4. PROPOSED BUSINESS PRACTICES.

{4.1} In a consumer transaction involving digital signatures in an open system (as discussed in this Report), there are three principal entities whose rights and responsibilities affect the transaction: the consumer, the CA and the merchant. Other entities may play an important role as well, such as software and hardware providers, timestampers, notaries who assist CAs in the authentication process, and other providers of ancillary services.

{4.2} This section addresses, first, the question of what legal framework is most appropriate for analyzing the relationship between the three principal entities (CA, consumer and merchant) in an open system. The analysis in this section draws heavily from the extensive survey of existing laws found in Appendix 3, and readers may find it helpful to review that Appendix in conjunction with this section. In this section we conclude that the relationship between CA and consumer is most appropriately governed by contract, and generally endorse the proposition that CAs and consumers should be free to negotiate the terms of their relationship, subject to certain limitations. With respect to the relationship between CA and merchant, however, we assert that tort law may be the best framework on which to analyze allocating duties and liabilities. We suggest that attempting to bind merchants to contract terms incorporated by reference into certificates may be untenable as a matter of basic contract law, is economically inefficient and is contrary to sound public policy.

{4.3} Next we address our thesis that participants in a PKI must be obligated to act reasonably, and if a party acts reasonably that party should not bear a loss caused by another party's unreasonable behavior. This proposition prompts two questions. First, what constitutes "reasonable" behavior? Second, who bears the risk of loss if all parties act reasonably and yet a loss still occurs? We address each of these questions in turn, first highlighting some behaviors which we suggest could reasonably be expected of consumers, merchants, CAs and, more summarily, providers of ancillary services. Then we turn to the question of which party should bear the risk of loss in a "fault-free" situation. Acknowledging a long history of consumer protection legislation, we conclude that the liability of consumers should be limited even in a situation where the consumer has not acted reasonably.

{4.4} This section outlines a framework for discussion and more comprehensive study.

(a) Tort v. Contract.

(i) CA/Consumer Relationships.

{4.5} We believe that the relationship between CAs and consumers is best governed by contract. In an efficient and competitive marketplace, consumers can choose CAs based on the CAs' performance, terms of service, cost and other parameters, which in most situations will be spelled out in a contract that the consumer can choose or reject. Therefore, within the limits of general contract enforceability, and acknowledging that there are perhaps a few provisions where the market may not be sufficiently efficient, generally we would expect that the relationship between CA and consumer will be contractual.

{4.6} There are a large number of technical, business and legal issues a CA must confront, and therefore in some circumstances CAs will be tempted to develop long and extremely complex agreements. While there is no indication that the marketplace, working properly, will fail to reach the right result, it should be understood that significant burdens are being placed on consumers to analyze these contracts and still make rational choices. It is possible that consumers will be unable to properly distinguish between CAs because of this significant burden; in that case, it would be appropriate to evaluate alternatives to allowing contract law to govern the relationships between CAs and consumers.

{4.7} Despite the appeal of allowing the CA/consumer relationship to be governed by contract, there are many obvious problems with contract formation that dictate that gap fillers or other principles are required. Consumers could be afflicted with incapacities to contract (such as minor status). Consumers could not speak the language in which the contract was written (see Transborder Issues below). The contract could be unconscionable or a contract of adhesion under applicable law. Finally, portions of the contract may contradict local laws and therefore be void for public policy.

{4.8} Therefore, there is a compelling need for a default set of rules for this relationship, whether stated as default contract terms (such as the UCC) or as tort principles. These rules could be developed as a self-regulatory code, to be incorporated into the contract by reference, or by statutory law. It is unlikely that the electronic marketplace's need for uniformity and predictability will allow for less formalized alternatives.

(ii) CA/Merchant Relationships.

{4.9} It is less clear that the relationship between CAs and merchants should automatically be governed by contract. Merchants are seeking only the accuracy of information contained in a certificate (and, presumably, the performance of the underlying services necessary to verify such information). Imposing the obligation on merchants to review each "contract" they will be asked to enter into appears to impose significant transaction costs on the process. Not only may the merchant be dealing with multiple CAs, each with their own custom certification practices statements, but each CA may choose to amend a certification practices statement over time, requiring a merchant to check each certification practices statement for each certificate received. We note that it may be cost-effective for a CA to specifically negotiate a mutually-executed contract with merchants who repeatedly use their services, but this may be an exception rather than the rule (but see Appendix 2, "Closed vs. Open Systems").

