It might be easy to buy books and CDs on the Web, but getting the world's governments to toe a single line on the nuts and bolts of e-commerce might well prove an impossible task.
But that is exactly what representatives of the Organization for Economic Cooperation and Development (OECD) will attempt this week at the Borderless World ministerial conference in Ottawa.
Representatives of the group's 29 member countries will convene Thursday and Friday to hash out how electronic commerce should be regulated, and what technological tools are needed to secure transactions and users' privacy.
Meanwhile, electronic privacy advocates will lobby for the inclusion of data scrambling technologies as a fundamental part of the global electronic commerce infrastructure.
"Clearly, cryptography is important for the role it plays in providing privacy, security, authentication, and non-repudiation -- the ability to sign contracts with digital signatures," said David Jones, director of the Electronic Frontier Canada.
"The medium is vulnerable. The business world needs it [strong crypto], banks need it, customers need it."
Members of the Electronic Privacy Information Center (EPIC) and the Global Internet Liberty Campaign (GILC) met in Ottawa on Wednesday to organize a presentation for the OECD conference. The groups are urging the support of free speech, privacy, public access to information, and human rights.
They will also ask member nations to lift restrictions on the use of encryption.
The OECD conference will also include private sector, labor, and industry representatives. US Secretary of Commerce William Daly will deliver a speech to address what a Commerce Department spokesman described as "the whole gamut of issues: privacy, taxation, authentication."
An associate administrator with the National Telecommunications and Information Administration said that data-scrambling technologies would probably be on the ministerial conference agenda.
"Cryptography will probably arise [in the OECD discussions] in connection with privacy and security concerns -- clearly it is a necessary piece, as a secure payments mechanism," said Becky Burr, who is also a member of the US delegation.
Burr said that the OECD develops guidelines in conjunction with the private sector, which are applied on a voluntary basis. The conference, she said, has four themes regarding electronic commerce: building trust for users, establishing ground rules, enhancing the network infrastructure, and maximizing the economic and social potential of e-commerce. Consumer confidence, privacy, and the uses of personal information will also be discussed.
"We need to have adequate disclosure -- what's being sold and what warranties go along with that," Burr said. "We will need to ensure that those rules apply appropriately in cyberspace, and the private sector has a huge role here."
The US delegation includes presidential Internet adviser Ira Magaziner, attorney and privacy expert Christine Varney, and officials from the Treasury Department, the Federal Trade Commission, and the Commerce Department.
Burr said that there will be no representatives from either US intelligence or law-enforcement agencies present.
The Canadian government's new cryptography policy, which rules out mandatory key recovery systems, may cause some tension between the US and Canada at this week's meeting. Such systems would grant government access to all scrambled communications.
"[Canada's policy] throws down the gauntlet to the US," said David Banisar, an EPIC staff attorney.
He added that the US will probably try to stifle any discussion of encryption policies at OECD, and cautioned that "the OECD is heavily influenced by the US."
Susan Landau, co-author of Privacy on the Line: The Politics of Wiretapping and Encryption, said that the US delegation at past OECD meetings was stacked with law enforcement and security officials. She said that was an indication of the degree to which the United States has tried to sway other nations on its restrictive cryptography policies.
The last American delegation included Scott Charney, chief of the computer-crimes unit in the Justice Department, and Stewart Baker, a former National Security Agency official.
Whatever the OECD decides about encryption and privacy, some say it will take time for consumers and businesses to trust the Internet as a commerce medium.
"Four years ago when the Net surfaced in the public mind, one of the first things people would tell each other is never send your credit card over the Net," said Jones. "That little sound bite still resonates with people."
