Max Planck Encyclopedia of Public International Law www.mpepil.

com

Internet Johann-Christoph Woltag Table of Contents A. Notion 1. History and Use 2. Technical Fundamentals B. Internet Governance 1. Internet Corporation for Assigned Names and Numbers (ICANN) (a) Legal Framework (b) Critique (c) Reform and Recent Developments 2. Sovereignty Issues 3. Uniform Domain Name Dispute Settlement 4. Net Neutrality C. Specific Legal Issues 1. Human Rights 2. Electronic Commerce 3. Cybercrime D. Assessment Select Bibliography Select Documents A. Notion The internet comprises physically the entirety of the global interconnected computer networks, which colloquially is equated with the information, communication, and other services available therein. The term internet is likewise used synonymously for its most famous and widely used service, the world wide web. 1. History and Use The internet is based on the Advanced Research Projects Agency Network, a project developed by the Defense Research Projects Agency of the United States Department of Defense in the late 1960s. In the 1980s, many US universities became connected; from thereon the exponential growth of the network began. However, the expansion of the internet to the mass medium it is today is said to have only been made possible through the introduction of the easyto-use world wide web service, developed at the European Organization for Nuclear Research (CERN) in the 1990s. The internet may be used for a wide range of different activities, be it communication, information, entertainment, or commerce. Its emergence into nearly every field of daily life is viewed by some to have constituted a social or public sphere of a new kind, at times entitled cyberspace. However, the ubiquity of the internet and its importance for society and commerce also gave rise to its exploitation, especially through copyright infringements and cybercrimes (see paras 3436 below). Its qualification as a critical infrastructure in many States likewise created the new dangers of cyberterrorism and cyber warfare. Until the mid-1990s, when the internet community was still mostly made up of programmers and scientists, the idea of an independence of cyberspace received wide support. According to this concept, cyberspace constituted a sphere sui generis, outside both State authority and legal regulations. Althoughat least from a legal standpointbeing unrealistic from the beginning, this approach was somewhat sustained as long as the interaction between the off- and online world remained limited. Today, however, it is clear that the internet is used as a medium to achieve certain results at an actual location (Schmahl 290). Thus, States very soon made clear that the [p]olicy authority for Internet-related public policy issues is the sovereign right of States. They have rights and responsibilities for international Internet-related public policy issues (para. 49 (a) Declaration of Principles of the World Summit on the Information Society [WSIS]).

1 2 3

2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press

Max Planck Encyclopedia of Public International Law www.mpepil.com

2. Technical Fundamentals The internet is not a physically genuine data network, but is made up of a myriad of interconnected host and server computer systems, communicating via a unified network architecture with generally accepted protocols. This technical interoperability between the various computer systems is accomplished inter alia through international standard-setting by the Internet Corporation for Assigned Names and Numbers (ICANN), which regards [p]reserving and enhancing the operational stability, reliability, security, and global interoperability of the Internet (Art. 1 (2) ICANN Bylaws) as one of its core values. In fact, the internet would not function globally if its protocols were not defined uniformly. Therefore, the formats and rules by which data is communicated on the internet are laid down in the internet protocol suitecommonly referred to as TCP/IPthe key requirements of which are specified in Request for Comments 1122 Requirements for Internet HostsCommunication Layers of October 1989. Basically, the internet is used to transfer data between two computer systems, which is achieved by splitting up the data into several packages which are then sent across the network to the addressee, where the individual packages are reassembled to recreate the original data. These operationswhich mostly last only millisecondsqualify the internet as a packet switched network. In order for internet capable devices to be able to communicate with each other, the Domain Name System (DNS; a hierarchical naming system for computer systems and similar devices) provides for a technical framework broadly comparable to that of a telephone book. The DNS makes it possible to assign a name to a specific computer resource and translates domain nameswhich were only introduced in order to be easily understandable and memorizable by humansinto the relevant internet protocol adresses (eg, the domain name mpepil.com iscurrentlytranslated into 72.15.246.226). B. Internet Governance Most States today have a clear and demonstrated interest in the regulation of activities on the internet (see also Telecommunications, International Regulation). Whereas several States have managed to regulate or even restrictively control the usage of, and content on, the internet, the core of internet governance currently effectively lies outside their reach. But already the scope of the notion of internet governance is blurry. The Working Group on Internet Governance established by the UN World Summit on the Information Society (WSIS) in 2003 adopted a very wide definition: Internet governance is the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet (Report from the Working Group on Internet Governance para 10). Such an understanding of internet governance comprises more than just the allocation and assignment of the DNS and Internet Protocol (IP) addresses, which is the core of the mission of ICANN, as stated in Art. 1 (1) ICANN Bylaws. It can also encompass much more far-reaching issues such as the regulation of content or questions of jurisdiction. However wide the scope of governance is defined, its core elements are surely to be seen in those functions currently performed by ICANN.