{4.10} In the absence of a specifically negotiated contract between CAs and merchants, the most efficient approach for allocating liability may be the existing negligent misrepresentation tort. It allows CAs to internalize the costs of their actions while not imposing large upfront transaction costs on the parties. Furthermore, it allows the CA to avoid liability by acting "reasonably" without allowing the CA to abuse the contract formation process by imposing excessive terms. However, CAs should be able to state their assumptions by qualifying what facts they are providing and what efforts the CA used to verify those facts. In this way, if the CA performed the services it promised to perform in a reasonable way, the CA should have no liability. If the CA acts negligently, the CA could incur liability to merchants. However, we recognize that this approach has limited applicability in civil law systems with tort law principles that are substantially different from those under United States law.

(b) Obligation to Act Reasonably.

{4.11} As a starting point for allocating losses, we believe each party has the duty to act reasonably. If a party fails to act reasonably, where the other parties have acted reasonably, then the party acting unreasonably should expect to bear the loss. Therefore, the discussion that follows focuses very much on reasonable behavior and, where possible, suggests standards that should be considered when determining if a party's behavior was reasonable. However, in acknowledging the important role consumers play in this process, we suggest that consideration should be given to the desirability of limiting consumers' losses even when the consumer does not act reasonably. Also, there are likely to be situations where all of the parties act reasonably and yet a party suffers loss -- these are dealt with in Section 4(g) below. We have not attempted to suggest loss allocations when more than one of the parties acts unreasonably.

(c) Consumers. {4.12} We suggest that the following behavior by consumers constitutes reasonable behavior:

{4.13} (i) Provide Accurate Information. Any consumer who provides false or incomplete information is acting unreasonably. Any consumer who fails to update information being certified is acting unreasonably.

{4.14} (ii) Respond to Notices. In systems where the consumer is given the opportunity to verify or accept a certificate, the consumer should review the certificate within a reasonable period of time and take all reasonable efforts necessary to correct errors promptly.

{4.15} (iii) Keep Private Key Secure. Consumers should use best efforts to keep their private key secure. Given that certificates may provide different levels of assurance regarding a consumer's identity, the consumer's efforts to keep their private key secure should increase with the extent of the certificate's assurance of the consumer's identity. Currently, however, many consumers would keep their private keys on a system which is accessible by entering a password which may be easier than the private keys themselves to determine via a brute force attack. Technologies such as hardware tokens (such as passcards or smart cards) or biometric devices would potentially increase the security of the private key's storage, but these technologies have not been universally deployed.

{4.16} Furthermore, consumers should strictly follow all instructions provided by hardware, software, and other equipment providers. Accordingly, entities which provide hardware or software products should be expected to provide clear and concise instructions to consumers detailing the steps that the consumer must take in order to keep their private key secure.

{4.17} (iv) Generate Keys Securely. If consumers generate their own key pairs, they must do so on a reasonably trustworthy system in a secure fashion. Again, it must be incumbent upon the suppliers of cryptographic hardware and software to clearly and succinctly convey to consumers the steps required to achieve this goal.

{4.18} (v) Promptly Revoke a Compromised Key. If a consumer's private key is compromised, that consumer, upon learning of the compromise, must promptly take steps to revoke the corresponding certificate.

(d) Merchants. {4.19} We suggest that the following behavior by merchants constitutes reasonable behavior:

{4.20} (i) Require the Right Certificate. All parties would be best served by permitting the establishment of "classes" or types of certificates that represent different factual assertions by consumers and levels of assurances by CAs. Assuming that CAs establish classes of certificates that make different factual assertions, the merchant should be responsible for requiring the appropriate class of certificate. For example, if the CA offers a class of certificates which contain information which the CA expressly states contains only unverified information provided by the consumer, it is unreasonable for the merchant to expect the CA to warrant the accuracy of the information contained in the certificate. In contrast, if the CA offers a class of certificates which expressly states that the CA has used substantial efforts to verify identifying information of the consumer, it is generally reasonable for the merchant to expect the information contained in this certificate to be true. So long as merchants are required to select a class of certificates suitable for their requirements, presumably an efficient market will force CAs to offer classes of certificates which meet these needs.

{4.21} It is possible that limited-purpose or specialized-purpose certificates will be issued by CAs. In these cases, it would be unreasonable for merchants to use the certificate for identity purposes if such purposes are contrary to the specified purpose of the certificate. We note that many physical space certificates, such as driver's licenses and social security cards, are currently used for identity despite the fact that such certificates were not designed for that use.

