No. 043 - Febrero del 2002

New paradigms in Cyberlaw: U-biz

Por James Graham,

For some years, I have been defending the concept of “Technology & Law”, covering the reality that today in the frame of the new economy both terms cannot be longer dissociated. In other words, it is not anymore possible to render legal opinions without considering the technological implications. For example, the legal definition of a “secure” virtual signature is not sufficient if there is no knowledge what technically a secure virtual signature means. In the same way, it is not possible to construct technically an e-commerce site without taking into account legal implications.

Although, some legal-consulting firms try to apply such a method, they do think that one and one makes two, meaning that there are two services added to each other. First, there is the technological construction, and then, in a second stage, there is the legal audit in order to verify that the construction corresponds to the legal requirements. Such a view is wrong: one plus one ought to make one! There should not be an addition of services, but a fusion, as my computing experience in networks environments learned me.

A concrete example may explain my view. Very few contractual clauses must be separately signed for example in Luxemburgish law, whereas in Italian law such clauses are frequent. Let’s suppose now that a Luxemburgish firm wants an e-commerce plate-form targeting for the moment only the national market.  The computer-engineering department will technically build up the site in HTML; the legal department checks if there is no clause in the general conditions that must be firmed separately. And that’s it. After some months, the firm decides to target the Italian market where many clauses in its general terms must be signed separately. But this is technically impossible under HTML. The firm has to redraft a new business plan and adapt its terms to the new situation. However, the “Technology & Law” concept would have had as result, that during the construction of the site, the legal advisor would have drawn attention to this problem and would have recommended the use of XML, which allows in the same pages a signature in each encoded target, resolving thus the problem. The result would have been a site adapted as well to the Luxemburgish market and its law as to the Italian market and its legal system.

U-commerce involves a new paradigm of legal services - which still are generally based on advices and pleadings -, leading to the American well-known concept of “legal engineering” – or, as I would say “technological-legal engineering”. Such a working method would certainly lead to a better service, reducing considerably the litigation risk. Even the best legal advisor cannot provide valuable services without any technological know-how, as the legal problems in the field of u-commerce often derive from technological aspects, and the latter often resolve the legal problems. And so it will be in the frame of U-business

II – U-business

E-commerce just emerged when m-commerce already challenged it[1]. Mobile commerce is the natural continuation of e-commerce, involving Pocket Personal Computers, HandHeld Devices and cell phones. Nonetheless, m-commerce is just the next step toward something more encompassing. Following Ferguson and Pike, both consulters at Accenture, what we see is the dawn of “u-commerce”:

-         U like Ubiquitous: taking place everywhere, anytime;

-         U like Untethered: not constrained by lines and hard wires of traditional computing and telephony;

-         U like Unbounded: no longer limited to the traditional definition of e-commerce[2].

-         I also do consider a forth category: Un-personafication: robots, artificial intelligence, genetic programming, viral life systems – new non-human actors determining the seller/vendor’s behavior.

Moving into u-commerce is not a replacement of e- or m-commerce, but an extension of it. “And it will be mandatory, not optional”[3]. It will involve televisions, video games and automobile consoles, giving thus “t-commerce”, “v-commerce” and “a-commerce”[4].

            The starting point of u-business will be the introduction of IPv6[5] allowing a 128 bit name addressing, giving thus the possibility to assign to any connected device a permanent IP address. Tomorrow, empty fridges will automatically send orders to food providers, without any human intervention. A car, at the moment of crossing the American-Mexican border will sense mechanical problems and schedule maintenance. However, where the contract has been concluded?; in the United States or in Mexico? U-commerce will explode any territorial localization. Until now, the Internet-user logged into Cyberspace from a fixed point: his computer, located in a physical place. The first breach into this state of art was already the use of notebooks combined with cell phones. Today, the generalization of PPC and pagers are accentuating the delocalization of the entry point of Cyberspace. As it was underlined in the now famous obiter dictum in the    Digital Equipment v. Altavista case[1]: “The Internet has no territorial boundaries. To paraphrase Gertrude Stein, as far as the Internet is concerned, not only is there perhaps “no there there”, the “there” is everywhere where there is Internet access”[6]. In the same way, the peer-to-peer revolution destroyed definitively the myth of the so-pretended possibility of localizing territorially servers. If in the Napster case, the meta server could be localized through its owner, an American firm, such a thing is no longer possible with Gnutella for example, as there is no meta server and consequently no owner of a meta server. A Web site will be no longer hosted on a single server, but each element of a single page, and each page, will be hosted on different servers all around the world.

In the same time, we will also assist at a de-personification. It is not sufficient that a fridge has its own permanent IP address; it must also to be know to whom the fridge belongs. Identification will be one of the main issues. If for person–to–person business, certification can assure an identification function, it is not certain that it can be that reliable in regard to objects. That’s why unambiguous permanent identification schemes are required. One of the most important initiatives in this area is doubtless the one of EDIRA – the EDI/EC Registration Authorities Association – providing an unique and permanent electronical identifier, compliant with ISO norms, X509 certificates and some XML syntaxes.

