An E-Commerce Law For The World: The Model Electronic Transactions Act: The Model Electronic Transactions Act

By Stephen Errol Blythe

An E-Commerce Law For the World: The Model Electronic Transactions Act contains summaries of E-commerce laws of the United Nations, the European Union, and more than 120 countries on six continents. At the end, the best attributes of those laws are incorporated into a model E-commerce statute for consideration for enactment by lawmakers all over the world. This is Volume 2 of the E-COMMERCE LAW TRILOGY. Volume 1, E-Commerce Law Around the World, was released in 2011; and Volume 3, Certification Authority Law Around the World, is scheduled for release in 2013. All of them will become available for purchase at Xlibris.com, Amazon.com, BarnesAndNoble.com, law bookstores and other outlets.

• Language: English
• Publisher: Xlibris US
• Release date: Mar 9, 2012
• ISBN: 9781469165660

Stephen Errol Blythe

Stephen Errol Blythe is Professor of Accounting & Business Law in the College of Business Administration, Abu Dhabi University, Abu Dhabi, United Arab Emirates. He earned a Ph.D. in Business Administration at the University of Arkansas in 1979 and a Ph.D. in Computer Law at The University of Hong Kong in 2010. He has published 34 computer law articles in distinguished journals such as: Chicago-Kent Journal of Intellectual Property, Columbia Journal of East European Law, European Journal of Law and Economics, Houston Journal of International Law, North Carolina Journal of Law and Technology, Northwestern Journal of International Law and Business, Syracuse Journal of International Law and Commerce, and Tulane Journal of Technology and Intellectual Property. In the 1980s, he practiced law solo in Houston, Texas representing numerous plaintiff-employees in litigation against defendant-employers. In the 1990s, he was affiliated with the law firm of Cheek, Cheek & Cheek in Oklahoma City and represented numerous defendant-insurance companies in litigation. He has traveled to more than 50 countries on 6 continents. Dr. Blythe may be contacted at: ecommercelaw@hotmail.com.

Book preview

Copyright © 2012 by Stephen Errol Blythe, Ph.D., J.D., Ph.D.

All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without permission in writing from the copyright owner.

This book was printed in the United States of America.

To order additional copies of this book, contact:

Xlibris Corporation

1-888-795-4274

www.Xlibris.com

Orders@Xlibris.com

89194

CONTENTS

FOREWORD

CHAPTER 1:

THE RESEARCH PROBLEM AND

METHODOLOGY OF THIS STUDY

CHAPTER 2:

A CONCISE LOOK AT

E-COMMERCE LAW

AROUND THE WORLD

CHAPTER 3:

A COMPARISON OF THE WORLD’S E-COMMERCE LAWS AND ADVICE TO LAWMAKERS REGARDING THE DRAFTING OF AN ELECTRONIC TRANSACTIONS LAW

CHAPTER 4:

THE MODEL ELECTRONIC

TRANSACTIONS ACT

CHAPTER 5: SUMMARY AND CONCLUSIONS

APPENDIX 1:

FOREWORD

This is intended to be a handy reference book for legal practitioners, legal scholars, E-commerce buyers and sellers, and lawmakers. Chapter 3 contains a list of the most desirable attributes of a model E-commerce law. The Model Electronic Transactions Act—a comprehensive model E-commerce statute written for consideration for enactment all over the world—is presented in Chapter 4. The author has striven to provide up-to-date information. However, E-commerce law continues to evolve quickly. If erroneous information is detected, kindly inform the author by E-mail <ecommercelaw@hotmail.com> so that it can be corrected.

This book is Volume 2 of the E-COMMERCE LAW TRILOGY. Volume 1 of the TRILOGY, E-Commerce Law Around the World, was released in 2011. Volume 3, expected to be released in 2013, will be entitled Certification Authority Law Around the World. All three volumes will become available for purchase at Xlibris.com, Amazon.com, BarnesAndNoble.com, law bookstores, and other outlets.

Dr. Felix Chan, Associate Dean of the Faculty of Law at The University of Hong Kong, deserves special praise for his inspiration and encouragement during the five years of research which culminated in my Ph.D. dissertation and the TRILOGY.

Every great city must have a great university and Abu Dhabi University (ADU) is the great university of Abu Dhabi. I am grateful to several administrators at ADU for their support during the writing of the TRILOGY: Dr. Nabil Ibrahim, Chancellor; Dr. James E. Mackin, Provost; Dr. Jacob Chacko, Dean of the College of Business Administration; and Dr. Sherine Farouk Abdul All, Chairperson of the Department of Accounting.

Special recognition is given to: my mother, Kathelene Stephens Blythe, an avid book reader with a sharp mind and a cheerful personality at the age of 99; and to my son, Attorney at Law Adam Alexander Blythe and his fiancée, Elaine Lee, two very special people who are supremely blessed to have found each other.