{4.22} (ii) Verify Certificates. Similarly, it is unreasonable for the merchant to rely upon a certificate that by its terms has expired or to fail to verify the signature of the CA (and its CAs) unless the CA is self-certified. It is also unreasonable for a merchant to rely on a certificate that was designated for a different purpose (such as a certificate issued by a company for internal access control purposes).

{4.23} (iii) Check the Applicable CRL. Although there are schemes being implemented where no CRL exists as part of the infrastructure, if a CRL exists, certificates that have been revoked will be noted in a CRL. In such a case, merchants should bear the risk for failing to check the applicable CRL.

{4.24} We note that CAs are contemplating offering access to CRLs on a fee-for-service basis. Such an event would significantly alter the relationship between the parties by permitting CAs to impose contract terms on merchants and by providing financial disincentives for a merchant to check a CRL. We have not attempted to address this scenario.

{4.25} (iv) Act on Other Information. If the merchant knows or should have known that the information contained in a certificate is incorrect, then it is unreasonable for the merchant to rely on the certificate. It is expected that reasonable due diligence efforts required of the merchant will increase with the size of the transaction and the scope of parties' "out-of-band" (i.e., non-Internet) relationship.

(e) CAs. {4.26} We suggest that the following behavior by CAs constitutes reasonable behavior:

{4.27} (i) Initial Consumer Authentication. There are many means for CAs to initially verify the identity of consumers. We believe that there are no minimum standards that should apply; rather, the CA should specify what methods it undertook to authenticate consumers and the CA will be acting unreasonably if it fails to properly perform those steps. At the most basic level, a CA should be able to provide a certificate based only on information provided by the consumer, so long as the CA clearly expresses that the information contained in the certificate was not verified by a third party. Alternatively, if the CA undertakes to authenticate identity using a rigorous system of checks, its failure to implement those checks properly will be unreasonable. (This is not to say that the CA should become the absolute guarantor of identity, but it should perform the duties it sets out for itself.) As described above, we expect that the market will be efficient enough that merchant demand will force the CAs to undertake meaningful obligations to authenticate consumers.

{4.28} (ii) Trustworthy Systems/Key Management. CAs will handle much of their operations automatically and will be exposed to any number of computer-based risks, both internally and from outside threats. The losses attributable to system failures could prove to be diffuse and large. The problem could be particularly acute if the CA's private key was determined by third parties. A party who discovers the private key of a CA could produce an unlimited number of ostensibly valid but forged certificates. Moreover, if a CA's private key was compromised and the corresponding public key revoked, all certificates issued by that CA would be invalid. All of the consumers who utilized that CA would be forced to obtain new certificates.

{4.29} Depending on the CAs' contractual relationships with consumers, it is possible that CAs will not be forced to bear the costs of system failures -- particularly if the individual costs borne by each consumer are so small that they are overshadowed by the transaction costs of seeking recourse against the CA.

{4.30} However, despite the importance of ensuring proper system operation, it is not fair to expect perfect error-free operation. Given the dynamic evolution of the underlying technology, it does not make sense to codify specific minimum technology standards. Therefore, CAs should use reasonable efforts to make their systems trustworthy. In this context, the standards for reasonable efforts and trustworthiness will increase over time as technology improves.

{4.31} The problem of key management is particularly vexing and it is imperative that CAs take every possible precaution when generating, storing, and using their private encryption key. Particularly in light of the dynamic technological environment in which keys are generated and managed, we cannot currently articulate specific behaviors that would constitute reasonable precautions in this regard. Additional study should be done to suggest what efforts by CAs would be reasonable to keep their private keys private and what duties CAs have if they discover their private key has been determined by third parties or is no longer private.

{4.32} It may be appropriate for an industry standards setting body to form which can dynamically assess technological improvements and establish standards for reasonable deployment of technology to increase trustworthiness. If the industry does not develop such standards, it is likely that government regulation will be implemented to develop a licensing scheme.

{4.33} At a minimum, we expect that CAs will freely disclose the steps they are taking to make their systems trustworthy. Systems often achieve trustworthiness only by being subjected to public scrutiny.

{4.34} (iii) Administrative Duties. It is beyond the scope of this Report to deal with issues such as employee hiring and management, record keeping, bonding and insurance, and other ministerial functions. Although such issues could be critical to the successful operation of a PKI, we suggest that additional study should be done on these topics.

