This article by Stuart L. Adams, Jr. appeared in the
Louisville Computer News
by Stuart Adams
Last month I gave you some links to allow you to look up legislation that might be important to you. I also gave you some links to a variety of other sites to allow you to monitor various other aspects of the legislative process. If you used any of those links you may have discovered quite a few pieces of legislation that impact how you do business on the Internet. From taxation and privacy to pornography, e-commerce and the Internet are areas receiving some of the heaviest legislative efforts.
This month, Im going to outline some of the many pieces of legislation already on the books, or about to be, which impacts how you do business on the Internet. This is not intended to be an exhaustive look at this legislation, since space allows only the briefest description of what some of this legislation does to you or for you.
I have already written on the impending role of the Uniform Computer Information Transactions Act (UCITA), so I wont dwell on it again here. Suffice it to say, this "model" law developed by the National Conference of Commissioners on State Laws, will be on a state by state road show over the next couple of years, as it is considered for passage by the various states. It has been introduced in a handful of states and was just signed by the Governor of Virginia.
UCITA covers contracts which deal with software licenses, distribution of information over the Internet, online databases, contracts for development of computer applications and similar matters. Even though you may not be directly involved in any of these things, you certainly will be impacted by this model legislation. It is likely to spread fairly rapidly throughout the country and possibly to have a counterpart, or two, at the federal level.
Like most legislation, this piece has those who support it and those who oppose it. Last weekend, I attended the Second Annual Computer Law and Technology Institute and the University of Kentucky. One of the presenters was Carlyle Ring, Chair of the UCITA drafting Committee. His talk and materials pointed out how UCITA should help to build jobs. This is partially because UCITA is designed for the "digital era," laying down clear rules for electronic contracting, rather than having to rely upon the hodge podge of state and federal laws which typically were drafted for the horse and buggy era. It pointed out the provisions of the act, which include electronic contract authentication, regulation of warranty modification, transfer of licenses, etc. Since the act is being pushed by some software industry giants, it must be a good thing, right?
Why then has there been a regular column in InfoWorld criticizing the act nearly line by line, as well as comparable articles in many other computer magazines? The March issue of one publication, for instance, talks about software professionals actually finding themselves motivated to flee a state that had passed UCITA. As they say: "You be the judge."
The Uniform Electronic Transactions Act (UETA) was designed to support the use of electronic commerce by establishing the legal electronic equivalent of paper records and signatures signed with ink. The act has already been adopted in California and Pennsylvania and has been introduced for adoption in nearly twenty other states, including Kentucky and Indiana.
A number of states have already dealt with digital signatures, but UETA is the first national effort to enact uniform legislation in this area. One of the most important provisions of the act is its rule that a record or signature cant be denied legal effect because it is in electronic form. The other major principal is that a contract may not be denied enforceability because an electronic record was used in its formation. Another important provision of the act is that, generally, the parties to a contract must agree that UETA applies to the contract. Most of the rules of UETA can be waived or altered by the parties, but in the event other rules dont apply, UETAs rules will govern by default.
The Electronic Communications Privacy Act (ECPA) among other things, requires notice if the electronic mail and other communications systems do not provide the same level of privacy as is afforded by regular mail when delivered by the US Postal Service. Such US law have apparently not impressed Europe, since the European Union included the United States in the category of countries with whom Europeans should be careful in communicating, because of our fractured and disorganized laws on privacy.
The Childrens Online Privacy Act (COPPA) regulates Web sites that market to children under age 13 or which knowingly collect personal information from children that age or younger. Operators of such sites must provide notice of their information gathering practices to parents; must obtain prior parental consent for collection or disclosure of childrens personal information, and the consent must be verifiable. Additionally, operators must allow parents to review, upon request, any information gathered about or from their children; allow a parent to put a stop to future gathering or dissemination of information on their child; limit information gathered about a child from his activity at a Web site, such as to play a game or enter a contest, to only such information as is reasonably necessary in conjunction with the activity; and establish procedures to protect the confidentiality of the data collected.
