Businesses have increasingly embraced electronic commerce (or e-commerce) to modernize their operations. E-commerce essentially consists of the provision of products and services over electronic systems, such as the Internet, computer networks, email or mobile phones, and may be applied to various business functions:

  • Marketing. The Internet offers companies many avenues to promote their products. Companies can develop a website to build their brand, display a complete inventory of products, provide product literature, or even send out online press releases. Companies may also advertise online and either direct interested buyers to an authorized dealer or sell the product themselves.
  • Sales. Since online stores are not bounded by floor space, they may offer a larger variety of products than a physical store front. This benefits purchasers as well since they now have a larger inventory of products to choose from.
  • Distribution. Publishers of books, software, music, movies and photos can distribute their products electronically, instead of having to manufacture, store and ship a physical product. Even for products that must be shipped, e-commerce offers supply chain management solutions, automated inventory management systems, and online tracking for shipped products.
  • Financial Transactions. ATMs are a prime example of an early e-commerce application, where customers can deposit, withdraw or transfer their funds. Other e-commerce applications that impact most businesses include electronic funds transfer and electronic credit card payment processing.
  • Service and Support. Companies may also provide product service and support online. At a basic level, companies can publish electronic editions of their product manuals on their company website. They can also archive common support issues and solutions on their website, as well as provide a forum for their users to troubleshoot problems. Some companies even provide a free online chat application for customers to contact sales or support personnel.

E-commerce Laws

A number of federal, state, and international laws now govern e-commerce, which can involve complex contract and tax issues, security, and privacy issues. Because technology changes quickly, the laws regulating it are new and developing.

In the United States, the proposed Uniform Computer Information Transactions Act (UCITA) intends to bring uniformity and certainty to the laws that apply to information technology transactions, just as the Uniform Commercial Code does for the sale of goods. UCITA would create a uniform set of rules to govern such areas of e-commerce as software licensing, online access, and other transactions in computer information, but it has been controversial because of its potential to weaken consumer protections, and instead of becoming federal law, has only been adopted in two states, Virginia and Maryland.

Enforcement of Online Contracts

E-commerce commonly involves selling goods and services via the Internet. The seller and buyer are not face-to-face during these transactions, with business conducted remotely using technology. This can create uncertainty about the formation and enforcement of electronic contracts, but U.S. law has been evolving to meet new challenges posed by the increasing use of technology to conduct business.

Electronic Signatures

The Electronic Signatures In Global and National Commerce Act (E-SIGN Act), which President Clinton signed into law in 2000, implements a national uniform standard for all electronic transactions that encourages the use of electronic signatures, electronic contracts and electronic records. The E-SIGN Act, which regulates any transactions in interstate and foreign commerce, does not alter existing law, and if state or federal law covers a transaction, including the Uniform Commercial Code, those statutes still control.

The E-SIGN Act defines "electronic signature" (sometimes called a digital signature) as "an electronic sound, symbol or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record." Because of this broad definition, telephone keypad agreements, such as "press 1 to agree" may be legally enforced as electronic contracts under the Act. A contract may not be denied legal effect only because a digital signature was used to form it.

The E-SIGN Act also establishes consumer consent requirements; validity requirements for electronic signatures, electronic contracts and electronic records; retention requirements for electronic contracts and records; notarization rules; and national uniform standards for the banking, insurance and stock industries. The Act also seeks to protect consumers by requiring that all critical notices, such as insurance and mortgage cancellations, court orders, product recalls or hazardous materials shipments, be sent on paper.

Data Protection and Privacy

Privacy is one of the most complex legal issues facing e-commerce today. Many sites collect personal information about their users, including names, addresses, and credit card information. The host server also records routine information about each visit, some of which may identify users, and some Internet banner ads allow third-party advertisers to track users' browsing habits using cookies and web bugs. The Federal Trade Commission (FTC) has recommended legislation to regulate online profiling, but American privacy law contains very few prohibitions against the collection of consumer data. Still, a patchwork of state and federal laws may be used to protect online privacy.

Consumers who have pursued legal action because of privacy violations have successfully used common law to obtain redress, including breach of contract, unjust enrichment, fraud, and trespass to chattels, or invoked state statutes prohibiting deceptive or unfair trade practices by businesses. Some state laws specifically protect particular classes of data, such as medical information. State attorneys general have used consumer protection statutes to prosecute businesses engaged in online profiling.

The FTC has used its authority to sue corporations that do not comply with privacy policies posted on their websites. Although U.S. law does not require an e-business to publish a privacy policy, many sites do so because surveys have shown that consumers are more likely to trust a site with a privacy policy and thus more likely to purchase goods from it. Once a company posts a privacy policy on a site, it must adhere to its terms.


Congress enacted the CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing), which regulated the corporate use of email for marketing. The Act contains content and procedural requirements, gives regulatory authority to the Federal Trade Commission (FTC), and establishes a timetable for a "do not email" registry to be created, whereby business and individuals may opt out of receiving corporate marketing emails.

It establishes fines of $250 per email sent in violation of the Act's requirements, up to $2 million, and provisions for special damages for willful or knowing violations of the Act. Violators may be subject to criminal penalties of up to 5 years in prison for fraud and related activity using email marketing communications.