I must acknowledge the critical role of my wife, Siqin Liu. She continually encouraged, supported, assisted and (sometimes when it was necessary) prodded me to complete this project. She was a cheerful trouper who willingly accepted the financial sacrifice which we incurred during my one-year residency at The University of Hong Kong Faculty of Law during 2005-2006. The TRILOGY is dedicated to her.

Sincerely yours,

Stephen Errol Blythe

Abu Dhabi, United Arab Emirates

2 February 2012

CHAPTER 1:

THE RESEARCH PROBLEM AND

METHODOLOGY OF THIS STUDY

THE RESEARCH PROBLEM: FORMULATION

OF A WORLD THEORY OF E-COMMERCE LAW

There is a need for a new world theory of E-commerce law. The E-commerce laws of the world suffer from a lack of uniformity, an unfortunate situation since E-commerce transactions are often carried out by citizens of different nations. Besides being dissimilar, the world’s E-commerce laws have other flaws. They need to be studied, their positive and negative attributes need to be recorded, and a blueprint for uniformity needs to be developed incorporating the positive aspects while discarding the negative ones. The purpose of this study is to develop that blueprint.

THE TERM, E-COMMERCE LAW,

IS USED EXPANSIVELY IN THIS BOOK.

The term, electronic commerce law (E-commerce law), is used expansively in this book, to include: electronic signature law; certification authority law; electronic contract law; electronic carriage contract law; consumer protections in electronic transactions; electronic government law; criminal and civil liability for computer-related offenses; computer courts; alternate dispute resolution for computer-related offenses; computer information privacy law; domain name registration law; legal liability of intermediaries; law of electronic evidence; and other computer-related law.

THE TWO RESEARCH METHODS

USED IN THIS STUDY

This study will employ two methods of research: (1) Review of the Literature; and (2) Factor Analysis.

1. Review of the Literature

The researcher will review E-Commerce Law (as broadly defined, above) of the following 122 jurisdictions:

[**27 members of European Union; *3 official candidates for membership in E.U.]

Afghanistan

Alabama, State of (U.S.A.)

Antigua and Barbuda

Argentina

Armenia

Australia

Austria**

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belgium**

Belize

Bermuda

Bhutan

Brazil

Brunei Darussala

Bulgaria**

Cambodia

Canada

Cayman Islands

California, State of (U.S.A.)

China

Colombia

Croatia*

Cyprus**

Czech Republic**

Denmark**

Dominica

Dominican Republic

Dubai, Emirate of (United Arab Emirates)

Egypt

Estonia**

European Union

Finland**

Florida, State of (U.S.A.)

France**

Georgia, State of (U.S.A.)

Germany**

Gibraltar

Greece**

Guangdong, Province of (China)

Guyana

Hainan, Province of (China)

Hong Kong S.A.R. (China)

Hungary**

Iceland

Illinois, State of (U.S.A.)

India

Indonesia

Iran

Ireland**

Isle of Man

Israel

Italy**

Jamaica

Jersey

Japan

Jordan

Kenya

Korea, South

Latvia**

Liechtenstein

Lithuania**

Luxembourg**

Macedonia*

Malaysia

Malta**

Mauritius

Mexico

Minnesota, State of (U.S.A.)

Mongolia

Montenegro

Myanmar

Nepal

Netherlands**

Netherlands Antilles

New York, State of (U.S.A.)

New Zealand

Norway

Ohio, State of (U.S.A.)

Oman

Organization of Eastern Caribbean States

Pakistan

Panama

Peru

Philippines

Poland**

Portugal**

Romania**

Russia

Saskatchewan, Province of (Canada)

Seychelles

Shanghai, City of (China)

Singapore

Slovakia**

Slovenia**

South Africa

South Carolina, State of (U.S.A.)

Spain**

Sri Lanka

Sweden**

Switzerland

Taiwan (China)

Tanzania

Tennessee, State of (U.S.A.)

Thailand

Tonga

Trinidad and Tobago

Tunisia

Turkey*

Uganda

United Arab Emirates

United Kingdom**

United Nations

United States of America

Ukraine

Vanuatu

Venezuela

Vietnam

Washington, State of (U.S.A.)

2. Factor Analysis

The researcher will compare and analyze the 122 jurisdictions’ E-Commerce Laws according to these and other factors:

a. General Influences of Other Laws: U.N. Law; E.U. Directives; and U.S. Law.

b. Degree of Technological Neutrality vs. Technological Specificity: Forms of ES allowed, and forms prohibited; Forms favored and disfavored; And Categorization of the ES Law as first, second or third generation.

c. Admissibility of E-Documents and E-Signatures in Court Proceedings, and exceptions;

d. Recognition of an E-Document to satisfy a statutory requirement for: a writing; retention; submission of an original document; submission of a notarized document; and submission of a certified copy of a document.

e. Recognition of an E-Signature to satisfy a statutory requirement for a document to be signed in writing.

