|
Article Excerpt
I. HISTORICAL BACKGROUND
A. South Korea: The "Tiger" on the Peninsula B. The World's Most Computer-Savvy Nation C. Korean E-Commerce: Dramatic Growth II. OBJECTIVES OF THE ARTICLE III. ELECTRONIC SIGNATURES A. The First Electronic Signature Law: Utah B. Attributes of a Digital Signature System IV. KOREA'S FRAMEWORK ACT ON ELECTRONIC COMMERCE A. Electronic Messages B. E-Commerce Security Issues: Consumer Protections C. E-Commerce Policies and Strategies for Their Achievement D. Increasing Participation in E-Commerce E. The E-Commerce Mediation Committee F. Application to Foreign Persons or Entities V. KOREA'S DIGITAL SIGNATURE ACT A. Goals of the DSA B. Selected Definitions C. Legal Recognition of Certified Digital Signatures D. The Regulation of Certification Authorities E. Certificates F. Security and Reliability of the Certification Process G. Governmental Adoption of Digital Signature Certification Policy H. Criminal Offenses and Penalties VI. E-COMMERCE TRANSACTIONS CONSUMER PROTECTION ACT A. Purpose, Overlaps with Other Acts, and Selected Basic Definitions B. Limitations and Precedence of the CPA C. E-Commerce Transactions D. Protection of Consumers' Rights and Interests E. Inspection and Supervision F. Corrections and Penal Surcharges G. Criminal Violations VII. SUMMARY, CONCLUSIONS, AND RECOMMENDATIONS A. Recent History of Korea B. The "Tiger" on the Peninsula: Economic Growth, Computer Adeptness, and Rise of E-Commerce C. Korean E-Commerce Law D. Recommendation: It Is Time for the World's Most Computer-Savvy Nation to Address the Online Piracy Problem
ABSTRACT
South Korea has been classified as one of the Southeast Asian "Tigers" because of its high rate of economic growth during the past twenty-five years. One recent aspect of the economic growth has been the remarkable surge of e-commerce since 2000. During the next five years, South Korean e-commerce is expected to grow even more. One of the drivers of the e-commerce proliferation is the high degree of computer literacy among the South Korean people, facilitated by the fact that South Korea enjoys the greatest percentage of citizens with high-speed internet connection in the world. Another important driver of South Korean internet commerce--and the primary focus of this Article--is its e-commerce law.
The Framework Act on Electronic Commerce (ECA) of 1999, implemented by the Ministry of Commerce, Industry and Energy (MCIE), set the stage for electronic proliferation. The ECA recognizes the legal validity of several forms of electronic signatures, commensurate with the trend in global electronic signature law, and established basic consumer protections even at the earliest stage of South Korean e-commerce development. The Digital Signature Act (DSA) of 1999 is a companion statute to the ECA. The DSA focuses on one type of electronic signature--digital--and was implemented by the Ministry of Information and Communications (MIC). The MIC is responsible for licensing and regulating of Certification Authorities, the verifiers of the authenticity and integrity of digital signatures and the electronic records to which they are affixed. The DSA also establishes criminal penalties for the fraudulent use of digital signatures. While the ECA and the DSA are noteworthy, the E-Commerce Transactions Consumer Protection Act (CPA) of 2002 differentiates South Korean e-commerce law from the herd.
The CPA provides some of the best--if not the best--consumer protections for e-commerce transactions in the world. The CPA is implemented by the Federal Trade Commission (FTC) and includes the imposition of criminal penalties for its violation. The CPA underwent a major overhaul in 2005 that will become effective on April 1, 2006. The CPA deserves to be considered as a model law for other nations to emulate as they develop their e-commerce law. South Korea is now ready to turn its attention to another pressing problem--online piracy of intellectual property.
