Chapter 2 - 2
Legal issues
2.62 As noted above, the most observable characteristic of international
electronic markets is that trading crosses traditional jurisdictional
boundaries, and may take place outside them. To adapt an example frequently
given, a company in Antigua may offer securities on an Internet site which
could be taken up by investors in Australia without the ASC having any
effective jurisdiction over the issuer or the form of the offer. This
has implications both for 'legitimate' and 'questionable' offers.
2.63 Most national regulators claim jurisdiction over offers receivable
in their jurisdiction. For example, the US SEC claims jurisdiction over
all offers accessible in the United States. The ASC similarly claims jurisdiction
over offers accessible in Australia. Given that different jurisdictions
impose differing requirements on the content of offers, these competing
claims of jurisdiction may deter 'legitimate' companies from seeking to
access an international capital market.
2.64 While recognising that securities regulation to date had been essentially
nationally based, and that the global aspects of electronic commerce might
challenge this approach, the ASC noted that developments in electronic
commerce had not yet become significant. In response to the global reach
of Internet prospectuses, the ASC has recommended that, in order to avoid
foreign regulatory problems, all Australian prospectuses on the Internet
should contain a jurisdictional clause stating the jurisdictions in which
the offer is available. [54] However,
some have cast doubt on the adequacy of this approach. One senior lawyer
is quoted as advising:
Although the ASC takes the view that a jurisdiction clause will
be sufficient to avoid liability for irregular prospectuses, foreign
regulators may take a different stand. [55]
2.65 Furthermore, claims of jurisdiction and the enforcement of laws
are different matters. As the advice quoted above continues:
It is possible for offerors in jurisdictions with less stringent
regulatory regimes to issue prospectuses and hawk securities in Australia
which expose investors to risks which are not acceptable under the corporations
law, with little scope for the ASC to intervene ...
Under the Corporations Law, every foreign prospectus lodged on
the Internet and accessible in Australia must comply with local standards.
However, with its restricted extra-territorial jurisdiction, the ASC
has limited ability to enforce these provisions ... [56]
2.66 Unresolved legal issues may extend from classes of transaction -
such as the rules governing share offers or takeover offers - to the requirements
governing an individual transaction - such as finalising the purchase
of a particular parcel of shares. Where such a purchase is made electronically,
ensuring the identity of a purchaser assumes considerable importance.
It has been pointed out that no law currently governs digital signatures.
[57] The Wallis Committee recommended
"endorsement by industry and government of the Public Key Authentication
Framework developed by Standards Australia to enable a reliable system
for digital recognition of individuals and entities to be developed".
[58] Under such a Framework, each user
would have two 'keys' - one public and one private - and a message encoded
with one such key could only be decoded using the other key of same person.
The effect of such a system when used to 'cash' an 'electronic cheque'
was said to be:
If the banks paid out on a genuine but misused digital signature,
they would not be liable for paying out on a forgery. Account holders
would need to seek compensation, not from the bank, but from those who
misused the signature - if they could be found and if they had the money.
[59]
2.67 The Wallis Committee also recommended that Australia adopt appropriate
internationally recognised standards for electronic commerce, including
for electronic transactions over the Internet and the recognition of electronic
signatures. [60]
2.68 Another key issue in existing transactions is ensuring the right
of a vendor to sell. The risk that a transaction may not be settled, or
that funds may be inappropriately dealt with by an intermediary, has seen
the inclusion in the Law of provisions covering dealers' trust accounts,
stock exchange fidelity funds and the National Guarantee Fund. Transactions
undertaken electronically - particularly if real-time settlement systems
[61] became available - might minimise
these settlement risks, and might reduce the need for such provisions
in the Law.
2.69 In summary, the growth of electronic commerce raises a number of
specific legal issues for corporations and securities markets. These include:
- determining the applicable statutory requirements that are imposed
on transactions - for example, which law governs the content and accuracy
of an offer document made available on the Internet; and which law should
govern matters such the takeover of an Internet-traded or Internet-listed
company, [62] or insider trading in
the shares of such a company;
- determining the law that governs the making and execution of a particular
transaction - ie, what law governs the basic contractual requirements
for a transaction conducted electronically (such as the 'place' in which
the transaction is made), or the consequences of a 'failure' of or fraud
in such a transaction (which might range from a computer malfunction
or a keying error, to the unauthorised use of an investor's account
details); [63]
- determining various related legal issues - for example, the jurisdiction
in which to bring any legal action; the statutory enforceability of
the listing and business rules of a securities exchange (s 777); the
statutory power of the ASC to prohibit trading in particular securities
(s 775); and the qualified privilege provided under the Law to a securities
exchange covering the publication of information provided to the exchange
by a listed entity (s 779(5));
- determining the liability of third parties who may be involved in
a transaction - for example, what liability, if any, should attach to
an Internet service provider for the content of an electronic prospectus
made available through that provider, or to the operator of an Internet
site for any linked site;
- proving or evidencing an electronic transaction which is called into
question, or which may be taxable or dutiable, and establishing an audit
trail to enable any regulator to enforce its laws; and
- irrespective of governing law or applicable law, determining how to
enforce that law.
