Académique Documents
Professionnel Documents
Culture Documents
1. Same rules are applied in the law of contract for Electronic Contracting/ Contracts in
Cyberspace.
The difference is due to the unique nature of the Internet, there are challenges in
applying contract law to electronic contracts
Unique nature = jurisdictional issues
Internet has no boundary cannot make use of Contract Act, this is why we use ECA
2. Unique Situations on the Internet
3. Battle of the forms
This can only happen on the Internet/cyberspace when one deals with contracting via
e-mail and which arises especially in B2B situations
It refers to situations where an offer and acceptance is made via email. However,
some e-merchants have a standard form for making an offer, and a standard form
when making an acceptance.
In other words, the e-merchant already has a standardized format when making an
offer or acceptance. The e-merchant does not write a fresh offer or acceptance all
the time.
A battle of forms happens when A sending a standard offer email is accepted by B
using his own standard form of acceptance, but the way the acceptance is worded can
introduce a new clause or term. (counter-offer)
However, acceptance must be absolute and unqualified and when there has been a
change in the offer, no matter how slight, no acceptance is deemed to have been made.
Thus when the battle of the forms occurs and no contract can be said to have been
formed as there was no unqualified acceptance- even though the changes are minute
and not important.
In this situation, the battle is often won by the party who fired the "last shot", that is,
the last party to put forward terms and conditions that were not explicitly rejected by
the recipient.
4. Clickwrap Agreements
Clickwrap Agreement is one where the website requires the customer or user to
affirmatively review the terms of an agreement through a series of pop-up windows
that ask for the customers to click a button showing that they agree to the conditions.
Under a Clickwrap Agreement the website puts the terms of the agreement directly in
front of the user and requires them to show that they affirmatively accept the terms by
clicking a button.
Click wrap agreements can be simply defined as a contract, which is formed over the
Internet when one party click on the I agree button on a web site. Cases in the
United States will be looked at as there are no Malaysian cases yet.
Examples:
Groff v. American Online, Inc.
This case deals with the validity of a click wrap agreement entered into by America
Online, Inc. and one of its customers.
Before a user can access AOLs system, he must first click on an I agree button to
indicate that he agrees to be bound by AOLs Terms of Service. This button first
appears on a screen that offers the user a choice to either read, or agree to be bound
by, AOLs Terms of Service. It also appears at the foot of the Terms and Services,
where the user is offered the choice of clicking either an I agree or I disagree
button by which he accepts or rejects the Terms of Service.
The court held that the parties contract was entered into online by the click of an I
agree button.
This case states that once a person clicks on the I agree button a contract is formed
and there can be no dispute as to the contents of the agreement. The user cannot then
argue that he did not read the agreement or was unaware of its terms just because he
had not seen them.
However, in Specht v. Netscape Communications Corp the trend appears to have
been shifted. In this case, the court held that the act of downloading software does not
indicate an agreement to be bound by the terms of the license agreement despite the
fact that it is clearly stated in the license agreement that by installing or using the
software the user consents to be bound by it.
Hancock v. American Telephone & Telegraph Co.,
Consumers argued that the clickwrap agreement did not give them notice of and
meaningful opportunity to assent to the forum selection and arbitration clauses in the
terms of service. AT&T technicians presented customers with a printed copy of the
terms and gave customers an opportunity to review the terms, to which customers
agreed by clicking on the I Acknowledge button on the technicians laptop for the
TV/voice terms.
Customers also clicked on the I Agree button to manifest assent to the Internet
terms, which customers had an opportunity to review in a scrolling text box. The court
found the clickwrap agreements enforceable. Clickwrap agreements have been
enforced even when the consumer did not read the agreement
5. Browse-wrap Agreements
Therefore, there is a significant difference between click-wrap agreements and
browsewrap agreements. The legal consequences are drastically different for each
type.
Click wrap agreements require that the user must click on the button to proceed whereas
browse wrap agreements refer to situations when the user can continue using the site
irrespective of whether they click on the button or not. The wider implications of the
Specht case is that even if there is a link to the terms and conditions or even if there is an
I agree button- but it does not force the user to look at it before proceeding, it is
regarded as a browse- wrap agreement. There is no binding contract.