{4.35} (iv) Certificate Revocation/Suspension. CAs will be expected to revoke certificates promptly upon notification from consumers. Revocation typically occurs by maintaining a CRL. This CRL must be made available in such a way that merchants can check the CRL easily prior to accepting a certificate.

{4.36} It may not be fair for CAs to have obligations to independently verify certified facts on a continuing basis. While CAs should have a duty of inquiry if they receive information from a third party suggesting that a certified fact is incorrect, no independent efforts should be required unless the CA offers to do so as part of the terms of the certificate or in its agreement with consumers.

{4.37} Because of the relative harm that can be caused by issuing a false certificate compared with failing to issue a certificate that should otherwise have been issued, it seems appropriate to give incentives to CAs to fail to issue certificates if there is any doubt. Therefore, we suggest that the CA should be exonerated under applicable principles for any losses that occur because the CA elected not to issue certificates if the CA has any good faith belief that the certificate should not issue (there could be a breach of contract for this failure depending on the agreement between the parties). However, it seems prudent to require the CA to promptly notify the consumer if the CA does not feel it is in a position to issue certificates so that the consumer may resolve any confusion.

{4.38} (v) Publish a Certification Practices Statement. CAs should make available, in an easily accessible manner, a certification practices statement or similar document that clearly and succinctly states the practices which a CA employs in issuing certificates. A CA should follow the practices enumerated in its certification practices statement.

{4.39} (vi) Make Its Certificate Available. A CA must make its own certificate regarding its public key available to parties who wish to verify the certificates of consumers.

{4.40} (vii) Financial Responsibility. The question of how to ensure that a CA is able to bear the loss associated with its potential liabilities is beyond the scope of this analysis. We note, however, that a CA that fails to comply with its duties conceivably imposes significant losses on a large number of innocent parties. Ensuring that these parties could be compensated for their losses is an important public policy concern. Likewise, a CA that abruptly terminates its business could impose significant costs on its consumers and others. As a practical matter, it may be difficult to impose enforceable duties on an entity that is bankrupt or insolvent.

{4.41} It is conceivable that, with adequate disclosure, the market will properly assess the risks associated with doing business with CAs that lack capacity to bear losses attributable to them. As a policy matter, this approach will still require mechanisms to ensure accurate disclosure.

(f) Third Party Suppliers.

{4.42} Often overlooked players in the CA industry are third party providers of ancillary services, such as hardware, software, Internet connectivity, timestamping and authentication vendors. We suggest there should be consideration of the duties of CAs to exercise reasonable care in selecting suppliers. It may be that in some cases CAs should share liability with the third party providers, even though the CA itself did not specifically commit the action causing loss. Given that most third party suppliers will be in direct contractual privity with the CA, CAs should require meaningful covenants, warranties and indemnities from the suppliers in order to cover the situations where the CA is deemed responsible due to the third party's failed performance.

{4.43} Where the situation was clearly outside of the CA's control, it may be appropriate to allocate loss to these third party suppliers. This loss may be governed by existing legal principles, such as those generally described in Appendix 3. However, given the wide range of possible suppliers, it is not possible to summarize rules that would generally apply to all of them.

{4.44} Notaries or other authentication verification providers pose particularly difficult issues. A CA might disclose in its certification practices statement that one of its authentication methods is to rely on a written application from a subscriber that has been certified by a notary. If a notary certifies a false application, and the CA consequently issues a fraudulent certificate, should the notary or the CA bear any resulting loss? Certainly the fraudulent applicant should be primarily liable, but we suggest that, in this situation, merchants should also be able to recover from the CA, with the CA having a corresponding cause of action against the notary. It may be unfair to place the burden on a merchant to recover against a notary, who may be geographically distant from the merchant and potentially not subject to the jurisdiction of the merchant's local courts. Moreover, this allocation of risk will create incentives for CAs to exercise care when entering into relationships with notaries or other local authentication agents and potentially impose more rigorous authentication procedures than are typically required of notaries.

{4.45} Other issues are raised by third party service providers who supply the hardware and software necessary to a PKI. Implementing the cryptographic algorithms and techniques that underlie digital signatures is not an easy task. As discussed above, providers of hardware and software should provide users of their systems with clear, concise instructions on how to their system secure which, if followed precisely, would permit consumers to achieve the promised level of security.

{4.46} Some legal systems are spelling out specific rules that apply to these third party suppliers. For the more critical suppliers, this may be appropriate.

(g) Limitations of Liability When All Parties Act Reasonably.