Congress passed the Lanham Act years ago, which governs trademarks and service marks at the federal level. Recently, it added new weapons to fight infringement on such marks by passing the Anti-Cybersquatting Consumer Protection Act (ACPA). This law became effective as of November, 1999 but is largely retroactive in effect. It creates a new section of the Lanham Act to prohibit one from, "with bad faith intent" registering a domain name that (a) is identical or confusingly similar to a distinctive mark; (b) is identical or confusingly similar to a famous mark; or (c) is confusingly similar to the name of a living person, without that persons consent; (d) infringes on trademarks, etc.
The ACPA is an expansion of the federal remedies available to the owner of a trademark or service mark, and can result in forfeiture of the improperly registered domain name and damages ranging from $1,000 to $100,000 per domain name. Additionally, domain name registrars can be subject to penalties for bad faith or reckless disregard of the rights of the owner of a trademark.
Even health care is getting further regulation in its rush to get online. The Health Insurance Portability and Accountability Act (HIPAA), which was passed in 1996, is just now being implemented by Department of Health and Human Services. It requires that patient records which are in electronic form be standardized so that they can be exchanged more easily between institutions. It further requires that patients be allowed access to these records while obligating those institutions to take steps to protect the privacy of their patients.
When discussing health care, can insurance be far behind? Late last year the Financial Services Modernization Act (FSMA) was passed. It provides for a uniform licensing system for agents and brokers, if a majority of the states dont enact either uniform or reciprocal licensing laws within 3 years. In the meantime, agents and brokers who have a Web site but are not licensed in all fifty states, might be well advised to post a disclaimer on their site indicating they solicit only in those states where they are licensed.
Digital Millennium Copyright Act
This Act, which was passed in 1998, contains a number of provisions, but perhaps one of the most significant, taking effect two years after passage, prohibits circumvention of technological measures that effectively control access to protected works. Circumvention includes decrypting an encoded work or otherwise avoiding, bypassing, removing, deactivating or impairing the technological measure without authority of the copyright owner. The Act also prohibits manufacture, importation, or offering to the public or trafficking in any technology, product, service, device or component primarily designed to circumvent technological protection.
Federal Trademark Dilution Act
The House Judiciary Committee gave this example of actionable dilution: "The use of DuPont shoes, Buick aspirin, and Kodak pianos." This act was an amendment to the existing trademark laws and prohibits willful use of another persons famous mark with an intent to trade on the owners reputation. Dilution is defined as the lessening of the capacity of a famous mark to identify and distinguish goods or services. The Act excludes some forms of noncommercial use of anothers famous mark, but provides a federal remedy for deception. This is pointed squarely at Web sites which "dot com" the name of a famous person in an attempt to gain "clickthrough" traffic.
Economic Espionage Act
The Act basically makes two types of conduct criminal. One is economic espionage, as the title says, and the other is theft of trade secrets. This Act arose largely from testimony by the director of the FBI that cases of foreign espionage were hard to prosecute, since stolen property statutes were often narrowly construed by courts to exclude intellectual property. In an effort to assist in preventing trade secrets from being stolen and spirited abroad, this legislation was signed into law by President Clinton.
The Federal Freedom of Information Act (FOIA) was amended in 1996 to provide clarification that it includes information in electronic formats. It also requires federal agencies to supply information in electronic formats if requested and requires agencies to make reasonable efforts to search for records in electronic forms. Additionally, it requires electronic publishing of frequently requested records.
Legislation from State to International
This article has obviously focused on federal legislation. If you think the alphabet soup itemized above is bad, try those state links I gave you last month. Fifty states can be a lot more prolific at generating legislation than even the federal government can be.
Dont forget the rest of the world either. Knowing that your Web site may be as easily viewed in China (despite its efforts to control Web use within its borders) as it can around the corner, you might think about being both more cosmopolitan and more cautious. Think about laws, such as those in Canada, that require contract language to be in French. Watch out for international equivalents of our uniform laws groups, such as the World International Property Organization (WIPO) www.wipo.org which issued a 112 page report proposing increased protection of famous marks and suggesting a uniform procedure for resolving domain name disputes when they allegedly infringe on trademarks.
So youre confused by all those acronyms. So you want to stick your head back in the sand and ignore all that impending legislation. After all, who is going to do something to you as you surf the net, just because everybody seems to either be passing or working on legislation. Well, if you needed any more convincing that you should watch out for all these new laws as well as administrative agency efforts to find new ways to apply old laws to e-commerce, then let me just say one word. TAXATION!