Cyberspace Self-Government: Town Hall Democracy or Rediscovered Royalism? †
HENRY H. PERRITT, JR. ††
II. EXAMPLES OF CYBERSPACE DISPUTES
III. IS SELF-GOVERNANCE DESIRABLE?
B. Networks need different rules and procedures
C. Open networks escape enforcement of conventional rules
D. Self-governance promotes voluntary compliance
IV. IS SELF-GOVERNMENT LEGALLY FEASIBLE?
B. Contract: the framework for autonomy
C. The limits of contract
V. THREE EXAMPLES OF CYBERSPACE SELF-GOVERNMENT
B. Is A.c.e.n.a. fair?
C. Self-government institutions proposed by IAHC
D. Economic royalism: proprietary power
VI. COMPARISON WITH OTHER SELF-GOVERNING COMMUNITIES
B. Involuntary membership models
C. Voluntary membership models
VII. WHAT REMAINS TO BE DONE?
B. Immunities and community boundaries
C. International treaty
IX. APPENDIX: CRITERIA FOR AUTONOMY
Growing interest in the Global Information Infrastructure-the Clinton Administration's Information Superhighway-has given rise to suggestions that some or all of this "cyberspace" should be self-governing-autonomous with respect to the regular law.1 Cyberspace, the set of electronic network communities, may be distinct enough to have its own law and legal institutions-a system of "cybergovernment." This self-governance may be more efficient for cyberspace. However, the rules and/or the adjudicatory techniques for applying the rules may need to be different from those of the surrounding community. In any event, compliance with the basic norms of the community may be higher when members of the cyberspace subcommunity participate in self-governance. Each of these criteria can be evaluated separately with respect to the three basic activities of governance: rulemaking (legislation), rule application (adjudication), and enforcement. More or less autonomy may be appropriate depending on whether one considers rulemaking, adjudication, or enforcement.
The emergence of new social communities in Internet newsgroups and on public electronic bulletin boards has already attracted comment.2 Some markets are currently almost completely electronic in cyberspace,3 and already govern themselves. In general, there are numerous communities that enjoy powers of self-government. Many instances of self-government are so commonplace as to escape notice. Virtually every citizen of a modern state is a member of multiple private organizations: bar associations, national fraternities, and non-profit organizations. All of these organizations exercise some powers of self-governance. Usually, there is little controversy over the application of special bodies of substantive law and the use of specialized institutions to resolve intra-organizational disputes pursuant to charters and bylaws of these organizations. It may seem strange that something can be law without being adopted by a legislature or a court, but it happens all the time and has for centuries.4
Self-government-legal autonomy-may also be appropriate for some new electronic communities, although it is extremely unlikely that self-governance will result just because some of the communications occur through new electronic channels. But, when all of the functions of a particular market or of other commercial communities are contained within electronic communications systems, the result is something like a community, whereby the participants may qualify for self-governance.5 Nevertheless, while it is possible, and in this author's view desirable, for net participants to make up their own rules and establish their own institutions of government, merely doing this does not necessarily assure them of an immunity or exemption from regular law.6
This article considers theoretical legal frameworks for autonomy of open networks, based upon models from other relatively autonomous communities. The article evaluates four possible justifications for electronic community self-governance, and considers sovereignty and contractual frameworks for self-government. The article reviews three attempts at self-governance: one in the alt.current-events.net-abuse newsgroup, another proposed by the International Ad Hoc Committee (IAHC), and a third represented by traditional proprietary services. The article evaluates the justification for such autonomy and inventories the major steps to be taken before credible exercises in self-government can occur. Then the article briefly explores historical and contemporary models for such arrangements.
Based upon the theoretical frameworks, the justifications, and the models, the article concludes that considerable autonomy can be achieved through contractual arrangements featuring arbitration accompanied by choice of customary substantive law. However, there may be difficulties in defining community boundaries, in implementing effective enforcement mechanisms, and in avoiding antitrust problems in the electronic network context. The article identifies the major points of tangency between regular legal systems and new Internet systems of government. It evinces that an independent legal system for the Internet is most likely to exist if the countries of the world negotiate a kind of "hands-off" treaty, committing themselves to defer to private Internet governing institutions meeting certain criteria, and empowering existing multilateral institutions to play certain ministerial roles. The article concludes by observing that the cybergovernment inquiry is but a subset of a broader range of issues presented by the informal, conversational, and frequently transient nature of electronic transactions in a legal context that has traditionally stressed formality and paper records.
At least three recent law review articles have explicitly considered the possibility of self-governance for electronic communities.7 This article has a broader scope than the preceding articles in that it considers self-governance and legal autonomy in cyberspace along with self-governance and legal autonomy for other types of private associations. This article also links the basic idea of cyberspace self-governance to recently-proposed mechanisms for private registration of Internet domain names.
On the one hand, the shift to open networks invites self-government, because the capacity of traditional, nationally based legal institutions to regulate the problems illustrated in Figure 1 is diminished by the transnational character of such networks. On the other hand, the capacity of the service providers-the logical organizers of regimes of self-government-is also lower in such networks because the service providers do not have the same control as they did over their own proprietary networks.
