Michael Sonntag2 Legal and Technical Aspects of E-Commerce Questions? Please ask them immediately! ? ? ? ? ? ?
Michael Sonntag3 Legal and Technical Aspects of E-Commerce Content l Why the need? l Distance contracts èInformation requirements, right of withdrawal èPerformance, inertia selling, waiving these rights l Spam è ads èLegal aspects of Spam l Liability of providers èMere conduit, caching, hosting è(No) Obligation to monitor
Michael Sonntag4 Legal and Technical Aspects of E-Commerce Why the need? l Distance selling has been around VERY long èE. g. mail order companies èDubious Internet-shops and fears of customers l Spam is a problem only since (mostly) free sending èPaper: Cost is on sender (postage) è Cost is on receiver (downloading) l Liability of providers èHotly disputed èFew actual cases, but huge potential/danger
Michael Sonntag5 Legal and Technical Aspects of E-Commerce What is a “distance contract”? l Contract for goods or services èWith certain exemptions; see later ¶ Between supplier and consumer èNot 2 consumers or 2 suppliers! · Organized distance sales/service provision scheme èNot for ad-hoc distance sales / exceptions ¸ Exclusive use of distance communication »= Without simultaneous physical presence of supplier and consumer! èOne personal meeting not applicable! ¹ Up to and including conclusion of the contract
Michael Sonntag6 Legal and Technical Aspects of E-Commerce Exclusions l Financial services: Investment, banking, insurance,... èSeparate directive l Automatic vending machines èLegally similar, but product directly visible l Using public payphones èPaying for the call (similar to autom. vending machines) l Construction/Sale of immovable property èExcept rental (=included in distance selling directive) l Concluded at an auction è“Ordinary” auctions by telephone; but also in Internet
Michael Sonntag7 Legal and Technical Aspects of E-Commerce Areas not affected l The conclusion of the contract itself èWhen/how a contract is concluded: national law l Which law governs the contract èInternational private law; but minimum standards l Language of the contract l Liability for goods/services l Remedies for breaches of contract l Taxes, duties, shipping costs, VAT,...
Michael Sonntag8 Legal and Technical Aspects of E-Commerce Prior information (1) l Prior to conclusion of a contract, consumers must be informed: èIdentity of supplier (including geographical address) è address »Must allow rapid, direct and effective contact èMain characteristics of goods/services èPrice including all taxes and delivery costs »This is VERY difficult in international sales »Usually ignored with respect to duties and foreign taxes! »E-Commerce dir.: Clear and whether includes taxes/delivery èArrangements for payment and delivery èExistence of right of withdrawal
Michael Sonntag9 Legal and Technical Aspects of E-Commerce Prior information (2) èCost of means of distance communication »Telephone lines with additional costs èPeriod for which offer or price remains valid èMinimum duration of contract (permanent/recurrent) èPublic/Trade register (incl. number) if applicable èAuthorization body if applicable èSpecial rules for regulated professions èVAT identification number èContract terms and general conditions must be provided in a way so the consumer can store and reproduce them
Michael Sonntag10 Legal and Technical Aspects of E-Commerce Prior information (3) l Information must be clear and comprehensible and in a way appropriate to method of dist.-comm. l Principles of good faith and protection of minors These only, if not exclusively done by èDifferent technical steps for concluding the contract èWhether or not the contract will be stored by the service provider and whether it will be accessible èTechnical means for identifying and correcting input errors prior to placing the order èLanguages offered for concluding the contract èAny relevant codes of conduct subscribed by the provider
Michael Sonntag11 Legal and Technical Aspects of E-Commerce Confirmation of information l On durable medium during performance of contract (latest: delivery), information above and the following must be given: èGeographical address of supplier for complaints èConditions & procedures for exercising right of withdrawal èInformation on after-sales services and guarantees »Only as far as such exist! èHow to cancel the contract »If duration is unspecified or >1 year l Durable medium: sufficient (printing possible) »Considerations: Written required!
Michael Sonntag12 Legal and Technical Aspects of E-Commerce Right of withdrawal: When? l At least 7 working days l No penalty èException: Cost of returning the goods l No reason required l Beginning of period: èReceipt of goods by customer èConclusion of contract for services l Information omitted: è3 month right of withdrawal! »Information given within 3 month 7 days start from then
Michael Sonntag13 Legal and Technical Aspects of E-Commerce Right of withdrawal: Exclusions èProvision of services if performance has already begun »If begin within the 7 days and with consent of consumer èSupply of goods/services with fluctuating market price »No withdrawal if price falls instead of rising! èGoods made to customer’s specifications èGoods unable to be returned by their nature »Or are liable to deterioration or rapid expiry, e. g. fruits èAudio/Video recordings if unsealed by customer èSupply of newspapers, periodicals, magazines »Only for the individual issues; for subscription itself possible! èGaming and lottery services
Michael Sonntag14 Legal and Technical Aspects of E-Commerce Right of withdrawal: Consequences l Contract is destroyed l Customer must return goods l Supplier must reimburse sums paid by customer èMust be done free of charge (no handling fees, …)! »No charges because of withdrawal »E. g. devaluation can be allowed for èAs soon as possible; always within 30 days l Austria: Reimbursement may be reduced: èfor damage to goods èfor reduced value because of usage
Michael Sonntag15 Legal and Technical Aspects of E-Commerce Right of withdrawal: Associated credit l If the price is fully or partly covered by credit ègranted by the supplier, or ègranted by a third party »On basis of an agreement between third party and supplier! –E. g. supplier organized credit for consumer –Not: Consumer gets credit from his/her (independent) bank l The credit is cancelled without any penalty èDetailed rules by member states Necessary, as otherwise consumers would have a credit they don’t need any more: Exercising the right of withdrawal would be (economically) next to impossible!