I. HISTORICAL BACKGROUND
During much of the past millennium, the Korean Peninsula was ruled as a unified, autonomous kingdom. After Japan's victory in the Russo-Japanese War of 1905, the Japanese began to occupy parts of Korea, and within five years they had officially claimed all of Korea as a Japanese possession. (1) For the next thirty-six years, Japan controlled Korea. (2) This period had a strong influence on Korean culture, an impact that is felt to this day. At the end of World War II, the victorious powers divided Korea into two parts; the northern portion adopted a Communist government, and the southern portion became a republic. (3) On June 25, 1950, North Korean military forces attacked South Korea. (4) The Korean War pitted the North Korean aggressor, supported by Chinese troops, against South Korean forces supported by several nations' forces representing the United Nations, most notably those from the United States. (5)
The liberty and freedom now enjoyed by the Republic of South Korea was paid for in blood. The number of deaths occurring in the Korean War are grim statistics indeed: 547,000 South Korean civilians, 113,248 South Korean soldiers, 33,741 American soldiers, and 1,078 British soldiers. (6) Other countries also contributed troops to help the South Korean cause, and their killed-in-action figures were significant: Turkey (720), Canada (310), France (290), Australia (269), Greece (170), Colombia (140), Ethiopia (120), Netherlands (110), Thailand (110), Belgium (100), and Philippines (90). (7) After three years of combat, the two sides signed an armistice that split the two Koreas at approximately the thirty-eighth parallel. (8) To this day, North Korea continues to have a communist government while South Korea has evolved into a full-fledged democracy.
A. South Korea: The "Tiger" on the Peninsula
In 1960, South Korea was a very poor country whose underdeveloped economy was comparable to some of the African nations. (9) After 1980, however, due to a high rate of foreign investment and other factors, (10) South Korea's economy took off, and the nation experienced marked economic growth. (11) Due to its expanding economy, South Korea has often been referred to as one of the Southeast Asian "Tigers." (12) In 2004, South Korea--the Tiger on the Peninsula--was preparing to join the trillion dollar club of world economies, and was creating a Gross Domestic Product (GDP) per capita that was fourteen times that of North Korea. (13) The South Korean government has even bigger economic plans on the drawing board. The Ministry of Commerce, Industry and Energy (MCIE) intends for South Korea to become one of the world's top four industrial superpowers by the end of this decade, focusing on the "future strategic industries" of digital electronics, electronic medical equipment, the bio industry, the environmental industry, and the aviation industry. (14)
B. The World's Most Computer-Savvy Nation
The Republic of South Korea (South Korea or Korea) may be the most computer-adept nation in the world. By 2003, almost sixty percent of the population--more than 26 million South Koreans--were regularly connecting to the internet. (15) South Korea leads the world in broadband penetration--the percentage of citizens with access to high-speed internet connections, which offer significantly faster downloading capability and computer efficiency. (16) At least seventy-five percent of all households in South Korea have these high-speed connections. (17) On a per capita basis, this is three times the comparable figure of broadband penetration in the United States. (18) Amazingly, more South Koreans probably have wireless internet connections than regular wired access. (19) By 2008, the South Korean government predicts that at least 39.5 million citizens--out of a total of 48.5 million--will have broadband-connected mobile handsets. (20) This is eighty-one percent of the population! Is there any doubt that South Korea is the world's most computer-savvy nation?
