Securing electronic commerce

The growth of electronic commerce ("e-commerce") is likely to be hindered if consumers continue to have doubts about the security of personal information that they are entrusting to electronic merchants. A 1997 survey of U.S. Internet shopping found that almost 70 percent of those who had not yet made a purchase on the Internet were uncomfortable sending their credit card data over the Net. A further US survey found that 61 percent of those who had never made an online purchase cited credit card security as a reason.

Certain technological developments that enable individual consumers to control third-party access to personal information that they must provide in legitimate e-commerce transactions will significantly assist consumers in protecting themselves. Biometrics and properly safeguarded passwords, for example, can help to ensure that unauthorized persons cannot access individual consumers' computers. Various hardware and software solutions, such as encryption protocols, can also provide substantial security for consumers who access particular Web sites.

In the long term, if e-commerce is to become truly global in character, consumers should be able to expect that regardless of where they reside and where an online business is organized, has its principal place of business, or initiates its online communications with prospective consumers, they will have comparable levels of timely and effective responses to their complaints or disputes, whether those responses take the form of dispute resolution processes or government action on their behalf. This will be especially important, as consumers in one country cannot reasonably be expected to travel personally to other countries, or to retain legal counsel in those countries, to dispute particular transactions or to contact law enforcement authorities if the transactions appear to be fraudulent or otherwise criminal. Effective consumer protection in a global environment must involve developing or enhancing measures that foster legitimate e-commerce (e.g., commercial practices and dispute resolution mechanisms), as well as measures that halt or discourage illegitimate e-commerce.

The rise of high-tech computer and internet crime is a significant threat to confidence in the various uses of the information society and, in particular, to the growth and development of electronic commerce. To meet this threat, it is necessary to: a) establish stronger exchanges between the private and the public sectors, the administrative and the commercial sectors, and between countries; b) conduct common threat evaluations of specific menaces resulting from the development of information and communication technologies or the use of these technologies by criminals; c) examine the respective roles that government and the private sector can play in preventing and combating these modern forms of crime; d) improve public safety and confidence through enhanced international cooperation between police, judicial authorities and industry in locating and identifying high-tech criminals both domestically and internationally.

Continued concerns about the security of e-commerce transactions would be undesirable at a time when, according to one 1999 prediction, fewer than 5 percent of e-commerce sites on the World Wide Web will show a profit during the next 12 to 18 months. While many factors are likely to influence the continuing growth and direction of e-commerce, governments should take note of these consumer concerns in determining what can and should be done to foster continued internet growth.

Because the Internet makes international boundaries invisible, the existence of countries that tolerate or foster fraud within their borders could undermine even the most carefully-developed multinational security enforcement scheme.