1. Internet Corporation for Assigned Names and Numbers (ICANN) (a) Legal Framework Whereas the administration of the DNS was originally in the hands of the US government, it was partly handed over to ICANN by its establishment in 1998, as formulated in the Memorandum of Understanding between the US Department of Commerce and Internet Corporation for Assigned Names and Numbers (Joint Project Agreement). According thereto, the US Department of Commerce (DOC) promoted the privatization of the technical management of the DNS. However, before making a transition to private sector DNS management, the DOC required assurances that the private sector has the capability and resources to assume the important responsibilities related to the technical management of the DNS (para. II B Joint Project Agreement). Therefore, the DOC and ICANN were to jointly design, develop, and test the mechanisms, methods, and procedures that will achieve the transition (ibid). Established as a non-profit organization under Californian Nonprofit Public-Benefit Corporation Law, the corporation was from its beginning seen as controversial due to the involvement of the US government, the corporationss governance structure, and it being subject both to the state laws of California and US federal law. ICANN, comprised of mainly private but also public actors, makes binding decisions on the architecture of the internet and the policies on the DNS, including the creation of new top level domains (TLDs; eg.com.uk.de etc). Even though these far-reaching competencies are mostly limited to decisions of a technical nature, the consequences thereof may
2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press 2

Max Planck Encyclopedia of Public International Law www.mpepil.com

be of a content- and political-related nature (Kube 848), eg in the creation of TLDs for territories the independence of which is disputed. The powers are mainly exercised by ICANNs Board of Directors, comprised of fifteen voting and six non-voting members (Art. VI (1) ICANN Bylaws). Members are selected by various stakeholders from the internet community, ie the registries, commercial, and regular users, thus representing a bottom-up approach excluding direct governmental involvement. It is this structure of ICANN that qualifies internet governance for many as one of selfregulation. The Board of Directors is supported by several advisory committees, one of these being the Governmental Advisory Committee (GAC), the role of which is to consider and provide advice on the activities of ICANN as they relate to concerns of governments, particularly matters where there may be an interaction between ICANNs policies and various laws and international agreements or where they may affect public policy issues (Art. XI (2) (1) (a) ICANN Bylaws). Membership of the GAC is open to all national governments, currently counting 109 members. But as it functions solely as an advisory body lacking any decision-making power, influence by public authorities on ICANN remains at a low level, at least on paper. In practice, though, the Board of Directors has apparently always adhered to the recommendations of the GAC (Dederer 384). However, the GAC in its Operating Principles itself states that the ICANN Bylaws and Articles of Incorporation prevail over the GAC Operating Principles in case of a difference in interpretation (Art. XV GAC Operating Principles).

10

11

(b) Critique ICANNs authority to govern is derived from the United States via the Joint Project Agreement. This form of derivative governance has met harsh criticism. The core of the critique is the missing democratic legitimation of ICANN ( Legitimacy). The fact that the powers of ICANN have ultimately only been handed over from the DOC and can be revoked anytime is viewed as creating a high degree of dependence on US policies, even if only indirectly. This has led some scholars to view ICANNs actions as attributable to the US government, qualifying it as a State actor (Dederer 37779; Froomkin [2000] 113). ICANN claims to offer a participatory governance structure inclusive of the relevant commercial and non-profit actors. However, critics see regular users under-represented in relation to the commercial sector. ICANNs system of governance would rather sustain the dominance of the strongest actors of the network, turning the participatory claim into an instrument of hegemony (Von Bernstorff 513). Critique likewise arises in regard to judicial control. Due to ICANNs incorporation in California, such control can only be excercised before a US court, or within ICANNs own dispute settlement system, a procedure it has set up for itself and which has been criticized for only providing a limited level of judicial control, as the relevant judicial bodies are either not fully independent, or lack the power both to hand down binding decisions or grant compensation (Hartwig 596). However, by at least providing for such an internal review procedure of its decisions, ICANN does show recognition of its unique position as an administrative body with quasi-public authority. (c) Reform and Recent Developments With this criticism as a background, a strong point was made at the WSIS, especially from developing countries, to transfer internet governance to the intergovernmental level, eg institutionalized at the International Telecommunication Union (ITU) in order to remove any US influence and bring more legitimacy to internet governance. This was partly recognized in the WSIS Tunis Agenda, which stated that the international management of the Internet should be multilateral, transparent and democratic, with the full involvement of governments, the private sector, civil society and international organizations (at para. 29). A commitment was given to ensure the requisite legitimacy of its governance, based on the full participation of all stakeholders, from both developed and developing countries (ibid para. 31). However, none of the models for an internationalization of DNS administration that were discussed at the WISIS was implemented. What remained was the creation of the Internet Governance Forum in 2006, which, however, is merely a forum for discussion, without any powers of supervision or decision-making. Numerous other proposals for reform of internet governance have been brought forward. For example, an argument has been made to treat the core resources of the internetthose elements currently under management of ICANN as a common heritage of mankind (CHM; Segura-Serrano 260). Yet, this view presupposes the qualification of the CHM as a functional rather than a territorial concept, a questionable path if taking into consideration the traditional fields the CHM applies to, namely natural conditions such as the seabed or outer space. Yet another suggestion for internationalization is the transformation of the GAC to a truly supranational organization with oversight and control functions over a (still privatized) ICANN (Dederer 398).
2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press 3

