Introduction
Intellectual Property
Recognition of Electronic Transactions
Privacy
Consumer Protection
Defamation
Objectionable Material and Censorship
Tax Issues
Jurisdictional Issues
Australian jurisdictions have adopted a light-handed approach to most aspects of internet and e-commerce regulation, founded upon the principles of technical neutrality and functional equivalence. 'Technical neutrality' means that the law will not discriminate between the various types of technology by prescribing that only certain forms of technology are acceptable. 'Functional equivalence' means that transactions conducted electronically or through traditional means are equally effective under the law.
This should lead to longevity of uniform regulation, where technological advances and innovation are not impeded by a legal system that prescribes out-of-date technology.
Copyright
The arrival of Internet and online services has enabled copyright material to be disseminated and reproduced in an unprecedented manner. The Australian copyright law is being changed to adapt to the online environment. Proposed changes to the Copyright Act 1968 embodied in the Copyright Amendment (Digital Agenda) Bill 1999 attempt to balance promoting creative endeavour and allowing reasonable access to copyright material online. The bill recognizes the impact of the Internet on copyright by introducing:
- a technology-neutral right of communication to the public;
- exceptions to copyright infringement for temporary reproductions made in the course of communication and browsing;
- criminal sanctions and civil remedies for attempts to circumvent technological copyright protection measures;
- criminal sanctions against tampering with electronic rights management information; and
- a limitation on the liability of carriers and carriage service providers.
The bill was subject to a parliamentary committee investigation. Parliament is now considering both the bill and the committee's report.
Trademarks and domain names
Business entities should protect and extend their intellectual property rights with respect to domain names. A domain name is a word alias for a computer's numerical address on the Internet. Domain names are a useful and logical independent system of identifiers in the Internet. Their sole purpose is to convey an intuitive relationship to the computer operator about the content of the site to which the domain name is attached. The sole purpose of a trademark is to allow a consumer to determine a trade connection of goods or services with the provider of those goods or services. It connects traders with their commodities.
However, domain names often operate in direct conflict with trademarks. There is a conflict when a domain name is the same as or similar to a trademark but the two are being used to identify two unrelated trading operations. This conflict usually arises from one or more factors:
- Trademarks are issued by a government authority in the jurisdiction where they operate. They are governed by legislation in that jurisdiction. Domain names can be, and are issued without any functional limitation (on a first-come, first-served basis) by a variety of private organizations around the world. Despite their international nature, if and when they are governed, it is by the law in that jurisdiction.
- Within one jurisdiction, a trademark can be registered or used by different entities in different areas of trade and commerce, provided they will not cause confusion about the origin of the product. Internet domain names can have indistinguishable identifiers and different top level domains (eg, disney.com and disney.org).
- Trademarks are limited by jurisdiction whereas domain names are not.
Bad-faith domain name registration or cybersquatting involves the registration of a domain name which intentionally infringes a trademark owner's rights. In August 1999, Justice Merkel in the Federal Court of Australia considered the first Australian case on cybersquatting. A consent order was issued which prevented cybersquatters from advertising, renting or selling domain names they had acquired in bad faith.
The courts jurisdictional ability to intervene in trademark/domain name disputes will ultimately depend upon:
- the nationality of the offending domain name owner;
- the domain name owner's connection with and assets in Australia; and
- the local laws of the country in which the domain name owner operates.
Whether or not a domain name is found to infringe an Australian registered trademark will largely depend on the nature of the domain name use and the nature of the trademark registration held by the complainant.
Australia's principle domain name registry, Melbourne IT, has issued a Domain Name Allocation Policy for the '.com.au' domain. The main provisions are:
- Only commercial entities registered and trading in Australia can be allocated a .com.au domain name.
- The domain name must be the applicant's complete or abbreviated registered commercial name.
- In the event that two applicants apply for the same domain with equal right to it, the registration will be issued on a first-come, first-served basis.
Recognition of Electronic Transactions
Most e-commerce transactions require the parties to enter into some contractual agreement. In Australia, there are no impediments to the formation of contracts on the Internet.
The Electronic Transactions Act 1999 (ETA) facilitates the use of electronic signatures by providing that a transaction is not invalid because it took place by means of one or more electronic communications. It does not validate transactions nor prescribe any particular form of signature technology. The ETA is national legislation and, prior to July 1 2001, will apply only to national laws specified in its regulations. After this date it will apply to all national laws, unless they are specifically excluded. No laws have been specified in its regulations. In order for this legislation to apply nationally, the states are required to enact complimentary legislation. This is expected to take place over the next 12 months.
Under the ETA, if a person's signature is required by law, that requirement will be satisfied if the electronic signature:
- identifies the person;
- indicates the person's approval of the information communicated; and
- is as reliable as is appropriate for the purposes for which the information is communicated, at the time the method is used.
Consumers' privacy has become paramount as internet technology facilitates the collection of information through e-commerce, 'cookies', and hardware identification programs. (A 'cookie' is a message sent to a browser by a server and stored as a text file. The file is called a 'cookie.txt'. The file is sent back to the server each time the browser requests a page from the server.) Numerous surveys have identified privacy fears as being a major impediment to growth in e-commerce.
