A narrow definition of the Electronic Commerce reads that an internet transaction is the sale or purchase of goods or services, whether between businesses, households, individuals, governments, and other public or private organizations, conducted over the Internet. The goods and services are ordered over the Internet, but the payment and the ultimate delivery of the good or service may be conducted on or off-line. 1 E-Commerce is an entirely new form of doing business, which ignores international borders of states.
Traditional approach to commerce is yet more popular among the companies and individuals, however recent growth in electronic transactions creates a need for legislation and regulation of such commerce. Regulation of e-commerce faces two major disadvantages, first it involves a fast changes in the scope of e-commerce with changing technologies, and second, its' trans-nationality which leads to the question of which legal system should be applied in the regulation of electronic transactions.
It has been concluded by the conference on e-commerce held in June 1998 by EC Commissioner Bangemann, that regulation on e-commerce should be kept to a minimum as the global nature of this commerce made government regulation impossible anyway: therefore industry self regulation was the way ahead. 2 Nevertheless, the need for regulation is clearly visible as the success of electronic transactions is dependant on the knowledge of legal system controlling them. Non-existence of universal jurisdiction over e-commerce transactions might raise few problems.
Each participant will be forced to gain knowledge of every legal system which concerns e-commerce throughout the world. This will hinder the development of e-commerce. Therefore, different countries and organizations tried to come up with some form of regulation although not a strict one which could constitute slow development of e-commerce. USA has already begun adapting the Uniform Commercial Code, which governs US commercial law. Also, the United Nations produced the law similar to the legislation in the USA for regulating e-commerce; however it is not binding on the states.
EU sees it necessary to regulate the fields of digital signatures, encryption and certificate authorities as well as data protection. However, these regulations don't provide effective means for solving cross border dispute on the regulation of e-commerce. It is evident that a universal system of regulation of e-commerce is needed. Furthermore, such need is approved by all the parties. In the case if there will be no international agreement on e-commerce; agreements between two parties will have to be constantly made, in order to solve the problem of jurisdiction.
Big emphasis must be put upon the regulation in the field of Digital Signatures, Certificate Authorities, Encryption, and Clipper Chip. These areas need binding laws that could secure the use of these technologies. Digital signatures provide the information regarding the sender of electronic document. Thus, the sender's State can be determined. However, the identity of the sender cannot be guaranteed, thus the certificate authority is required. Certificate Authorities (CAs) are TTP's who have been given license to produce digital certificates authenticating digital signatures.
Thus the client must be assured that he can rely on this CA, and that in case of any fraud this CA will cover damages. Recently, digital signatures became one of the main areas of e-commerce. Therefore, legislation regulating the use of this technology has been enacted on a state by state basis. However, an international legislative enactment does not exist to date. Thus far, the EU has been trying to enact directive which would not only bind its members but also include the third parties which would agree to it.
Moreover, some type of development guiding the regulation of digital signatures is evolving globally through various organizations. By these means e-commerce is not banned from its' further development as global form of commerce. Another interesting development in the regulation of e-commerce is the aim of the US Government to police the Clipper Chip. However, gaining the access of communication by the agents of government was seen as harming some civil liberties, such as right to privacy. Hence, such an enactment is still a vulnerable issue. This leads us to another concern.
That is E-privacy and the extent of its regulation. An attempt towards criminalization of the use of an encryption technology to hide a crime was seen in the USA. However, this hasn't been enforced with regards to the fact that the use of particular technology wasn't seen to qualify a criminal act by EPIC. Nonetheless, the first international attempt to establish a legal framework was taken by the OECD in other areas of e-commerce. It covers an area of cryptography and provides its' users with a choice of such method. Noticeably, it includes a provision that it is subjected to an applicable law.
Adequately, this legal framework states that individual privacy rights must be protected in this field by national means. 3 However, major flaws are seen in such enactment whereas the outcome of it is that the access to personal key does not stop the criminal activities as TTP's will be only used by law abiding citizens. Strict regulation of cryptographic products justifies security concerns. However, such legislation would be hardly active as the cryptographic products are easily accessible via Internet which cannot be controlled.
Furthermore, it appears that regulation although being very significant to maintain the security is on the other hand colliding with such internationally recognized human rights as the right to privacy. Such data as confidential business documents, medical records, financial information and other personal details would not be wholly private if strong encryption would not be allowed. Thus the national proposals of the USA and UK are not accepted by OECD which follows the International Treaties regarding these fundamental rights.
However non existence of strong encryption collides with public need of secure transformation of personal data and control of the criminal activities. Another essential need of legislation is on the data protection. Once again the right to personal privacy is protected by various international instruments. However, there is no guarantee that all the countries would use these treaties as guidelines to their actions concerning such data. Common standards for the protection of data within the EU are set by the EU Data Privacy Directive which states that data may not be transmitted out of the EU.
However, the enactment of this directive is left upon member states. Moreover, there is no working mechanism on how to ensure the enforcement of this directive. European Union's attempt to create legislation regulating the protection of data requires international co-operation. That is because the transactions made from EU will not only affect its' Member States but also the third countries including the US. Therefore, the directive which has been influenced by the OECD guidelines is one of the first pieces of legislation to be introduced with the intention of controlling the use of data in the information age.
However, this gives a rise to another problem, which is that if other states would be expected to apply it that would mean that EU is trying to impose its legal standards on these third countries. On the other hand, such an approach seems to be better than having no common standards as such. Taxation and the effective regulation of this process is another major problem in e-commerce. When new technologies are involved in money transfers it becomes easy to avoid taxes. Moreover, it is being argued that presently no taxes should be implied on the e-commerce as that could perpetrate its growth.
Hence, the USA has introduced the Internet Tax Freedom Act, where it expresses strong opinion that no taxation should be implemented on the internet. 4 The same tendency is seen throughout the world with regards towards taxation on the internet. The history of international law shows that it is very hard to convince majority of states to agree to the same terms. This will also be the case with regulating e-commerce. Since the regulation of e-commerce is in a development phase, no standardized clauses can be found. However the nature of such commerce itself demonstrates the urgent need for some globally standardized regulations.