About ILPFTo Join ILPFWorking Groups and PublicationsMember ResourcesEventsHome



  Upcoming Events
  Archived Events


Joint Keidanren-ILPF Workshop on Electronic Signatures and Authentication

November 19, 1999
Tokyo, Japan

Summary

  1. Welcome and Introductory Remarks
  2. Seiichi Shimada, Senior Executive Managing Director and Chief Information Officer, Mitsui & Co., Chairman, Information Industry Group, Keidanren

    Keidanren regards e-commerce as an important vehicle for promoting structural changes and as a promising source of new opportunities. In July 1999, Keidanren compiled proposals and recommendations for the promotion of e-commerce, which were distributed to workshop participants. In trying to develop an environment for e-commerce, Keidanren has worked on proposals and received comments from those concerned.

    Electronic signatures and electronic authentication have drawn attention as a means to confirm identity of users of the communications network. To enhance the future of e-commerce, digital signatures need to have the same effect as both handwritten signatures and the signature seals, which are common in Japan. We need a system that is technologically neutral to facilitate low-cost and convenient electronic authentication, flexible enough to permit use with a wide variety of technologies and by many businesses, and also that is open to alternatives. Access should not be restricted.

    It is symbolic that this forum is held today because today, in Japan, draft electronic authentication legislation, promoted under the auspices of the Ministries of Justice, International Trade and Industry, and Posts and Telecommunications, was announced for public comment.

    With this background, ILPF has been active with respect to legal and policy aspects, and Keidanren is fortunate to be able to jointly sponsor this event with them. We are fortunate to have so many eminent experts from Japan, the United States and Europe, from the public and private sectors, and many who have traveled a great distance to participate. Several people who could not attend will be able to participate by video and telephone. ILPF’s activities are very well known and I give my best wishes for its future success.

     

  3. Current Legislative Trends and Government Involvement
  4. T. Ishida, Senior Chief Researcher, Mitsubishi Electric Corp., Moderator

    Mr. Ishida introduced the panelists throughout the afternoon.

    Ryozo Hayashi, Director-General for Machinery and Information Industry Policy, Japan Ministry of International Trade and Industry ("MITI")

    Today, the Ministry of Posts and Telecommunications ("MPT"), the Ministry of Justice, and MITI have unveiled proposed legislation on electronic signatures for public comment. The proposal contemplates that electronic signatures will be used for e-commerce on the Internet. Electronic representation of the intent of parties to a transaction through electronic media must be given legal effect. In the case of paper contracts, a seal or written signature is required. No matter what the legal system, some benchmark is used to measure the validity of the signature or seal. Certain systems are prone to repudiation or falsification. An information system must confirm authenticity and validity of content. In Japan seals are generally used, but are not required to make a contract valid. The seal only gives a factual presumption of validity. In practice, however, seals are used routinely for paper contracts, and, thus, the stability of transactions is secured.

    In the United States, Europe, and other Asian countries, efforts have already been underway to create a legal framework for electronic signatures. It is against this backdrop that the work in Japan has developed. There are three concerns involved in the authentication of electronic transactions. First, in Japan, seals, which give presumptive validity to contracts, are used. While, unlike in other systems where the documentation is a requirement for the validity of a contract, in Japan it is the mere intention of the parties that makes a contract valid. Thus, there is no special need for legal recognition of electronic signatures. However, to give assurance to the Japanese people and to lend credibility to electronic contracts, the presumptive effect given to seals should also be given to electronic signatures. Second, because the Internet lends itself to global transactions, there should be common features (but not necessarily identical ones) among individual legal systems to facilitate mutual recognition. Japan should study foreign systems to make its system compatible. Third, in terms of further development, restrictions should be kept to a minimum to facilitate the development of technologies and systems by the private sector. In Japan, private certification authorities have been active in the authentication of electronic transactions. In some other systems, the state takes an active role in the accreditation process. The Japanese government believes that there is an appropriate role for government, however, we must think about the expansion of user choice and broadening the possibility of technological advancement. Thus, private certification bodies must be left with the choice of whether the state will provide accreditation. Under the principles of the Japanese Civil Procedure Code if a court determines that while accreditation has not been given, the transaction has not been repudiated, and the parties have expressed their agreement, then the contract will be deemed valid. This is similar to the treatment given faxes and other messages. Within the Japanese legal structure, the above-described system can take into account the development of technology and increased demand in this area.