12

13

14

Max Planck Encyclopedia of Public International Law www.mpepil.com

15

A recent development has prompted scholars to speak of a change in internet governance however. The original Joint Project Agreement of 1998 (and its amended versions) had to be prolonged on a regular basis due to it being limited in time. However, on 30 September 2009, the Joint Project Agreement in the form of its seventh amendment was superseded by the Affirmation of Commitments by the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers (Affirmation of Commitments). Herein, the DOC finally affirmed that a private coordinating process is best able to flexibly meet the changing needs of the Internet and of Interner users (at para. 4). Furthermore, the Affirmation of Commitments is intended to be long-standing (at para. 11) and thus not equipped with a sunset clause. ICANN itself interprets this as a declaration of its independence from control by any one entity. It has been similarily looked upon positively in the international community (see, eg, the press release European Commission Welcomes US Move to More Independent, Accountable, International Internet Governance). Nevertheless, as was already the case with the Joint Project Agreement, the DOC can terminate the Affirmation of Commitments unilaterally (at para. 11). In doing so, the DOC would regain its original position as administrator of the DNS, rendering ICANN powerless. Thus, while providing for a greater inclusion of the internet community in ICANN, the Affirmation of Commitments has still not solved the core problem of internet governance: the lack of its institutionalization as an international organization with a fully democratic legitimation. This cannot change as long as the authority of DNS administration is revocable and derived from a single State. 2. Sovereignty Issues Questions of sovereignty and jurisdiction of States are especially significant in internet-related case law. As most internet services do not distinguish between sovereign territories, a consumer of State A may easily buy a product from a vendor in State B, whose website and online shop are hosted on a server in State C. The selling of the product may be illegal and punishable in State A, but not in State C. This exemplifies the fact that, while the contents of the internet are hosted on the global networks and are mostly accessible from anywhere, local values do differ strongly. This divergence between global networks and local values makes coherent regulation of content on the international level complex and is practically the reason for its non-existance (see generally Engel and Keller). The calls of the 1990s for the establishment of a cyberlaw or lex informatica distinct from that applicable to physical, geographically-defined territories (Johnson and Post 1402) have proven premature. In fact, self-regulation of the internet community in relation to the legality of content is simply not taking place. Nevertheless, such cases can only be resolved with the help of international law, especially through cooperation between the States involved. International law requires a genuine link to exist between incident and State in order for the latter to practise jurisdiction. In cases of illegal content being disseminated, the State of the offender may claim jurisdiction through the nationality principle. The same holds true for the territoriality principle, according to which a State may impose jurisdiction on actions on its territory. Controversy arises in regard to the application of the effects principle, which grants jurisdiction to a State which experiences the effects of an action on its territory (see also Trail Smelter Arbitration). The most widely known case in this regard is La Ligue Contre Le Racisme et LAntisemitisme v Yahoo!, Inc. (Tribunal de Grande Instance Paris [20 November 2000]; Yahoo Case), concerning the hosting of an offer of Nazi memorabilia on Yahoo!s auction portal, an action constituting a crime under French penal law. After asserting jurisdiction on the basis of the effects principle, the court ordered Yahoo! to establish measures denying internet users located in France access to such objects via its auction portal. Cases have been decided similarly in Germany (in relation to Nazi content hosted on Australian servers), the United States (violations of copyright law), and the United Kingdom (pornographic content hosted abroad but accessible from the United Kingdom; elaborating on these cases: Schmahl 30009). While the aforementioned decisions all base their judgments on grounds of the effects principle, the interpretation of its scope and content varies considerably. Nevertheless, national jurisprudence does show a trend to limit the effects principle in internet-related cases by requiring the element of a deliberate influence in the foreign State as a prerequisite for any establishment of a genuine link. Such a solution seems favourable when bearing in mind that neither the most restrictive nor the most liberal legal system is called upon to trump the others. This already arises out of the principle of sovereign equality of States (Schmahl 314; Goldsmith and Wu 157; States, Sovereign Equality). Traditional concepts of sovereignty have likewise led to the generally accepted principle that the ultimate public policy authority over the country code TLDs (ccTLDs; such as, eg.uk.de.fr etc) belongs to the relevant government or public authority, as stipulated in para. 4.1. GAC Principles and Guidelines for the Delegation and Administration of Country Code Top Level Domains (GAC Principles). Under the principle of subsidiarity, ccTLD policy should be set locally in accordance with national law (para. 1.2. GAC Principles). This includes delegation and re-delegation of the respective registry (para. 7.1. GAC Principles). Thus, the dispute settlement systems concerning domain names likewise lie in the discretion of the relevant State. This reading is underpinned by ICANNs adherence to the GAC Principles in spite of the legally non-binding nature of GAC decisions (Dederer 386).
2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press 4

