E-commerce law to affect us all

Electronic commerce, which can be loosely defined as buying and selling goods and services online, is supposed to do great things…

Electronic commerce, which can be loosely defined as buying and selling goods and services online, is supposed to do great things for Ireland. Estimates of its potential value vary, but most analysts predict a prosperous future.

Forrester Research has suggested that Ireland's electronic marketplace may be worth $620 million by 2001. There appears to be a consensus that it is essential for Ireland to develop a significant presence in this burgeoning market. The president of Dublin City University, for instance, has suggested that the current budget surplus should be spent on developing e-commerce.

Success will depend on a range of factors, such as low cost Internet access, the presence of technologically astute entrepreneurs willing to take a risk and the existence of financiers willing to back them. Another factor which may be vital is the presence of an appropriate regulatory regime. To this end the Department of Public Enterprise has published outline proposals for legislation on electronic signatures and electronic contracts (www.ecommercegov.ie).

A major concern for any online business is that it is difficult to verify the identity of the person with whom business is being done over the Internet. A few years ago, a Dublin schoolboy logged onto the website of a major chocolate manufacturer, ordered a large amount of chocolate and "paid" for it all with the credit card number of a South American individual. Although the schoolboy did get his chocolate, he also got a visit from gardai.

READ MORE

To deal with this issue, the ecommerce proposal provides recognition for certification services. A company offering such services will issue electronic certificates that will verify an individual's identity. The certifying company will be liable for damages if it gets it wrong, but those who fraudulently use such certificates will be guilty of an offence.

Another concern for online businesses is that contracts made online will not be valid. These concerns may be groundless, as contract law has adapted in the past to new ways of doing business. Contracts made via fax machine have been held to be valid (Entores v Miles) and on this basis it is hard to believe that the courts would not uphold the validity of contracts made electronically.

However, this is not certain and the courts will not be able to give that certainty until a court action is heard which questions the validity of electronic contracts. Even if such an action were initiated in the morning it might not come to for trial for two or three years - a very long time in the rapidly developing world of e-commerce.

To remove this uncertainty, the departmental proposal contains extensive provisions relating to the legal recognition by the courts of electronic contracts. Essentially, it provides that electronic writing, electronic contracts and electronic signatures are not to be denied legal effect, validity, enforceability or admissibility in legal proceedings solely on the grounds that they are in electronic form. This provision is very similar to that found in the EU's Proposed Directive on Legal Aspects of Electronic Commerce and its Proposed Directive on Electronic Signatures, so in this regard the Irish Government may simply be in advance of Europe.

To be secure and trustworthy, electronic certificates must rely on encryption. While encryption ensures an individual's privacy, if it is used by criminals it will mean that the interception of communications will no longer be a viable technique for Garda investigations. Unlike the British Electronic Communications Bill, the Irish proposal does not explicitly limit the use of encryption by imposing a requirement that certificate providers retain the means to open encrypted communications if the Garda demands it.

That is not to say that such a requirement could not be imposed. The most obvious way for it to be imposed would be through an EU directive, which the Government would have no choice but to implement unless it got a derogation. Alternatively, under section 16.3 of the Irish proposal, the minister of the day could install such a requirement as one of the conditions for the providers of electronic certificates.

Regardless of this, under section 20 a district court judge will be able to grant a warrant which will allow a garda to enter any place or vehicle and to search for and examine any material found there. Anybody who by act or omission impedes a Garda officer in this search or examination, perhaps by refusing to hand over an encryption key, will commit an offence and will be liable to a fine of up to £10,000 on summary conviction

One interesting aspect of the proposal is section 18, which contains provisions to allow the Government to regulate the allocation and registration of Internet domain names.

In framing legislation it must be remembered that the concept of ecommerce is developing very rapidly. Until about six months ago the accepted model for e-commerce was that of amazon.com which suggested that consumers would no longer physically go to shops. They would buy goods online at websites which might be in Navan, Nairobi or Naples. Consumers would not care as long as the goods were cheap and they could be delivered.

This model contains practical flaws and it is now being suggested that consumers will continue to shop at their local shopping centres, but that they will use the Internet to check whether goods are in stock, to order goods or to compare rivals' prices. It is impossible to predict just how e-commerce will develop in practice over the next few years. What is essential is that, as this development occurs, legislation should be amended to reflect it.

The Department of Public Enterprise will accept comments on its proposals until October and anybody who thinks they may have an interest in e-commerce should take the chance to be heard. Whatever they currently believe, most people in Ireland will probably discover that they have an interest in e-commerce in the next few years. Certainly every business will. As Andy Grove of Intel recently suggested, in five years' time all companies will be Internet companies or they will not be companies at all.

Denis Kelleher (www.ncirl.ie/itlaw) is a practising barrister and co-author with Karen Murray BL of Information Technology Law in Ireland (Butterworths, Dublin) and IT Law in the European Union (Sweet and Maxwell, London).