C. Korean E-Commerce: Dramatic Growth
During the past five years, South Korean e-commerce has grown at a fast pace. This was predictable, given the high per capita income of the country and the computer-adeptness of the population. In 2000, e-commerce sales were $430 billion. By 2004, that statistic was expected to balloon to $7 trillion, (21) a growth rate of 1,628%! Additionally, the e-commerce growth continues: South Korea's National Statistical Office reported that e-commerce in September of 2005 amounted to 947 billion won. (22) If annualized, that figure would amount to 11.3 trillion won. (23) In September 2005 alone, 107 more online marketing websites (cybermalls) came into existence. (24) What about the future of South Korean e-commerce? If you want a sanguine answer, just ask Meg Whitman, CEO of eBay, the largest online auction firm in the United States. Currently, eBay owns a sixty-two percent stake in Internet Auction, the largest internet auction firm in South Korea. (25) While visiting South Korea last year, Ms. Whitman reflected upon the immensity of South Korea's IT infrastructure and its high broadband penetration, and described Korea's e-commerce growth potential as "limitless." (26)
The attainment of such an impressive e-commerce growth was facilitated by the enactment of three important e-commerce statutes in South Korea:
(1) the Framework Act on Electronic Commerce (ECA) (amended 2002);
(2) the Digital Signature Act of 1999 (DSA) (amended 2002); and
(3) the Act on the Consumer Protection in the Electronic Commerce Transactions, etc. (CPA) (most recently amended in 2005, effective as of April 1, 2006).
Collectively, these statutes establish legal recognition of electronically negotiated contract, support the development of secure and reliable electronic payment systems, and create important rights and protections for e-commerce buyers. (27) Without these laws, e-commerce would have not been able to grow nearly as much. These statutes are the primary focus of this Article but not the only focus.
A future-oriented perspective is also needed. What should be the next evolutionary stage of internet law in Korea? The government of South Korea is committed to attainment of a strong global position in e-commerce. (28) In order for e-commerce growth to continue, it is necessary for internet law to evolve in a positive manner. That is another important focus of this Article: What should be the next focus of South Korean internet lawmakers?
II. OBJECTIVES OF THE ARTICLE
The objectives of this Article are as follows:
* to concisely cover the recent history of the Republic of South Korea and her high rate of economic growth during the past quarter-century;
* to present evidence that South Korea may be the most computer-adept nation in the world;
* to describe the high rate of growth of e-commerce currently underway in South Korea;
* to describe the basic aspects of public key infrastructure technology and digital signatures, and explain their impact on e-commerce transactions;
* to explain the significance of the ECA and its provision for legal recognition of electronic transactions;
* to describe the DSA and its requirements pertaining to CAs;
* to discuss how South Korea's CPA offers some of the best protections in the world for online buyers; and
* to make recommendations pertaining to the next direction in which Korean internet law should evolve.
III. ELECTRONIC SIGNATURES
A. The First Electronic Signature Law: Utah
In 1995, the State of Utah became the first jurisdiction in the world to enact an electronic signature law. (29) In that statute, Utah recognizes only digital signatures, rather than other types of electronic signatures. (30) Although such a law provides for relatively more security in e-commerce transaction, (31) it carries the disadvantage of being too restrictive because it favors the digital signature to the exclusion of other forms of electronic signatures. A desire for heightened security seems to have been paramount to the drafters of the Utah statute, However, there are tradeoffs. The attainment of greater security, achieved by granting recognition only to the more sophisticated digital signature, means e-commerce participants' choices are limited. They are forced to use a technology that offers high security but one that perhaps is more expensive, less convenient, too complicated, and less adaptable to technologies employed by other nations. (32)
In drafting an e-commerce law for South Korea, legislators decided to give preference to the digital signature because it affords the greatest level of reliability and security. (33) Despite the fact that Korean legislators recognized the security advantages afforded by the relatively greater sophistication of the digital signature, they did not grant it a monopoly. (34) Other forms of electronic signatures may be employed. (35) This technological open-mindedness is commensurate with a global perspective and allows for e-commerce parties in South Korea to more easily negotiate electronic contracts with parties from other nations. (36)
B. Attributes of a Digital Signature System
It is appropriate at this point to consider some of the characteristics of a digital signature system. If the parties to an e-commerce transaction employ a digital signature, that decision will have the following effects:
* employment of an asymmetric cryptology;
* utilization of public key infrastructure (PKI); and
* interaction with a Certification Authority (CA). (37)
1. Asymmetric Cryptology
In order for a digital signature to attain the same legal status as an ink-on-paper signature, asymmetric key cryptology must have been employed in its production. (38) Such a system employs double keys--one key is used to encrypt the message by the sender, and a different, albeit mathematically-related, (39) key is used by the recipient to decrypt the message. (40) The sender has a private key, known only to him, used to generate the digital signature. (41) The recipient uses the public key, often available online, to verify that the proper party created the message and that it has not been altered during transmission. (42) This is a very good system for e-commerce because two stranger-parties, perhaps living far apart, can confirm each other's identity and reduce the likelihood of fraud in the transaction.
