Ram Avrahami

Ram Avrahami
1001 N Randolph St.
Arlington, VA 22201
Tel: 703-908-9125
Fax: 703-908-0186
avrahami@ragis.com

26 March 1999

Secretary
Federal Trade Commission
Room H-159
600 Pennsylvania Avenue, N.W.
Washington, D.C. 20580

US Perspectives on Consumer Protection in the Global Marketplace - Comment, P994312

This document presents the comments of Ram Avrahami to the FTC notice requesting for public comments for the Workshop on US Perspectives on Consumer Protection in the Global Marketplace, scheduled to take place in June 1999. The comments focus on one suggestion.

Recommendation:

Individuals and companies desiring to conduct business from the USA through the Internet would be required by US law to notify a central public registry that their domain conducts a business and the valid physical US address of the business.

Rationale:

Connecting a virtual location to a physical one is essential in preventing and combating fraud and is very important in building consumer confidence to conduct business with a web site. Self regulatory efforts are slow and too expensive for most small businesses, while contributing almost nothing against fraud. A minimal and inexpensive registration is a low burden for legitimate businesses and is in line with current registration requirements. An American registration over business conducted from the US will provide an example for other countries and a natural framework for international cooperation.

Arguments:

1) The US can not enforce its guidelines on other countries, nor can they enforce their laws in the US. A stable long term solution will evolve when most countries will enact similar laws and will cooperate on cross border disputes. A natural example is police cooperation on issues of crime. While the criminal code is different in every country, they are similar in principle (murders, theft and most major crimes are illegal everywhere) and enable cooperation in almost all cases. Hence, the safest course of action is to first find a reasonable framework to deal with American companies and individuals by American law, that makes it easy to cooperate with other countries.

2) As the shopping channel moves from retail shops to direct mailers to telemarketers to internet merchants, it becomes increasingly more difficult for consumers to assess the validity of the merchant. The reason is that it becomes increasingly cheaper for merchants (and imposters) to provide the same quality of service as large corporations. Hence, the major issue in electronic commerce is the authentication of the merchant.

3) On the other hand, there is no more need to authenticate the consumer beyond the credit card number and expiration, a system that is already used in telephone, mail and fax transactions. If the number of valid credit cards becomes too large, it is possible to simply add another four digits to the cards and reduce the chance of fraud by a factor of 10,000.

4) Currently, web sites can send any information to consumers, whether it is correct or not. They can imitate to have any product, name or locale with no simple way to disprove it. However, whenever consumers approach a web site by themselves (i.e. not via supplied link), they do confidently know the internet address of the site that they approached. Furthermore, that address is unique and represents a computer that has been verifiably connected to the Internet. Thus, the best verification method will allow consumers to find the identity of the operators of a web site according to its domain name.

5) Self regulatory efforts, like TrustE and BBBonline and Online Privacy Alliance, have barely penetrated the universe of web sites who conduct commerce through the Internet in their two years of existence. Registration with these bodies is also expensive for most small businesses, as it requires auditing of the web site. This barrier will prevent the expansion of these programs beyond the large and established businesses. Worse, it will not prevent fraudulent activity, as those sites will likely copy program insignia without permission. Government registration is much cheaper, faster and more effective, as registration is done under the penalty of perjury.

6) The natural place to place such registration is with InterNIC, which already has the database of all domains and mechanism to publish the records (whois). If this location is not feasible, perhaps due to decision to privatize the InterNIC registry, the FTC should manage the registration database, while private Internet initiatives will help with efficient dissemination of the information.

I believe that you will find this solution very helpful in clearing the Internet from fraud and helping to establish confidence in electronic commerce, starting from the US and spreading to other countries. I would be happy to expand on this method or other issues as necessary.

Sincerely,

Ram Avrahami

Appendix - Ram Avrahami has been active in consumer protection and the Internet for several years. He has appeared in front of the FTC and the Department of Commerce in 1997 and 1998 and has been an active member of the ad-hoc task force investigating Unsolicited Commercial Email in 1998. He has an undergraduate degree in computers and a graduate degree in business. He is director of The NAMED, a non-profit consumer privacy protection organization.