The Group looked at some issues of general importance which arise when considering the enactment of laws such as an electronic transactions law. These were addressed below.
The Group found that the OECD Guidelines for Consumer Protection in the Context of Electronic Commerce provided a helpful starting point for identifying the basic principles that should apply. It noted that in a Model Law such as the present, it is difficult to be too prescriptive since consumer protection is an area where countries take quite varying approaches and impose significantly different levels of protection. It also noted that there are many different techniques for achieving the desired level of consumer protection, e.g. an emphasis on disclosure or an emphasis on post-offence remedies.
Consumer protection is an area where differing arguments have been made. Whilst some argue that there should be less protection, others feel that there should be more protection for consumers in electronic commerce transactions than the comparable level of consumer protection provided for other forms of consumer transactions by the country's law:
- Less protection - The argument in favour of less protection is that cyberspace should be treated as a "free" area not subject to government controls and only subject to self-regulation. The Group rejected this view. It believed that consumers dealing electronically are entitled, and need, as much protection from their government as that provided for consumers conducting transactions by other means.
- More protection - It has also been argued that the dangers inherent in electronic commerce support a more aggressive approach to consumer protection. However, the Group favoured a continuation of the neutrality principle, earlier identified, that e-commerce between business and consumers shouldPage 20 be in the same position as other business-to-consumer transactions. It noted further that countries should be wary of over-regulating e-commerce compared with other transactions, or compared with other countries, since such over-regulation may be a disincentive to the use of e-commerce.
The Group therefore supported the principle that in consumer protection as in other areas, countries should seek to adapt existing laws to make them equally applicable to electronic commerce transactions. It was recognised, however, that adapting existing consumer laws can be particularly difficult because of the nature of cyberspace. The Group accordingly noted that:
- Consumer protection can best be achieved by implementation of a combination of strategies: self-regulation of businesses, consumer education, consumer empowerment and legislation.
- Co-operation and harmonisation between countries, particularly in areas such as fighting e-fraud.
If a country wished to address the issue of consumer protection, the Group identified several specific matters that could be included:
- Certain vital information should be readily available about any web-based electronically contacted business. There was general agreement that the following details should be provided: the legal name of the business and the name under which the business trades; the principal geographic address for the business; an e-mail address or other electronic means of contact, or telephone number; and, where applicable, an address for registration purposes and any relevant government registration or license numbers. (The Group referred, for guidance, to the OECD Guidelines for Consumer Protection in the Context of E-Commerce, Part III a) i) page 5.)
- Businesses on line should also provide information sufficient to allow service of legal process (see OECD Guidelines for Consumer Protection in the Context of E-Commerce Part III a) iv) page 5).
- Where a business publicises its membership in any relevant self-regulatory Page 21 scheme, business association, dispute resolution organisation or other certification body, the business should provide consumers with appropriate contact details and an easy method of verifying that membership and of accessing the relevant codes and practices of the certification body.
- The Group recommended that any representation about goods and services should be able to be downloaded so that the consumer can have it for future reference, either for better use of the goods or services or as evidence that the goods or services did not comply with the representation.
- The Group recommended that businesses should provide consumers with a clear and full text of the relevant terms and conditions of the transaction, including all costs imposed by the business or known to it, in a manner that such information is able to be downloaded.
The Group recommended that vendors should make it clear what constitutes acceptance on the part of the purchaser, so that consumers do not inadvertently enter into transactions before they are ready to do so. For more detail on this problem, see Part 2 page 9 of the Canadian document "Consumer Protection and Electronic Commerce", published by Industry Canada and excerpted by the Uniform Law Conference of Canada.
The Group recommended that vendors should provide information on the level of computer communications security in operation when an electronic payment is made, so the consumer may judge the risk of using that form of payment.
The Group acknowledged that threats to privacy was another concern brought about by e-commerce. It accordingly felt that member states should consider enacting rules regarding:
- How personal information is collectedPage 22
- What use can be made of the information collected
- Disclosure of the information to third parties
- The individual's right to correct information held about him or her.
As with consumer protection, it is beyond the scope of legislation such as the present Model Law to provide for privacy issues. To a very real extent the amount of privacy protection to be accorded electronic transactions and information will depend upon the country's general approach to privacy. Accordingly, in this section the Group aimed simply to identify some basic issues arising. It hoped that these might assist member states to decide whether their laws are adequate in this area.
(For general assistance, the Group referred to protective techniques described in the OECD 1998 Paper on Protection of Privacy on Global Networks [http: www.oecd.org/dsti/sti/it/consumer/prod/guidelines.htm]. That paper sets out how a combination of techniques which include legislation, self-regulatory bodies, contractual arrangements and technological mechanisms may be employed in order to achieve satisfactory levels of privacy protection.)
The Group noted that most countries have different privacy rules for government and for private businesses. In the private sector, controls often vary depending upon the particular area - e.g. insurance, banking etc. The Group agreed that e-commerce and electronic transactions generally increase the need for government to develop a policy in this area, with perhaps priority to be accorded to important...