The United States Court of Appeals ruled in Nguyen v. Barnes & Noble, Inc. that
Barnes & Noble's 2011 Terms of Use agreement, presented in a browse-wrap manner
via hyperlinks alone, was not enforceable since it failed to offer users reasonable
notice of the terms.
Similarly, in In re Zappos.com, Inc., Customer Data Security Breach Litigation, the
court ruled against Zappos.com's browsewrap terms of use, describing that its
presentation was not prominent, and that no reasonable user would have read the
agreement.
6. Enforcing Online Agreements
In the recent past courts have been deciding how to best deal with the different types
of online agreements. In general, courts have been hesitant to enforce Browse-wrap
Agreements while allowing the enforcement of Clickwrap Agreements. The reason for
this is the likely notice to the customer or user under each type of agreement. Courts
have reasoned that users are more likely to be apprised of all the terms and conditions
when they are forced to affirmatively accept terms and conditions placed in front of
them by the website under a Clickwrap Agreement. However, this does not
completely discount Browse-wrap Agreements. When a website operator can show
that the user or customer had actual or constructive notice of the terms and conditions
a question of whether the agreement can be enforced is raised.
So When is acceptance made?
It is generally agreed that a contract is formed the moment acceptance is made or in
other words complete. The question which arise is: when is an acceptance deemed
complete? There is no difficulty when one is face- to face, but what about situations
when an acceptance is made by post? or fax? There are two aspects to look at with
regards to acceptance: when it is done using slow methods (post) or the quick
methods (fax or instantaneous communications.)
(a)
Postal Rule
Adams v Lindsell any acceptance must be made by post within a week from the date
of the letter of offer. The letter of acceptance was posted immediately upon receiving
the offer, but it arrived a week after the offer was made meaning that the time limit
was up. By that times the wool had already been sold to someone else.
So the question was: when was acceptance made? Was acceptance made when the
letter was posted, or when it was received? In the former, then a contract is formed. If
the latter then no contract is concluded. The court ruled that the contract was complete
as soon as it was put into transmission. In other words, there as a binding contract the
moment the letter was put into the post box:
(b)
Receipt Rule: Instantaneous communications
Instantaneous communication refers to any mode of communication which makes it
as if the parties are face-to-face. Not in the literal sense, but the passage of time
required between making an offer and an acceptance is nearly instant. The best
example is a telephone conversation.
In the case of Entores Ltd. V Miles Far East Corporation it was stated by Lord
Denning that:
The rule about instantaneous communications between parties is different from the
rule about post. The contract is complete when the acceptance is received by the
offeror.
In other words, when dealing with instantaneous communication, an acceptance is
complete once it is received and not when it is sent. Is the position the same in
Malaysia bearing in mind section 4 of the Contracts Act 1950?
First although email does not arrive instantaneously (like telephone conversation) the
time lapses between the message being sent and arriving is negligible. Unless
something unexpected happens, the message can actually arrive within 24 hours, at
least.
Interpretation:
digital signature: "a transformation of a message using an asymmetric
cryptosystem"
asymmetric cryptosystem: an algorithm or series of algorithms which provide a
secure key pair
key pair: a private key and its corresponding public key in an asymmetric
cryptosystem, where the public key can verify a digital signature that the private
key creates;
private key: the key of a key pair used to create a digital signature
public key: the key of a key pair used to verify a digital signature
12. The digital signature scheme is based on public key cryptography also known as
asymmetric cryptography. (Private key cryptography = Symmetric cryptography)
13. Asymmetric cryptography uses 2 keys, also known as key pair. One key for
encryption and another key for decryption. (Symmetric cryptography uses single key
for both encryption and decryption)
14.
24. Digital signature is one way to accomplish this task: it employs private and public
keys which are certified by a trusted third party called a certification authority.
25. So, with the use of digital signature, there is a verification of the genuineness and
authentication of the senders identity by a trusted third party, furthermore, this
process will help secure the information exchanged between the trading parties.