In Australia, at the federal level, an individual's personal information is protected by the Privacy Act 1988. The act is focused on public sector collection and use of personal information, rather than on private sector dealings with customer information.
The government plans to extend the act to cover the private sector. The imminent Privacy Amendment (Private Sector) Bill will institute a 'light-touch' legislative regime to regulate private-sector consumer-data collation. The bill is based on the National Principles for the Fair Handling of Personal Information (the National Principles). These have their origins in the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data 1998.
Once implemented, the regulatory framework will create a default regime that will be invoked in the absence of appropriately-drafted industry codes. The bill is expected to be passed into law in 2001. Until then, adherence to the National Principles remains voluntary.
The Consumer Protection in Electronic Commerce Principles and Key Issues Report (the Consumer Protection Report) was compiled in 1998 by the National Advisory Council on Consumer Affairs. The Consumer Protection Report stated that e-commerce sellers should adhere to the National Principles. Benchmarks for businesses using personal information cover:
- storage;
- collection;
- use;
- disclosure;
- quality;
- security;
- access; and
- correction.
The standards are designed to ensure that:
- personal information is only collected if it is necessary to the organization's function;
- the purpose for collecting the information is made clear at the time of collection;
- personal information is only used or disclosed for the purpose for which it was collected; and
- individuals are able to access their personal information and ensure its accuracy.
The Consumer Protection Report specifically discussed the use of 'cookies' as a means for e-commerce vendors to collect personal information. It recommended that vendors should:
- clearly offer consumers the alternative of rejecting them;
- operate cookies on an opt-in basis where the technology allows; and
- not assume consumers have browsers which will notify them that they are about to receive a cookie.
The principles discussed in the Consumer Protection Report and elsewhere are currently being incorporated into Building Consumer Confidence in E-Commerce: A Best Practice Model for Business (Best Practice Model) being written by the federal Treasury.
The Best Practice Model is the latest strategy to improve consumer protection and to foster consumer confidence in online transactions. Once completed, relevant industry associations and individual businesses may adopt the model. The model incorporates the general principles outlined in the OECD Guidelines for Consumer Protection in the Context of Electronic Commerce.
The Internet Industry Association Code of Practice (see www.iia.net.au) provides useful benchmarks for best practice in information handling. It supports reputable web site operators by setting out a privacy policy for their web sites.
In October 1999, the Australian federal government released A Policy Framework for Consumer Protection in Electronic Commerce (the Policy Framework). It identified five key issues as essential to providing a safe and efficient online environment:
- information - the provision of adequate information to consumers;
- payment - establishing secure methods for paying online;
- redress - availability of effective and accessible redress in Australia and overseas;
- jurisdiction - international agreement on the appropriate jurisdiction for consumer contracts; and
- privacy - protection of personal information in the online environment.
The government has adopted a co-regulation policy, which includes both consumer protection principles and a voluntary code of practice. The Best Practice Model being prepared by the federal Treasury aims to provide guidance to businesses in a range of areas, including:
- provision of information to consumers;
- identification of businesses;
- good business conduct;
- security of payments;
- dispute resolution;
- privacy;
- advertising; and
- marketing.
In December 1999, the OECD Committee on Consumer Policy finalized the Guidelines for Consumer Protection in the Context of Electronic Commerce. The general guidelines protect consumers participating in e-commerce. They represent a recommendation to governments, businesses, consumers and their representatives as to the core characteristics of effective consumer protection for e-commerce. The Best Practice Model incorporates the guidelines' recommendations.
The Supreme Court of Western Australia in Rindos v Hardwick (31/03/1994 SCWA, unreported) held that material posted on the Internet was not immune to the law of defamation. Damages were awarded to the plaintiff. However, in relation to defamation, the distribution of material via the Internet creates difficulties regarding:
- establishing that the publication has been communicated to someone other than the plaintiff;
- enforcement and jurisdictional issues; and
- the position of web site hosts and internet service providers (ISPs).
Enforcement and jurisdictional issues
In Macquarie Bank Limited v Charles Joseph Berg (NSWSC 526 (June 2 1999)), the New South Wales Supreme Court found that material posted on a web site conveyed imputations defamatory to the plaintiffs. However, the plaintiffs were not entitled to an injunction to prevent the material from being posted. Justice Simpson stated that the nature of the Internet was such that an injunction would restrain the publication of the material anywhere in the world, including countries where it was lawful for it to be published. It was a technically impossible to confine the injunction to New South Wales and would have consequences reaching beyond the court's jurisdiction.
Web site hosts and ISPs
It has not been definitively established whether an ISP or a web-site owner is a publisher of defamatory material or merely an innocent disseminator of the material. An ISP, a web site owner, or a bulletin-board maintainer will often have the ability (but not the resources) to monitor all postings on that particular forum. The degree to which they can monitor and edit content plays a large role in assessing the extent to which they can be considered to be publishers of defamatory material.