Self-governance by electronic communities may be more efficient than governance directly through larger community mechanisms because of the inherent availability of more efficient communication technologies in electronic communities. Proposals for new rules can be published almost instantly to members of the electronic communities, and they or their representatives can debate the desirability of the proposed rules without having to assemble physically. Application of existing rules can also be more efficient using information technology because of easier detection, prompter notice, and electronic adjudication of rule violations. Indeed, an adjudicatory tribunal to hear arguments and evidence can be convened electronically. Further, the tribunal could deliberate electronically (when multiple decision-makers are involved), and make its decisions known electronically. Electronic communities may also have greater efficiency in imposing sanctions for rule violation because of the ease with which a violator can be denied access to electronic community resources.10 A "judgment" can be executed simply by invalidating a user's password for a closed system and by removing her Internet address from routers in open systems.
The second criterion is also met when nobody in the traditional community really cares what the internal community does. For instance, while no one in the larger society or political system really cares about the rules for earning merit badges in the Boy Scouts, or the seniority rules in a collective bargaining agreement, members of the internal communities do. When no one cares, it is easier to defer to self-governance.
The case is hard to make, however, that members of electronic communities should be subject to different rules with respect to conduct that causes harm outside their own communities. It is implausible to assume that no one in the surrounding community will care when members of the electronic community cause harm beyond the electronic community boundaries. The larger community will certainly insist that its rules, intended to address harm to its members, be enforced within electronic communities as well as elsewhere. Clear examples are copyright infringement and use of domain names that conflict with trademarks.
A second possibility for independent rules involves contract formation. The members of an electronic community could agree that contracts for the sale of goods or services could be formed in a particular way.11 For example, members could agree that exchange of electronic data interchange (EDI) transaction sets, or of tokens satisfying a predefined standard (for authentication using public key encryption)12 forms a contract.
A third possibility would be to have specialized rules for potentially offensive communications including obscene and pornographic communications. The rules could require that such communications be directed to particular parts of the electronic community, access to which is limited so as to admit only those over a certain age.13
Fourth, rules for payments could prescribe how offers, acceptances, and payment orders are to be authenticated, and how the risk of forgery and insolvency are to be borne. The result would be like bank clearinghouse rules.
Internet transactions regularly cross national boundaries. 15 Such cross-border communications raise questions of the enforceability of export restrictions, the limitations on public access to public information, intellectual property protection, and the liability for injurious content.
The international nature of these transactions create problems that cannot be dealt with by traditional legal systems. Even if a jurisdiction in which the injury occurs asserts jurisdiction and chooses a plausible body of substantive law, it may lack the means of enforcing its decision, because the actor is somewhere beyond its reach. When conduct traditionally considered criminal is involved, the problem is more acute because of the absence of transitory crimes in traditional jurisprudence.16 It is unusual for geographically defined legal systems to prosecute for crimes committed in other places, except by artificially redefining the place of commission to be the place of injury.
Electronic network communities, on the other hand, may find it much easier to enforce rules. For electronic networks in which the attachment is primarily social, threat of exclusion from the network may be a powerful enough incentive to induce compliance with the rules. For electronic networks in which the attachment is primarily economic, the growing availability of low transaction cost methods of making payment potentially facilitate enforcement. A large producer may be required to post a bond, as for certification authorities used in digital authentication systems. Smaller participants, like consumers, are likely to have credit on the network, either through having paid for cybermoney or having arranged for secured electronic credit card transactions. A condition of network participation could be that the consumer must place some of this credit at risk in order to enable fines or civil penalties to be imposed through appropriate adjudicatory procedures.
Self-governing electronic communities can use these methods to deal with conduct occurring in their communities regardless of the place at which it occurs. Also, electronic communities can impose punishments and effectuate compensatory remedies regardless of the geographic place where the community member engaging in the conduct violating the rule is found.
In theory, however, these private governments derive their power from the traditional sovereigns and are always subject to the sovereign imposing new regulations and enforcing them. The relationship between private governments and traditional sovereigns is determined by traditional laws or regulations enacted by traditional sovereigns, by constitutions defining the power of traditional sovereigns, or by international treaty.
Self-governance can be realized in at least three forms: (1) immunity from the application of surrounding legal standards, (2) immunity from the enforcement power of traditional legal institutions, and (3) recognition of the prescriptive and adjudicatory acts of the autonomous community.
The feasibility of self-government depends on the traditional community's respect for, and deference to, community law. Traditional communities generally respect party autonomy exercised through contractual agreements. Thus, respect for community law can be earned by having a contractual framework for electronic communities. Although the enforcement of contractual autonomy may depend on traditional institutions, such dependence can be mitigated by internalizing enforcement. The crucial elements of a self-governing community are completeness, the availability of coercive power to enforce community decisions, and a contractual framework expressing the norms, procedures, and institutional competencies.
Political autonomy originates in physical power. Nation-states are politically autonomous because they have the military power to keep themselves that way. The geographic scope of political units has historically depended on the reach of military technology, and the social cohesion necessary to use it. Sovereignty is formally associated with nation-states that have the practical ability to assert physical power to coerce compliance with their law within defined borders and with respect to a defined class of persons.18 New nations, such as Bosnia-Herzegovina, are created, and old nations such as the Soviet Union, disappear, but the birth of a sovereign state is a momentous occasion in diplomacy and international law.