Michael Sonntag16 Legal and Technical Aspects of E-Commerce Performance l If not agreed upon otherwise, order (only if a contract!) must be executed within 30 days l If supplier cannot fulfill because of unavailability èConsumer must be informed èRefund of payments as soon as possible (max. 30 days) Attention! Sending the order is often NOT the conclusion of the contract! (Austria: Almost never)
Michael Sonntag17 Legal and Technical Aspects of E-Commerce Concluding contracts electronically l Contracts are concluded electronically exactly the same way as in the conventional way èUsually consensus is sufficient èSometimes a real element is required »E. g. handing over the pawn (Austria) èSometimes notaries/courts/... are required »Not available online, (but only) therefore not possible online èSometimes a signature is required »See signature directive / presentation! Contracts must be (legally, not practically!) possible to be concluded electronically
Michael Sonntag18 Legal and Technical Aspects of E-Commerce Usual way of concluding a contract in distance selling 1) Supplier send catalog: Advertisement only 2) Consumer sends order: Request for a contract 2.5) Supplier send confirmation of order èInformation only! èOptional; E-Commerce directive: Confirmation obligatory! 3a) Supplier send an acceptance: Contract concluded 3b) Supplier fulfills order: Contract concluded èContract concluded at the time of sending the goods
Michael Sonntag19 Legal and Technical Aspects of E-Commerce Time of receipt of communication l Orders and acknowledgements of receipt are deemed to be received when the addressee is able to access it èIf order is placed through electronic means èTime: When it arrives on his mail server »Even if the time is 23:55 it is immediately received on this day! l Other communication: Might be different! èE. g. when reading can be expected èE. g. at the next beginning of work-hours
Michael Sonntag20 Legal and Technical Aspects of E-Commerce Payment by card l A consumer can: ècan request cancellation of a payment when fraudulent use has been made of his payment card in a distance contract èmust be re-credited with the sums paid or have them returned l Special provisions for creditcards, which are an important means of payment in Internet-Shopping èBut: Payment card is more than just creditcards
Michael Sonntag21 Legal and Technical Aspects of E-Commerce Inertia selling = Supplying goods/services to consumers without any order beforehand l This is explicitly prohibited l Exceptions: èNo demand for payment (free gifts) èSent to businesses (prohibited only for consumers!) l No consideration must be paid for them l Absence of a response does not constitute consent l Nothing said on safekeeping and damages
Michael Sonntag22 Legal and Technical Aspects of E-Commerce Automated communication l Previous consent of the consumer is required for communication with him in case of: èautomated calling system without human intervention èFax l Other means of individual distance communication èOpting-out is always possible »But see also Spam later! èE. g. bulk mail is not included, as it is no individual communication!
Michael Sonntag23 Legal and Technical Aspects of E-Commerce Waiving these rights l These rights (especially information and the right of withdrawal) can not be waived by the consumer èThis is, as usual, not applicable to waiving after the fact l Choosing the law of a non-member country for the contract èif the contract has a close connection with any one or more member states èdoes not affect these rights »Regular provision in consumer protection laws
Michael Sonntag24 Legal and Technical Aspects of E-Commerce Spam: What is it? l General term for undesired advertisements: èBy or in newsgroups èUnsolicited »Not requested and no consent given for sending èUsually sent to an enormous number of people l Costs are on the carriers and recipients l Almost always for illegal / dubious schemes l Often possess forged headers, return address,...