16

17

18 19

20

Max Planck Encyclopedia of Public International Law www.mpepil.com

21

3. Uniform Domain Name Dispute Settlement Dispute settlement regarding the registration of domain names differs for the relevant TLDs. For the generic TLDs ie.com,.org, and several other non-country specific TLDsthe Uniform Domain Name Dispute Resolution Policy (UDRP) was established by ICANN as an extrajudicial dispute resolution framework, to which every domain-name holder is subjected in the respective registration contract, together with its accompanying procedural rules (Art. 1 UDRP). The adoption of the UDRP was based on a recommendation of the World Intellectual Property Organization (WIPO), which has also been approved as one of the dispute resolution service providers by ICANN. The UDRP system, incorporating both public authority through US supervision of ICANN and the involvement of the WIPO as a traditional international organization, but also private self-regulation, has thus been qualified a hybrid system (Uerpmann-Wittzack 281) or even a sui generis form of international self-regulation posing as a quasi-administrative procedure (Bettinger 1109). The UDRP is applicable to disputes concerning so-called cybersquatting, ie the registration of domain names which are a) identical or confusingly similar to a trademark or service mark in which the complainant has rights; b) in which the registrant has no rights or legitimate interests in; and c) which have been registered in bad faith and are still being used that way (Art 4 (a) UDRP). These requirements have to be fulfilled cumulatively. The validity of an inclusion of the UDRP into registration agreements has been questioned, especially as regards national consumer protection laws. Since the reference to UDRP is part of the regular contract between registrar and registrant, its validity will be determined by national contract law. Hereby, the absence of any official translations of the UDRP, the fairness of a shift of burden of proof in certain constellations, but also the question of whether the UDRP can be seen as a valid form of arbitration under national law at all, has been particularly criticized (see generally Hestermeyer). However, proceedings can likewise be submitted to a regular court at anytime, regardless of a UDRP procedure (Art. 4 (k) UDRP), the decision of which ICANN will comply with also after the conclusion of a UDRP procedure (Art. 3 (b) UDRP). Whether or not national courts are bound by a decision reached in an UDRP procedure is a question of the relevant national procedural law. By far the largest number of cases negotiated under the UDRP are those concerning the transfer of a domain name, and over 80 per cent of the cases have been decided in favour of the complainant. Since the adoption of the UDRP, over 17,000 cases have been filed at the WIPO Arbitration and Mediation Center alone, making the UDRP a quite important and effective instrument, at least in the cases of obvious cybersquatting. However, the procedural deficiencies such as short time limits (eg 20 days for filing of a response), the mere exceptional possibility of submitting a counterplea, and both the absence of legal discovery and an appellate proceeding do not make it an instrument of first choice for more legally complex circumstances (Bettinger 134546). Registries of ccTLDs are not obliged to incorporate the UDRP, although many have done so. The.eu TLD is noteworthy in this regard, as the relevant regulations have been passed by European Union legislation. However, the management is modelled on the UDRP and WIPO recommendations, as can be seen in Commission Regulation (EC) No 874/2004 of 28 April 2004 Laying Down Public Policy Rules concerning the Implementation and Functions of the.eu Top Level Domain and the Principles Governing Registration ([2004] OJ L162/40), which mentions these as international best practices. Many ccTLD registries have adopted their own policies though (see para 20 above). 4. Net Neutrality The recent debate surrounding net neutrality centres around the question of whether the right to property allows network carriers and internet service providers (ISPs) to discriminate in their networks against certain applications and content, thus affecting the free flow of information and other communication rights of users (see also Property, Right to, International Protection). A router will by default forward data packages according to a first-come-first-served policy, thus providing for an indiscriminate handling of content. However, inter alia through the technique of deep packet inspection, it is possible to prioritize between different applications, thus discriminating against certain applications, eg those of competitors or anyone utilizing an amount of bandwith deemed excessive. Even the complete blocking of certain applications has been utilized by ISPs. While this is mostly being done for economic considerations, the same could also be applied for political reasons (Pfister 18290). There is currently no international instrument dealing with these issues; however, several States have begun to address them. The US Federal Communications Commission (FCC) in September 2005 released a Policy Statement establishing four principles of net neutrality in order to encourage broadband deployment and preserve and promote the open and interconnected nature of the public Internet. These four principles entitle the consumers to: a) access the lawful internet content of their choice; b) run applications and use services of their choice, subject to the needs of law enforcement; c) connect their choice of legal devices that do not harm the network; d) competition among network providers, application and service providers, and content providers. In 2009, as a reaction to reported incidents of ISPs blocking traffic from
2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press 5