    Kanichiro Aritomi, Director-General for Telecommunications Business Telecommunications Bureau, Japan Ministry of Posts and Telecommunications ("MPT")

    MPT also thinks that electronic authentication is positioned as a sort of infrastructure for electronic commerce on the Internet. From the telecommunications authority perspective, the Internet poses the following challenges: expense, delay, and risk. As for expense, MPT is making efforts to realize low and flat-rate systems for Internet use. The development of high-speed routers and low-rate services has been encouraged. What is important is to ensure security, the main topic of today’s workshop. Because the Internet has an inherent open quality, security is of special concern. To provide secure and stable electronic activity on the Internet, the identity of the parties and integrity of the contents of the transactions must be ensured. Already, private authentication bodies are utilizing encryption and other authentication systems, however, no legal system has yet been established. The Ministry of Justice has considered the legal implications under the Civil Procedure Code and has decided on a direction to take. Internationally, many countries have already instituted legislation governing electronic signatures and authentication, and personally, Mr. Aritomi felt that Japan was only lagging slightly behind other countries. The Japanese government feels that it should institutionalize electronic authentication, and MPT, MITI, and the Ministry of Justice have played a central role. Proposed legislation will be introduced to the next ordinary session of the Diet next year. Previously, it would have been unthinkable for these ministries to be working together. The ministries look forward to constructive public comments, specifically with regard to: (1) international consistency to facilitate mutual recognition; (2) technological neutrality (e.g., rather than promotion of open-key technology); (3) Internet crimes (e.g., electronic fraud) (some have called for police supervision, but Mr. Aritomi commented that since the government is emphasizing private sector development it is reluctant to go in this direction.)

    Elliot Maxwell, Special Advisor to the Secretary for the Digital Economy, U.S. Department of Commerce

    Mr. Maxwell commented on the progress that has been made in Japan, as shown through the proposed legislation. In the United States, the reasons people do not participate in electronic commerce are: (1) they are concerned that they do not know with whom they are communicating; (2) they are concerned that the information transmitted not be tampered with; (3) they are concerned with how the information will be used; and (4) they are concerned that they will be treated fairly by other parties, and if not, that there are some means of redress. The notion of trust is reflected in these four concerns. These issues must be resolved to allow e-commerce to flourish. The United States has the highest rates of participation in e-commerce, but growth will be limited unless we all participate together so that everyone can have access to the tools of e-commerce.

    The United States government is trying to deal with these concerns in parallel. First, in terms of privacy, the government is encouraging the private sector along the lines of the OECD principles on privacy -- choice, security, right of access to information, and redress. Third-party private sector bodies will provide monitoring. The role of government should be limited, for example, to regulate medical information and the privacy of children. Privacy is a critical concern that must be addressed to promote consumer trust. As for consumer protection, the government should be involved to ensure the rules apply. The Internet is not the "Wild West" -- we have to make sure that the rules take the Internet into account. We must try to make the Internet more secure and more useful than physical methods. In terms of providing information, this includes information such as comparison shopping, warranties, order and delivery status, etc.

    The United States is also looking to increase reliability and security. All those who use telecommunications networks and the Internet understand that reliability and security for one is not the same as for the other. For example, in the case of electronic securities trading, when networks go down, we do not see the same growth characteristics as we have in the past. Reliability issues include addressing who is liable if the network goes down. As for authentication, the U.S. government looks forward to reviewing the MPT, MITI, and Ministry of Justice proposal and comments from others. Joint Japan-United States statements on electronic commerce and the OECD Declaration on Authentication reflect how closely allied our views are.

    The U.S. view on basic principles is, first, we need to "clear the underbrush" to "plant seeds" of e-commerce by eliminating existing legal barriers. Electronic signatures must have the same legal effect as paper signatures. Second, we must look first to party choice of means of authentication. The parties can tailor authentication to their needs. There is no need to have government direct which method to use. Third, we must have technological neutrality. It has been only seven years since the first commercial browsers were developed and we do not want to impede technological development because we are at such an early stage. Fourth, there should be no discrimination against providers or technologies and there should be no trade barriers.