f. Regulation of Certification Authorities (CA):

i. The government agency regulating CA’s

ii. Compulsory vs. Voluntary licensing of CA’s;

iii. Advantages of licensed status to subscribers

iv. Requirements to obtain CA license

v. Whether the government is also allowed to be a CA

vi. Issuance of CA Regulations

vii. CA’s Certification Practice Statement (CPS)?

viii. Periodic reports filed by, and periodic audits of, CA’s

ix. Criteria for suspension of CA’s license

x. Criteria for revocation of CA’s license

xi. Requirements in application for a Certificate by subscriber

xii. Information required to be included in the Certificate

xiii. Certificates’ limitations regarding amount and type of transaction

xiv. Rights and Responsibilities of CA’s, Subscribers and Relying Third Parties

xv. Criteria for suspension or revocation of Certificate

xvi. Requirements for CA desiring to go out of business

xvii. Archival of documents by CA

xviii. Reciprocal Recognition of Foreign CA’s and Foreign-Issued Certificates.

g. E-Contract Rules

h. Criminal Crimes, Computer Civil Violations, and Penalties

i. Criminal and Civil Justice for Computer Crimes and Civil Violations.

j. E-Government

k. Consumer Protections for E-Commerce Parties.

l. Duty to Maintain Confidentiality of Information in Digital Form

m. Internet Service Providers

n. Regulation of Domain Names

o. Exclusions from Coverage of E-Commerce Laws

A FACTOR ANALYSIS TOOL: HYPOTHESIS TESTING

Hypothesis testing is a decision-making process for evaluating assertions pertinent to a population. To undertake hypothesis testing, the researcher: (1) defines the population being studied; (2) states the null hypotheses to be explored; (3) collects a sample from the population and gleans the relevant data contained therein; (4) analyzes the data and uses it as the basis for acceptance or rejection of the null hypotheses; and (5) draws conclusions relating to the population.¹

A hypothesis is a conjecture about a population parameter. The conjecture may or may not be true. In each situation being researched, there are two types of hypotheses: (1) The Null Hypothesis states there is no difference between a parameter and a specific value, or there is no difference between two parameters; and (2) the Alternative Hypothesis states there is a difference between a parameter and a specific value, or there is a difference between two parameters.² Despite the fact that the researcher will only collect information from a sample of the population, the Null Hypothesis is expressed in terms of the population. A decision as to whether to accept or reject a Null Hypothesis is made after analysis of the data from a sample of the population. The sample data are used to make inferences about the population studied.³ The Null Hypothesis indicates there is no change or experimental effect; the Alternative Hypothesis indicates the presence of change or experimental effect.⁴ The Alternative Hypothesis will be accepted if the Null Hypothesis is rejected.⁵ However, the Null Hypothesis represents the status quo and is not rejected unless there is convincing sample evidence that it is false.⁶ The Null Hypothesis is a default position and will be accepted in the absence of compelling evidence to the contrary.

FACTOR ANALYSIS OF THE E-COMMERCE

STATUTES IN THE 122 JURISDICTIONS:

STATEMENT OF NULL HYPOTHESES

The Null Hypotheses to be tested by the Factor Analysis follow.

There are no significant overall differences among the 122 jurisdiction’s E-commerce laws in terms of:

1. General Influences of Other Laws: U.N. Model Laws, E.U. Directives, and U.S. Law.

2. Degree of Technological Neutrality vs. Technological Specificity: types of E-signatures allowed/prohibited (or favored/disfavored) and Generation of E-signature law.

3. Degree of Admissibility of E-Documents and E-signatures in court proceedings.

4. Their acceptance of an E-document as compliance with a statutory requirement for: a writing; retention; originality; notarization; and certified copy.

5. Their acceptance of an E-signature as compliance with a statutory requirement for a written handwritten signature.

6. Whether the PKI system must be open (one certificate for any and all third parties) or closed (certificate may be used only for a predetermined party or parties).

7. Whether a Certification Authority is required to be licensed.

8. The requirements to obtain a Certification Authority’s license.

9. Whether the government’s postal service is licensed as a Certification Authority.

10. Whether Certification Authority Regulations (e.g., the Hong Kong Code of Practice) have been issued in order to provide more detailed regulatory requirements.

11. Whether a Certification Authority is required to issue a Certification Practice Statement (CPS).

12. Whether Certification Authorities are required to submit periodic reports to the regulator.

13. Whether Certification Authorities are required to undergo periodic on-site inspections by the regulator.

14. The criteria for suspension or revocation of a Certification Authority’s license.

15. The requirements to be submitted by a prospective subscriber in an application for a certificate.

16. The information required to be included in the certificate.

17. Whether a certificate may contain limitations of the Certification Authority’s liability based upon amount of a transaction or purpose of use.

18. The liability of the Certification Authority, the liability of the subscriber, and the liability of relying third parties.