22

23

24

25

26

Max Planck Encyclopedia of Public International Law www.mpepil.com

peer-to-peer networks, the FCC proposed two additional principles (on non-discrimination of content and transparency of network management) to further strengthen net neutrality. 27 The European Commission, on the other hand, is more hesitant in this regard. It views product differentiation as generally beneficial for the market as long as users are able to choose freely therefrom, inter alia by obliging the carriers to transparency in regard to their prioritization policies. Also, the different European regulatory model which gives national regulatory authorities the powers to deal with discrimination via telecommunications and antitrust laws is regarded as sufficient (Holznagel 98). Recently, the European Commission in its Declaration on Net Neutrality has attached high importance to preserving the open and neutral character of the Internet, taking full account of the will of the co-legislators now to enshrine net neutrality as a policy objective and regulatory principle to be promoted by national regulatory authorities. Likewise, Directive 2009/140/EC of the European Parliament and of the Council of 25 November 2009 ([2009] OJ L337/37) added Art. 8 (4) (g) to Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a Common Regulatory Framework for Electronic Communications Networks and Services ([2002] OJ L108/33) promoting the ability of end-users to access and distribute information or run applications and services of their choice. While this can be read as a disencouragement of any attempts to block certain applications, it lacks the legally binding effect to reach such goal. In the end it has to be observed that the discussion concerning net neutrality has just begun. The problems are rooted in the fact that the internet was originally not designed in a way to provide the services some applications heavily rely upon today. These requirements, such as a guaranteed quality of service, security, and high bandwith, will only rise in the future. But the constantly needed expansion of the physcial internet infrastructure is a costly undertaking, making prioritization and scaling an obvious business model. It might be that the introduction of must carry clauses, comparable to those already existing for certain general interest objectives, eg distriubtion of public radio or television broadcasts, or minimum service quality levels, will prove a suitable instrument for balancing the competing interests. C. Specific Legal Issues 1. Human Rights During the last two decades, the internet has developed into the most important medium of communication. Internet users enjoy the same freedoms of expression, communication, and information as they do in any other medium. In particular the right to impart information regardless of frontiersas enshrined in all major human rights instruments except the African Charter on Human and Peoples Rights (1981)gains a new momentum in this regard ( Information and Communication, Freedom of, International Protection; Opinion and Expression, Freedom of, International Protection). However, these rights are not unlimited, but contain ordre public (public policy) exceptions, that allow for a relatively wide discretion, a concept which is also enshrined in Art. 34 Constitution of the International Telecommunication Union. Bearing in mind the remarkable differences various legal traditions award to the scope of freedom of expression, these exceptions are necessary. Whether outright censorship or extensive internet filtering techniques may be justified hereby is questionable, though. While the most widely known example in this regard is China, however, many Western countries also use blocking techniques to ban access to websites deemed to contain illegal content. The right to privacy is likewise of special concern in the field of information networks ( Privacy, Right to, International Protection). It encompasses the protection from State access to confidential data available on, or transmitted via, the internet, such as e-mail. Connected thereto is the protection of transboundary data flow ( Data, Transboundary Flow, International Protection). Operating within the internet mostly inherently involves revealing information about oneself, whichaccumulatedcan be used for generating user profiles, the trading of which has already generated new market opportunities. The wide discretion afforded to States through the relevant international instruments to restrict the right to privacy has led to a comparatively high degree of variation in data protection laws, while several States have abstained from any legislation. Regional instruments such as several European Union directives but also so-called safe harbour agreements, which let foreign companies adhere to the stricter privacy standards of a third country on a voluntary basis, contribute to a harmonization of standards. However, this remains on a low level, prompting data and privacy protection commissioners of several countries to call for the conclusion of an international convention on data protection, as inter alia stipulated in a 2005 declaration entitled The Protection of Personal Data and Privacy in a Globalised World: A Universal Right Respecting Diversities. Harmonization in this field is to be welcomed. Today the threat to the privacy of individuals personal information often seems to come from commercial actors. Although it is the users themselves who in many cases provide for an alarmingly permissive exposure of their personal information, the international community would be well advised to introduce a data protection regime stipulating clear limits to further processing and dissemination also of information provided voluntarily.