    It is important to involve the private sector because its members will be the ones who are primarily engaged in these activities. The role of government should be very limited. Government does engage in "e-government" transactions with citizens, thus it should make its own decisions as a system participant. Government should be humble in its ability to predict and should not over-regulate and try to fix problems it cannot foresee -- this can impede the development of technology. In 1997, we predicted $300 billion in e-commerce in 2002. Now, we foresee $1.3 trillion in U.S. business-to-business e-commerce and $100 billion in U.S. business-to-consumer e-commerce because of the inventiveness of the private sector. Because e-commerce is global, we do not need the same systems, but interoperable systems. We have been advocating at UNCITRAL a convention to embody these principals. Hopefully, we will see them embodied in rules around the world. Through efforts towards interoperable systems, everyone around the world can benefit.

    Phillipe Paulin ,Counsellor (Economic and Commercial), European Delegation

    Europe is working along the same lines as the United States. Europe has been behind and is trying to catch-up. The system should be "lightly" regulated, but consumer protections must be ensured so that consumers can have confidence in e-commerce. Next week there will be a joint European and Japanese consumer dialog, at which e-commerce will be discussed. In Europe there has been a proposal for a directive that would lay down minimum rules under the EU principle of free movement of goods and services. The main goals of the electronic signature directive are to: (1) harmonize national regimes; (2) establish a legal framework for electronic signatures; and, (3) strengthen confidence in electronic signatures. In terms of scope, the directive does not call for the regulation of closed systems, but electronic signatures used on the basis of private law agreements can benefit from legal recognition. In terms of market access, providers can offer services without prior authorization under voluntary accreditation schemes. As for legal recognition, there is a dual approach: non-discrimination towards electronic signatures, but advanced electronic signatures would fulfill form requirements under national laws. The fulfillment of form requirements would be linked to requirements for certificates and certificate service providers and signature creation devices. There would be minimum liability rules and certificate service providers would operate under a principle of negligence and a revised burden of proof. As for third-country certificates, there would be non-discrimination. In terms of the time frame, the Council Common Position was issued on June 28, 1999, the European Parliament second reading occurred on October 27, 1999, and final adoption is set for November 30, 1999, with implementation at the national level planned for 2001.

    Richard Schlechter, Detached National Expert, Directorate-General XIII, European Commission (via telephone)

    The directive will be adopted quickly. During the following 18 months, the next step will be implementation. Most states are already quite advanced, and Mr. Schlechter expected that the framework will be put into place soon -- perhaps 50-60% implementation by the beginning to middle of next year.

    John Dryden, Head of Information Computer and Communications Policy Division, Directorate for Science, Technology and Industry, Organization for Economic Cooperation and Development (OECD) (via videotape)

    Mr. Dryden assured OECD support for the objectives of the workshop. OECD is not the only international organization working in this area, but it plays an important role. The 29 member nations currently account for most of e-commerce in the world. OECD also has working relations with the private sector, and a broad mandate to promote economic and social objectives. OECD is currently working in the areas of consumer protection, privacy protection, infrastructure development and access, statistical measurement, etc. In addition to its analytic work, OECD also promotes various conferences and fora. The Ministerial Declaration on the Authentication for Electronic Commerce developed at the Ottawa meeting has served as the basis of OECD’s work. The Declaration provides for non-discrimination among authentication approaches taken by other countries and calls for the amendment of media or technology-specific laws of member countries to avoid impediments to e-commerce. Mr. Dryden recommended that participants view the OECD webpage at http://www.oecd.org and his email address, dryden@oecd.org.

    Taizo Nakatomi, Principal Administrator, Information Computer and Communications Policy Division, Directorate for Science, Technology and Industry, Organization for Economic Cooperation and Development (OECD) (via videotape)

    Mr. Nakatomi described OECD’s current activities. A 2-day joint OECD-private sector workshop on electronic authentication was held in June 1999 in Stanford, California. Case studies and examples of authentication systems were presented. No specific conclusions were reached, however, it was evident that the technology used depends on the application, therefore the parties should decide which technology to use. Also, a draft of the Inventory of Activities of Authentication in the Global Network Society was completed for the Ottawa conference -- a "snapshot" view as of July 1999 of member countries’ activities in the area of e-commerce. OECD plans a follow-up study of how member countries have responded to the Ottawa Declaration and a report to the ministers will be compiled next year. OECD will not establish guidelines at this time, so as to not hinder growth.