Some issues:
- in what circumstances can an electronic transaction be regarded as
legally 'completed' in the absence of conventional seals and signatures?;
- how can the content of electronic communications or 'documents' be
proved or guaranteed in the absence of a paper copy, or a central register
of all such communications?;
- where a securities transaction or conduct in a securities market is
potentially subject to the law of a number of jurisdictions, how will
the governing law applicable to that transaction or conduct be determined?;
- what law should govern the creation, administration and winding up
of a solely Internet-created or Internet-listed company?; and
- are specific statutory provisions needed to deal with the legal liability
of third parties who are involved, or who become associated, with an
electronic transaction?
Financial, accounting and disclosure issues
2.70 Where securities are traded internationally, there is a clear need
for generally applicable accounting standards, common forms for the presentation
of financial information, and uniform disclosure requirements. The application
of differing standards raises some obvious difficulties for investors
including:
- the reporting of different profit figures in different jurisdictions;
- the reporting of more detailed or fuller financial information in
some jurisdictions; and
- a refusal to disclose information in some jurisdictions which is mandatory
in others.
2.71 Some investors have the resources to gain access to and, where necessary,
reinterpret this financial information for themselves. During a recent
inquiry, this Committee was told that:
There are a number of large institutions around the world who,
prior to purchasing shares in Australia or Indonesia or in some other
regime, require restatement of accounts and policies as best possible
onto some broadly comparable standard. I just think it is an inevitable
part of the evolution of our market. We will not, as Australia, be able
to have unique Australian standards if they are inconsistent with what
is generally accepted worldwide. [64]
2.72 This view was broadly endorsed by the Wallis Committee, which recommended
that the Australian Accounting Standards Board should, where practicable,
seek to harmonise Australia's accounting standards with international
standards. [65]
2.73 While harmonisation is clearly a desirable long-term goal, it may
not be possible with regard to all standards, and it may not be achieved
without extensive and time-consuming negotiation. As a first step, in
1996, this Committee recommended that the Corporations Law should require
that information disclosed by Australian-listed companies in overseas
jurisdictions should be also be provided to Australian investors through
the ASX. It may be that other interim measures are warranted while harmonisation
is actively pursued.
Some issues:
- what regulatory approach should be adopted where the accounting or
disclosure rules in different jurisdictions result in inconsistent disclosure
by a company?;
- should different regulatory approaches be adopted in the short and
long term?
Security and other technical issues
2.74 Concerns have been expressed about the technology that underpins
networks such as the Internet. It is unclear who bears responsibility
for setting the technical standards to be met by the Internet, or for
its performance. [66] Responsibility
for unauthorised access to the system, for breaches of privacy and for
other breaches of security is also unclear. [67]
2.75 It is often said that the apparent insecurity of many electronic
transactions - particularly Internet transactions - is the most significant
deterrent to the growth of electronic commerce. Similar concerns are often
expressed about the security of electronically stored information.
2.76 It was recently estimated that, in 1996, American companies spent
in the order of US$6 billion on network security. Yet a survey of 400
companies and institutions in March 1996 revealed that more than 40% had
reported recent break-ins to their computer networks. Some 30% of all
break-ins involving the Internet took place despite the presence of a
'firewall' - a computer equipped with costly software that is supposed
to let only legitimate traffic pass. [68]
Estimates for financial losses from computer crime are as high as US$10
billion a year, with as many as 95% of break-ins going undetected. [69]
2.77 Network linkages may amplify these security concerns. For example,
a hacker might exploit inadequate security measures put in place by one
company to invade its network, and then use this to disrupt operations
at other companies. Where the resulting damage is substantial, those other
companies might attempt to hold the first company liable.