Objectionable Material and Censorship
The Broadcasting Services Amendment (Online Services) Act 1999 regulates the content of internet services and creates a co-regulatory scheme for dealing with internet content.
The act establishes a complaints regime under which the Australian Broadcasting Authority (ABA) will investigate complaints from the public about prohibited content or potentially prohibited content. The ABA can then take further steps such as issuing a take-down notice (if the site is hosted from within Australia) or directing ISPs to block a particular site (if hosted overseas).
The act also requires the development of mandatory industry codes to deal with procedures which:
- ensure that online accounts are not provided to children without parental consent;
- give parents information to supervise access to internet content;
- inform producers of content about their legal responsibilities;
- tell customers about their rights to make complaints; and
- provide information on client-side filtering technologies and services.
Three internet content codes of practice developed by the Internet Industry Association (IIA) and registered by the ABA came into effect on January 1 2000. The codes are:
- ISP obligations in relation to internet access generally;
- ISP obligations in relation to access to content hosted outside Australia; and
- ICH obligations in relation to hosting of content within Australia.
The codes rely heavily on users implementing filtering technologies provided to them. This allows users to choose between censoring or not censoring the content they can receive.
A criticism leveled at the regime is that, considering filter software is not totally effective, legitimate sites will be blocked causing enormous potential damage to legitimate e-commerce operators.
Nation-based internet regulations are largely ineffective. The ABA-approved codes are a recognition by the government that content regulation of overseas material is futile.
E-commerce transactions are not exempt from Australian tax liability. However, it has been difficult to ensure that the appropriate tax is paid on transactions that create little or no audit trail and take place between parties whose physical address is seldom disclosed.
The Australian Tax Office (ATO) has a limited ability to locate parties to an e-commerce transaction through identification and tracing of an intellectual property number to a physical address through the ISP. However, dynamic intellectual property allocation, firewalls, gateways, tunneling and multi-user computers create difficulties in identifying the real party involved in the transaction.
The ATO intends to employ two methods to detect commercial Internet activity at (i) the packet level (by monitoring the use of protocols obvious from the packet header that are dedicated to Internet transaction) and (ii) the transaction level (audit trails will be created by electronic transaction software and Internet payment providers that the ATO can access).
The ATO faces two major jurisdictional problems: (i) establishing a sufficient connection between the transaction and Australia with which to ground a taxing right; and (ii) establishing adequate jurisdiction to access and examine an audit trail and then enforce Australian taxation requirements on the transaction. To overcome these jurisdictional issues, the ATO will have to work in cooperation with international tax agencies, including multi-lateral access to audit trails.
In December 1999, the ATO issued Tax and the Internet: Second Report. This contains an action plan with strategies to address a range of issues including:
- consulting on electronic commerce matters;
- monitoring electronic commerce developments;
- harnessing opportunities for improved taxpayer service;
- resolving jurisdictional challenges;
- identifying and resolving administrative challenges; and
- addressing consumption tax issues.
E-commerce transactions often transcend national and international borders. It can be difficult to ascertain which jurisdiction's laws apply to a particular online transaction or business. The implications of this can be profound: e-businesses may be subject to a myriad of laws, while consumers may not have legal redress. E-businesses may attempt to minimize their risk through (i) application of the localization rule which provides that the jurisdiction of the location of the server is the operative jurisdiction, or (ii) nomination of the law in their home jurisdiction as the operative law for the transaction in their terms of trade.
Most content is held by ISPs' servers in countless jurisdictions. This makes the localization rule redundant. Some mandatory laws will override a choice of law clause (eg, the Trade Practices Act). Regulators are increasingly becoming more aggressive in the assertion of their jurisdiction. The Australian securities regulator has stated that it will regulate web sites offering securities if those web sites are accessible from within the Australian jurisdiction, unless the site has an adequate jurisdictional disclaimer.
Without international support the Australian government is powerless to deal with jurisdictional issues. Australian courts have also not provided any guidance. In the case of Macquarie Bank Limited v Berg, Justice Simpson discussed the determination of matters regarding internet jurisdiction:
"The difficulties are obvious. An injunction to restrain defamation in NSW [New South Wales] is designed to ensure compliance with the laws of NSW […] Such an injunction is not designed to superimpose the law of NSW relating to defamation on every other state, territory and country of the world. Yet that would be the effect of an order restraining publication on the Internet. It is not to be assumed that the law of defamation in other countries is coextensive with that of NSW, and indeed, one knows that it is not. It may very well be that, according to the law of the Bahamas, Tazhakistan or Mongolia, the defendant has an unfettered right to publish the material. To make an order interfering with such a right would exceed the proper limits of the use of the injunctive power of this court."
This case highlights the jurisdictional difficulties of the Internet that cannot be resolved by any one country. They will remain a quandary until an international solution is found.
For further information on this topic please contact Chris Fogarty at Allen Allen & Helmsley by telephone (+61 2 9230 4000) or by fax (+61 2 9230 5333) or by e-mail ([email protected]).
The materials contained on this web site are for general information purposes only and are subject to the disclaimer.