     

  5. Discussion
  6. Mr. Ichikawa

    Mr. Ichikawa posed the following questions to Messrs. Schlechter, Paulin, and Maxwell. For the new system to work, how do you predict risk? A system based on the experience of trial and error takes too long. Perhaps the government may be able to provide models to predict prices and risks?

    Mr. Schlechter

    We are always skeptical of government taking the lead in this area. Government is very slow and there is always the question of money. So, if you only rely on the government, you will be behind the market. Government can play an important role, however, as has been the case in Germany, where government projects have been implemented by the private sector. It is very important for government to promote technology, but remain technology neutral.

    Mr. Maxwell

    Mr. Maxwell expressed his skepticism for the ability of government to predict and formulate an appropriate response in a system about which we know so little. For example, we could not have predicted e-auctions in 1997. If the government had imposed regulations, it could have hindered growth and foreclosed the possibility of the millions of transactions now occurring simultaneously. Instead, we have had the flexibility to respond to consumer needs. For example, in the auction space we saw an increase in consumer complaints about buyer and seller behavior. The market responded by offering insurance, escrow services, reputational forums, on-line dispute resolution. This was a response by the private sector within the context of consumer protection laws. It is not possible to aspire to rules that are exactly alike in the 200+ countries around the globe, because governments can only apply rules to their small area. The private sector, however can provide interoperable systems.

    Mark Bohannon, Chief Counsel for Technology and Counsel to the Undersecretary for Technology, U.S. Department of Commerce (via telephone)

    Mr. Bohannan responded to Mr. Katoh’s question regarding the status of legislation in the United States at the federal level. There have been two bills introduced in each House of Congress that would act as a framework for states to implement the Uniform Electronic Transactions Act. The Administration has expressed serious concerns about the bill passed by the House of Representatives last week, and issued favorable statements about a Senate bill, which will not come up for debate again until next year.

    Jun-Ichiro Miyazaki, Director of Computer Communications Division, Telecommunications Business Department, Telecommunications Bureau, MPT

    Mr. Miyazaki pointed out that, because documentation is not required for contracts in Japan, there is an argument that electronic signature legislation was not necessary. Turning to his own experience, he said that he had been thinking about buying a Volvo when he was stationed in the U.S. He discovered a Japanese company on the Internet that could make the necessary arrangements in Japan. Using an Internet map service, he looked up the address of the company on the Internet and found that the company was located in a residential area close to where he was going to live. He saw a photograph of the office on the web, but was not sure that it was an authentic picture, and so he gave up the idea of buying the Volvo because there was no way that the company could prove it was authentic. Thus, the company lost his business. This experience shows how important it is to promote consumer confidence. Going back to the e signature issue in Japan, he identified three elements of signature which must all together be considered in regulation: the identity of the party (who), what, and the intention to commit a legally significant act.

    Fuminori Inagaki, Director, Computer and Communications Policy Office, Machine and Information Industries Bureau, MITI

    Japan, the United States, and Europe have different frameworks, however, the larger goal of reliability seems the same. First, the basic point is that electronic signatures should be given the same evidentiary effect as a handwritten signature or seal and electronic contracts should be valid and enforceable. Second, in the early stage of development there should be recognition of all types of technologies. Particularly in the EU directive, authentication of certification service providers is not written in the law as a requirement. The same type of thinking is evident in the Japanese government proposal, but not everyone in the government shares this view. Third, there should be a predictable framework. In concrete terms, can we construct a system with all the differences in countries’ systems and practices? For example, the Japanese government proposal indicates what kind of signatures should be presumed valid; this may lead to a predictable framework, but it also may impede technical advancement. Another approach would be that each case should be brought to court. However, citizens must view both approaches as predictable and understandable.