Although, a-localization and de-personification are not turns that are a mutation by nature, but an evolution by degree, it will nevertheless implicate radical changes in legal thinking.

Darwinian selection by genetic programming will put into interrogation any copyright legislation. Is there any copyright infringement if two patented programs are reverse-engineering themselves to give birth to a third new program? Biological informatics where neural networks are interfaced with chips[7] will definitively shake every now known legal concept. Bots already do arise a certain number of questions in regard to traditional mechanism of representation; Artificial Intelligence will explode the legal frame. Acting on their own, they may be ordered like a representative-physical or natural person. However, misconduct of a physical or natural person leads to liability; A.I. cannot be liable as not owing any patrimonial values. If today a designer of a virus may be held liable, so will not be the case, once there is a mutation into an autonomous viral life-system that will spread through the nets. Who will support the costs? A global danger does it not call for a global answer? For a global space being a new international space?

III – Internet: A New International Space

I will not undertake here the whole demonstration why Internet is an international space[8]. I would just like to mention one main argument. If delimitation of spaces are undertaken by municipal law, their opposability relies on the sole jus gentium. Two kinds of spaces may be identified. First, we have the “space-thing”, where space is treated like a possession above which States have certain rights and assume a number of obligations. So it is for physical territories, where States for example exercise their jurisdiction over residents because they do stay on the State’s dominium. The latter is the source of the power. But there are also spaces, which are not physically apprehendable – the “space-area”. For instance, the legal space of a country is much more an area than the mere dominium of its territory: a State may pursue a national for having committed a crime abroad. Its jurisdiction is not based on a territorial link, but on an abstract link constituted by nationality. In other words, jurisdiction is not de jure dominii, but de jure imperii.

This distinction is the key for States’ jurisdiction in Cyberspace. The source of power cannot be any longer the national territory in its primary sense. The model to follow is the one of the Holy Sea. Canonical law does not apply because an infringement has been committed on the territory of the Vatican, but because the infringement has been committed by or against a person belonging to the Catholic Church. In the same manner, a cybercrime is not committed on a national territory, as the first judges wrongly ruled in the German Somm case[9], but by or against a national one. The crime itself is localized in an international space. It seems to me, however, that passive territorialism can go hand in hand with the international status of the Internet. At least, under the main condition that the virtual act can really be physically and permanently localized on a territory. A contract concluded in the Internet regarding the sell of a house situated in New York, can be located in the United States. A contract concluded in the Internet regarding the sell of a digital photography stored on a server situated in New-York, cannot be permanently localized in the United States, as the server can be moved at any moment; the picture can be stored on an other server somewhere around the world; etc.

More broadly, the internationalization of Cyberspace also has as consequence that no State can proclaim any sovereignty over it. Like the Ether, Cyberspace does not belong to one; it does belong to no one because it belongs to every one. Only the global community of Internet-users can reign over it. As I have already stressed it out, this does not mean that States may not rule in respect of virtual activities. They may continue with their legislative work, but based on the imperium and not based on their dominium, at least not on the principle of active territorialism. 

According the status of an international space is nothing revolutionary. We already have the example of the High Sea, ruled by the 1982 Montego Bay Convention, delimiting the espacium clausum of territorial seas under States’ sovereignty and the espacium liberum of the High Sea. Unfortunately, since Grotius’ appeal, 400 years had to pass before international Community consented to confirm formally the international character of the High Sea and its principle of freedom. Do we have to wait that long for the Internet as well? I do not hope so. Freedom of Cyberspace does not mean a lawless place open to renegades. On the contrary, freedom generates in a natural way responsibility.

The Internationality of the Internet will ensure a social-regulated space to the net-users – Johnson’s Netizenship[10]. It will contribute to an equal use for all countries, whatever their origin and their economical-technological development. 200 years after the Far West and some 400 years after the Conquista, humanity has once again the opportunity to populate a new space. It is maybe one of our last opportunities to do so – as Mars and other planets will be out of reach probably for many centuries. Let us do not repeat the mistakes of the past; let us seize the chance of construing something better. Let us have trust in the human being. Sure, there is a real need for regulation; no one does contest it. But are States so un-imaginative that the only model they may envisage is a pale copy of the territorialism principle, totally un-adapted to an un-territorial space? Maybe governments are, but I’m convinced that the netizens are not.

That’s why I would like to make an appeal to my colleagues and to my audience. Let us draft a resolution; let us invite governments and the international Community of States under the auspices of the United Nations to take into consideration the real nature of the Internet and its population. U-business is the first opportunity in mankind to open international commerce and its benefits to all countries and to all size of companies. The Internationality of the Internet would insure its equal, benefit full development, without any discrimination. As I said before, Cyberspace does not belong to one; it does belong to no one, because it belongs to every one! So I do think, so do I dream, and if the internationalization of this virtual space is not for me and my generation, so at least for our children and their future. Might this virtual dream become real!

Thank you.