OF AMBASSADOR DAVID L. AARON
UNDER SECRETARY OF COMMERCE FOR INTERNATIONAL TRADE
AT E-COMMERCE MEXICO
NIKKO, MEXICO CITY
SEPTEMBER 29, 1999
This gathering is proof of the growing awareness that electronic
commerce can be of great value to Mexico. As it is increasingly
adopted by Mexican business, e-commerce will enhance the already
great advantages of NAFTA. Conversely, if Mexico does not keep up,
NAFTA’s incentives to trade could be eroded by the ease and speed
of electronic transactions with other markets.
We hope and expect that the government of Mexico and its private
sector will be a strong partner in dealing with the many complex
issues that must be resolved for electronic commerce to fulfill
its millennial promise.
Today, I would like to talk to you about some of those issues.
Specifically, what must be done to safeguard privacy on the internet,
to assure consumers that they can conduct electronic transactions
with confidence, and to keep cyberspace free of tariff barriers.
The private sector will have an unprecedented role in the creation
of a regulatory framework to protect consumers on the Internet.
The private sector must take the lead in developing solutions, and
market forces must be the judge of their practicality. That is the
basis of the Clinton Administration’s 1997 "Framework for Global
Electronic Commerce," and these principles have guided all of our
policy decisions since.
Government’s role is to advise and monitor, to watch for and legislate
against specific abuses and problems, but otherwise to stay out
of the way. Too much government -- either in the form of stifling
regulation or suffocating duties -- could kill electronic commerce
before it has a chance to take flight.
Yet lack of consumer confidence could also stunt the growth of
electronic commerce. One private research group estimates that consumer
fears already cost $13 billion in lost internet sales. The Internet
lacks the familiar features of the marketplace -- showrooms, salespeople,
floor models, et cetera -- so other ways must be found to generate
trust that consumers will get value for their money, and that the
information they provide will not be exploited to their detriment.
Assuring privacy is already better developed than other areas of
online consumer protection. This is essential to the future of electronic
commerce. People will not want to post their personal information
on the Internet without adequate guarantees of confidentiality.
The U.S. has a well-developed data privacy protection regime. First,
we target laws at individual privacy problems such as financial
information or data on children. Supplementing these laws are industry
self-regulatory codes. Individual companies pledge to adhere to
the codes, and advertise their adherence. Examples are the Electronic
Commerce and Consumer Protection Group, formed by some of the largest
computer and telecommunications companies in the U.S.; TrustE; the
Better Business Bureau’s BBB OnLine; and a number of others. Hundreds
of U.S. companies engaged in electronic commerce have subscribed
to one or more of these codes.
But what is to prevent companies subscribing to the codes and then
ignoring them? The teeth behind these self-regulatory codes are
tough set of fair trade laws administered by the Federal Trade Commission,
and state consumer protection agencies.
If a company subscribes to a self-regulatory code and violates
it, the company can be deemed to be engaging in deceptive business
practices and heavily sanctioned. And almost invariably, the accompanying
publicity severely damages the reputations of violators, and thus
their ability to do business. So laws, and market, create powerful
incentives to subscribe, and adhere, to codes of conduct.
The European Union has arrived at quite a different solution to
the privacy issue -- the Directive on Data Protection. It is a comprehensive
regulatory program that controls every aspect of personal data collection
and distribution, including data privacy czars in each country.
Moreover, the EU directive requires that data flows be blocked to
countries deemed not to provide adequate privacy protection.
We think that our system is more than adequate. In fact, some of
our laws surpass European standards. But the Europeans found our
system suspect -- particularly our reliance on self-regulation.
Still a cut-off in the flow of data between the U.S. and Europe
would have been disastrous to both sides. So last year, the U.S.
and EU began a dialogue on the issue.
Reconciling our approach has been difficult. In the 1980s we rejected
the comprehensive EU approach as a potential invasion of privacy.
The EU Directive was conceived a decade ago in a world of mainframes
not today’s distributed information systems. The Internet did not
exist. We were faced with the task of applying a rigid regulatory
structure to the world’s most advanced information economy -- when
most EU states had not yet tried to implement the Directive.
We advanced a proposal to bridge our different systems -- a set
of "safe harbor" principles for U.S. companies to follow. The principles
cover the seven basic elements of data privacy, such as notice to
individuals about data being collected on them, choice as to how
information may be used, access to the information, onward transfer,
security, data integrity and enforcement. Organizations subscribing
to the safe harbor principles would be presumed to be providing
adequate privacy protections. Data transfers from the European community
to them would continue. We have now essentially settled all the
central privacy issues, and are now involved in the lengthy process
of nailing down the details, particularly on enforcement.
However, privacy issues remain unsettled elsewhere in the world.
About 25 countries have adopted omnibus legislation comparable to
the EU directive. Adopting the EU Directive as a template may seem
an easy solution, I believe that it will be very difficult to implement.