28

29

30

2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press

Max Planck Encyclopedia of Public International Law www.mpepil.com

31

Access to the internet is still unevenly distributed between developed and developing countries but also within societies, as it requires an advanced communications infrastructure and end devices for the users. While it is clear that the internet is also a facilitator for the exercise of certain cultural rights, as it helps trading in products and services in remote areas, a right to internet access does not exist. Neither the freedom of information, nor the right to development, if considered a right at all, provide for an individual or collective right to access ( Development, Right to, International Protection). A political commitment to turn this so-called digital divide into a digital opportunity for all was made in the WSIS Declaration of Principles (at para. 10), although it lacked a legally binding quality. Propositions to help bridge the divide are inter alia seen in renegotiations of the TRIPS. This could allow for exceptions of the protective rules on copyrights and patents for information technology hard- and software for developing countries similar to those that already exist in the field of public health, thus making the production of information technology products cheaper for the affected States (Lehmann 410). Another field that has been especially challenged through the rise of the internet is the protection of intellectual property as part of the right to property ( Intellectual Property, International Protection). The internet provides for a plethora of possibilities for illegal dissemination of copyright-protected material, especially as regards software, videos, and music. While some passive protection mechanisms of a technical nature do exist, such as geolocation, digital rights management, and encryption (see also coded communications [encryption]), such property rights remain difficult to safeguard. In this regard, an instrument of special concern to rights holders has proven to be a claim to disclosure against ISPs, similar to that utilized by law enforcement authorities (see paras 3536 below). The ECJ in Case C-275/06 Productores de Msica de Espaa (Promusicae) v Telefnica de Espaa SAU ([2008] ECR I-271) decided that the relevant directives do not include an obligation to communicate personal data in order to ensure effective protection of copyright in the context of civil proceedings (at para. 71). The same holds true in the World Trade Organization (WTO) system. Although Art. 47 Agreement on Trade-Related Aspects of Intellectual Property Rights (1994) (TRIPS) does include a provision on the right of information, this does not include any obligation. Rather, the decision whether to create such a right for rights holders against, eg, ISPs, is left to the discretion of the Member States, subject to a proportionality test regarding the infringements seriousness while duly taking account of the privacy implications concerned. Nevertheless, the WIPO in Arts 1014 WIPO Performances and Phonograms Treaty and Art. 8 WIPO Copyright Treaty provide for certain minimum standards for rights holders, which in combination with the principle of national treatment enshrined in both treaties demonstrates WIPOs attention to the specific problems posed by the development of the internet from the early stages on (Uerpmann-Wittzack 273; National Treatment, Principle). 2. Electronic Commerce The internet has provided for the spread of trade in digital content productsmostly software and multimedia, such as music, films, and electronic books (direct e-commerce)and to the introduction of the use of electronic communications for the conclusion of contracts regarding the transaction of regular physical goods (indirect e-commerce). Furthermore, services are available on the internet, eg access to databases or consulting. While most States seem to evaluate the current WTO system as sufficient to address these new forms of trade, controversy still exists over some questions, eg the qualification of digital content as a good or service. This qualification is of importance as regards the determination of the applicable regime, ie either the more market liberal General Agreement on Tariffs and Trade (1947 and 1994) or the comparatively more restrictive General Agreement on Trade in Services (1994). In particular the EU and the US have opposing views in this regard, mainly motivated by economic and cultural interests (see generally WunschVincent 4880). In relation to customs the current regulation is clear. Indirect e-commerce does not pose any new questions, as the transport of goods in this case occurs in the traditional tangible manner. For direct e-commerce, the WTO Member States in the Declaration on Global Electronic Commerce have (temporarily) agreed not to impose customs duties on electronic transmissions. It is probable that these will also not be imposed in the future, because effective control and enforcement would prove extremely difficult if not impossible from a technical standpoint. Another question in this regard is whether States may restrict internet services originating from abroad, if such is necessary to protect public morals or to maintain public order (Art. XIV (a) GATS). This was the case in United StatesMeasures Affecting the Cross-Border Supply of Gambling and Betting ServicesReport of the Appellate Body concerning the supply of gambling services via a foreign website to persons in the USA, a measure the Appellate Body saw as justified if equally applicable to nationals. The example shows that the technological neutrality of the GATS provides it with a normative control function also over internet-based services (Tietje and Nowrot 355). On an international level, there is currently no convention in force which specifically deals with the conclusion of contracts via electronic communications such as the internet. However, some attempts have been made to provide for a harmonization, especially concerning the recognition of electronic messages and signatures and uniform rules relating to time, place of dispatch, and receipt of such messages. These are mainly the Model Law on Electronic Commerce, elaborated by the United Nations Commission on International Trade Law (UNCITRAL), the provisions of which have
2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press 7

32

33

34

Max Planck Encyclopedia of Public International Law www.mpepil.com

been implemented by several States, and the UN Convention on the Use of Electronic Communications in International Contracts, which has not yet entered into force, however. On the other hand, the UN Convention on Contracts for the International Sale of Goods ([concluded 11 April 1980, entered into force 1 January 1988] 1489 UNTS 3; CISG), which due to its age does not explicitly include the possibility of concluding contracts electronically, has also been interpreted by the CISG Advisory Council in its Opinion No 1: Electronic Communications under CISG of 15 August 2003 to enable parties to do so. Legally binding interaction on the internet needs secure communication and authentication of the relevant actors, requirements that could inter alia be met by the introduction of electronic signatures. The harmonization of such has been addressed in the UNCITRAL Model Law on Electronic Signatures and the Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community Framework for Electronic Signatures ([2000] OJ L13/12). All these instruments, together with internet trade usage, may be taken into consideration as sources of customary international law for international electronic commerce (Martin 501). It nevertheless remains a rather fragmented area, an exception being the European framework introduced by Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on Certain Legal Aspects of Information Society Services, in Particular Electronic Commerce, in the Internal Market ([2000] OJ L178/1), which has led to a much higher level of harmonization. It, inter alia, provides for an obligation on Member States to allow the conclusion of contracts by electronic means on a non-discriminatory basis, including provisions on the information to be provided by the service provider and how orders are placed (Arts 911). Furthermore, the liability of service providers for the content of information transmitted on a communications network is regulated (Art. 12). 35 36 3. Cybercrime The internet has made possible access to data stored on external computer systems but also the interception of data in transmission. On the one hand, this opens a new field for cybercrime, namely criminal offences undertaken via the internet. On the other hand, the evidence relating to such offences may be transmitted via the internet and stored on systems accessible therewith, thus providing new measures for crime prevention and criminal prosecution authorites with new methods. The transboundary nature of many of these offences leads to the problem of their criminal prosecution. Due to the rule of double criminality for extradition proceedings and the varying penalization of cybercrimes, a harmonization of criminal laws in this field was soon called for. On an international level, this gave rise to the Council of Europe (COE) Convention on Cybercrime of 2001, signed by 46 and ratified by 30 States (as of July 2010). It obliges the contracting parties to penalize offences against the confidentiality, integrity, and availability of computer data and systems, infringements of copy- and related rights, child pornography, computer-related forgery, and fraud. Apart therefrom many States on a national level amended their penal codes in order to include cybercrime (see also Mutual Legal Assistance in Criminal Matters). The fast-moving nature of the internet poses special problems for law enforcement authorities. An authoritative collection of evidence is linked to the authorities access to user data of ISPs, data often stored only temporarily for billing reasons. These concerns are, inter alia, addressed by the establishment of a 24/7 network in Art. 35 Convention on Cybercrime, providing for immediate assistance in the collection of evidence in electronic form. The same demands have likewise led to the introduction of the highly controversial Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the Retention of Data Generated or Processed in Connection with the Provision of Publicly Available Electronic Communications Services or of Public Communications Networks and Amending Directive 2002/58/EC ([2006] OJ L105/54; Data Retention Directive). According to this Directive, European Union Member States are to harmonize their relevant obligations for ISPs with respect to the retention of certain data which are generated or processed by them, in order to ensure that the data are available for the purpose of the investigation, detection and prosecution of serious crime (Art. 1 Data Retention Directive). Basically, ISPs are to be obliged to store such data in order to provide the relevant authorities with the possibility of access. While the Data Retention Directive has been highly controversial from the beginning, some of the implementation laws have recently even been declared null and void by the relevant constitutional courts; moreover some States have not yet implemented the directive due to concerns regarding its constitutionality. Despite aheavily criticizedruling of the European Court of Justice in Case C301/06 Ireland v European Parliament and Council of the European Union ([2009] ECR I-593) affirming the directives formal legality (confined solely to areas of competence of the European Union), the discussions concerning the Data Retention Directives legality are thus prone to continue (see generally Simitis). D. Assessment This overview has shown that a singular inclusive framework for the internet that might qualify as an international law of the internet does not exist. The internet as a medium for such a variety of different activities must rather be seen as a cross-sectional matter, engaging nearly all fields of international and national law. The significance and ubiquity of the
2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press 8

