Electronic Transactions - Carnegie Mellon University

advertisement
Electronic Transactions
Michael I. Shamos, Ph.D., J.D.
Institute for Software Research
School of Computer Science
Carnegie Mellon University
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Electronic Transactions
• With the rise of the Internet, more and more
transactions are negotiated and initiated electronically
• Internet sales: goods and intangibles
• electronic banking
• stock brokerage
• e-mail
• B2B transactions
• auctions
• Many are completely automated – no human
intervention
• What is their legal status?
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Electronic Contracting
• Consent
• Formation
– Acceptance
– Conspicuousness
•
•
•
•
Digital Signatures
Jurisdiction
Notices, “receipt,” confirmation
Evidence
– Data retention: changed or disappearing web pages
• Authority
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Requirements for a Contract
• Offer (ALWAYS REQUIRED)
• Acceptance (ALWAYS REQUIRED)
• Consideration (USUALLY REQUIRED)
– Exchange of value or promises of value
– But: Pennsylvania magic words: “intending to be
legally bound hereby”
• Writing (SOMETIMES REQUIRED)
– Value as evidence, memory aid
• Signature (SOMETIMES REQUIRED)
– Solemnity (seriousness)
– Authentication
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Uniform Commercial Code
• Contract law is complicated; most terms are implied,
not stated expressly
• All states except Louisiana have enacted versions of
the Uniform Commercial Code (UCC) covering sales
of goods
• UCC specifies
– procedure for forming sales contracts
– terms implied in all contracts, e.g. warranties
– defaults for unspecified terms
• Warranty
– A promise that a statement is true, e.g. “I own this
watch and have the right to sell it to you.”
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Statute of Frauds
• A very old statute requiring certain contracts to be in
writing
• “A contract for the sale of goods for the price of $500
or more is not enforceable by way of action or
defense unless there is some writing sufficient to
indicate that a contract for sale has been made
between the parties and signed by the party against
whom enforcement is sought ...” 13 Pa.C.S. § 2201
• Purpose:
– evidence; reminder to parties; seriousness
• Is email a writing? (What’s the purpose of the law?)
• Is a digital signature a signature?
• Is a mouse click a writing? A signature?
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Uniform Laws
• Uniform codes are model laws proposed by the
Uniform Law Commission
• No legal effect unless enacted by a legislature
• Each legislature can modify the code
• Therefore: uniform laws are not uniform!
• Uniform Electronic Transactions Act (UETA) adopted
by 47 states (e.g. PA) + District of Columbia
• Uniform Computer Information Transactions Act
(UCITA) adopted by 2 states (Maryland and Virginia)
• UETA AND UCITA adopted by 2 states (MD, VA)
• This leaves out IL, NY, WA
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Offer and Acceptance
• How is the offer communicated?
• Revocation of offer
– An offer can be revoked anytime before it is
accepted
– TIME is important
• A counteroffer is a refusal of the original offer
• General rule: acceptance is effective when
communicated to the offeror
• Mailbox rule is an exception: acceptance occurs
when it is placed in the mail, even if never received
• What is the electronic equivalent of the mailbox rule?
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Clickwrap Agreements
• UCC §2-204: “A contract for sale of goods may be
made in any manner sufficient to show agreement,
including conduct by both parties which recognizes
the existence of such a contract.”
• Clickwrap: triggered by clicking “I Accept” after the
agreement is displayed. Enforceable, since the click
shows agreement. Hotmail Corporation v. Van Money
Pie Inc., et al., C98-20064 (N.D. Ca., April 20, 1998)
• Question: what is the evidence of clicking?
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Electronic Transactions
• Pennsylvania Electronic Transactions Act (signed
12/16/99). A version of UETA
• All parties must consent to the electronic transaction.
• “Electronic signature. -- An electronic sound, symbol
or process attached to or logically associated with a
record and executed or adopted by a person with the
intent to sign the record. “
• “If a law requires a record to be in writing, an
electronic record satisfies the law.”
• “If a law requires a signature, an electronic signature
satisfies the law.”
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Electronic Signature Legislation
• E-Sign: Electronic Signatures in Global and National
Commerce Act (effective Oct. 1, 2000)
• “electronic signature” means an electronic sound, symbol, or
process, attached to or logically associated with a contract or
other record and executed or adopted by a person with the
intent to sign the record.
•
•
•
•
•
•
•
Electronic signatures valid, not required
Must be accepted by government agencies
Consumer disclosure and consent
Retention satisfied by electronic records
Federal pre-emption
Electronic notarization, transferable records
List of exceptions (wills, various cancellation notices)
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Uniform Electronic Transactions Act
• Abbreviated UETA (pronounced you-eat-a)
• Enacted in 47 states and Washington DC
• Applies to transactions related to business,
commercial (including consumer) and governmental
matters within a state
• Applies to any electronic record or electronic
signature created, generated, sent, communicated,
received, or stored
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Consumer Agreements (UETA)
• Consumer: “an individual involved in an electronic
transaction primarily for personal, family or household
purposes”
• In a nonelectronic consumer contract, consumer
must agree to any electronic provision by a separate
acknowledgment.