19. The criteria required for a Certification Authority’s suspension or revocation of a certificate.

20. The requirements for a Certification Authority desiring to go out of business.

21. The retention requirements of a Certification Authority.

22. Reciprocal recognition of foreign Certification Authorities and foreign-issued certificates.

23. Long arm jurisdiction over foreign parties.

24. Electronic contract rules.

25. Electronic carriage contract rules.

26. Consumer Protections in E-commerce.

27. Criminal Offenses and Penalties.

28. Specialized Computer Courts.

29. E-Government.

30. Protections relating to disclosure of personal information.

31. Exclusions from Coverage.

The results of the Hypothesis Testing will be presented in Chapter 3.

CREATION OF A NEW WORLD

THEORY OF E-COMMERCE LAW:

THE MODEL ELECTRONIC TRANSACTIONS ACT

Based on the Review of the Literature and the Factor Analysis, the researcher will evaluate the 122 jurisdictions’ E-Commerce Law and will earmark its most positive and negative aspects. Next, the researcher will generate a new world theory: the Model Electronic Transactions Act. The earmarked positive aspects and innovative new ideas will be incorporated in the Model Act; the earmarked negative aspects will be discarded and not included in the Model Act. The Model Act will be a comprehensive statute containing Electronic Transactions Law, Electronic Signature Law, Computer Crimes Law, Electronic Government Law, and other related E-commerce laws. The Model Electronic Transactions Act—an E-commerce law for the world—will be presented in Chapter 4.

Chapter 1 Endnotes

¹ Allan G. Bluman, ELEMENTARY STATISTICS: A STEP-BY-STEP APPROACH (New York USA: McGraw-Hill Higher Education, Inc., Sixth Edition, 2007), pp. 392.

² Id. at 393.

³ David M. Levine, David F. Stephan, Timothy Krehbiel and Mark L. Berenson, STATISTICS FOR MANAGERS USING MICROSOFT EXCEL (Upper Saddle River, New Jersey USA: Prentice Hall, Inc., Fifth Edition, 2008), p. 329.

⁴ Robert L. Mason, Richard F. Gust and James L. Hess, STATISTICAL DESIGN AND ANALYSIS OF EXPERIMENTS WITH APPLICATIONS TO ENGINEERING AND SCIENCE (Hoboken, New Jersey USA: John Wiley & Sons, Inc., Second Edition, 2003), p. 52.

⁵ William Mendenhall and Terry Sincich, STATISTICS FOR ENGINEERING AND THE SCIENCES (Upper Saddle River, New Jersey USA: Prentice Hall, Inc., Fifth Edition, 2007), p. 337.

⁶ Bruce L. Bowerman, Richard T. O’Connell, J.B. Orris and Dawn C. Porter, ESSENTIALS OF BUSINESS STATISTICS (New York USA: Mc-Graw-Hill/Irwin, Second Edition, 2008), p. 311.

CHAPTER 2:

A CONCISE LOOK AT

E-COMMERCE LAW

AROUND THE WORLD

This chapter contains concise summaries of E-commerce statutes and regulations of the United Nations, the European Union, and more than 120 countries on six continents. For an in-depth analysis of these laws, refer to Volume 1 of the E-COMMERCE LAW TRILOGY, E-Commerce Law Around The World.⁷

UNITED NATIONS

Model Law on Electronic Commerce

The Model Law on Electronic Commerce (MLEC)⁸ was drafted by the United Nations in 1996 in order to provide a uniform model framework for nations to use as they write their E-commerce statutes. It has had a profound impact on the evolution of international E-commerce law in the following areas: definitions; variation by agreement; legal recognition and admissibility of the electronic form; incorporation by reference in E-contracts; use of the electronic form to comply with statutory requirements for a writing, a signature, an original document and retention of a document; and E-contract rules pertinent to formation and validity, attribution, acknowledgement of receipt, time/place of transmission/reception, and carriage contracts. However, the MLEC is only a framework and nations must supplement it with detailed rules and regulations to achieve its implementation. One of the MLEC’s notable weaknesses is the omission of consumer protections; nations adopting the model statute should consider enactment of additional provisions to achieve those protections.

Model Law on Electronic Signatures

The Model Law on Electronic Signatures (MLES)⁹ was drafted by the United Nations in 2001 in order to provide a uniform model framework for nations to use as they write their E-signature statutes. It has had a profound impact on the evolution of international E-signature law in the following areas: definitions; variation by agreement; use of the electronic form to comply with statutory requirements for a handwritten a signature; conduct of the signatory; conduct of the certification service provider, including trustworthiness factors; conduct of the relying party; and legal recognition of foreign certificates and foreign E-signatures. However, the MLES is only a framework and nations must supplement it with detailed rules and regulations to achieve its implementation. This need for additional implementation rules is a weakness of the MLES.

UNITED STATES OF AMERICA

Federal Law

Uniform Electronic Transactions Act

The Uniform Electronic Transactions Act (UETA)¹⁰ was drafted as a model statute by the U.S. National Conference of Commissioners on Uniform State Laws. The statute’s most noteworthy provisions are: broad legal recognition of the electronic form; technological neutrality; contract rules pertinent to electronic agents; the electronic mailbox rule; and the U.C.C.-based rules relating to transferable records. Prominent weaknesses of UETA are its list of ordinary categories of exclusions from coverage and its failure to include regulatory rules for Certification Authorities.