2. Public Key Infrastructure
Before an individual can digitally sign anything, he must first possess a pair of keys--the private key and a related public key. (43) The individual applies to a CA to confirm his identity and to issue the pair of keys. (44) After the applicant's identity has been confirmed, the CA issues a certificate as verification of the subscriber's identity. (45) The certificate is placed in a public repository, most often the CAs website. (46) Whenever the subscriber digitally signs a message, the CA confirms the signature of the sender; whereupon, the CA informs the recipient of the encrypted message which "public key" is necessary to decode the message. (47) At that point, the recipient is able to access the public key which is used to decrypt the sender's message. (48)
3. Certification Authorities
South Korea does not have a compulsory system in its regulation of CAs. (49) CAs are not strictly required to have a license in Korea to conduct CA activities. However, for CAs to be effective, subscribers, relying third parties, and the general public should trust and be willing to place reliance in the CA. The DSA helps to accomplish this in Korea by specifying stringent requirements for the issuance of the CA license. To qualify, the CA must be able to convince the Korean Ministry of Information and Communication (MIC) that it uses a trustworthy system of issuing and withdrawing certificates; displays them in a public repository; and is able to efficiently and effectively confirm the authenticity and integrity of digital signatures and the messages to which they are affixed. (50)
IV. KOREA'S FRAMEWORK ACT ON ELECTRONIC COMMERCE
The Framework Act on Electronic Commerce was originally enacted and implemented in 1999. (51) A wholly amended version of the ECA was enacted on January 19, 2002, (52) and it was implemented on July 1, 2002. (53) The federal governmental agency responsible for implementation of the ECA is the Ministry of Commerce, Industry and Energy. (54) The purpose of the ECA "is to contribute to the national economy by clarifying legal relations of the electronic commerce, ensuring its security and reliability, and creating the foundation for its promotion." (55) In the ECA, electronic commerce is defined as "any transaction of which the whole or part of goods or service is made through electronic messages in transacting goods or service." (56) The ECA applies to all e-commerce, unless it conflicts with other laws. (57)
A. Electronic Messages
1. Recognition of Electronic Form
The validity of a message will not be denied merely because it happens to be in electronic form, provided this does not conflict with other laws. (58)
2. Compliance with Retention Requirement
If another law mandates that documents be retained, the electronic form will be permissible to satisfy this requirement, provided the electronic document has the following characteristics:
* it is accessible;
* it is kept in the same form as when it was created, transmitted, or received, or this form may be reproduced; and
* it contains the name of the sender and receiver, and the dates of transmission and receipt. (59)
However, the part of the transmission that is created as a result of sending or receiving the message is not considered to be a part of the electronic message. (60)
3. Time and Place of Sending and Receiving
Time Sent
The electronic message is deemed sent when the receiver inputs it into his computer and becomes capable of receiving the message. (61)
Time Received
The electronic message is considered to have been received when it enters the specific information processing system to which the receiver requested it be sent. (62) If the electronic message enters another information system, the applicable time is when the receiver removes it from the other system. Additionally, if the receiver has not designated a specific information system where the messages will be sent, the applicable time is when the message enters any information system under the control of the receiver. (63)
Place Sent/Received
The message will be considered to have been sent from the respective business place of the sender or receiver. (64) If there is more than one business place to consider, the message is deemed to have been sent from the business place that was primarily managing the electronic message. However, if the sender or receiver does not have a business place, the message is considered to have been sent from his habitual residence. (65)
4. Situations in Which it is Assumed that the Message was Sent
