January 3, 2000

Re: Advisory Committee on Online Access and Security - Nomination, P004807

Federal Trade Commission
Room H-159
600 Pennsylvania Avenue, N.W.
Washington, DC 20580

Dear Sir or Madam:

I would appreciated being considered for appointment to the Advisory Committee on Online Access and Security.

As a professor since 1995 at American University's Washington College of Law, I developed (and am teaching for the fourth time this semester) a course on Computer Law & Drafting, which builds on my six years of commercial law practice by examining the rapidly-emerging statutes, regulations, caselaw, and culture of the Internet through the lens of contract-drafting, including the best ways to prepare agreements governing the use of consumers' private information.

Privacy and information security concerns have also been addressed by the four electronic commerce conferences that I have organized for the school. (The most recent was our March 26 program, "Regu@tion$.gov: Coming to Terms With On-Line Commerce," which featured a special panel on Consumer Protection Regulations.) In addition, these issues will be major elements of the school's new Program on Counseling Electronic Commerce Entrepreneurs, which our Dean has asked me to direct.

As the Chair of the American Bar Association's Subcommittee on Electronic Commerce, I instituted in April 1999 a Working Group on Consumer Protection to analyze existing and proposed laws in this area and to provide practical information to consumers. I initiated and was the principal drafter of the Group's Web site, unveiled to much media attention in October 1999 at, which advises consumes in a "user-friendly" and practical way on how to shop safely online.

On its "Privacy" page, the site recommends that the consumer carefully review the privacy policies available on Web sites, and not simply have faith in seals placed on a site by third-party organizations. The site also features a separate page on "Security" concerns. (I have recommended that the site be visited not only by consumers but also by operators of commercial Web sites, to help them individually anticipate and address privacy, security, and liability concerns.)

A number of my recent articles on privacy and security issues in electronic commerce, which are available on my Web site at, stress the importance to effective industry self-regulation of both full disclosure by businesses and careful review by consumers. These articles include:

"Logos, Links, and Lending: Towards Standardized Privacy and Use Policies for Banking Web Sites," 24 Ohio Northern University Law Review 747-768 (1999). This article proposes that it would be in the joint interests of bankers, regulators, and consumers for financial institutions' Web sites to adopt standardized privacy policies and "terms and conditions of use" policies (drafts of which are provided in the article's Appendices), and to indicate this practice by displaying elements of an profession-wide standardized set of icons to reflect the specific policies chosen. Clicking on such an icon would take the potential customer to a centrally-maintained Web page that would display the corresponding terms in user-friendly language.

"The Legal Architecture of Virtual Stores: World Wide Web Sites and the Uniform Commercial Code," 34 San Diego Law Review 1263-1400 (Summer 1998). This article analyzes the application of current and proposed commercial statutes to the optimal design of commercial Web sites, and suggests that the operators of such sites install specific legal terms, and create conspicuous hyperlinks to them, to prevent or minimize their liability.

"Commercial Profiles vs. Suspect Classifications: Preparing, Preventing, and Parrying Public and Private Profiling," Stanford Journal of Law and Technology (Spring 1999). This article examines policies and practices of governmental and commercial techniques of electronic profiling.

"Notes on PKI and Digital Negotiability: Would the Cybercourier Carry Luggage?", 38 Jurimetrics 385-395 (1998). This article reviews the extent to which public key infrastructure technology would make possible systems of purely electronic negotiable instruments.

"Withdrawal of the Reference: Rights, Rules and Remedies for Unwelcomed Web-Linking," 49 South Carolina Law Review 651-693 (Spring 1998). This article discusses the application of copyright and privacy law to the prevention of unwanted hyperlinking to an individual's or firm's Web site.

In addition, my article "Putting the Cards Before the Purse?: Distinctions, Differences, and Dilemmas in the Regulation of Stored Value Card Systems," 65 University of Missouri-Kansas City Law Review 319-398 (1997), evaluated in detail the responses of the banking community to the Federal Reserve Board's proposal to amend Regulation E to address stored value cards, reviewed the differences between those proposed regulations and the categorization systems for stored value cards adopted by the FDIC General Counsel's Opinion No. 8, recommended specific revisions to the proposed regulation, and suggested general principles for the drafting of regulation in this area.

Among the groups to which I have recently made recommendations regarding privacy, security, and related issues in electronic commerce are: the House of Representatives (testimony in June 1998 regarding electronic commerce and fraud); the Office of Thrift Supervision (keynote speaker at Chief Counsel's Regulatory Conference, April 1999); The International Monetary Fund (presentation on "Electronic Payments Developments and Privacy," May 1998); the Federal Deposit Insurance Corporation; the Conference of State Bank Supervisors; the National Association of Attorneys General; the Study Group on Electronic Commerce of the U.S. Department of State's Advisory Committee on Private International Law; the American Bar Association; the District of Columbia Bar; the Federal Communications Bar Association; the Computers, Freedom & Privacy Conference (1998 and 1999); and the Association of American Law Schools (whose Committee on Commercial and Related Consumer Law I was recently nominated to chair).

I would be honored to be appointed to the Advisory Committee on Online Access and Security, and would be happy to assist its work in any way that I could.


Walter A. Effross
Professor of Law

Enclosure (disk copy)