37

38

Max Planck Encyclopedia of Public International Law www.mpepil.com

internet seems to be only likely to increase in the future. Both legal scholarship and legal practice will thus continue to be occupied by the legal questions discussed above. Additionally, the constant and rapid development of the internet and its associated services will raise new legal problems. What the development of the internet as a cross-sectional matter has proven, though, is the following. First, the development of spheres beyond the rule of States is an illusion, which at the latest has been destroyed by the different frameworks initiated especially for the internet, even if developed only in a sector-specific way. Second, any activity on the internet falls under the jurisdiction of some State, which can be used to influence content disseminated thereon, limited by human rights obligations. Third, the inherently transboundary nature of actions on the internet requires an even tighter transnational cooperation in all fields of law in order to provide for legal certainty and effective enforcement mechanisms. As so often in international law, finding consensus on some minimum standards in this regard is the decisive point. This could be further facilitated if ICANN or a successor organization were to be instituted as a truly international organization, providing it with the legitimacy it is still missing. Select Bibliography DR Johnson and D Post Law and Borders: The Rise of Law in Cyberspace (1996) 48 StanLRev 13671402. L Lessig Code and Other Laws of Cyberspace (Basic Books New York 1999). C Engel and KH Keller (eds) Governance of Global Networks in the Light of Differing Local Values (Nomos BadenBaden 2000). AM Froomkin Wrong Turn in Cyberspace: Using ICANN to Route around the APA and the Constitution (2000) 50 DukeLJ 17186. AM Froomkin Habermas@discourse.net: Toward a Critical Theory of Cyberspace (2002) 116 HarvLRev 749803. HP Hestermeyer The Invalidity of ICANNs UDRP Under National Law (2002) 3 MinnIntellPropRev 157. J von Bernstorff Democratic Global Internet Regulation? Governance Networks, International Law and the Shadow of Hegemony (2003) 9 ELJ 51126. BA Lehman, Intellectual Property Rights as a Trade, Health and Economic Development Issue. 17 St. Johns JLegal Comment. 417 (2003) H Muir Watt Yahoo! Cyber-Collision of Cultures: Who Regulates? (2003) 24 MichJIntlL 67396. JL Goldsmith and T Wu Who Controls the Internet?: Illusions of a Borderless World (OUP Oxford 2006). H Kube Neue MedienInternet in J Isensee and P Kirchhof (eds), Handbuch des Staatsrechts der Bundesrepublik Deutschland vol 4 Aufgaben des Staates (Mller Heidelberg 2006) 84383. A Segura-Serrano Internet Regulation and the Role of International Law (2006) 10 MaxPlanckUNYB 191272. S Wunsch-Vincent The WTO, the Internet and Trade in Digital Products (Hart Oxford 2006). J Zittrain The Generative Internet (2006) 119 HarvLRev 19742040. D Lindsay International Domain Name Law, ICANN and the UDRP (Hart Portland 2007). FW Pfister Net Neutrality: An International Policy for the United States (2007) 9 San Diego International Law Journal 167211. T Bettinger (ed) Handbuch des Domainrechts: Nationale Schutzsysteme und internationale Streitbeilegung (Carl Heymanns Kln 2008). R Deibert and others (eds), Access Denied: The Practice and Policy of Global Internet Filtering (MIT Press Cambridge 2008). T Hoeren and U Sieber (eds) Handbuch Multimedia-Recht (CH Beck Munich 2008).