    Mr. Maxwell

    Mr. Maxwell responded that it is important to look at the Japanese government’s documents and listen to the comments received in Japan and from other countries. We need to look at what the appropriate role for government use is. In the United States, what will the government use for its transactions with citizens? There are two possible scenarios. First, there may be a skewing of technology -- by making one technology safe and squelching another. Second, there may be non-discrimination leading to removal of trade barriers and no hindrances towards the development of e-commerce. Interoperability is a necessity and we need to understand what the appropriate government functions are.

    Mr. Paulin

    There already is national regulation by Member States, so there is now a need for harmonization, not just within Europe, but with the rest of the world.

    Nigel Hickson, Head, Information Security Policy, U.K. Department of Trade and Industry (via telephone)

    Mr. Hickson described the proposed United Kingdom electronic signature legislation published today, to be discussed in Parliament in December. The bill sets up a voluntary scheme for cryptographic providers. The goal is to create an industry-led, self-regulatory scheme, that would certify or approve companies offering authentication services, such as certification, authentication, and time stamping. The legislation also provides explicit legal recognition of electronic signatures and no discrimination between electronic signatures and advanced electronic signatures. Further, all electronic signatures would be admissible in court and whether an electronic signature was legally effective would be a matter for the court to decide. The bill also introduces wide-ranging power for government departments to permit e-government by recognizing electronic signatures where there are references in legislation to signatures or writings. There is the hope that in a few years time that UK citizens will be able to apply for drivers’ licenses and passports and file taxes electronically. Legal access to encryption keys was not addressed in this bill, but will be pursued later this year.

     

  7. Expert Panel
  8. Ruth Day, Executive Director, ILPF, Moderator

    Last April, ILPF set forth basic concepts (International Consensus Principles) (http://www.ilpf.org/digsig/intlprin.htm) as a framework for legislation that can work across borders: (1) a minimalist approach to eliminate barriers; (2) respect for parties’ autonomy and freedom of contract -- consumers should be able to choose; (3) there is a need to make laws for electronic authentication work across borders, either through harmonization or mutual recognition; (4) avoid discrimination; (5) technological neutrality, i.e., let the market drive standards. In April, it was a real challenge to develop these principles. It was not a matter of automatic agreement. Now, six months later, however, the principles are not so controversial because all of us realize the importance of e-commerce. Now any controversy is in the details.

    Professor Takashi Uchida, Faculty of Law, Tokyo University
    http://www.ilpf.org/events/keidanren/uchida/

    There are two main approaches to developing legal systems. One stresses the removal of legal obstacles (the minimalist approach) and the other stresses preparing the legal infrastructure (the structural approach). The minimalist approach allows electronic signatures to satisfy the traditional legal requirements for written documents, such as the Statute of Frauds and the Best Evidence Rule in the United States. The UNCITRAL Model Law of 1996 was promulgated for this purpose. The structural approach views the proper legal environment as necessary for secure e-commerce. This view is reflected in the ABA guidelines and many state laws. Currently, in the United States, the minimalist approach is stronger, with a focus on technology neutrality, removing legal obstacles, and placing electronic transactions on the same footing with paper transactions.

    Turning to Japan, there is an absence of the same kind of legal requirements for written documents present in other systems, so even a minimalist approach is not necessary. Under the Japanese Civil Procedure Code's principle of discretion, a judge has the discretion to evaluate evidence, i.e., there is no absolute requirement that an original document be produced. Japanese law merely requires intent to form a contract. However, normally, Japanese contracts are paper-based transactions and seals (inkan) are very common, and are used to maintain the security of the transactions. The Civil Procedure Code provides a presumption of attribution, i.e., documents that are signed and sealed are presumed valid. Under this provision, seals are, therefore, not an obstacle to validity. There is no presumption about the identity of the signator or inkan (seal) holder, merely that the document is attributable to that person. If someone challenges the authenticity of a seal, the relying party must prove that the seal was that of the originator. Thus, there is a high threshold that must be met to use the presumption.

    There is a high degree of security in paper-based transactions, achieved through inkan registration (where local public offices issue certificates guaranteeing the identity of a seal-holder) and commercial registration systems (supervised by the Ministry of Justice). Perhaps these systems can be used for electronic systems. For example, the inkan registration system is similar to a digital certification scheme performed by the private sector with public supervision. In the case of electronic signatures, an electronic signature with a certificate attached could have the same effect as an inkan. Further, a court could permit the signature even if it did not have a publicly supervised certificate attached. Likewise, a certificate of commercial registration guarantees the authenticity of a corporate representative. Digital commercial registration would enable authority authentication via electronic signature.

