45. Respondents to the March 1999 consultation paper were asked whether any other measures should be included in the forthcoming legislation. Several important issues, such as the taxation of electronic commerce and consumer protection on-line, were mentioned but there were few suggestions of specific legislative measures which could be introduced at this stage.[128] Many important initiatives in these areas can be taken by industry, or by Government without legislation.[129] The Government has ruled out legislation on unsolicited e-mail and the treatment of electronic contracts, both of which are dealt with by the EU proposal for a Directive on Certain Legal Aspects of Electronic Commerce.[130] The draft directive includes proposals to deal with a number of other issues, including the liabilities of internet service providers and the definition of the legal jurisdiction which will apply to electronic commerce transactions in Europe.[131] We recommend that, during the passage of the Bill, if not before, the Government inform Parliament of legal changes likely to be necessary as a result of the EU Directive on Certain Legal Aspects of Electronic Commerce.

46. A number of initiatives stemming from the March 1999 consultation paper are being taken forward without legislation. Following our recommendations, the National Criminal Intelligence Service is developing a national scheme for local law enforcement agencies to provide notification when they encounter encryption during a criminal investigation; the Government has decided to establish a 24-hour Technical Assistance Centre to help law enforcement agencies derive intelligence from lawfully intercepted and retrieved encrypted communications and data; and the Association of Chief Police Officers is considering the establishment of a national high technology crime unit.[132] The Cabinet Office task force, which included several representatives of industry, and which was established to examine alternatives to key escrow published a report in May 1999 and is now to be replaced by a permanent industry/Government forum on encryption policy.[133]

COMMERCIAL LIABILITY

  47. The Government has also decided against introducing a statutory commercial liability regime for TSPs and instead expects TSPs "to make clear to their customers the extent of their liability".[134] In our first Report on electronic commerce we suggested that "if consumers are to have confidence in electronic commerce, the liability rules covering TSPs must be clear, simple, fair and well-known".[135] Several respondents to the draft Bill argued that the liability of TSPs required further attention by Government.[136] We recommend that the Government inform Parliament of what action it will take to ensure that TSPs make clear to their customers the extent of their liability.

EXPORT CONTROLS

  48. In March 1999 DTI consulted on the possibility of streamlining procedures for the export of cryptographic products. Many respondents were critical not only of the procedures by which export licences for such products are issued, but of the extent to which the export of cryptographic products is controlled by the Government. There were several calls for the licensing of cryptographic exports to be ended and we recommended that the Government consider the case for a review of the rationale of the continuation of export controls on cryptographic products, as well as the procedures by which such controls are implemented. The Government told us that export controls on encryption were reviewed internationally as recently as December 1998 and that new, relaxed controls would soon be implemented.[137] There have been a number of significant international developments since December 1998, including the unexpected relaxation of export controls by the US Government, which suggest to us that the need for a wide-ranging review of the UK's export controls on cryptographic products is increasingly urgent.[138] In response to the draft Bill, Vodafone described export controls as "major obstacles that the Bill fails to address" and there were also critical comments made by the Law Society.[139] We recommend that, in the light of recent and unexpected changes in US policy on the export of cryptographic products, the Government look again at the case for a review into the rationale of export controls on such products.

129   For instance on consumer protection see HC648, paragraph 122 Back

130   Ev, p1; there were calls for such legislation from Donne Milcham and Haddock section 1, Taylor Johnson Garrett p3, London Investment Banking Association pp2, 4, R. I. Howland p4, the Post Office p3 and the Institute of Chartered Accountants in Scotland paragraph 1.1 Back

131   HC648, paragraphs 110 and 118 Back

132   Cm4417, p14 paragraphs 52-4 Back

133   HC648, paragraph 37; Cm4417, p10 paragraph 34 Back

134   Cm4417, p10 paragraph 31 Back

135   HC187 paragraph 79 Back

136   Responses to Government from British Computer Society p2, EDS, Vodafone p2, Association of Payment Clearing Services p2 and Association of British Insurers paragraph 3.4 Back

137   Cm4417, p15 paragraph 56 Back

138  See judgement in Berstein v. US Department of Justice, US Court of Appeals for the Ninth Circuit, 6 May 99; and Telegraph 20 May 99; and Financial Times 1 Jul 99, 2 Jul 99, 17 Sep 99 Back

139   Responses to Government from Vodafone pp1-2, Law Society p4 Back