In the following scenarios, the receiver may act upon the assumption that an electronic message contains a manifestation of will of the sender acting through his agent, or automatically, and using other electronic devices: (1) the receiver has used the pre-arranged procedure to verify that the message comes from the sender; or (2) the person who transmitted the message is reasonably believed by the receiver to have done so based on the will of the sender or his agent. (66) However, the assumption that the sender in question transmitted the message is not applicable when the receiver has notice from the sender that the message is not his own, or when the receiver becomes aware, or should have become aware, that the message did not originate from the sender. (67)
5. Assumption that Each Message is Independent
The receiving party has the right to assume that each electronic message is independent and does not have a relationship to other messages. (68) This assumption becomes inapplicable if the receiver fails to follow the verification procedure that has been previously agreed upon between the parties. (69)
6. Receiver's Confirmation
If the sender demands an acknowledgement of receipt from the receiver, the message is not considered to have been transmitted until the sender is receives the confirmation. (70) If the sender demands an acknowledgement of receipt from the receiver but fails to convey to the receiver that this is an absolute requirement, the sender is allowed to withdraw the message after the passage of a reasonable period of time. (71)
7. Alternate Agreements of Parties Allowed
The parties are to make their own agreement concerning the time and place of transmission and reception, the situation in which the sender is assumed to have sent the message, the assumption of independence of each message, and acknowledgement of receipt. If they do so, Articles 6 through 9 of the ECA become inapplicable. (72)
8. Electronic Transactions Act Does Not Cover Digital Signatures
Legal issues pertaining to digital signatures are considered in the Digital Signature Act, (73) and the Electronic Transactions Act does not apply to those issues. (74)
B. E-Commerce Security Issues: Consumer Protections
1. Confidentiality of Consumer Information
The government of the Republic of South Korea assumes responsibility for enacting laws that further the attainment of security and reliability in e-commerce transactions and protects the confidentiality of private information of e-commerce purchasers. (75) All e-commerce sellers and middlemen must observe all relevant information security laws, including the Act on Promotion of Information and Communications Network Utilization and Information Protection. (76)
2. Confidentiality of Trade Secrets
The government also assumes responsibility for the attainment of reliability and security in e-commerce so that business and corporate trade secrets are not divulged or leaked parties have agreed to a specific length of time, then that length of time will apply. Id. to unauthorized parties. (77) E-commerce sellers, including their computer systems departments, must develop stringent policies designed to protect the user's business secrets. (78) Unauthorized disclosure of trade secrets is prohibited. (79)
3. Encryption Technology May Be Used
To gain security in e-commerce transactions, encryption technology may be used. (80)
4. Consumer-Protection Policies
Pursuant to the consumer protections established in other acts, (81) the government assumes responsibility for crafting consumer protections applicable to e-commerce purchasers. To that end, the government reserves the right to advise e-commerce firms (and any association of e-commerce firms) to draft a code of fair policies and practices to be implemented on a daily basis to their e-commerce sales. This should help to prevent the unfair treatment of customers or unfair business practices. (82)
5. Consumer Information and Grievances
The government assumes responsibility for ensuring that e-commerce buyers are well informed and educated about their rights and responsibilities. (83) Additionally, the government recognizes the establishment of a grievance process for dealing with dissatisfied e-commerce consumers. (84)
6. Sellers' Responsibilities to Ensure Security and Reliability of E-Commerce
Firms selling products and services over the internet are expected to take measures designed to ensure the security and reliability in their relations with consumers, including but not limited to, the following:
* informing consumers of the firm's trade name and the name of corporate representative;
* providing consumers with accurate information relating to the goods and services offered and to the terms of the negotiated contract;
* utilizing of a standard contract and making it available to the buyer so that the buyer more easily understands its terms;
* establishing easy-to-use procedures enabling the buyer to cancel or alter the contract by herself;