    In deciding whether to regulate or to liberalize the legal environment, there are two objectives to keep in mind. First is to remove obstacles to free transactions. Second, is to create a structure to ensure a high degree of security in transactions. The trend expressed at UNCITRAL is liberalization.

    Stewart Baker, Attorney at Law, Steptoe and Johnson LLP
    http://www.ilpf.org/events/keidanren/baker/

    When people say that Japan is lagging behind in terms of e-commerce legislation, maybe it is a good thing. Now countries and states that passed the first legislation need to revise their laws. Also, Japan is really ahead of other countries and states because of the hanko/inkan system. Americans could not conceive of losing their signature, but the Japanese could understand "losing" a hanko or digital signature.

    Mr. Baker spoke in detail about the U.S. experience with electronic signature laws. In the first stage, there were prescriptive legislative solutions (e.g., ABA, Utah, Washington). The assumption in these cases was that everyone could rely on these laws, but the difficulty is that the laws only apply in a small part of the world, however, e-commerce is global. In the second stage, there were private authentication agreements (e.g., credit card agreements). These agreements worked because of the experience with agreements among banks and merchants, rather than laws. Perhaps, there could be a global system for agreements. In the third stage, there developed "iatrogenic" (second generation) problems. Will prescriptive rules invalidate contracts? Next will be the rise of consumer protection.

    The following issues arise from the U.S. experience (Prof. Uchida raised these as minimalist questions): (1) is an electronic signature admissible in court proceedings?; (2) does it satisfy signature requirements?; (3) will contracts about electronic signatures be enforced (curing iatrogenic illness); (4) will strong technologies get the benefit of special presumptions?; (5) what about consumer protection?

    In the United States, the Uniform Electronic Transaction Act ("UETA") answers all of these questions: (1) electronic signatures are admissible; (2) electronic signatures meet signature requirements; (3) contracts about electronic signatures will be enforced; (4) no special treatment for special technology, but courts can take technology into account. UETA has been enacted in California. It has been amended to take more care of consumers.

    Although, this area is usually a matter of state law, the U.S. Congress has the authority to regulate interstate commerce. Congress may adopt legislation that could preempt state laws. The U.S. House of Representatives has already passed HR 1714. A U.S. Senate bill is now being delayed by some senators. These federal bills are similar to UETA and provide that: (1) electronic signatures are admissible in court; (2) electronic signatures satisfy signature requirements; (3) contracts about electronic signatures will be enforced; (4) there are no special presumptions for strong technology; (5) consumer protection concerns have caused amendments.

    Mr. Baker had the following questions for the Japanese participants: (1) what assurances are there that all electronic signatures could be used in Japanese (Prof. Uchida said that would not be a problem)?; (2) what assurances are there for a global system using authentication that contracts will be honored?; (3) What is the purpose of the presumption of validity under the Japanese Civil Code ? Is it designed to give the same power to an agent as to a principal, or does it presume that the hanko belongs to the right person? Will this reason become an excuse for unneeded or excessive regulation (which may be expensive)? Even the best technology does not tell what is in someone’s head or give the same moment of pause to appreciate the meaning of a signature or hanko; (4) Will electronic signatures be more regulated than hanko? Does the government regulate the uniqueness of hanko? Does the government regulate who sells hanko? If not, why make those requirements for electronic signatures?

    Christopher Kuner, Attorney at Law, Morrison and Foerster LLP
    http://www.ilpf.org/events/keidanren/kuner/

    There has been an explosion in the last few years of legislative interest in electronic authentication. This trend began in the United States with the Utah Digital Signature Act of 1995. A number of countries have passed or are considering some form of legislation or regulation. There have been different areas of activity in this field: national legislation, national administrative regulation, state regulation in federal systems, and international organizations.1

    Legislation has been enacted in almost every region in the world. In Asia, Malaysia passed the Digital Signature Act of 1997, Singapore, the Electronic Transactions Act of 1998, and South Korea has passed legislation in 1995 and 1999. In Europe, Germany passed the Digital Signature Law of 1997, Italy passed legislation in 1997, as did Austria in 1999. In North America, there has been legislative activity in almost every state of the United States since 1995. Finally, in South America, Argentina has issued various government decrees in 1997 and 1998, and there are draft bills in Columbia, Ecuador, and other countries.