Formation of Electronic Contracts: Rights of the Seller
26. Essentially, there are two things the seller will have to look out for:
i) Whether he is able to escape liability?
ii) What would happen if he made a mistake under the contract?
27. Exclusion Clause
Most online contracts are standard form of contracts. In all standard form
contracts, there would be inserted a clause known as the exclusion clause.
This clause is essentially a declaration by the merchant that he is not responsible
for certain actions or consequences suffered by the consumer for using a product.
(i) Validity of the clause
The terms and conditions in a contract, including an exclusion clause can only be
binding upon the parties if there has been notice before the contract is entered
into.
Two concepts must be looked at: notice and when a contract is formed.
(a) Notice
Bring the attention of the buyer to the terms of the contract before the contract is
entered into.
o Thornton v Shoe Lane Parking [1971] 2 QB
o The claimant was injured in a car park partly due to the defendant's
negligence. The claimant was given a ticket on entering the car park after
putting money into a machine. The ticket stated the contract of parking
was subject to terms and conditions which were displayed on the inside of
the car park. One of the terms excluded liability for personal injuries
arising through negligence.
o The question for the court was whether the term was incorporated into the
contract i.e. had the defendant brought it to the attention of the claimant
before or at the time the contract was made. This question depended upon
where the offer and acceptance took place in relation to the machine.
o Held:
The machine itself constituted the offer. The acceptance was by putting the
money into the machine. The ticket was dispensed after the acceptance
took place and therefore the clause was not incorporated into the contract.
(b)Before Contract
General rule: you are only bound by the terms and conditions of the contract if
they were given before the contract is entered into.
One exception to this requirement of notice for an exclusion clause is with regards
to a contract that had been signed.
o In LEstrange v Graucob [1934]2 KB 394
o The claimant purchased a cigarette vending machine for use in her cafe.
She signed an order form which stated in small print 'Any express or
implied, condition, statement of warranty, statutory or otherwise is
expressly excluded'. The vending machine did not work and the claimant
sought to reject it under the Sale of Goods Act for not being of
merchantable quality.
o Held:
In signing the order form she was bound by all the terms contained in the
form irrespective of whether she had read the form or not. Consequently
her claim was unsuccessful.
Adequate notice must be given before the contract is formed. Firstly, the terms
and conditions of the contract must be seen before the contract is entered into.
Secondly, the electronic contract itself must be clearly indicated.
The electronic contract must be shown in such a way that it stand out from the rest
of the terms and conditions. This can be done in a variety of ways: making the
words bold, use of capital letters or a different colour font. The normal practice of
website owners is to place the e-contract in capital letters. This appears to be
sufficient.
28. Mistake
Mistake made before entering contract contract is either void or valid
2 types: mistake of fact & mistake of law
Mistake of fact: there has been a mistake regarding the subject matter
Mistake of law: determine which law is being referred to. Malaysian law or foreign
law? Depending on the type of law, whether contract void/valid.
Electronic Security and Risk Management
29. What is E-Security?
-
Technological Measures
32. Technological measures or mechanisms to counter cyber crime and threats to:
a) Prevention mechanisms are mechanisms that users cannot override. Examples of
such mechanisms include passwords, encryption, firewalls, anti-virus software
and spam filtering software.
b) Detection mechanisms accept that an attack will occur but aim to determine that
an attack is occurring or has occurred, and report it. Examples of such
mechanisms include intrusion detection systems.
c) Recovery mechanisms either stops an attack, assesses and repairs any damage
caused by that attack or enables a system to continue to function correctly while
an attack is occurring.
33. Apart from technological measures, physical measures should also not be overlooked,
such as:
a) Servers should be located in a secure room where only authorized personnel are
allowed to enter.
b) For highly sensitive areas, technology such as biometric authentication may be
employed.
c) Access to organisations confidential information should be restricted.
Specific Regulatory authorities in Malaysia
Provides specialized ICT security services and with continued efforts, identifies
any possible loopholes which could be detrimental to national security.
Renders its services to any party requesting assistance where the public or national
interest is at stake.
The AGC usually collaborates with PDRM in the investigation, enforcement and
prosecution of Cybercrime. Notwithstanding the same, the public may still report any
such incident to the AGC.