2.78 Attention has been drawn to agreements such as the EDI Council of
Australia's "Model Electronic Data Interchange Agreement", published
in 1990, as the most appropriate format for conducting aspects of electronic
commerce on the Internet. [70]
2.79 The Wallis Committee forecast generally that:
For financial transactions over the Internet, international security
standards are being developed by software companies, international credit
card associations and third parties such as telecommunications carriers.
Given the relatively small size of the Australian market. domestic financial
institutions will adopt standards prevailing in larger markets such
as the US. There is therefore no requirement for specific government
intervention in this area. [71]
2.80 However, simply adopting international standards is not free from
difficulty. For example, the international credit card associations Visa
and MasterCard, together with many of the world's software companies,
have developed the Secure Electronic Transaction (SET) standard:
As well as encrypting any credit-card data sent over the Internet,
SET uses cryptography to authenticate all parties to the transaction,
including the consumer, merchant and the banks, preventing such things
as "man-in-the-middle" and "rogue-merchant" attacks,
where people intercept messages and decrypt them before forwarding them
on to the intended recipient.
It has the further benefit of not revealing credit-card details
to the merchant - which merely passes the transaction to its bank -
thus preventing a certain type of credit-card fraud commonly referred
to as the "waiter" attack, where the merchant makes a copy
of the credit-card number and sells it or re-uses it illegally. [72]
2.81 This standard was supposed to be ready for worldwide implementation
at the end of 1996. However, this timetable could not be met because non-American
banks expressed concern about the design of SET, the initial versions
of which were apparently developed to complement the highly regionalised
US banking system. Clearly, standards developed nationally may not necessarily
be suitable as international standards.
2.82 Another barrier to secure electronic commerce is represented by
strict government controls over the dissemination of encryption products.
While US policy in this area is well known, Australian policy is broadly
similar. One company apparently affected by this policy was the software
firm Nexus Solutions, which developed NTrust - a secure encryption system
capable of encrypting files with a key length of 33,344 character-bits:
Nexus Solutions had already lined up a distributor in Europe
for NTrust and had the World Health Organisation beta testing the product
when it began marketing the system to government organisations and corporates
locally. It was quickly told by the Defence Signals Directorate that
exporting the product would be illegal.
Sales overseas would only be possible with a separate export
licence for each purchaser, and distribution of demonstration versions
via the Internet would also be a violation of laws governing the export
of munitions. [73]
Some issues:
- who should bear responsibility for setting the various technical standards
to be met by the Internet, or other electronic networks, and for their
performance?;
- what approach, if any, should Australia take to the adoption of international
security standards for electronic commerce?; and
- what policy approach should be taken to dissemination of secure encryption
technologies?
Other regulatory issues
2.83 In addition to the regulatory issues canvassed above, two other
such issues should also be raised: the possibility that issuers or investors
may indulge in "regulatory arbitrage", and the implications
of electronic capital raising for Australia's foreign investment policies.
Regulatory arbitrage
2.84 'Regulatory arbitrage' is a term that has been used by a number
of commentators, including Mr Richard Humphry, the Chief Executive of
the ASX. Where issuers and investors have a choice of markets on which
to transact their business, one major factor influencing their choice
will be cost, both direct and indirect. Since excessive regulation imposes
excessive costs, an over-regulated market will lose business to a market
that, while well regulated, is less regulated:
One common, but I suggest erroneous, response to this proposition
is that giving in to the force of regulatory arbitrage will necessarily
lead to a downward regulatory spiral to the state of the least-regulated
competing market. Of course that isn't so, for the simple reason that
many investors and issuers don't want to deal on an inadequately regulated
market. They want the security of adequate regulation, but they won't
put up with the burdens of excessive regulation when they have an alternative.
The existence of regulatory arbitrage means that national governments
and regulators are going to have to balance the need for the markets
they regulate to be internationally competitive, on the one hand, with
their natural desire to apply what they believe to be appropriate regulatory
policies domestically, even if they impose greater costs on market users.