    The ILPF surveys reveal a typology of legislation. First is the "prescriptive approach" which limits the use of digital signatures within a public key infrastructure (e.g., Argentina, Germany, Italy, Malaysia, and Utah). Next, there is a "two-tiered" approach where basic legal benefits are accorded all electronic authentication mechanisms, but broader benefits are given to "approved technologies" (e.g., Illinois, Singapore). Finally, there is a "minimalist approach," which offers no detailed standards, but focuses on granting basic legal recognition (e.g., Australian initiatives, many U.S. state laws).

    The following lessons are to be learned. First, most legal rules for handwritten signatures also work well for electronic ones. Second, specific legal rules for electronic signatures, (e.g., for liability and evidentiary presumptions) should be enacted with caution. Third, fixing a technical standard, even if "voluntary," holds dangers. Fourth, federal systems and international entities (e.g., the United States and the European Union), have more difficulty in reaching consensus, but their variety of approaches may ultimately prove an advantage.

    Mr. Kuner recommended the following Internet resources. For surveys: ILPF Survey of International Electronic and Digital Signature Initiatives, http://www.ilpf.org/digsig/survey.htm; ILPF Survey of U.S. State Electronic and Digital Signature Legislative Initiatives, http://www.ilpf.org/digsig/update.htm. For collections of national materials: International, http://cwis.club.nl/~frw/people/hof/DS-lawsu.htm; Germany, http://www.kuner.com; and the United States, http://www.mbc.com/ecommerce.html.

     

  9. Discussion
  10. Moderator, Ruth Day, Executive Director, ILPF

    Ms. Day asked whether governments holding off in the development of legislation might be an advantage, i.e., the early legislative efforts now have to be reconsidered in light of technological developments?

    Mr. Hickson

    Perhaps the first person did get it wrong, but hopefully we are now seeing the necessity for some regulation at a minimum. We have to be careful in drafting legislation not to be too technology specific. The German authorities are now realizing this and are currently amending their legislation. In the United States, some of the early laws are now being amended. Second, the EU directive can be a force for good or bad. Now we have an agreed-upon directive, but that is not the end of the story. The directive needs to be implemented in a liberal way.

    Mr. Miyazaki

    Lagging behind might be an advantage. While the U.S. approach is like Homer’s Iliad, the Japanese approach is like haiku (short Japanese poem with 17 syllables). One source of debate within the Japanese government was how to achieve mutual recognition. Perhaps Japan should import some ideas from the Iliad system to the haiku system. Writing the Japanese policy in such detail may make it easier for the United States and Europe to understand. The Japanese approach is similar to UETA -- a digital signature can be proven by the efficacy of the signature method, e.g., cryptography. However, in Japan, the signature can be also proven by use of the presumption. However, Mr. Miayzaki was not sure if the presumption was "too good". In the case of expensive transactions, you must use a seal carefully, but Mr. Miyazaki was not sure if the same can be conveyed electronically. Further, the presumption is that the signature represents the party’s intent to bind himself to an agreement, but it does not necessarily verify the identity of the signer.

    Mr. Inagaki

    In Japan, we do not write down all the rules, but in this case, we wanted to express our ideas with transparency so that the rest of the world may understand. The legal presumption addresses the validity of the contract, not the identity of a party. The seal is a physical representation of authority, it can be used by anyone, but intent to contract can only be ascribed to one party. A signature can only be used by one person. Perhaps, a seal is more powerful than a signature.

    Prof. Uchida

    The idea of extending the presumption to electronic signatures is nothing new to Japan or Japanese culture. For example, if I sign a document, even if it is clear that I physically signed the document, but I signed it impulsively, or I did not know what was in the document, it would be difficult to prove that I did not have the intent to be bound. The presumption embodies common sense and everyday experience, and so there is no need for excessive regulation in this area.