Michael Sonntag25 Legal and Technical Aspects of E-Commerce Identifying Spam (1) l This is very hard, no foolproof solution exists! l Workable approaches are: èNot accepting mail from “dangerous” domains »But blocks ALL mail from there, including legitimate! èFiltering for keywords »Only works for special and rare words (e. g. sexually related) »Does not work for “commercial” scam èLooking for forged/missing/added headers »DNS name does not match IP address èLooking for removal instructions / claims to comply with Spam legislation
Michael Sonntag26 Legal and Technical Aspects of E-Commerce Identifying Spam (2) èLooking for extensive/strange HTML use »Also all caps, lots of exclamation marks or other formatting èFiltering regular expressions »Checking for combinations of keywords or parts thereof »Complicated to set up; use existing lists èUsing black-/whitelists »Known spammers change their VERY often èChecking for suspicious/malformed sender addresses »E. g. containing many numbers, large number of addressees èCheck list of known Spam messages »If detected, mail is sent to central repository »Checking each message takes long time
Michael Sonntag27 Legal and Technical Aspects of E-Commerce Legal regulations for Spam (1) l Privacy: addresses are personal data èGathering must be done legally (usually with consent) »Putting an address on a webpage will usually not be consent! l Telecommunication laws: Sending bulk messages often restricted to protect availability l E-Commerce directive: èMust be clearly identifiable + additional information èOpting-out must be possible
Michael Sonntag28 Legal and Technical Aspects of E-Commerce Legal regulations for Spam (2) l Privacy in electronic communication directive: ÊWhen address obtained by sale of product or service, it may be used for marketing of own or similar products »Free of charge and easy objection must be possible (=Opt-out) »Notificatio of this upon collection of data and on each contact ËDisguising/concealing identity of sender or without valid address for unsubscribing is always prohibited ÌMember states can decide whether opt-in or opt-out »Austria: Opt-in l The last (opt-in/out) applies only to natural persons! »Legal persons must be “sufficiently protected” by national law
Michael Sonntag29 Legal and Technical Aspects of E-Commerce Opt-in vs. Opt-out l Opt-in: »Valuable and known-to-work-and-be-read addresses »Almost all consumers promote this scheme èRecipient must previously agree to receive mail èWithout consent, nothing may be sent to them l Opt-out: »Messages can be sent to almost everyone »Some businesses and most advertising agencies promote this èSpam may be sent to everyone, except those èwho registered to not receive it (Robinson-lists), or èunsubscribe after receiving the first message
Michael Sonntag30 Legal and Technical Aspects of E-Commerce Legal state of Spam in America l Currently no law regulating spam èSenate bill 1618: Did not became law l Currently in legislation: èDifferent approaches, but most are opt-out èAll require truthful headers èUsually the FTC (Federal Trade Commission) responsible for taking action èLow fines (e. g. $10/illegal spam if enforced by ISP) èSometimes incl. obligatory identification of UCE-nature èSometimes ISP can declare themselves “UCE-free zone”
Michael Sonntag31 Legal and Technical Aspects of E-Commerce When sending advertisements is (usually) legal l If the addressee explicitly requested it l In the course of / after a commercial transaction èConcerning related goods or services l To mailinglists once in response to questions for it èE. g. users seeking certain software short ad-message l After obtaining consent from the addressee, e. g. during registration on a website Always: Allow unregistering/opting-out and honor this request
Michael Sonntag32 Legal and Technical Aspects of E-Commerce Liability of providers: Mere conduit l Providing access to a communication network or being an intermediary station within the network, there is no liability for the content, if you… èdo not initiate the transmission »End-users are not privileged èdo not select the receiver of the transmission »Effectively “distributing” the data èdo not select or modify the information »Personalization providers or malicious users are not included l Includes automatic, intermediate and transient storage for sole purpose of transmission
Michael Sonntag33 Legal and Technical Aspects of E-Commerce Liability of providers: Caching l Providing automatic, intermediate and temporary stor- age for sole purpose of making transmissions more efficient, there is no liability for the content, if you… èdo not modify the information ècomply with conditions on access to the information ècomply with rules regarding updates (e. g. Meta-Tags) èdo not interfere with lawful techn. for obtaining usage data èact expeditiously to remove or disable access to information upon actual knowledge that the information »was removed at the source »access to it was disabled »court or administrative authority has ordered this
Michael Sonntag34 Legal and Technical Aspects of E-Commerce Liability of providers: Hosting l Providing storage for information from others, there is no liability for the content, if you… èdo not have actual knowledge of illegal activity or information èare not aware of any facts or circumstances from which illegal activity or information is apparent èupon obtaining knowledge or awareness act expedi- tiously to remove or disable access to the information l This does not apply to persons acting under authority or control of the provider èE. g. employees
Michael Sonntag35 Legal and Technical Aspects of E-Commerce Liability of providers: Obligation to monitor l No general obligation to monitor allowed èinformation transmitted (conduit, caching) èinformation stored (hosting) l No general obligation to actively seek facts or circumstances indicating illegal activity allowed l There may be obligations to inform authorities of alleged illegal activities, and information to enable identifying the actual content provider è“Not known” and not “should have known” no problems
Michael Sonntag36 Legal and Technical Aspects of E-Commerce Literature/Links: l Szecskay Law Firm: Hungarian E-Commerce Act: l SpamAssassin: l Coalition Against Unsolicited Commercial l EU E-Commerce directive: 2000/31/EC, L 178/ l EU electronic communications data protection directive: 2002/58/EC, L 201/ l EU distance contract directive: 1997/7/EC, L 144/