[74]
2.85 This broad issue was also noted in the Wallis Committee Report,
which spoke of the possibility of 'regulatory competition' between competing
jurisdictions. That Committee concluded that regulatory competition "could
lead to an overall lowering of regulatory standards" but that "the
more likely outcome is that regulators will have an incentive to develop
a range of regulatory frameworks across jurisdictions which best meet
the needs of participants and users in those markets". [75]
Regulation of foreign investment
2.86 Currently, Australia screens foreign investment under the Foreign
Acquisitions and Takeovers Act 1975. Among other things, this Act:
- requires foreign persons to notify the Treasurer of certain agreements
to acquire substantial shareholdings in Australian corporations; and
- enables the Treasurer to prohibit certain proposed acquisitions or
exercises of control by foreign persons where the Treasurer determines
that these actions are not in the national interest. [76]
2.87 In exercising these powers, the Treasurer is able to take advice
from the Foreign Investment Review Board (FIRB). FIRB also examines certain
proposals which are not subject to the Act. These include all proposals
for foreign investment in the media sector.
2.88 The Act defines an Australian corporation as "a trading corporation,
a financial corporation or a corporation incorporated in a Territory under
the Law in force in that Territory relating to companies". [77]
An Australian business is defined as "a business that is carried
on wholly or partly in Australia in anticipation of profit or gain".
[78] It may be that these definitions,
and the provisions of the Act or its guidelines, do not fully comprehend
the possible effects of global electronic commerce.
Some issues:
- will global electronic capital raising and securities trading involve
'competition' between regulators or the laws they administer, and will
any such competition expose Australian investors to unacceptable risk?;
and
- what effect, if any, will global electronic capital raising and securities
trading have on the exercise of powers under legislation governing foreign
acquisitions and takeovers?
Footnotes:
[54] 'Lawyers warn of dangers in Internet prospectuses',
Australian Financial Review, 3 February 1997, p 4.
[55] 'Lawyers warn of dangers in Internet prospectuses',
Australian Financial Review, 3 February 1997, p 4.
[56] 'Lawyers warn of dangers in Internet prospectuses',
Australian Financial Review, 3 February 1997, p 4.
[57] 'Dangers of forging ahead with digital
signatures', Australian Financial Review,12 May 1997, p 38.
[58] Wallis Committee Report, p 502.
[59] 'Dangers of forging ahead with digital
signatures', Australian Financial Review, 12 May 1997, p 39.
[60] Wallis Committee Report, p 503.
[61] Under such a system, a transaction would
be instantly verified, paid for and settled. Real-time gross settlement
systems are discussed at p 113 of the Wallis Committee Report.
[62] In NCSC v Brierley Investments Ltd
(1988) 6 CLC 995 B Ltd, a New Zealand company acquired 30% of the
shares in another New Zealand company, thereby acquiring an interest in
more than 20% of a company incorporated in NSW, so contravening the NSW
takeovers code. A NSW court rejected the argument that it was beyond the
power of the NSW Parliament to legislate for the share buying activities
of New Zealand companies in New Zealand.
[63] Some recent examples of 'failure' in electronic
transactions include: the doubling of all computer -generated credits
and debits to 300,000 Commonwealth Bank accounts on 16 April 1997 and
the trading of securities using the ASX's CHESS system apparently without
authorisation from the owners of those securities: see, generally, The
Australian, 17 April 1997, p 1; Australian Financial Review,
28 April 1997, p 1.
[64] Corporations and Securities Committee,
Inquiry into the Draft Second Corporate Law Simplification Bill 1996,
Committee Hansard, 2 October 1996, p CS 93 (Mr Wozniczka).
[65] Wallis Committee Report, p 271.
[66] Gordon Hughes, 'Nowhere to hide?: Privacy
and the Internet', Computers & Law No 29 (June 1996) p 22.
[67] id.
[68] 'Who's Reading Your E-mail', Time,
3 February 1997, p 65.
[69] id.
[70] Gordon Hughes, 'Nowhere to hide?: Privacy
and the Internet', Computers & Law, No 29 (June 1996) p 22.
[71] Wallis Committee Report, p 501.
[72] 'Visa claims Net payment first', Australian
Financial Review, 30 April 1997, p 30.
[73] 'Making the transition', Australian
Personal Computer, February 1997, p 74.
[74] Richard Humphry, 'Impact of Electronic
Commerce: The Market's Perspective', a Paper delivered at Regulating
the Marketspace, ASC Electronic Commerce Conference, Sydney, 4-5 February
1997, p 2.
[75] Wallis Committee Report, p 153.
[76] Foreign Acquisitions and Takeovers
Act 1975 (Cth) ss 18, 19 and 21.
[77] Foreign Acquisitions and Takeovers
Act 1975 (Cth) s 5(1).
[78] Foreign Acquisitions and Takeovers
Act 1975 (Cth) s 7.
Top
|