E-Commerce Liability and the CIO

In many of the companies we have studied, the rise in prominence of e-commerce has been matched by a rise in the corporate profile of the CIO. More often than not, the CIO is charged with overseeing the development and maintenance of the company’s e-commerce strategy. As a result, the CIO is often put in control of aspects of the business that are otherwise separate, such as marketing, finance and human resources. Therefore, the CIO must keep abreast of developments not only in systems and technological areas, but also in all areas of the company’s e-commerce strategy. One of these areas is the legal aspects and consequences of e-commerce.

In the rush to put an e-commerce strategy in place, many firms take measures that may open them up to unforeseen legal liability. ‘May’ is the operative word here since the law is by no means clear on e-commerce. Issues such as trademark and copyright infringement, negligence, and misrepresentation in online contexts are just now beginning to make their way into the nation’s courts. The old adage of “an ounce of prevention is better than a pound of cure” is particularly applicable to e-commerce. Some enlightened legal efforts in the implementation of an e-commerce venture can mitigate, or even eliminate, legal headaches.

E-commerce legal issues are something that CIOs and other information systems professionals need to be concerned about. In some cases, ‘corporate’ liability might spread ‘personally’ to officers and directors due to fiduciary duties and responsibilities. One area that can have far reaching implications for e-commerce is online contracting, or the laws that govern the formation and applicability of contract law in cyberspace. This article outlines some of the key issues CIOs should be aware of regarding the design and implementation of online contracts.

By ‘contract’ we refer primarily to an agreement to buy or sell goods or services over the Internet. Whether it is business-to-business or business-to-consumer e-commerce, the same principles of contract law apply. Two fundamental principles of contracts are “offer” and “acceptance”. A contract is not created unless an offer is made by one party (the offeror) and accepted by another party (the offeree). From a legal perspective, contracting electronically can complicate the implementation and interpretation of contracts.

The Offer

In legal language, an offer is an ‘expression of willingness to contract’ with the intention (actual or apparent) that it shall become binding on the offeror as soon as it is accepted by the offeree. An offer may be communicated orally, in writing, or electronically via email, web pages, chat rooms or EDI. Offers can be made to a specific individual or to the world at large – easily done online, with potentially dangerous consequences.

Once an offer is made, intentionally or apparently, the acceptance of it creates a binding contract. There is no longer any opportunity to negotiate terms, withdraw the offer, or assess the offeree – the deal is done. If, for whatever reason, the offeror cannot honour the contract once acceptance has been communicated, the offeree can sue for breach of contract.

Extending offers over the web can be risky business. As an online vendor, one way to avoid the problems is to avoid making offers altogether. To do this, corporations engaged in e-commerce can present communications about their goods in the manner of an “invitation to treat”, not as an offer; the same tactic their brick and mortar cousins practice.

Offers & Invitations to Treat

An invitation to treat says to the potential customer “this is what I would like you to pay for item ‘ABC’ – make me an offer and I will decide if I want to accept it or not”. An invitation to treat is distinguishable from an offer in that it is not made with the intention of creating a binding contract once the individual to whom it is addressed agrees to the terms. Accordingly, the distinction between an offer and an invitation to treat is based on intention – did the offeror ‘intend’ to be bound once the offer was accepted?

The advantage to presenting goods in the manner of an invitation to treat is that it permits the vendor to refuse the sale for any reason. A sale could be refused for credit reasons, supply limitations, or legal reasons. For example, Amazon.com could refuse, without legal repercussions, the sale of Hitler’s, “Mein Kampf”, a book banned in Germany, to German customers. If Amazon.com had structured their site as presenting an ‘offer’ for the sale of “Mein Kampf”, they would be in breach of contract if they refused to sell the book to a German customer who accepted the offer.

Retailers can be held responsible for complying with the laws of the jurisdictions they ship to. Amazon.com caught the attention of the German Ministry of Justice for selling “Mein Kampf” to German citizens from its US site, even though the book is not for sale on its German site, Amazon.de.

The common law has established the general rule that the display of goods for sale, those advertised in the newspaper, as well as goods at auctions, are normally invitations to treat, not offers. To date there has not been any judicial determination of goods displayed on the web. To avoid confusion and judicial consideration of the issue, the corporate web site should include a legal notice stating that the goods presented are displayed as ‘invitations to treat’ and not ‘offers’. Surprisingly, very few Web sites include these types of notices.

Standard Form Contracts

A significant amount of commerce today is done on terms dictated by one contracting party to another, who has little or no say in the ultimate form of the contract. This is practical since negotiating new contracts for every transaction would be prohibitively expensive. It’s much easier to design a contract on a ‘take it or leave it’ basis. These contracts are referred to as “contracts of adhesion” – web-wrap agreements (those requiring the purchaser to click an ‘I accept’ button) or web-forms agreements are two e-commerce examples. To be considered valid, however, these types of contracts must be designed properly. A key element in designing a valid contract of adhesion is to provide proper notice of the terms.