Electronic Signatures in Global and National Commerce Act

The Electronic Signatures in Global and National Commerce Act (E-Sign)¹¹ was enacted at the U.S. federal level in an attempt to attain some degree of uniformity in computer law among the fifty states. If a state has enacted UETA in its entirety, UETA will not be preempted by E-Sign. Perhaps the statute’s most positive attribute is its consumer notice provisions. Consumer notices may be made by an E-seller via E-mail if the buyer has consented to the use of this medium. In contrast, UETA contains no consumer protections whatsoever. However, the consumer protections of E-Sign remain deficient because they do not provide an opportunity for an E-buyer to opt out of an E-contract within a reasonable time after it has been consummated.

State Law

The statutes of the U.S. jurisdictions may be categorized according to the generation of E-signature law that each has adopted:

Category 1 consists of the one state that currently has a first-generation E-signature law: Washington.¹² The only type of E-signature that it recognizes is the digital signature.

Category 2 consists of the jurisdictions that have adopted a second-generation E-signature law: forty-five states, two territories and the District of Columbia. They are: Alaska,¹³ Arizona,¹⁴ Arkansas,¹⁵ California,¹⁶ Colorado,¹⁷ Connecticut,¹⁸ Delaware,¹⁹ District of Columbia,²⁰ Florida,²¹ Hawaii,²² Idaho,²³ Indiana,²⁴ Iowa,²⁵ Kansas,²⁶ Kentucky,²⁷ Louisiana,²⁸ Maine,²⁹ Maryland,³⁰ Massachusetts,³¹ Michigan,³² Minnesota,³³ Mississippi,³⁴ Missouri,³⁵ Montana,³⁶ Nebraska,³⁷ Nevada,³⁸ New Hampshire,³⁹ New Jersey,⁴⁰ New Mexico,⁴¹ New York,⁴² North Carolina,⁴³ North Dakota,⁴⁴Oklahoma,⁴⁵ Oregon,⁴⁶ Pennsylvania,⁴⁷ Puerto Rico,⁴⁸ Rhode Island,⁴⁹ South Carolina,⁵⁰ South Dakota,⁵¹ Tennessee,⁵² Texas,⁵³ Utah,⁵⁴ Vermont,⁵⁵ Virgin Islands, Virginia,⁵⁶ West Virginia,⁵⁷ Wisconsin,⁵⁸ and Wyoming.⁵⁹ Most of the jurisdictions in this category have adopted the Uniform Electronic Transactions Act in its entirety or with amendments. These jurisdictions recognize virtually all types of E-signatures and give them equal legal status, allow for technological neutrality, and do not have any evidentiary presumption in favor of the digital signature.

Category 3 consists of the four states that have adopted a third-generation E-signature law. Three of them (Alabama,⁶⁰ Illinois⁶¹ and Ohio⁶²) have enacted a modified version of UETA that grants a preference for the digital signature over other types of E-signatures. The other state (Georgia⁶³) has not enacted UETA, but has enacted another third-generation statute.

OTHER NORTH AMERICAN JURISDICTIONS

Bahamas

The ECTA⁶⁴ recognizes the legal validity of the electronic form as evidence in court and in contracting. E-contract rules are provided in relation to: attribution; acknowledgement of receipt; and time/place of transmission/reception. However, the E-commerce buyer is not protected, except for the fact that consumer notice requirements already established in other statutes may be given in electronic form. The electronic form may be used to fulfill statutory requirements pertinent to: writing; signature; notarization; delivery; originality; and retention; these are remarkable. The statute contains a second-generation E-signature law; all types of E-signatures are recognized. An E-signature is defined, but there is no definition of a digital signature and no mention is made of Certification Authorities.

Belize

The ETA⁶⁵ includes a second-generation E-signature law; all types of E-signatures are recognized, and no preference is given to any of them; accordingly, no rules relating to Certification Authorities are given because that could be construed as implicit preference for the digital signature. Fulfillment of the following statutory requirements may be fulfilled with the electronic form: writing; prescribed form; signature; original document; and retention of document. E-contracts are recognized; special rules have been developed for automated E-contracts, and a party may avoid a contract if he was dealing with an automated computer system and: was not given an opportunity to correct an error; promptly informed the other party; and followed instructions relating to any consideration received. E-commerce buyers receive basic consumer protections. Government departments may elect to send or receive E-documents and E-payments. The EEA⁶⁶ provides for a general presumption of admissibility of electronic evidence, and updates the rules regarding authentication and best evidence in view of the electronic form.

Bermuda

The ETA⁶⁷ includes a third-generation E-signature law. A voluntarily licensed CSP is referred to as authorized, and a qualified certificate is referred to as accredited. The distinguished provisions of the statute include: a statutory requirement for a handwritten signature may be met with an E-document, without an E-signature; any method may be used to prove attribution, including the efficacy of the security method used; creation of a register of data processors/controllers who voluntarily subscribe to high standards in personal data processing; empowerment to make regulations pertinent to encryption; creation of a code of conduct for ISP’s; and a listing of the specific amendments to be made to other statutes.

