.

The policy reasons for regulation are not much in doubt, nor do they vary between regulating commerce in general and regulating it in an electronic form. The debate for e-commerce is likely to focus more on the practicability of the regulation, not its intent.

The policy reasons for validating electronic documents used in commerce are fairly clear too: a desire to permit efficient use of technology, maintain competitiveness, extend the reach of one's economic activity, and the like. Sometimes, however, there are reasons not to give complete validity to electronic records. This is what makes law reform more difficult. For example, questions of fairness may arise. Some people should not be forced to accept electronic documents if they do not want them. Sometimes the standards for notices on paper serve an important function that cannot readily be reproduced electronically.

At other times, one seeks to ensure the validity of a public record in which the documents are to be filed. Different security systems may be needed for different records. In Ontario, for example, one has for several years been able to file financing statements under the Personal Property Security Act electronically.(13) These statements are public notice of the existence of a security agreement between a creditor and a debtor, and the order of filing determines priorities among competing creditors when security is being realized or when the debtor becomes insolvent. However, the statements are not the agreements themselves; they are still kept by the parties.

This may be contrasted with the proposed electronic registration of land transfers in Ontario. Under the Land Registration Reform Act(14), the electronic record of title in the public register will constitute the true register, not to be contradicted by any paper document purporting to show something else. In other words, the legal effect of the electronic filing and the resulting electronic register is much more extensive for land registration. As a result, the technical standards for such filing are a good deal more demanding.

These two cases show that a general validation of electronic commercial documents would be inappropriate. The law reformer has to keep in mind the purpose for which the electronic documents will be used and the threats and risks to their proper effectiveness. Most of the law reform efforts described in the early part of this paper aim at private law and promote validity of economic records and do not try to regulate them (though of course setting conditions on how to achieve validity is a kind of regulation: "do it this way and you will have legal effect" is much like saying "you must do it this way".)(15)

Same as or better than paper?

A third point of distinction to keep in mind in evaluating law reform is what we have today, on paper, and what we hope to achieve electronically. In short, we should not overestimate the security, reliability or predictability of our paper documents. A handwritten signature is only an approximate indication of the source of a signed document, and very slight indication at all of its integrity. The paper by Keyes and Iankelovic speaks of the need for a "predictable legal framework", and says that without appropriate harmonized lawmaking, "predictability will be a feature of the past". Some would argue that the current world trading system has insufficient predictability and great uncertainties, as to legal effects, legal enforceability, and legal costs. Nevertheless global trade exists.

All business at all time involves calculating risks and managing them. Electronic commerce will not change that. A lot of electronic commerce happens now, and the amount is growing. Business to business commerce is the bulk of this data flow. Most of the businesses carrying out this activity have lawyers, who may be in the back room with their fingers crossed, but the trade goes on because the business people estimate that the potential profit is greater than the likely loss.

There are many ways of establishing secure economic relations besides legal rules. Law in support of technology is not necessarily the best way to create security. The legal rules themselves may leave much detail to be worked out in particular cases, in part because the speed of technological change does not allow greater precision, as noted earlier. Such new rules do not leave businesses unarmed, or worse off in the electronic age than they were before. Custom, contract and technology will fill the gaps, just as they do today with paper. We are so accustomed to paper that we do not appreciate the assumptions that support its use. As we become accustomed to electronic communications, comfort will grow there too.

Familiar institutions will help businesses acclimatize too. Financial institutions will be the "trusted third party" to many transactions, not in a public key cryptography sense of issuing certificates to support digital signatures, but in providing assurances of payment in dealing with strangers across the world. The world-wide banking system will facilitate electronic commerce. Governments too will play this role, partly as model users of electronic commerce, to help people get used to the new ways, and partly as legal validator, and partly as welcome regulator.

Virtual communities

These thoughts lead to the closing argument of this paper, that much of the future of electronic commerce rests in virtual communities with a manageable framework of relationships to provide the assurance that businesses and their customers will want. Customers - including businesses that are other businesses' customers - will not want to deal with enterprises located in places with the lowest level of legal support. They will take no comfort from a potential partner in a data haven. The "race to the bottom" may not produce many winners.