2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press

Max Planck Encyclopedia of Public International Law www.mpepil.com

CH Martin The Electronic Contracts Convention, the CISG, and New Sources of E-Commerce Law (2008) 16 TulJIntl&CompL 467503. H-G Dederer ICANN und die Dominanz der USA: Internet Governance auf dem Weg in die Internationalisierung (2009) 47 Archiv des Vlkerrechts 36798. J Mathiason Internet Governance: The New Frontier of Global Institutions (Routledge London 2009). S Schmahl Zwischenstaatliche Kompetenzabgrenzung im Cyberspace (2009) 47 Archiv des Vlkerrechts 284 327. S Simitis Der EuGH und die Vorratsdatenspeicherung oder die verfehlte Kehrtwende bei der Kompetenzregelung (2009) 62 NJW 178286. C Tietje and K Nowrot Das Internet im Fokus des transnationalen Wirtschaftsrechts: Normative Ordnungsstrukturen fr den E-Commerce (2009) 47 Archiv des Vlkerrechts 32866. R Uerpmann-Wittzack Internetvlkerrecht (2009) 47 Archiv des Vlkerrechts 26183. M Hartwig ICANNGovernance by Technical Necessity in A von Bogdandy and others (eds), The Exercise of Public Authority by International Institutions: Advancing International Institutional Law (Springer Heidelberg 2010). B Holznagel Netzneutralitt als Aufgabe der Vielfaltssicherung (2010) 13 Kommunikation und Recht 95100. ITU (ed) Measuring the Information Society 2010 (ITU Geneva 2010). CT Marsden Net Neutrality: Towards a Co-Regulatory Solution (Bloomsbury London 2010). Select Documents Affirmation of Commitments by the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers (signed 30 September 2009, entered into force 1 October 2009) (17 May 2010). Articles of Incorporation of Internet Corporation for Assigned Names and Numbers (21 November 1998) (15 June 2010). Council of Europe Convention on Cybercrime (opened for signature 23 November 2001, entered into force 1 July 2004) CETS No 185. European Commission, European Commission Welcomes US Move to More Independent, Accountable, International Internet Governance (30 September 2009) Press Release IP/09/1397. FCC, Policy Statement (adopted 5 August 2005, released 23 September 2005) FCC 05-151. FCC Policy Statement (adopted 5 August 2005, released 23 September 2005) FCC 05-151 http:// hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-05-151A1.pdf (7 May 2010). GAC Operating Principles (done 5 April 2005) http://gac.icann.org/system/files/ GAC_Operating_Principles_1.pdf (1 June 2010). GAC Principles and Guidelines for the Delegation and Administration of Country Code Top Level Domains (done 5 April 2005) http://gac.icann.org/system/files/ccTLD_Principles_0.pdf (31 May 2010). ICANN Bylaws for Internet Corporation for Assigned Names and Numbers (effective as of 6 November 1998, as amended 30 September 2009) (27 April 2010). International Conference of Data Protection and Privacy Commissioners The Protection of Personal Data and Privacy in a Globalised World: A Universal Right Respecting Diversities (16 September 2005) (11 June 2010). Internet Corporation for Assigned Names and Numbers (15 July 2010).

2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press

10

Max Planck Encyclopedia of Public International Law www.mpepil.com

Internet Engineering Task Force Architectural Principles of the Internet (June 1996) Network Working Group Request for Comments 1958. Internet Engineering Task Force Requirements for Internet HostsCommunication Layers (October 1989) Network Working Group Request for Comments 1122. Internet Engineering Task Force Some Internet Architectural Guidelines and Philosophy (December 2002) Network Working Group Request for Comments 3439. Memorandum of Understanding between the US Department of Commerce and Internet Corporation for Assigned Names and Numbers (25 November 1998) (18 May 2010). UNCITRAL Model Law on Electronic Signatures (25 June13 July 2001) GAOR 56 Session Supp 17 Annex II. United Nations Convention on the Use of Electronic Communications in International Contracts (adopted 23 November 2005, not yet entered into force) GAOR 60 Session Supp 49 vol 1, 492. US Department of Commerce Statement of Policy: Management of Internet Names and Addresses (10 June 1998) (1998) 63 USFedReg 31741. WIPO Copyright Treaty (adopted 20 December 1996; entered into force 6 March 2002) (1997) 36 ILM 65. WIPO Performances and Phonograms Treaty (done 20 December 1996, entered into force 20 May 2002) (1997) 36 ILM 76. WSIS, Declaration of Principles: Building the Information Society: A Global Challenge in the New Millennium (12 December 2003) Doc WSIS-03/GENEVA/DOC/4-E (26 April 2010). WSIS, Report from the Working Group on Internet Governance (3 August 2005) Doc WSIS-II/PC-3/DOC/5-E (27 April 2010). WSIS Tunis Agenda for the Information Society (18 November 2005) Doc WSIS-05/TUNIS/DOC/6(Rev. 1)-E (6 May 2010). WTO, Declaration on Global Electronic Commerce (20 May 1998) WT/MIN(98)/DEC/2. WTO, United StatesMeasures Affecting the Cross-Border Supply of Gambling and Betting ServicesReport of the Appellate Body (7 April 2005) WT/DS285/AB/R.
th th

2013 Max Planck Institute for Comparative Public Law and International Law, Heidelberg and Oxford University Press

11