* establishing procedures to promptly deal with matters pertaining to dissatisfied or disgruntled buyers;
* designing procedures so that the buyer can easily withdraw from the contract, return goods, or make an exchange; and
* creating rules requiring retention of documents for a reasonable period, so that all e-transactions can be referenced at a later time. (85)
7. Government Recognition of Excellent E-Commerce Firms
"The Government may support the authentication project for excellent business operator of electric commerce, to protect consumers and to ensure the sound development of business operators of electric commerce." (86)
C. E-Commerce Policies and Strategies for Their Achievement
1. Basic Principles
The following are basic principles upon which the e-commerce policies are grounded:
* the use of private initiatives to accomplish e-commerce policies;
* minimal government regulation;
* the attainment of secure and reliable electronic transactions; and
* a high degree of international cooperation." (87)
2. Development and Implementation of Promotional Programs
Based upon the principles just enumerated, the following programs are pursued for e-commerce:
* fundamental management of the programs;
* achievement of international e-commerce norms;
* establishment of good electronic payment systems;
* protection of intellectual property rights;
* protection of the rights of all parties involved in e-commerce;
* enhancement of the reliability and security of e-commerce transactions;
* adoption of standard technologies in e-commerce;
* promotion of consumer participation and interest in e-commerce;
* international cooperation;
* facilitation of growth in e-commerce by facilitating the growth of its basic infrastructure;
* development and activation of broadband internet connections; and
* other items necessary for the proliferation of e-commerce. (88)
The directors of governmental agencies are responsible for development of programs that they are capable of carrying out and relate to the twelve categories of e-commerce programs previously mentioned. The directors take these new programs into account as they develop major policies for their respective agencies. (89)
The various programs developed by the several governmental agencies are coordinated by the MCIE through a central administrative agency. Furthermore, the Minister, in conjunction with the Committee on Electronic Commerce Policy (CECP), deliberates on proposed e-commerce policies. (90) Before implementing new policies, the Informatization Promotion Committee must approve them. (91)
3. Committee on Electronic Commerce Policy
The Committee on Electronic Commerce Policy, established by the MCIE, crafts policies pertaining to e-commerce promotion. (92) Specifically, the CECP considers the following categories of issues:
* promotional programs;
* evaluation of efficacy of promotion programs;
* coordination of the promotion policies or the programs carried out by the various agencies of the government; and
* other issues brought up by the Chairperson of the CECP. (93)
The CECP may consist of no more than thirty members. One of the members is the MCIE, who acts as the chairman for the CECP. (94) CECP will be chaired by the Minister of Commerce, Industry and Energy. The Minister appoints the other members, who must be public officials of Grade III or higher and have duties or expertise relating to e-commerce. (95)
4. Korea Institute for Electronic Commerce
The ECA obligates the government of Korea to establish the Korea Institute for Electronic Commerce (KIEC). The goal of the KIEC is to encourage and facilitate the previously discussed e-commerce promotion projects and to do everything possible to establish governmental policies favoring the growth and development of e-commerce. (96) The legal status of the KIEC is that of a "juristic person." (97) The KIEC has the following specific duties:
* to conduct research pertaining to e-commerce firms and disseminate the results;
* to conduct research on e-commerce computer systems and the creation of a business environment conducive to their creation;
* conduct research concerning international standardization (98) of computer systems and diffusion systems;
* to carry out projects relating to technological development; (99)
* to carry out projects pertaining to management excellence in e-commerce firms; (100)
* to participate in international exchanges and programs of cooperation designed to promote e-commerce; (101)
* to manage the Korea Electronic Document Interchange Committee (EDIC); (102)
* to manage the Electronic Commerce Mediation Committee: (103) and
* to carry out other duties as assigned by the MCIE or the directors of the e-commerce-related central administrative agencies. (104)
D....
|