Virtual communities will rest on a number of supports, such as the voluntary law of contract and a network of "trusted third parties" who can vouch for the solvency of trading partners or the respect of privacy standards(16) by members of the community. Many will find comfort in the voluntary submission to good rules of state law. Businesses will thrive on their "reputation capital", being known as reliable traders because of all of these attributes.

One sees the beginnings of such communities with America On-Line (aol.com), which offers virtual shopping malls and which stands behind the quality of the merchandise offered through its electronic sites. Consumers do not have to know or trust the merchants because they know or trust AOL, just as they deal with well-known merchants or brands in the physical world for the same reasons.(17)

It has been argued that on-line gambling will be a good source of revenue for the reputable state that chooses to host it rather than chase it away. A gaming site that can offer to potential clients a thorough regulatory environment has a competitive advantage, since the clients will have greater assurance that the games are not fixed and that their winnings will actually be paid out to them.(18)

Part of what is needed to create virtual communities is targeted law reform.(19) Part of that law reform will be enabling legislation, and part of it will be regulation. Some of the regulation at least will be welcome to the businesses that know how to profit from its application, by complying with it and advertising their compliance. The reputation of the regulator will enhance the reputation of the business subject to regulation, to the advantage of both.

If this is what the business alliance was asking the OECD ministers for, their pressure can only be welcomed.

[December 1998]

1. The author chairs a working group of the Uniform Law Conference of Canada to create a legal framework for electronic commerce. A Director of the Information Technology Lawyers' Association of Canada (IT.Can), he is also a member of the Canadian delegation to the UNCITRAL working group on electronic commerce. The views expressed here are his own and not necessarily those of his employer or any other organization.

2. The results of the Conference are online.

3. See the Model Law on Electronic Commerce (1996), and reports of the further work on electronic commerce

4. See thePersonal Information Protection and Electronic Documents Act; and the work of the Uniform Law Conference of Canada under Electronic Commerce.

5. See in particular the draft Uniform Electronic Transactions Act

6. See the Australian experts' report and draft legislation and supporting material.

7. For more detail about such efforts, see my companion paper, "Canadian and Multilateral Initiatives in Law Reform", made available at the Symposium.

8. For more on this theme, see my "Solving Legal Issues in Electronic Commerce", forthcoming in (1999) 32 Canadian Business Law Journal Number 1.

9. See footnote 6 above.

10. The Australian experts' report cited in footnote 6 above raises the question of special rules to ensure contracts on standards are fair, and the September 1998 draft of the American Uniform Electronic Transactions Act allocated legal consequences to the use of a "commercially unreasonable security procedure". (Sections 1-109, 1-110. Those provisions have been reworked.) See the work on the UETA as cited above in footnote 5.

11. See footnote 3 above.

12. See Illinois Act, at section 5-115.

13. The general authority for electronic filing in this case is found in the Electronic Registration Act (Ministry of Consumer and Commercial Relations Statutes) 1991, S.O. 1991 c. 44.

14. R.S.O. 1990 c. L.4. as amended by S.O. 1994 c. 27 s 85

15. Sometimes validation laws prescribe in great detail the conditions of validity, and may set up licensing schemes to achieve it. This is the pattern of the Utah Digital Signature Act, Utah Code Annotated ch 46-3-101, 1996 , followed by Singapore in its Electronic Transactions Act of 1998.

16. The "trust-e" certificate for web sites that meet privacy standards is described elsewhere in this symposium. The Better Business Bureau in the United States runs a similar program.

17. AOL's policy is described at the AOL web site.

18. This argument was made by David Post in "Betting in Cyberspace" in the American Lawyer, June 1997, page 96. He has another article on the general theme as well.

19. Some of this theme can be found in a paper by Professor Amelia Boss, of Temple University, given in Montreal in August 1995 to the World Electronic Commerce Institute: "Security: It Ain't Just a Matter of Encryption". Security includes "a discernible legal and social structure that both allows us to define our own rights [and] the rights of others, and gives us the ability to determine the risks that we face and [make] intelligent choices about their distribution."