Internet technology has had such a profound effect on the rapid growth and development of electronic commerce that "e-commerce," a phrase used to describe a wide range of commercial transactions conducted on or through the Internet including everything from retail and direct marketing, to the purchase of software and information services, is now part of our everyday vocabulary.
As commerce on the Internet has grown, the inevitable fall out from failed transactions and business relationships has resulted in a developing body of case law. In some cases, the legal issues that govern the analysis of the electronic commercial transaction are no different from those applied in a more traditional commercial setting. For example, a fraudulent scheme perpetrated through print media is still the same fraudulent scheme when perpetrated on a web-site. Indeed, in the area of consumer fraud, the emerging issues in e-commerce are less related to substantive legal principles, than they are to procedural issues, such as the courts' jurisdiction over out-of-state defendants and discovering and stopping fraud from taking place online.
In other areas, however, the law has had to adapt to take into account the different realities of electronic vs. more traditional commerce. For example, contracts that are negotiated and ultimately entered into entirely over the Internet present the courts with new issues relating to the formation of contracts, the validity of assent, and the authentication of "electronic signatures." These issues have received particular attention in the area of "shrinkwrap" and "clickwrap" licenses - short-hand forms for contracts that govern the terms and conditions of a party's use of information or services provided over the Internet.
Recognizing that failed e-commerce transactions will inevitably produce issues that have no counterpart in existing law governing the sale of "goods," and that there is a need for uniformity and consensus in these types of transactions, a new Article to the Uniform Commercial Code, Article 2B, was drafted and extensively debated. As drafted, Article 2B would have governed all transactions involving licensing information. In April, 1999, after two years of debate, Article 2B was declared dead, the victim of its own broad scope and prospective application not only to software licensing but also licensing of information in other industries such as music, movies, publishing and the arts. A more limited new proposed uniform set of rules has emerged in the form of the Uniform Computer Information Transactions Act(UCITA). Debate on those rules will continue in 1999.
Contracts formed by parties transacting business over the Internet are presently governed by the common law of contracts and Article 2 of the Uniform Commercial Code (UCC), a compilation of rules concerning contract formation and enforcement that has been adopted as legislation by every state. [As discussed elsewhere, Article 2 was drafted well before the advent of the Internet and commercial transactions involving "information," rather than traditional goods. Article 2B was intended to specifically address issues that arise in electronic commerce and, in particular, the licensing of information.] It is anticipated that the UCITA will take up where proposed Article 2B left off. While some issues raised by contracts formed on the Internet can be adequately dealt with under traditional contract principles, these contracts also present new and sometimes difficult issues relating to the formation of the contract, the adequacy of a party's consent to the terms, and the authenticity and validity of electronic or digital signatures. See Greenwood, Electronic Signatures and Records: Legal, Policy and Technical Considerations.
One contract issue that has received a good deal of attention by commentators, including the drafters of Article 2B, if not by the courts, and highlights the unique issues of contract formation and assent in transactions involving the Internet and the sale of "information," is the enforceability of "clickwrap" and "shrinkwrap" agreements.
Shrinkwrap agreements are the terms and conditions of use that accompany software distributed in physical form. Typically, the terms and conditions of use are printed on the outside of the software box or envelope and usually provide that by opening the packaging, or using the software, the purchaser agrees to be bound by the terms and conditions of the license. While such licenses raise issues regarding the buyer's ability to negotiate the terms of the contract, terms and conditions which do not appear on the outside of the packaging but instead are inside the box or appear when the software is loaded, after the purchaser has paid for the product, create even more difficult issues concerning the formation of the contract and the validity of a users "assent" to terms included by the seller. In analyzing the enforceability of these post-payment shrinkwrap license agreements, the principal question has been: When is the contract formed? Is it formed when the purchaser pays the asking price, before the terms of the license are disclosed, or at a later date when the purchaser accepts or rejects the license agreement?
