1001 N Randolph St.
Arlington, VA 22201
26 March 1999
Federal Trade Commission
600 Pennsylvania Avenue, N.W.
Washington, D.C. 20580
US Perspectives on Consumer Protection in
the Global Marketplace - Comment, P994312
This document presents the comments of Ram Avrahami to the FTC
notice requesting for public comments for the Workshop on US Perspectives on Consumer
Protection in the Global Marketplace, scheduled to take place in June 1999. The comments
focus on one suggestion.
Individuals and companies desiring to conduct business from the
USA through the Internet would be required by US law to notify a central public registry
that their domain conducts a business and the valid physical US address of the business.
Connecting a virtual location to a physical one is essential in
preventing and combating fraud and is very important in building consumer confidence to
conduct business with a web site. Self regulatory efforts are slow and too expensive for
most small businesses, while contributing almost nothing against fraud. A minimal and
inexpensive registration is a low burden for legitimate businesses and is in line with
current registration requirements. An American registration over business conducted from
the US will provide an example for other countries and a natural framework for
1) The US can not enforce its guidelines on other countries, nor
can they enforce their laws in the US. A stable long term solution will evolve when most
countries will enact similar laws and will cooperate on cross border disputes. A natural
example is police cooperation on issues of crime. While the criminal code is different in
every country, they are similar in principle (murders, theft and most major crimes are
illegal everywhere) and enable cooperation in almost all cases. Hence, the safest course
of action is to first find a reasonable framework to deal with American companies and
individuals by American law, that makes it easy to cooperate with other countries.
2) As the shopping channel moves from retail shops to direct
mailers to telemarketers to internet merchants, it becomes increasingly more difficult for
consumers to assess the validity of the merchant. The reason is that it becomes
increasingly cheaper for merchants (and imposters) to provide the same quality of service
as large corporations. Hence, the major issue in electronic commerce is the authentication
of the merchant.
3) On the other hand, there is no more need to authenticate the
consumer beyond the credit card number and expiration, a system that is already used in
telephone, mail and fax transactions. If the number of valid credit cards becomes too
large, it is possible to simply add another four digits to the cards and reduce the chance
of fraud by a factor of 10,000.
4) Currently, web sites can send any information to consumers,
whether it is correct or not. They can imitate to have any product, name or locale with no
simple way to disprove it. However, whenever consumers approach a web site by themselves
(i.e. not via supplied link), they do confidently know the internet address of the site
that they approached. Furthermore, that address is unique and represents a computer that
has been verifiably connected to the Internet. Thus, the best verification method will
allow consumers to find the identity of the operators of a web site according to its
5) Self regulatory efforts, like TrustE and BBBonline and Online
Privacy Alliance, have barely penetrated the universe of web sites who conduct commerce
through the Internet in their two years of existence. Registration with these bodies is
also expensive for most small businesses, as it requires auditing of the web site. This
barrier will prevent the expansion of these programs beyond the large and established
businesses. Worse, it will not prevent fraudulent activity, as those sites will likely
copy program insignia without permission. Government registration is much cheaper, faster
and more effective, as registration is done under the penalty of perjury.
6) The natural place to place such registration is with InterNIC,
which already has the database of all domains and mechanism to publish the records
(whois). If this location is not feasible, perhaps due to decision to privatize the
InterNIC registry, the FTC should manage the registration database, while private Internet
initiatives will help with efficient dissemination of the information.
I believe that you will find this solution very helpful in
clearing the Internet from fraud and helping to establish confidence in electronic
commerce, starting from the US and spreading to other countries. I would be happy to
expand on this method or other issues as necessary.
Appendix - Ram Avrahami has been
active in consumer protection and the Internet for several years. He has appeared in front
of the FTC and the Department of Commerce in 1997 and 1998 and has been an active member
of the ad-hoc task force investigating Unsolicited Commercial Email in 1998. He has an
undergraduate degree in computers and a graduate degree in business. He is director of The
NAMED, a non-profit consumer privacy protection organization.