Introduction: E-Commerce, The Internet, and the Law
E-commerce is commerce mediated by the Internet. The Internet differs dramatically from traditional communications networks, and the differences have profoundly affected individuals, businesses and governments. The law has responded with new rules and novel applications of traditional rules. E-commerce law consists of these rules, their rationales, and their consequences as they pertain to commerce over the Internet. We take the relevant topics to be: contracts (chapter I); jurisdiction (chapter II); intellectual property (chapter III); trespass (chapter IV); information security (chapter V); regulating communication and content (chapter VI); and, privacy (chapter VII). The chapters share a common theme: the control of access to and use of computers, computer networks, web sites, and software. Competency in regard to legal issues surrounding such access and use requires a knowledge of the issues addressed in chapters I – VII.
Current e-commerce casebooks often mix relatively few cases with relatively many excerpts from articles presenting one or another theoretical point of view. This was inevitable in the early development of e-commerce law. There were few cases, and many competing theories. Cases remain few in some areas; however, on the whole, a substantive body of caselaw has emerged. We have chosen to present this body of law and to keep theory to a minimum. This should not be taken to imply any adverse evaluation of the important and interesting theoretical debates concerning the legal regulation of e-commerce; however, enough cases are now available that presenting them has become a book-length task in its own right.
E-commerce has spawned a number of legal concerns. Contracting, trespass, and privacy are excellent examples. Some think “[t]he Internet is turning the process of contracting on its head.”[1] Trespass issues arise in a variety of contexts including the use of automated search software by an Internet business to extract information from a competitor’s web site. Should the law prohibit this? If so, under what legal doctrine? E-commerce compromises privacy when Internet searches are recorded, when websites captured personal information, and when intimate information about individuals is displayed to the world on the World Wide Web.
To fully appreciate and evaluate these issues, as well as the many other legal concerns the Internet raises, you need to appreciate those aspects of the Internet which distinguish that network from other communications networks. E-commerce law responds to and develops around those features. The following primer on the Internet identifies those features and indicates the legal concerns that arise in relation to them.
I. Structure of the Internet
A network consists of connections among nodes. A spider’s web, the system of public roads, the traditional telecommunications system, and the Internet are all networks. The nodes on the Internet divide into four layers. The first consists of end-users, who connect their computers or networks of computers to the Internet. The connection between end-users and the Internet is mediated by Internet Service Providers (ISPs), who comprise the second layer of nodes. ISPs connect to the third layer, a system of “regional feeder networks.” These are large networks that link ISPs to the Internet “backbone,” which is the fourth layer. The nodes on the backbone are routers (specialized computers that route traffic over the network). The connections among routers consist of high speed cables.
II. Intelligent Versus Dumb Networks
The Internet is a “dumb” network. The “intelligence”–or lack thereof--of a network is a function of the information processing power at its nodes. The nodes of a spider’s web lack any processing power; the nodes of the public roads have some (stop lights and other traffic control devices). The traditional telecommunications network is the standard example of a highly intelligent network, and it instructive to contrast it with the considerably dumber Internet. The contrast reveals not only why the Internet is “dumb,” but also why, in this instance, dumbness is a virtue.
When you place a phone call, the electronic signals from your phone find their way to a specialized computer called a “circuit switch.” The switch has considerable processing power; it figures out how to open a path--called a “circuit”–between you and the person you are calling; the circuit is dedicated to your call and only your call, and remains open until one of the parties hangs up. The switch may also handle caller ID, call forwarding, and billing related matters. Your telephone handset, in contrast, is a “dumb” device; its computational capacity is minimal; its main task is to send and receive signals. On the Internet, the situation is reversed. The “handsets,” the end-users’ computers, have a lot of computational power while the “switches”--the routers--have relatively little.
Two aspects of “router dumbness” figure importantly in the cases in this book. The first is that routers, unlike circuit switches, are incapable of creating a dedicated circuit that remains open for the duration of the communication. Internet communication does not involve such circuits. The reason this matters is that it is a key factor in keeping the cost of using the Internet low. Low-cost communication and access to information have been, and continue to be, critical to the rapid growth and vitality of the Internet. The cost-savings in communication, however, impose costs of another sort. To see why, we need to see why not opening a dedicated circuit keeps costs down.