Canada: Federal

The UECA’s⁶⁸ remarkable provisions include: electronic compliance with statutory requirements; an extensive E-government section; E-agent provisions; and E-carriage contract provisions. The UECA is weakened by its: failure to mention certification authorities; list of exclusions from coverage; and omitted E-contract rules for attribution and acknowledgement of receipt.

PIPEDA⁶⁹ is remarkable overall because it establishes parameters for confidentiality of information in electronic form for both the private sector and the federal government. Its Model Code for Protection of Personal Information in the private sector is especially noteworthy, although it is somewhat weakened by a number of exceptions. At the federal level, the statute creates an exemplary framework for the electronic form to be used in the accomplishment of a variety of tasks by the government and the citizen who is interacting with the government.

Canada: Saskatchewan Province

The EIDA⁷⁰ was enacted in response to the creation of Canada’s UECA. Accordingly, it is very similar to the Model Law and its most exemplary aspects parallel those of the Model Law: electronic compliance with statutory requirements, electronic agents, and E-government. In the following respects, the two laws are substantially identical: (1) legal recognition of the enforceability of E-documents; (2) utilization of an E-document to satisfy a statutory requirement for a writing, retention, or production of a copy; (3) the mere fact that E-documents are allowed to be used in some situations does not automatically override other statutory provisions mandating a particular form of posting, display or delivery of the document; (4) general rules of E-commerce contracts (i.e., legal recognition, offer, acceptance, definition of electronic agents and errors associated with them, and time and place that E-documents are assumed to have been sent and received, and the absence of attribution and acknowledgement rules); and (5) and E-carriage contract rules. However, the Model Law and the EIDA differ in these respects: (1) their applicability to: negotiable instruments, the Health Care Directives Act, and potential subsequent exclusions to be allowed under the EIDA’s implementation regulations (which would have no bearing on the Model Law); (2) rules pertaining to a legal requirement to convey information or documents to another person (i.e., governmental consent, technology standards, acknowledgement rules, whether posting on the internet complies with the requirement, and whether consent by the other person to use of the electronic form is required); (3) rules governing utilization of the electronic form to comply with a statutory requirement for: production of information to the government in a specific non-electronic form; production of an original paper document to the government; retention of an original paper document; or a handwritten signature to be presented to the government; and (4) rules pertinent to a citizen’s filing of E-documents directly to a governmental database. The Saskatchewan Evidence Act⁷¹ governs the admissibility of electronic evidence. Overall, the Act is useful as a model for consideration for adoption by other jurisdictions. In order to gain admission, a party must first be able to prove that the evidence is authentic. If it is necessary to show that an electronic document is the best evidence, a party must be able to prove the reliability and security of the computer information system that recorded and stored it.

Cayman Islands

The most exemplary provisions of the ETL⁷² are: electronic compliance with a statutory requirement for a notarized handwritten signature; electronic compliance with a statutory requirement for a document or information to be presented for public inspection; the reliability requirements of an E-signature; the E-contract rule concerning the effect of a change or an error; the requirement for a CA to disclose a subscriber’s personal information to law enforcement authorities if requested to do so; the four categories of personal information not required to be kept confidential by a CA; the internet service provider regulations; and creation of the E-Business Advisory Board.

Dominica

The ETA⁷³ was enacted in 2005 and contains a second-generation E-signature law. An E-signature is defined, but no mention is made of a digital signature or a Certification Authority. E-documents and E-signatures are legally valid (regardless of whether made domestically or in a foreign country) and they may be used to comply with statutory requirements pertaining to: writing; prescribed form; signature; originality; and retention. E-contracts are just as valid as paper contracts if all parties agree to their use. One of the most remarkable provisions is that the electronic form can be used to comply with a statutory requirement for delivery of information to another person.

Dominican Republic

The ECL⁷⁴ contains a first-generation E-signature law; the only type of electronic signature recognized is the digital signature. A compulsory licensing system has been established for Certification Authorities; they are referred to as Certifying Entities. Detailed regulations (promulgated by the DTI) are contained in the ECR.⁷⁵ Notable aspects of the ECL include: statutory retention requirements may be met with either an E-document or E-message, and four requirements are necessary for compliance; notice requirements for CE’s and subscribers in termination of their contract; blanket liability of CE’s; and mandatory E-government.

Jamaica

The ETA⁷⁶ is a third-generation E-signature law; all types of E-signatures are accepted, but preference is given the digital signature (which is referred to as an encrypted signature). The most distinguished sections of the statute pertain to: the very comprehensive section pertaining to the use of the electronic form to satisfy statutory requirements; legal liability of the CSP’s, subscribers and relying third parties; and the extensive provisions pertinent to the effect of an error or omission occurring during an E-commerce communiqué.