    Mr. Baker

    In many cases, the legal presumption given to digital signatures reflects the need to ensure proper identification of the parties. However, in the case of Japan, the symbolic value of the signature, i.e. that this is a serious and important commitment, is reflected in the legal presumption of validity. Mr. Baker commented that if he were drafting a regulation, he would ask if the particular technology conveys the ceremonial weight of the transaction, not just ensures proper identification.

    Mr. Kuner

    Mr. Kuner pointed out that the participants discussed hanko a lot, but questioned whether it was really analogous to electronic authentication. While hanko are only used for important commercial transactions, electronic authentication is needed for many uses, such as when computers talk to each other.

    Mr. Miyazaki

    The difficulty is that the Japanese legal system is based on both hanko and handwritten signatures. The problem is that hanko, handwritten signatures, and electronic signatures are similar, and yet, different. For example, you cannot put a seal on someone’s picture but you could have a digital camera which was capable of using a digital signature to authenticate the picture for use in case of a traffic accident. Another example, would be in the case of mobile phones, while the telephone company knows that a particular phone is being used it is not sure who is using the phone. A biometric system could be used to verify the identity of the user. The intent of the government’s proposal is to let the private sector develop these technologies.

    Mr. Shima, NEC

    Over the past year, GBDe has promulgated nine points in order to promote e-commerce, and the work of the Authentication and Certification Issue Group is now available on its home page. These recommendations, which were submitted to governments, include: (1) the framework must be secured; (2) legal effect should be given to electronic signatures; (3) the development and utilization of cryptography should be liberalized; and (4) private sector competition should be encouraged.

    Mr. Yonekura, ECOM

    ECOM was started in January 1996 when e-commerce was something about which we knew little, and ECOM was given the mission to make it possible by publishing guidelines and making as much information available as possible. The guidelines reflect self-regulation by the private sector, private sector-led development, and interoperability with other systems.

     

  11. Closing Remarks
  12. Masanobu Katoh, Chairperson, ILPF

    Mr. Katoh was pleased that so many people were able to participate in the workshop -- 260 participants were registered -- showing a high level of interest. The workshop is especially timely, as it coincides with the draft legislation prepared by the Japanese government. It is also significant that the government has solicited public comment. Further, a bill on e-commerce has been introduced in the United Kingdom, and a directive is being developed by the European Union this week. There is evidently a high level of interest in this topic all over the world.

    Because Mr. Katoh lives and works in Washington, DC, he commented that he is in a unique position to recognize the similarities and differences between the United States and Japan. In June of this year at the OECD workshop in Stanford, he spoke about hanko as one of the differences in legal structure and culture, and about the need to establish rules that recognize differences. However, he also noted that there are more commonalties than differences among countries of the world.

    Mr. Katoh expressed his thanks to the representatives of the Japanese government who participated in the workshop. From the macro-perspective, the Japanese proposal has much in common with other systems. If regulation is needed, it should be kept at a minimum or provide legal stability. This reflects a basic understanding that was made clear in the proposal. This year in Japan we have seen rapid development in the area of e-commerce. Mr. Katoh commented that he had the impression that Japan was lagging behind, but it is now moving rapidly forward. Mr. Katoh also commented that Japan is continuing in communication with the rest of the world. Japan should not just listen to foreign views, but should send information abroad to enhance interoperability and global understanding.

    The focus on today’s workshop was on electronic signatures and authentication, but ILPF is also active in other areas, such as jurisdiction. ILPF has reported on the laws of several countries in the world. Consumer and privacy protections are hot topics both in Japan, and internationally, and ILPF hopes to join the international community in examining these and other important matters.

    Finally, Mr. Katoh expressed his thanks to all those people who made the workshop possible, especially Keidanren who was responsible for the workshop conference. He also express his thanks to Mr. Maxwell, Prof. Uchida and the expert panel, Mr. Levinson, Mitsubishi Corp., Nifty, Fujitsu, and all other ILPF members, and lastly, Ms. Day.

Footnote

  1. Mr. Kuner did not discuss legislative/regulatory activity at this level.

Back

About ILPF | To Join ILPF | Working Groups & Publications
Member Resources | Events | Home