Silence is the reason. In a phone call, there are periods when neither party is talking; during the silence, the information carrying capacity dedicated to that call is unused by the communicating parties and cannot be used by anyone else. The Internet avoids this waste. The reason is that information sent over the Internet is broken into discrete packets; each packet includes the address of its destination. A packet reaches its destination after several hops from router to router. Each router determines only the next hop; a router determines the most efficient next hop available for a packet. The next packet from the same message may take a quite different hop if that hop is more efficient for it; consequently, packets typically travel different routes and are reunited only at their destination. Networks that work this way are called “packet-switched” networks. Packet-switched networks are much more efficient than the “circuit-switched” networks of traditional telephone communication.
The Internet’s packet-switched efficiency is a key factor in its ability to provide very low cost communication. But packet-switched networks do not come without costs of their own. Packet-switched routing (as currently implemented, at least) makes it relatively easy to disguise the location and identity of someone sending e-mail or accessing a web site or network. Concealment is a theme that runs through many issues--including: jurisdiction (should a web site be expected to determine the geographical location of its visitors?); trespass (the ability to conceal origin limits the self-help ability of web sites to block unwanted visitors); unauthorized access, defamation and obscenity (the ability to conceal makes it more difficult to identify wrongdoers); privacy (the ease with which you can conceal your identity greatly enables anonymous speech). The legal challenge is to regulate the packet-switched Internet effectively without eliminating the efficiency gains that packet-switching secures.
The second important aspect of router dumbness is that a router does not “understand” the data it transmits. The packets encode information as a sequence of 0's and 1's. When a router hops packets efficiently on their way, it “knows” only their addresses; otherwise, it does not “know” what the 0's and 1's mean. It cannot tell the difference between a terrorist communication, a picture of Chicago, or a digitized copy of Shakespeare’s Hamlet. Only the “smart” devices at each end of the communication “know” what the 0's and 1's mean. The computer, Palm Pilot, or other device downloading Hamlet translates the 0's and 1's into the Shakespeare’s words; the router cannot do so. Intelligence in packet-switched network resides in devices end-users control.
This fact—that interpretative intelligence resides primarily at the Internet’s periphery–is seen by many as so critical to the vitality of the Internet that they have elevated it to the level of a principle, known as the end-to-end principle. Surprisingly, the cases included in this book do not formulate or discuss the end-to-end principle. The principle still merits discussion, however. Not only is it important in its own right, it is also closely related to a feature of the Internet—“openness”--which does figure prominently in the cases that follow. Section IV discusses openness.
III. The End-To-End Principle
Lawrence Lessig sees the end-to-end principle as the defining principle of the Internet. Lessig emphasizes three benefits:
First, because applications run on computers at the edge of the network, innovators with new applications need only connect their computers to the network to let their applications run. . . . Second, because the design is not optimized for any particular existing application [unlike circuit-switched networks, whose circuit switches are optimized for opening dedicated circuits], the network is open to innovation not originally imagined . . . Third, because the design affects a neutral platform–neutral in the sense that the network owner can’t discriminate against some packets while favoring others–the network can’t discriminate against a new innovator’s design. If a new application threatens a dominant application, there’s nothing the network can do about it.
Commentators generally agree that the end-to-end principle “dramatically expanded the uses to which data networks could be put and triggered the explosive growth of the Internet.” [2]
Only one choice is available to policy makers who follow the end-to-end principle and who wish to control Internet content: impose requirements on those who can discriminate types of content. This means they must impose requirements on end-users and ISPs, and all of the cases included in this book do indeed concern what end-users and ISPs may do or must do.
IV. Openness and Its Costs
“Openness” is another feature that defines the unique nature of the Internet. The Internet is an “open” network in three ways. We consider each in turn and explain why it has been critical to the growth and vitality of the Internet, and why it poses unique legal challenges in the regulation of e-commerce.
A. Non-Proprietary Protocols
Recall Lessig’s point about the end-to-end principle: “because applications run on computers at the edge of the network, innovators with new applications need only connect their computers to the network to let their applications run.” But how can an innovator–like the inventors of the file sharing application Napster–be sure that others Internet users will be able to use the application? A non-Internet analogy: suppose Jones has written a travel guide to Spain aimed at travelers from the United States; Jones’s only difficulty is that he wrote the guide in Polish. Even if he manages to get the guide into US bookstores, it will be useless to its intended audience and will not sell. How can the creators of a new application be sure that they and their intended audience speak the same language?