Mexico

The E-Commerce Regulations⁷⁷ are generally patterned after the United Nations Model Law on E-Commerce, although there are differences. The following federal laws have also been modified: (1) Civil Code (e.g., legal recognition of an E-contract and electronic notarization); (2) Code of Civil Procedure (e.g., admissibility of electronic evidence); (3) Commerce Code (e.g., maintenance of E-contract information in a business firm’s archives); and (4) Consumer Protection Law (e.g., maintenance of confidentiality of information in electronic communiqués, imposition of consumer protections on E-sellers, and control of unsolicited E-mail advertisements.

Panama

An E-Commerce Law⁷⁸ has been enacted. However, the most distinguished component of the nation’s digital advances is its comprehensive online government procurement program, E-Compras.⁷⁹ This program is designed to improve the efficiency and effectiveness of placement of orders by government agencies and the monitoring of them until they are received. This program can be used by all interested parties: government departments, suppliers, and the general public. A supplier may use E-Compras to submit a proposed bid to the government regarding a future sale of goods.

THE EUROPEAN UNION

AND ITS MEMBER STATES

European Union

The E-Signature Directive⁸⁰ established a common framework for the development of E-signature law in the EU, and thereby promotes the legal recognition of E-signatures and their greater use. Only an advanced E-signature (supported with a qualified certificate and created by a secure private key) is considered to be fully legally equivalent to a handwritten signature, but all E-signatures are potentially admissible into evidence in court. CSP’s are not mandated to be licensed or to be accredited, but all CSP’s who issue qualified certificates must be regulated and must meet more stringent qualifications than CSP’s who do not issue qualified certificates. CSP’s bear potential legal liability for: the information contained in a qualified certificate; ensuring that the subscriber is in possession of the private key; ensuring that the private key and the public key have an interactive relationship; and maintaining the confidentiality of the subscriber’s private information. Three grounds are provided for the recognition of a qualified certificate issued by a CSP in a non-EU nation. E-government is encouraged and a committee was established to promulgate standards for E-signature products.

The goal of the E-Commerce Directive (ECD) ⁸¹ is to promote the development of E-commerce in the EU. The ECD contains a framework for the Member States’ E-commerce statutes. Accordingly, rules are proposed pertinent to: CSP’s; E-contracts; intermediaries’ liability and codes of conduct; dispute settlement; and litigation. A number of areas are excluded from coverage of the ECD, e.g., public health, taxation, notaries public, and gambling. Each Member State is responsible for regulation of its E-sellers and may not restrict the activities of E-sellers established in other Member States. E-sellers are mandated to: provide full information in advertisements (professionals must abide by their professional advertising standards); and promptly acknowledge receipt of an order. An internet service provider is not legally liable for content of information if it is a mere conduit, cache or host.

Member States

Austria

The Electronic Signature Law’s⁸² noteworthy provisions concern: a CSP’s mandate to collect only a minimal amount of information from a subscriber; and conditions justifying issuance of a corrective order against a CSP. The Electronic Commerce Act’s⁸³ remarkable aspects are: types of information required to be given a buyer by a service provider; a host service provider’s liability for storage of information and for providing a link to other material; and exceptions to the country of origin principle. The entire Electronic Government Act⁸⁴ is an exemplary E-government statute that is among the world’s best.

Belgium

One of the Electronic Signature Act’s⁸⁵ most positive aspects is its three categories of E-signatures. The Electronic Commerce Act⁸⁶ includes a remarkable provision which requires an E-buyer to acknowledge to the seller that he has received the seller’s acknowledgement/acceptance of the customer’s order. The justification for this is that the seller has the burden of proof to show that he has accepted the customer’s offer. This imposes an additional requirement on the buyer, but the seller has more protection.

Bulgaria

The Electronic Document and Electronic Signature Law (EDL)⁸⁷ is distinguished by the following provisions: separate rules relating to the principal and agent of an E-message; thorough technical equipment requirements of CA’s; detailed grounds for a CA to lose its license; a subscriber’s right to contest or disavow his purported E-signature; rules pertinent to suspension of certificates, including a maximum 48-hour suspension period; respective liabilities of the owner and signatory; and universal E-signatures.

Croatia

Croatia has enacted a comprehensive set of three computer laws. The Electronic Signature Act⁸⁸ has the following remarkable attributes: detailed requirements for registration of CA’s; a provision mandating CA’s to share certificate-related information with other CA’s; and a requirement that such information and pertinent documents be retained by a CA for a minimum of ten years after issuance of the certificate. The Electronic Commerce Act’s⁸⁹ most noteworthy characteristics are: registration requirements for E-sellers; the mandate for an offeree to give confirmation of acceptance to an offeror before the E-contract is considered to be finalized; and the list of crimes applicable to E-sellers. The Electronic Document Act’s⁹⁰ most distinguishing trait is its list of crimes pertinent to E-documents.