• An agreement to conduct a consumer transaction or
a part electronically may not be inferred solely from
the fact that the consumer used electronic means to
pay an account or register a purchase or warranty.
• These provisions may not be varied by agreement of
the parties to a consumer contract or transaction.
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Sending Electronic Records (UETA)
• “an electronic record is sent when it:
(1) is addressed properly ... to an information
processing system that the recipient has designated
or uses for the purpose of receiving electronic
records … ;
(2) is in a form capable of being processed by that
system; and
(3) enters an information processing system outside
the control of the sender or ... enters a region of the
information processing system designated or used by
the recipient which is under the control of the
recipient.”
• “An electronic record is received ... even if no
individual is aware of its receipt.”
Transferable Records (UETA)
• The law of negotiable instruments (checks, drafts,
promissory notes, etc.) pays great attention to
transferability and the “holder in due course” (rightful
possessor without knowledge of fraud or defect)
• A negotiable instrument is token money (rightful
possession is equivalent to ownership)
• Negotiable instruments are made electronic through
“transferable records”
• A “transferable record” is an electronic record that
would be a negotiable instrument if it were written
and which the issuer has expressly agreed is a
transferable record.
• Do transferable records exist? Can they exist?
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Transferable Records (UETA)
• A person ‘controls’ a transferable record if
(1) a single authoritative copy of the transferable
record exists which is unique, identifiable and, ...
unalterable;
(2) the authoritative copy identifies the controller as
either the issuer or as most recent authorized
transferee;
(3) copies that change the identity of the controller
can be made only with the consent of the controller;
(4) the status of a copy (authoritative or not
authoritative) is readily identifiable.
• Transferable records have the status of negotiable
instruments
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Automated Transactions (UETA)
• “Automated transaction. -- A transaction conducted or
performed, in whole or in part, by electronic means or
electronic records, in which the acts or records of one
or both parties are not reviewed by an individual in
the ordinary course [of business].”
• “A contract may be formed by the interaction of
electronic agents of the parties, even if no individual
was aware of or reviewed the electronic agents'
actions or the resulting terms and agreements.”
• Difference: automated transaction may be revoked
for unilateral mistake if the other side has not
changed its position in reliance
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Automated Transactions (E-Sign)
• “‘electronic agent’ means a computer program or an
electronic or other automated means used
independently to initiate an action or respond to
electronic records or performances in whole or in part
without review or action by an individual at the time of
the action or response.”
• “A contract or other record relating to a transaction in
or affecting interstate or foreign commerce may not
be denied legal effect, validity, or enforceability solely
because its formation, creation, or delivery involved
the action of one or more electronic agents so long
as the action of any such electronic agent is legally
attributable to the person to be bound.”
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Uniform Computer Information
Transactions Act (UCITA)
• Deals with contracts for digital goods. Generally
favors producers
• Approved by the National Commissioners. Adopted
only in Virginia (home state of AOL) and Maryland
• VERY controversial
• Replaces “sales” by “licenses.”
– Sale is a completed act. License is a continuing
permission
• Allows hidden terms to govern even if not disclosed
prior to licensing. Can deny buyer advance access to
terms.
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Uniform Computer Information
Transactions Act (UCITA)
• Overrules prior court decisions in favor of consumers
• Reduces scope of implied warranties
• Electronic “self-help.” Licensor can repossess
products under certain conditions
• Allows vendors to prohibit reverse engineering
• Shrinkwrap licenses override purchase order terms
ANY modification of a computer program void ALL
warranties
• Vendor protected from consequences of known
software bugs even if not disclosed to buyer
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Uniform Computer Information
Transactions Act (UCITA)
• Allows software publishers to change the terms of the
contract after purchase.
• Allows restrictions that prohibit users from criticizing
or publicly commenting on software they purchased.
• Allows software and information products to contain
"back door" entrances, potentially making users'
systems vulnerable to infiltration by unauthorized
hackers.
• Widely regarded as a failure (adopted by 2 states)
• NCCUSL halted efforts to promote the Act and
WITHDREW it
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Major Ideas
• UETA (Uniform Electronic Transactions Act) has been
widely adopted
• E-Sign (throughout the U.S.) allows “electronic
signatures” to replace handwritten ones in most cases
• An “electronic signature” is not the same as a “digital
signature,” but a digital signature can be an electronic
signature and vice-versa
• UCITA (Uniform Computer Information Transactions
Act) is too favorable to software vendors and has not
future (adopted in 2 states with no more in sight)
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Q&A
LAW OF COMPUTER TECHNOLOGY
FALL 2015
© 2015 MICHAEL I. SHAMOS
Download