Towards Effective Internet Governance Risaburo NEZU Director Science, Technology and Industry OECD APEC e- commerce convention May 15, 2000 Tokyo Japan
ISSUES 1. Tax 2. Tariffs 3. Privacy protection 4. Security ( authentication, electronic/digital signature, encryption) 5. Infrastructure and access 6. Intellectual property rights 7. Content 8. Consumer protection 9. Competition policy
OECD Approaches Guideline on information security ( 1992) Guideline on cryptography ( 1997 ) Guideline on consumer protection (1999) Guideline on Trans-Border Data Flow (1980)
Privacy -- Still a Serious Problem - Privacy is a part of fundamental human right - Privacy must be protected both on line and off line Many national legislation ( more than 30 ) EU directives ( 1995/1998) Bilateral negotiations Private business initiatives OECD guideline (1980) Privacy enhancing technologies ( PETs) privacy statement generator But, users remain concerned
Privacy (2) 1. Only 5 % of consumers visiting a Web site actually make purchase. The primary reason for this discrepancy is consumers concern about privacy security ( Mozelle Thompson, USFTC February/March 1999) 2. 94 % of US consumers and 78 % of UK consumers are concerned about possible misuse of their personal information ( IBM/Harris privacy study)
OECD Privacy statement generator Draft Privacy Statement.doc
Security--E-signature 1. Same legal effect for e-signature with traditional signature Many OECD countries are moving toward legislation 2. Cross border recognition --- need for interoperability (form requirements) 3. Ensuring security -- OECD security guidelines (1992) 4. Cryptography technology is key ( hacker, user trust, public key management, lawful access ) -- OECD cryptography guidelines (1997)
Consumer protections -OECD guidelines for consumer protection (1999) is meant to serve as a basis for effective protection of consumers on online transactions. - This can be used as reference for developing domestic legislation or industry code of conducts
What is in the OECD consumer guideline 1. Transparent and effective protection that is not less than in other forms of commerce 2. Fair business, advertising and marketing practices 3. On line disclosures a) information about business ( identification of business, location, contact persons, communication with consumers, dispute resolutions, legal process ) b) information about goods and services c) information about transaction ( terms, conditions, cost associated with transactions, information about use and after sales service, safety/ health warnings)
OECD consumer guideline ( 2 ) 4. Confirmation process ( right to cancel ) 5. Payment 6. Dispute resolution a) applicable law and jurisdiction b) alternative dispute resolution and redress 7. Privacy 8. Education and awareness 9. Implementation
Approach for implementation A. Government Regulations 1. Privacy and consumer protection are essential policies of the OECD countries and legislation have been in place. 2. Such legislation should be applicable in principle, but implementation may require special approaches due to special nature of on line business. 3. Approach is not identical among OECD countries
Approaches are different 1. Most European countries have legislation on privacy to deal with both public and private sectors, while; 2. many APEC countries have legislation only with respect to public sector. 3. But some are moving towards having legislation on private sector as well. 4. In some countries, specific fields (medical information, child privacy) are protected under law.
B. Self regulations (1) In many countries, business sector is taking initiatives to develop a variety of self regulation schemes / code of conducts 1. Initiatives -- sectoral industry association ( ISPs, IT companies) -- horizontal industry associations ( online advertisers) -- national industry association -- global
2. Coverage -- specializing in some particular issues ( privacy, online advertisement, contents -- broad consumer/user trust -- electronic mediation and dispute settlements --digital/electronic signature, authentication --smart card guideline
3. enforcement mechanism --voluntary without sanction -- voluntary with contractual responsibility --association sanction -- voluntary but referenced by law --government oversight to ensure voluntary agreement is observed 4. trust mark/seal is often used as sign of certain commitment
Trustmarks
5. Dispute resolution -- need a dispute resolution an alternative to court, that can handle small, low value transactions. ( ADR ) To be speedy and cheap, this should be online ADR mechanism How will it work?---hague conference in November
Questions to be asked 1. User/consumers trust is yet to be achieved 2. Already there are many different initiatives, sectoral, national, international and global. They are still young and limited in their track record. Effectiveness is yet to be confirmed. 3. Too many disparate initiatives may cause confusion to the users. There may be some need for certain level of conformity. ( global trust mark? ) 4. Enforcement including dispute resolution is key. Cooperation with the government is essential. 5. OECD will continue to follow effectiveness of these approaches and may make suggestions if necessary.