Because Internet communication is mediated by shared protocols (sets of rules) for digitizing communications, for translating them into sequences of 0s and 1s. The protocols are “open” in the sense that they are non-proprietary, available for free to all Internet users. This has been a key factor in the growth and vitality of the Internet:
The Internet’s effectiveness depends on universal agreement on the non-proprietary protocols to be used to translate into 1s and 0s and back again. . . . [B]ecause the Internet’s core . . . standards are not owned by anyone, any operator of a data network can connect to the Internet. Similarly, because the intelligence of the Internet is provided primarily by the devices connected to it, and not by centralized switches, any developer of an “application,” such as a file sharing program like Napster, is free to make her work available via the Internet and give all Internet users access to it. Consequently, the creator of new media content, such as a short film, can rely on the Internet to distribute her work, thereby displacing such traditional intermediaries as movie theaters or television networks. To summarize, these two related features of the Internet’s open architecture–the openness of it protocols, and the ability of anyone to develop applications and content for it–help explain the Internet’s spectacular growth.[3]
These advantages come at a cost: they enable virtually every illegal activity considered in the cases which follow.
The distribution of malicious programs illustrates the point. Malicious programs plague the Internet. Internet users must guard hackers seeking sensitive information and against viruses, worms, Trojans, spyware, and any other sort of malevolent device programmers can invent. All these activities benefit greatly from the non-proprietary protocols. Like “the creator of new media content . . . [someone seeking unauthorized access] can rely on the Internet to distribute her work.” The “work” in this case may be a program surreptitiously deposited on a computer hard drive to steal passwords or monitor communications, or it may be the attempt to search a system for social security numbers. In either case, the “work” is greatly aided by the fact that the system and the person seeking access can communicate in a common language. In general, the “work” may be searching a business competitor’s web site; sending an unsolicited e-mail; posting a defamatory message on a web site; stealing intellectual property or sensitive financial information; communicating with an organized crime ring or a terrorist cell. This is why a central theme in e-commerce law is the control of access to and use of computers and computer networks. What you may do to prevent access is discussed in the chapters on contracting, intellectual property, trespass, and protecting communication. What you must to prevent access do is discussed in the chapters on computer and network security, protecting communication, and privacy. The chapters on jurisdiction, and intellectual property discuss what tribunals have the power to resolve disputes about control of use and access.
All three issues—the “may,” the “must,” and dispute resolution--arise against the following key background fact: the Internet has no “gatekeeper,” no central entity that licenses some uses of the Internet but not others.
B. No Gatekeeper
Consider again Lessig’s point that “because applications run on computers at the edge of the network, innovators with new applications need only connect their computers to the network to let their applications run.” Last time we asked how the innovators could be sure that others would be able to use the application. This time we ask how they can be sure that they connect their computers to the Internet. How can they be sure that some authority will not say, “No, you cannot connect that sort of application to the Internet?” Because there is no authority to prevent them. It is an open network in the sense no authority imposes conditions on access. Compare the network of public roads. Various state and federal gatekeepers control access to that system; legal driving requires a valid driver’s license available only to those able to meet certain specifications, and vehicle registration, which again requires meeting certain conditions. Some people and vehicles are not allowed on the system. There is no similar gatekeeper for the Internet.
The closest the Internet comes to a gatekeeper is the Internet Corporation for Assigned Names and Numbers (ICANN). ICANN describes itself as a “non-profit corporation that was formed to assume responsibility for the IP address space allocation, protocol parameter assignment, domain name system management, and root server system functions performed under U. S. Government contract by IANA and other entities.”[4] The domain name system
is the very heart of the Internet, the Archimedean point on which this vast global network balances. Presence in (or absence from) the chain of interlocking servers and databases constituting the DNS is no less than a matter of electronic life or death, and control over this system quite literally a kind of life or death power over everyone participating in this vast global conversation.[5]
Not surprisingly, ICANN and it powers have generated considerable controversy, some of which is reflected in the cases in chapter III concerned with the domain name system.
C. Implied-permission access
The final sense in which Internet systems are “open” is simply that many are publicly accessible. Governmental and private organizations distributing information for the common good would defeat their purpose if they did not make their sites publicly accessible. Business often leave their sites open because they want to make it easy to “enter the store.” You can access eBay, for example, simply by directing your browser to you need not enter a password or provide any other form of authentication, you do not need contact eBay to obtain explicit permission to access it. No explicit permission is required because permission is implied; by connecting to the Internet and making its system publicly accessible, a system impliedly consents to access by the general public.