The Internet variant of "shrinkwrap" licenses are "clickwrap" licenses
which are standard-form contracts entered into online; for example, Terms
of Service posted on a web site, under which the purchaser signifies his
assent to the terms simply by clicking on a box marked "I Agree." Like
shrinkwrap licenses, the terms are non-negotiable. Unlike post-payment
shrinkwrap licenses, however, the purchaser's consent to the posted terms
is usually obtained before the exchange of funds. Issues concerning the
nature of the purchaser's true understanding of the terms and the risk
of terms which are unduly oppressive or unconscionable are raised by such
licenses. While the courts have not explicitly upheld the enforceability
of clickwrap licenses, in at least one recent decision, the U.S. District
Court for the Northern District of California implicitly ruled that such
an agreement was enforceable. Hotmail Corporation v. Van$ Money Pie Inc.,
47 U.S.P.Q. 2d 1020, 1998 WL 388389 (April 1998, N.D.Cal.). It remains
to be seen whether other courts will similarly find these types of
While the enforceability of both shrinkwrap and clickwrap agreements are presently being analyzed under general contract principles Article2 of the UCC, it is important to note that the enforceability of these agreements had been addressed in proposed Article 2B. While Article 2B may be dead, it should be noted that, as drafted, proposed § 2-208 would have limit the use of post-payment shrinkwrap licenses such a those in ProCD, Hill and Brower by providing that where a party does not have an opportunity to review the terms of a license before paying for the information, that user is entitled to a full refund, reimbursement of reasonable expenses incurred in obtaining a refund and compensation for "any foreseeable loss caused by the installation" of the information. It is likely that the UCITA will also specifically address the use and form of post-payment shrinkwrap licenses. Because the issue in clickwrap agreements is principally one of the validity of consent, the enforceability of those agreements is less in doubt. Article 2B also addressed this issue in §§ 2B-207 and 208, both of which required that a party "manifest assent" to terms of a record, including a standard form, or a mass-market license, and in § 2B-111 which discusses the manner in which a party's "assent" is signified. While Article 2B will not be adopted, it is likely to influence both the drafting and enactment of the UCITA and the outcome of future litigation concerning the validity and scope of these agreements.
Consumer Fraud Contracts
Consumer fraud on the Internet is a natural outgrowth of the recent explosion in the use of the Internet to conduct consumer transactions and the number of people on-line. To date, prosecutions for consumer fraud, including claims for false advertising, unfair and deceptive trade practices, and investment fraud, have largely been initiated by governmental agencies, including, but not limited to, the Federal Trade Commission ("FTC"), the Securities and Exchange Commission ("SEC"), and the state Attorneys General.
Under Section 5 of the FTC Act, the FTC has authority to fight cyberfraud by bringing civil actions in federal district court for unfair or deceptive acts or practices involving the Internet. The FTC's enforcement actions have involved both "traditional" fraudulent conduct in which the Internet has been used to peddle fraudulent investments, pyramid and fund-raising schemes and the sale of "miracle" health products and other consumer goods, as well as new types of fraud which involve the deceptive use of technology itself. The FTC often joins with state Attorneys General and other governmental groups to detect and target fraudulent activities and to bring enforcement actions. There are few reported decisions resulting from the FTC's prosecution of fraud, as the vast majority of these actions have either been resolved without trial or are currently pending. A summary of the FTC's efforts to combat consumer fraud and recent FTC enforcement actions is available on the FTC's web site.
The SEC has taken an active role in policing the Internet for online securities fraud through its Office of Internet Enforcement and in enforcing the securities laws through litigation in the federal courts or in administrative proceedings. For instance, in October of 1998, the SEC filed 23 enforcement actions against 44 individuals and companies across the nation for fraud involving the illegal touting or promotion of stocks online. The SEC alleged that through spam, message board postings, online investment newsletters and web-sites, the defendants fraudulently promoted stocks of various companies by purporting to give unbiased and independent recommendations while either lying about the profiled companies, lying about the author's ownership of the stocks being promoted and lack of independence from the companies, and/or failing to adequately disclose that the promoter of the stocks was, in fact, receiving compensation from the profiled companies. A similar "sweep" took place in February, 1999. Then in May, 1999, the SEC announced its third Internet fraud sweep, bringing fourteen enforcement actions against 26 companies and individuals for using the Interent to defraud investors. Each of these enforcement actions shared two themes: they involved the sale or marketing of securities on the Internet and contained baseless promises to investors of promised returns.
State and Private Actions
Invoking the states' consumer protection statutes which, like the FTC Act prohibit unfair and deceptive trade practices, state Attorneys General have undertaken similar enforcement actions, both seeking out and prosecuting fraud on the Internet. E.g. People v. Lipsitz, 663 N.Y.S.2d 468 (N.Y. Sup. Ct. June 23, 1997)("a consumer fraud action by a State's Attorney General against a local offending business is an excellent weapon in the soon-to-be-expected war on Internet fraud."). Claims by private individuals alleging consumer fraud in the sale of goods over the Internet are also on the rise. E.g. Brower v. Gateway 2000, Inc., 676 N.Y.S.2d 569 (Supreme Ct. App. Div. [Aug.] 1998) (claim of unfair and deceptive trade practices, as well as breach of warranty and breach of contract, arising from over-the-phone sale of computer equipment.)
As can be expected, because these transactions often involve defendants who are physically located outside the borders of the particular state in which suit is brought, the defendants' first line of defense is often a motion to dismiss for lack of personal jurisdiction. As these initial procedural questions become resolved by the courts, we will see a greater number of reported decisions discussing the underlying issues of fraud and deception on the Internet. The interesting areas to watch will be the creativity of the government's use of consumer protection statutes to combat fraud and the creativity of unscrupulous businesses in using this evolving technology to perpetrate fraud.