The courts strongly support the freedom to contract, however, they often insist that contracts be formed in a fair and equitable manner. As such, the courts have held that onerous, significantly expansive and unusual conditions are not binding unless the contracting party has been given adequate notice of them, prior to entering into the contract. This is why the agents of banks and rental car companies, to name a couple of examples, circle or underline particularly powerful parts of the contracts; in some cases the client even has to initial those portions.

On the web there are no agents to circle significant or unique contract conditions. Hence, notice of these conditions is all the more important. There are several notice aspects to be considered. First, as alluded to above, time of notice is critical. The conditions in a contract of adhesion must be brought to the attention of the party to be bound before, or at the time when, the contract is made. If notice is not given until ‘after’ the contract is formed, those conditions will likely not be enforced by the courts.

Notice does not mean that the conditions have been read. It simply means appropriate efforts to provide notice of them were made. There are three general rules regarding notice:

    If the party contracting with the vendor did not know there were conditions attached to the standard contract or web form – the party is not bound;If the party knew that the web form contained or referred to conditions – the party is bound;If the party tendering the web form did what was reasonable to provide notice of the conditions – the other party is bound.

What is considered reasonable to provide notice in most cases is a clear reference to the existence of conditions and of their inclusion in the contract. However, the threshold for adequate notice increases the more unusual the conditions are. If the conditions are unusually encompassing, onerous or exculpatory, explicit attention will have to be drawn to them – like printing them in red ink with a red hand pointing to them.

The web offers powerful ways in which sufficient notice of the conditions of contracts of adhesion can be given, and accordingly increase the binding force of them. Some of the suggestions to accomplish this are as follows:

Before the order can be placed, require the user to scroll through the entire agreement, accepting or rejecting it with an express action – acceptance will place the order, rejection will terminate it.

Conspicuously note any unusual, unique or onerous conditions. Depending on the extent of their unusualness it may be appropriate to have an express acceptance or rejection of each condition – like the paper-based contract practice of initializing such conditions.

Lastly, to increase the efficacy of the notice – have the conditions drafted in “plain English”.


Under the law, a contract does not exist until one side has made an offer and the other has accepted it. An ‘acceptance’ is the final and unqualified expression of assent to the terms of an offer. There are a few issues with acceptance in an e-commerce context that must be considered. First, the offeree must, in some way, communicate acceptance of the offer. This can either be done implicitly or explicitly. An example of acceptance being communicated implicitly is the vendor filling and delivering the order. The communication can also be explicit via email, IRC, or instant messaging.

From a legal standpoint, it is critically important to determine exactly how and where the offer was accepted, since this often determines the jurisdiction in which the contract is formed (see CIO Canada, September 1999, CIO Legal Brief, pg. 58). Due to the global nature of the Internet, it is feasible for a vendor in Canada to contract with a customer in France and have French civil law govern the contract – not an ideal situation to be in.

The two rules that are of particular concern with the acceptance of contracts are the ‘Postal Rule’ and ‘Instantaneous Communications Rule’. Both these rules are used to make an initial determination of jurisdiction.

The Postal Rule dates back to the time when many contracts were formed through the mail system, and states that a contract is formed when and where the ‘letter of acceptance’ is posted. Assuming the vendor presented its goods as an invitation to treat, the result of the Postal Rule is that a contract will normally be formed in the vendor’s jurisdiction – a desirable outcome. The Instantaneous Communications Rule states that the contract is formed where the acceptance is received. Given the above noted assumption of an invitation to treat, the jurisdiction of the contract is determined by where the offeror, or customer, resides – a less desirable outcome for the vendor.

The question, then, is which rule applies to e-commerce? Unfortunately, this is another legal gray area. Traditionally, the Postal Rule has been deemed to apply to mail communications, and it has been suggested that email would fall into this category. On the other hand, the Instantaneous Communications Rule has been applied to ‘immediate’ forms of communication such as facsimiles or the telephone. There are suggestions that contracts formed via web forms, EDI or IRC should be governed by the Instantaneous Communications Rule.

To address this issue, all web-based contracts should include jurisdictional clauses to clarify where and when a contract is formed. To further clarify the issue, the web contract should indicate whether the Postal Rule or the Instantaneous Communications Rule applies.

Practically all transactions are predicated on a contract of one form or another. The rise in global e-commerce transactions has not, in our view, been matched by a rise in the level of sophistication of online contracts. Companies are using the same contracts online that they use offline. These contracts are often inadequate to cover the unique characteristics of contracting in cyberspace. Inadequate contracts can, and will result in legal liability. Taking a few simple precautions can reduce or eliminate this liability.

Joshua Death is a lawyer with Harrison Pensa and practices high-tech and e-business law. Michael Wade teaches Electronic Commerce at the Ivey Business School, University of Western Ontario.

This article contains general comments only and does not constitute legal advice. Seek qualified legal counsel before acting on any of the suggestions.