Trustwrap: The Importance of Legal Rules to Electronic Commerce and Internet Privacy

Abstract

This Article puts forward two claims and one proposed new term. The first claim, buttressed by new evidence in this Article, is that we have under-valued the importance of binding legal rules in promoting electronic commerce ("E-Commerce"). The second claim is that, in light of the demonstrated helpfulness of binding legal rules, the case for Internet privacy legislation in the United States is stronger than it was during the start-up period of E-Commerce during the 1990s. The new term, which is central to both of these claims, is the idea of "trustwrap" - the ways that merchants can wrap their transactions in visible, trust-inspiring ways when conducting E-Commerce. The idea of trustwrap arose for me in thinking about the Tylenol scare in the early 1980s, when cyanide was injected into bottles of the medicine. Johnson & Johnson responded by re-engineering every sale of Tylenol. Today, every bottle of pills has a plastic wrap around the outside of the bottle. Every bottle has a foil seal inside the cap. Inside the bottle, the medicine exists in tamper-proof caplets or tablets, rather than the earlier capsules into which the malicious person had injected the poison. I propose the term "trustwrap" to bring together the physical transactions of Tylenol and the virtual transactions of E-Commerce. For my proposed use of "trustwrap", the seller demonstrates in the course of the transaction that there are legal, technical, or other protections for the purchaser. Moreover, the term "trustwrap" invokes the "shrinkwrap" and "clickwrap" licenses of modern E-Commerce. Part I of this Article looks at three of the striking success stories of E-Commerce - the online credit card, the growth of "clicks-and-bricks" E-Commerce (companies that sell both on the web and in physical stores), and eBay. Each of these three success stories contrasts markedly with the predictions of the Internet pioneers of the mid-1990s. I argue that each success story has created effective trustwrap for online transactions. Notably, the trustwrap in each instance depends substantially on enforceable legal guarantees. This evidence from the success stories on the Internet shows at least a strong correlation with, and quite likely causation from, the sorts of legal enforcement that many observers thought would be irrelevant for Internet commerce. Part II of the Article explores the implications of Part I on the debate about Internet privacy legislation. Based on my own experience as privacy counselor for the Clinton Administration, the debates on Internet privacy have often asked whether a legislative or self-regulatory approach will be more effective at fostering trust and encouraging E-Commerce. The success stories in Part I undermine the common view that binding legal rules will interfere with E-Commerce. In addition, a careful examination of our experiences with Internet privacy suggests that legal protections for privacy are more likely to be beneficial now than they would have been during the start-up period of E-Commerce in the mid-1990s. In short, binding legal rules for Internet privacy may well spur E-Commerce and provide more effective "trustwrap" than self-regulatory alternatives.