Cyprus

The Electronic Signature Law’s⁹¹ most noteworthy provision concerns requirements for recognition of a qualified certification issued in foreign country other than a member state of the European Union. The Electronic Commerce Law’s⁹² most positive aspect is the section concerning information an E-seller is required to give a customer during negotiation of an E-contract.

Czech Republic

Distinguishing aspects of the Electronic Signature Act⁹³ include: provisions relating to electronic marks, marking person (and his potential liability), qualified system certificates and qualified time stamps; an expanded definition of a qualified CSP (to include one which issues qualified certificates, qualified system certificates, qualified time stamps, and qualified signature creation devices); an expanded definition of an accredited CSP (to include one which issues qualified certificates, qualified system certificates, qualified time stamps, and secure signature creation devices); and specific requirements of: secure signature creation/verification devices, and electronic mark creation devices.

Denmark

The Electronic Signature Act (ESA)⁹⁴ has the following distinguishing attributes: detailed rules pertinent to the CA’s register of certificates; provisions for the certificate to be issued by the CA, or alternatively, by the subscriber; application of the ESA only to CA’s who are organized in Denmark and whose principal office is located there; and possible use of Danish criminal law to sanction an offending CA that is established as a legal entity. Two Executive Orders relating to CA’s are also exemplary: one pertains to security standards, and the other pertains to conduct of the audit. The most noteworthy aspect of the Electronic Commerce Act⁹⁵ concerns the ordinary non-applicability of Danish law over E-sellers established in other countries, except in certain exceptional situations (e.g., where public health or national security issues are involved).

Estonia

Estonia enacted the Digital Signatures Act (DSA)⁹⁶ in 2000. The requirements of application for a certificate and the required information in an issued certificate are covered. The DSA establishes licensing requirements for CSP’s and time-stamping service providers, mandates them to issue a list of standard operating procedures, enumerates their duties and establishes potential legal liability for them if they fail to perform their duties, and states required procedures to be followed when they go out of business. The DSA’s thorough rules pertinent to time-stamping service providers are its most unique feature.

Finland

These provisions of the Electronic Signature Act⁹⁷ are noteworthy due to their thoroughness: the rules pertinent to recognition of certificates issued by foreign CA’s, and the rules concerning enforcement powers of the regulator of CA’s. However, the rules relating to revocation of certificates are not nearly detailed enough, and the rules relating to mere suspension of certificates are non-existent. The Electronic Government Act⁹⁸ is a model E-government statute containing the following exemplary provisions: specification of duties of governmental authorities in reference to E-government; rules pertinent to sending of E-messages to and from governmental departments; and rules relating to use of E-signatures and service of E-documents by governmental authorities.

France

The Electronic Signature Act (ESA)⁹⁹ implements the European Union’s E-Signatures Directive. The ESA has been criticized for: not advocating usage of biometric signatures in conjunction with a digital signature; not addressing the issue of two or more subscribers having the same name; not offering enough protection for the subscriber’s right of privacy, or for prevention of identity theft; not specifying the legal liability of CSP’s; and no explanation of how to challenge the legal presumption that an E-signature is authentic. The Trust in Digital Economy Act¹⁰⁰ implements the European Union’s E-Commerce Directive and is used in conjunction with the contract law in the French Civil Code as a legal foundation for E-contracts.

Germany

The Digital Signature Act (DSA)¹⁰¹ was a first-generation E-signature law; the only type of E-signature with legal recognition is the digital signature. Noteworthy aspects included the provisions related to: technical standards of the CA’s computer information system; statement of an agent’s name on a certificate; a need to periodically re-sign an E-document in order to maintain a high degree of security; and a CA’s duty to disclose the real name of a subscriber that is using a pseudonym if requested to do so by law enforcement or intelligence authorities. The Electronic Signature Act¹⁰² replaced the DSA in 2001 in order to meet the requirements of the European Union’s E-Signatures Directive and has the following notable attributes: requirements for voluntary accreditation of a CSP; requirements to use secure signature creation devices and secure signature-application components, with provision that only a recognized testing and confirmation office can be used to attest to that fact; and the requirements pertinent to recognition of foreign CSP’s and the products used by them. The Multi-media Law¹⁰³ regulates internet service providers and provides for enforcement of their obligation to maintain confidentiality over information pertinent to their customers.

Greece

The Certification Authority Regulations¹⁰⁴ contain a number of exemplary sections: accreditation standards; standards for signature creation devices and cryptographic modules; a list of documents mandated to be submitted annually by CSP’s to the regulator; a detailed list of items to be included in a CSP’s Certification Practice Statement; a comprehensive list of grounds for revocation of a certificate; requirements pertinent to the registry of certificates and to the maintenance of an archive of supporting documents; and required procedures for a CSP planning to go out of business.

Hungary

The Electronic Signature Act (ESA)¹⁰⁵ contains these noteworthy provisions: legal presumptions relating to E-documents and E-signatures; requirements of qualified certificates and qualified CA’s; duties of subscribers; rules pertinent to closing of a CA’s business; and decision criteria to be used