{4.47} Under the standards suggested above, it is entirely possible that all parties will act reasonably and yet a loss will be suffered. Allocating this loss could prove to be essential to the widespread use of digital signatures and for establishing a robust role for certification authorities to support consumer transactions.

{4.48} In some ways, the Electronic Funds Transfer Act (discussed in Appendix 3) raises an interesting analogy. Credit card holders can behave entirely reasonably and yet their credit card number can be expropriated, resulting in losses. To limit credit card holder liability, the EFTA specifies that in most cases a holder will not be liable for more than $50 in losses prior to the holder reporting the expropriation of the number and for no losses incurred after reporting the expropriation. If a similar structure were made applicable to the digital signature context, we believe that consumers would be significantly more willing to adopt their use. Therefore, by analogy to EFTA and in accordance with our touchstone principle that a party that behaves reasonably should bear no risk of loss, we suggest that consumer liability be limited to a small dollar number, or to zero, if the consumer has behaved reasonably as outlined above.

{4.49} In situations where the CA has behaved reasonably, we have suggested a number of reasons why CAs should not be liable for losses. Stepping back from the specifics, there is no doubt that the specter of liability for breach of contract and for negligence significantly deter the entry of CAs into the market. At this point there are no efficient markets for insurance to spread risk throughout the industry -- meaning that CAs face meaningful unquantifiable risks of large losses. Placing risk of loss on CAs when CAs act reasonably would likely make those risks untenable, posing a grave threat to the development of the CA industry. However, as insurance markets and pricing models become more refined, it may be appropriate to revisit CAs liability when all parties act reasonably, as they may ultimately prove the best party to spread the costs among the relevant players.

{4.50} Having suggested that both consumers and CAs should have limited liability when they act reasonably, the risk of loss under this structure would fall on merchants. This would give merchants incentives to act "more than reasonably" if the underlying transaction is important to them. Since only merchants know how important the transaction is to them, placing the burden on merchants encourages them to scale their actions to their risk tolerance. In the consumer transaction context, merchants are also the ones being paid in the transaction by the consumer -- giving the merchant the opportunity to incorporate the business risk into their pricing models. By way of example, currently mail order and telephone-based merchants typically bear the risk of loss, as they are typically the party who can best allocate the net of loss among their customers.

{4.51} Regardless of loss allocation mechanisms, the most important step towards fostering the growth of an industry will be the establishment of clear and predictable rules for the parties. While we expect that consumers should and will always have limited liability when they act reasonably, we expect that CAs and merchants will find a way to establish suitable pricing mechanisms under a regulatory and legal framework -- if the rules are predictable and clear. In light of the transborder discussions noted below, this is not a trivial problem.

(h) Limiting Consumer Liability for "Unreasonable" Behavior.

{4.52} In analyzing risk allocations between the parties, by way of analogy we note that EFTA provides consumers with liability limits even if consumers fail to act reasonably. EFTA's liability limitations apply both where the consumer acts reasonably and where the consumer does not act reasonably, although in the latter case the consumer will have to bear more risk.

{4.53} We believe that consumer protection is an integral step in encouraging the use of digital signatures. We have suggested that, as a general rule, participants in a PKI should bear liability when they act unreasonably and should be free of liability when they act reasonably. However, consider the situation where a consumer fails to adequately protect his or her private key, resulting in fraud. If our touchstone principle -- that parties acting unreasonably bear the resultant loss -- applies, the consumer would bear potentially unlimited losses resulting from that fraud. We are concerned that unlimited losses could be a major disincentive for consumers to participate in the system. Thus, we suggest that consideration be given to limiting consumer liability even in the situation where a consumer does not act reasonably.

{4.54} We do not suggest that EFTA should be reimplemented verbatim in a PKI. The consequences when a consumer does not act reasonably in the digital signatures context are arguably more significant than the consequences of consumer negligence in the credit card model. The success of a PKI depends upon the security of private keys. While we are not in a position to suggest specific dollar numbers associated with dollar caps, three principles are worth considering. First, like the EFTA structure, it may be appropriate to have tiered levels of dollar caps, depending on the severity of the consumer's actions. Second, the dollar caps should be high enough to encourage the consumer to act reasonably but low enough to avoid disincentivizing consumers from participating in the PKI. Finally, there should be no dollar cap for a consumer's intentional fraud.

