ARTICLE
25 November 1997

Digital Signature Hearings

SJ
Steptoe LLP

Contributor

Steptoe LLP logo
In more than 100 years of practice, Steptoe has earned an international reputation for vigorous representation of clients before governmental agencies, successful advocacy in litigation and arbitration, and creative and practical advice in structuring business transactions. Steptoe has more than 500 lawyers and professional staff across the US, Europe and Asia.
Explore Firm Details
United States Environment
by
Stewart Baker
(sbaker@steptoe.com)

Michael Hintze
(mhintze@steptoe.com)

Ben Ederington
(bederington@steptoe.com)

October 1997

On October 28, 1997, two congressional subcommittees held hearings on electronic commerce and digital signatures. Attached below are brief summaries.

House Subcommittee on Technology

The testimony during the digital signature hearing held by the House Science Committee's Subcommittee on Technology was not related to any specific legislation. However, it is clear that many of the members are interested in possibly drafting legislation on these issues.

Several members of the subcommittee attended the hearing. In addition to Chairwoman Connie Morella (R-Md.) and the ranking minority member, Bart Gordon (D-Tenn.), Representatives Vernon Ehlers (R-Mich.), Gil Gutknecht (R-Minn.), Christopher Cannon (R-Utah), and Debbie Stabenow (D-Mich.) were present.

The panel of witnesses included:

  • Andy Pincus, General Counsel, Department of Commerce;
  • Stewart Baker, Partner, Steptoe & Johnson LLP;
  • Ken Lieberman, Senior Vice President, Visa U.S.A.;
  • Charles S. Walton, Jr., Chief Operating Officer, CertCo.; and
  • Jim Bidzos, President & CEO, RSA

The written testimony of the witnesses can be obtained from the subcommittee's webpage (http://www.house.gov/science).

One of the most interesting developments during the hearing was that all of the witnesses (including Andy Pincus) agreed that digital signatures and key recovery should not be linked (as S.909 currently does).

All of the members asked the panel what Congress should be doing to promote electronic commerce and the use of digital signatures. Many of the members, including Chairwoman Morella and Rep. Ehlers, seemed interested in adopting legislation (or perhaps, a sense-of-Congress resolution since the Science Committee lacks jurisdiction over most digital signature legal issues), particularly to address international and domestic conflicts in digital signature regulation.

Senate Subcommittee on Financial Services and Technology

Earlier in the day, the Subcommittee on Financial Services and Technology of the Senate Committee on Banking, Housing and Urban Affairs held its hearing. Those testifying before the Subcommittee included:

  • Ira Parker, Partner, Alston & Bird (newly-appointed Vice President and General Counsel for GTE, beginning Monday, November 3, 1997);
  • Alfred Pollard, Senior Director of Legislative Affairs, The Bankers Roundtable;
  • J. Scott Lowrey, President, Digital Signature Trust Company;
  • P. Michael Nugent, General Counsel for Technology and Intellectual Property, Citibank;
  • Robert Kramer, Vice President for Policy Analysis and Development, Bank of America (representing the Coalition of Service Industries);
  • Dick Mossburg, Associate Counsel, Government Affairs, Ford Motor Credit Co. Legal Office (representing the Electronic Commerce Forum); and
  • Daniel Greenwood, Deputy General Counsel, Information Technology Division, Commonwealth of Massachusetts.

The hearing opened with a statement by the Subcommittee Chairman Bob Bennett (R-Utah), the only member of the Subcommittee in attendance at the hearing. Chairman Bennett noted the dramatic increase in electronic commerce, but pointed out that this growth carries with it new risks. To counter these risks, according to Senator Bennett, we need to develop and enable technologies to make sure that electronic messages are delivered in their original form to the intended recipients. The most common technology that can do this is digital signatures. But the use of digital signatures has been hampered by the lack of a consistent legal framework. States have been passing laws on digital signatures, but there is no uniform approach that has been taken. Because it may be difficult to determine what state law governs a particular transaction, this lack of uniformity as created confusion and has interfered with the development of electronic commerce.

Senator Bennett stated that he intends to introduce a bill on digital signatures, but it will not be introduced until next year. His staff currently is working on a bill that will address digital signatures in the context of the financial sector and he is exploring ways to expand this approach to other sectors. He stated that this bill will represent as low a level of regulation as possible without excessive preemption of state law. It will be technology neutral and it will maintain current consumer protection laws under the Truth in Lending Act and the Electronic Fund Transfer Act.

Most of the panelists emphasized that the many different state laws may conflict with each other and thus create great uncertainty. However, they took somewhat different approaches to what federal action should be taken. Alfred Pollard, Scott Lowrey and Michael Nugent each maintained that federal legislation should focus on allowing and enforcing private contracts for authentication services. Robert Kramer stressed that federal rules should supplement, rather than replace, state statutes regarding digital signatures by offering a vehicle for entities to issue certificates that would be valid nationally -- the states can continue to act as laboratories for new approaches and by having co-existing standards the market can decide which is the most effective. He also stated that an explicit federal licensing regime was preferable to self certification or voluntary registration because some form of licensing is necessary to identify with certainty which certification authorities are compliant with federal requirements and, therefore, eligible for the liability limitations that will be necessary for the market to develop.

Daniel Greenwood took a different approach. He advocated a collaborative approach between the states and the federal government, and stated that federal preemption in the area of electronic authentication would be premature. The states are currently working together toward a uniform state law and should be left to experiment and develop a consensus in this area. He said that most states that are now addressing the issue are taking a minimal approach, limiting the scope of the legislation to the recognition of electronic documents and digital signatures. The first state to address this issue as well as two others that followed its lead took a more regulatory approach. However, even these three states do not present any conflicts with other state laws.

The final panelist was Richard Mossburg of the Ford Motor Credit Company, on behalf of the Electronic Commerce Forum. Mr. Mossburg agreed with the need for federal standards, but stated that they should foster competition by being applicable to entities other than banks and financial institutions. For example, the Ford Motor Credit Company should be able to "self authenticate" or use any entity that has the technical ability and resources to perform certification and authentication services.

Following the prepared testimony, Subcommittee Chairman Bennett asked the panelists to respond to Mr. Mossburg's statement that legislation should not be limited to banks and financial institutions. Michael Nugent responded that Citibank has no objection to allowing other entities to authenticate. But in order for federal legislation to preempt state rules, there needs to be a comprehensive, regulatory regime. This currently exists only in the context of financial institutions. Thus, as a first step, the legislation should focus on this industry. He further noted that banks currently are treated quite differently than other entities because they are subject to a high level of regulation, citing the fact that in the encryption export area, banks are allowed to export strong encryption that other entities cannot export.

We have copies of the written testimony. Please let us know if you would like to receive them.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

For further information please contact L. Benjamin Ederington on Tel: + 202-429-6411, Fax: 202-429-3902 or E-mail: bedering@steptoe.com
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More