Japan, on the other hand, has taken a self-regulatory approach.
Canada now has a uniform though unofficial national standard, and
is in the process of formalizing it into law. With the single issue
of privacy between the U.S. and EU so time-consuming, we hope the
‘safe harbor’ approach will facilitate consensus on privacy between
other nations of the world.
As with data privacy, questions will invariably arise in other
aspects of consumer protection that can only be settled among governments.
For instance jurisdiction and liability -- if a consumer purchases
online from a foreign business and a dispute arises, which country’s
laws apply? In which country does the consumer seek redress? What
constitutes fraud or deceptive business practice under one country’s
laws might be perfectly legal under another’s. Remedies that are
taken for granted in one country may be lacking in another.
Some believe in a blanket rule making the ´´point of sale´´ the
place of jurisdiction. We believe that this could lead to a race
to the bottom, where the ‘point of sale’ will be countries with
little or no consumer protections.
Governments will have to decide this issue but the role of the
private sector is still crucial. If reliable means of consumer redress
can be developed by businesses, the jurisdiction issue will be much
One important worldwide forum seeking such a solution is the Global
Business Dialogue on Electronic Commerce -- a consortium of world
At its first meeting in Paris recently, the GBDe committed to developing
private systems to address the consumer protection challenge. If
successful, this will be an unprecedented evolution in global business
In the Western Hemisphere, the FTAA Joint Government-Private Sector
Committee of Experts on Electronic Commerce has been considering
consumer protection among other important issues. Earlier this month
it completed its draft report with recommendations to ministers.
This is a significant step in the development of electronic commerce
in a region where the Internet is still relatively new but where
growth has been among the most rapid in the world.
There are many more regional groups at work around the world --
the Transatlantic Business Dialogue between the U.S. and the EU,
the OECD, APEC, and so on. The private sector is involved in every
forum. Eventually, all this work will need to coalesce into the
worldwide consensus we seek. Above all, governments must resist
the temptation to attempt to impose their own internal laws and
attitudes on what should be a truly global system.
While we are trying to counter threats to the free flow of data
used in electronic commerce, we are also working to keep electronic
commerce free in another sense -- duty-free. Cyberspace, a world
with no natural borders, has as yet no trade barriers. We believe
that cyberspace must remain duty-free, if it is to achieve its potential.
Recognizing that, the members of the WTO a moratorium on imposition
of duties on electronic commerce transactions. It remains in effect
until the Seattle Ministerial.
The United States led the movement for duty-free treatment of electronic
transmissions at the last WTO Ministerial. This time several other
countries have put forth detailed proposals on the issue.
With minor reservations, we can support a bold proposal by Indonesia
and Singapore, which would put the WTO on record as extending and
broadening the duty-free status of electronic transmission.
The proposal would strengthen the current moratorium by foregoing
tariffs not only on electronic transmissions, but also on their
physical counterparts. So, for example, since books, music and computer
software downloadable from the virtual world would be tax free,
so would books, music and computer software in the physical world.
This approach would not only further liberalize trade by removing
tariffs on some goods, it would remove any disparity in the tariff
treatment of like products that exist in both digital and physical
form. The proposal would not, however, affect tariffs that might
apply to goods ordered over the Internet that only exist in the
physical world -- such as a blouse or a shipment of steel. And the
proposal is limited to tariffs at the border. It would not affect
a country’s tax policies.
Australia and Japan have also made constructive and useful proposals.
We are particularly in agreement with the Australian principle of
support for a minimalist, industry-led regulatory approach.
Of four proposals now on the table, the least appealing is that
advanced by the European Union, which we fear could pave the way
for duties and a burdensome regulatory regime in the future.
For example, the EU wants to label all electronic deliveries as
"services." This would allow much more latitude for governments
to restrict market access in areas such as audio-visual transmissions
and possibly even software. This idea has little support outside
We are trying to appeal to the common sense and economic interest
of all countries to build support for the much more constructive
approach of Indonesia and Singapore. We urge the government of Mexico
to study the proposals carefully, and hope it will support one or
another of the WTO proposals that ensure the continuation of duty-free
In conclusion, let me stress that there are a number of complex
issues to be worked out in the development of electronic commerce.
Government have a role. However, the temptation on the part of governments
to do too much, to meddle, to direct, to control is going to be
great -- already is great, as our experience with Europe shows.
Governments must resist that temptation. For if governments stop
electronic commerce short of its vast potential, they will not have
served their people well. At the same time the private sector must
step forward and accept the responsibilities that global e-commerce
There is a saying in the United States, "Lead, follow or get out
of the way." The last option is not one with which government is
very familiar. Businesses around the world may not be accustomed
to the first. But in the case of electronic commerce, that’s the
way to go. So the U.S. will continue -- at the WTO and every other
possible forum -- to urge other governments to join us on the sidelines,
where we belong.