{4.55} If consumer and CA liability is limited, merchants will face potentially unreimbursed losses even when they act reasonably. Presumably merchants would take this risk into account in their risk-benefit calculus when choosing to rely on a digital signature. In a large dollar transaction, the merchant may choose to obtain out-of-band assurances. In a small dollar transaction, the merchant may simply choose to accept this risk of loss.

{4.56} Insurance may eventually address the problem of unreimbursed losses. A private insurance market will not develop immediately, however, because there is not enough data to develop a pattern of loss experience and the existing legal framework is too unsettled to allow these losses to be predicted. In the meantime, the suggestions described above could provide parties participating in a PKI with a reasonable degree of certainty, enabling them to make rational economic choices but without abandoning the policy of consumer protection.

(i) Implied Warranties. {4.57} This section discusses the existing framework of implied warranties and what the framework should be. Readers are referred to Appendix 3 for additional background information.

{4.58} (i) To Consumers. CAs deliver certificates to consumers. Assuming the certificates are merely memorialization of services performed, they would be subject to an implied warranty of workmanship -- which, although a contract-based remedy, permits the consumer to sue for the CA's negligence. While CAs should be able to disclaim implied warranties in their contracts with consumers, prospective contractual disclaimers of negligence are difficult to institute and therefore the implied warranty of workmanship may persist. Therefore, we do not believe any "new" implied warranties are needed in the consumer/CA relationship.

{4.59} (ii) To Merchants. We have asserted that no contractual relationship should be formed between CAs and merchants, in which case no implied warranties would be formed. However, as we have discussed, the tort of negligent misrepresentation appears to be an efficient mechanism to allocate losses between CAs and merchants. We would expect that, like any other situation, it will be difficult (and perhaps impossible in the absence of a contract) for a CA to prospectively disclaim this tort in advance.

(j) CAs' Limitations of Liability for Breach of Contract/Negligence.

{4.60} CAs may want to establish classes of certificates that, based on the different levels of effort exerted by the CA and differential pricing, have different dollar caps on liability. The rationale is entirely understandable -- a cheap certificate which contains unverified information provided by a consumer is not comparable with an expensive, extensively-verified certificate. With respect to consumers, while it makes sense for CAs to limit their liability for authorized certificates, it is unreasonable for a CA to unduly limit its liability for issuing unauthorized certificates. With respect to merchants, there is no contract formed between the merchant and the CA, so there is no basis for the CA to assert that such dollar caps should act as a bar on merchants' recovery for their damages under existing tort principles. However, in some circumstances, we could see how a court might find that stated dollar limits influenced whether or not reliance on the certificate was justified or reasonable.

{4.61} Almost all CAs attempt to disclaim liability for consequential and similar types of damages. With respect to consumers, subject to existing limits on the ability to disclaim these liabilities, this should be a matter of contract. With respect to merchants, if there is no contract formed between the merchant and the CA, there is no contract-based principles for the CA to assert limits to liability (there may still be limitations on tort liability, such as limitations on the awarding of consequential damages). If a contract is formed with merchants, then principles of unconscionability should put strict limits on the powers of CAs to unreasonably limit their liability -- particularly for negligence.

{4.62} Except in test or demonstration situations, it is usually unreasonable for a CA to disclaim all liability for direct damages or to establish a dollar cap so low as to effectively deny plaintiffs all meaningful monetary damage remedies.

(k) Transborder Issues. {4.63} It is beyond the scope of this paper to comprehensively deal with the difficult issues of jurisdiction, venue, choice of law and conflicts of laws. It is certain that many consumer/CA/merchant relationships will be international in scope. These transborder relationships implicate complicated and arcane principles of law.

{4.64} One certain result is that the putative contract relationship between CAs and consumers will be undermined by the possibility that the contract will not be in the consumer's native language. The cost of translating a consumer/CA contract into foreign languages is significant; localizing these contracts to reflect general local rules regarding contract formation adds even more. As discussed in Appendix 3, there are many other legal systems that prohibit the contractual assent to certain provisions. As lawsuits derived from these relationships mount throughout the world, it is likely that the various entities will find themselves subject to an inconsistent patchwork quilt of rules. This problem will be exacerbated by the likelihood that the CAs will be dragged into a multiple of far-flung jurisdictions to defend actions.

{4.65} We believe a regulatory framework that fosters predictability will substantially minimize or eliminate this consequence. PKI and digital signatures have the potential to become an essential tool in electronic commerce. All of the respective players should invest in resolving issues raised by this Report by developing standards which can win acceptance in the marketplace while encouraging regulators that the needs of consumers are being protected.