Network communities quite clearly are not entitled to status as traditional sovereigns because they lack a defined territory, a permanent population, and mechanisms for exerting physical coercive power.19 But new sovereigns can be created by delegation of power from traditional sovereigns. The European Union and the United States came into existence as sovereign entities through delegation of powers from nation-states through treaties and constitutions. Such delegation for network communities is, however, unlikely to occur within the foreseeable future.
Smaller, more or less autonomous communities, have long existed within power-maintained sovereign political units. Their establishment and continued existence has always depended on the sufferance of the sovereign. For example, fairs, cities, universities, and guilds existed under English law because of the grant of patents from the King. The patent defined the powers of the community it authorized.20 This type of delegation exists in modern legal systems in the form of corporate and municipal charters. More generally, other types of private communities exercise a form of sovereignty under contracts mutually delegating attributes of sovereignty retained by the community members. The traditional sovereign allows this kind of private sovereignty by allowing freedom of contract. However, such community autonomy is dependent on the traditional sovereign for its very existence. It exists only if traditional sovereign institutions recognize the community's autonomy.
Let us examine what would happen if there were to be a clash between an autonomous electronic community and the traditional community in which it sits. Assume a deputy sheriff shows up at the door to seize a computer, to demand copies of certain files, or to arrest a natural person for certain conduct. Members of a network community are unlikely to prevail in physical resistance to the deputy sheriff. The law enforcement agent almost always can call upon superior force. The community enjoys autonomy only because it can claim privileges or immunities recognized by the traditional sovereign. For instance, if the deputy sheriff intrudes, the autonomous community prevails in a subsequent legal proceeding for trespass, conversion, or violation of civil rights.
But community autonomy is rarely a bilateral test between the traditional sovereign and the private community. It usually involves a three-way contest between private interests in which the traditional sovereign is the arbiter. The deputy sheriff in the hypothetical was sent by a court and acted pursuant to a writ or warrant. The warrant or writ was issued by a traditional sovereign's court on the request of a private plaintiff or public prosecutor acting on a private complaint. The prosecutor acted pursuant to authority granted by the traditional sovereign. The private plaintiff may be from within the community or from outside it. The community-autonomy question may have been tested long before the sheriff showed up at the door of the electronic community. In such cases, one party seeks to deny community autonomy. For example, an electronic association sued by a present member asserting a violation of its constitution, would defend on the grounds that the court in which the suit is filed must defer to internal tribunals on constitutional issues.21 In other words, it asserts adjudicatory autonomy, while the private plaintiff asks the traditional court to deny autonomy of the private tribunals by deciding the case on the merits. A member of the electronic community accused of intellectual property infringement would defend on the grounds that the court in which the lawsuit is brought must defer to community rules which grant her a privilege with respect to the intellectual property, while the plaintiff claims that any contractual privilege is voided by traditional sovereign law on intellectual property. A criminal defendant would defend on the grounds that the traditional criminal statute should be interpreted with deference to electronic community rules, while the prosecutor on behalf of the victim would argue that no such deference is appropriate.22 Less conventionally, the defendants may assert that they are immune from suit or from prosecution because of their community membership and the nature of the claim, while the plaintiffs appeal to traditional sovereign authority and deny the existence of immunity.23
Such trilateral contests arise in several relevant contexts:
• intra-community conduct that offends non-waivable traditional community standards (e.g. racial, gender, or disability-motivated adverse decisions, or life- or personal-injury-threatening conduct within the community);25
• denials of membership under circumstances that would constitute a legal wrong under traditional law,
• expulsions from membership and post-expulsion efforts to collect fines or penalties from past members that would either offend traditional legal standards or would necessitate resort to traditional legal institutions for enforcement.26
• a member of the association files a lawsuit in a traditional court alleging that the association's conduct violates a statute newly-enacted by a traditional legislature which explicitly applies to association conduct.
• a prosecutor from a traditional jurisdiction commences a criminal prosecution against an association member for intra-association conduct that prima facie violates a traditional criminal statute.
It is useful to consider how such situations are dealt with in the international realm. Boundaries of autonomy in international law are defined by the jurisdiction to prescribe,29 the jurisdiction to adjudicate,30 and the jurisdiction to enforce.31 These three types of jurisdiction are useful benchmarks for private communities as well.
Respect for electronic community law depends upon the electronic community having a contractual framework sufficient in scope to bind those wishing to avoid the effect of community decisions. Communities stand a better chance of being recognized either as sovereigns or as contractual communities if they offer relatively complete legal systems of their own. Incomplete systems must rely on traditional legal systems to perform the missing functions. To the extent that such external dependence exists, the community is less autonomous. Completeness, and thus autonomy, depends upon the capacity to perform functions essential to any legal system. As Joseph Raz has observed, "[t]he three most general and important features of the law are that it is normative, institutionalized, and coercive."32 Cyberlaw-the legal system of electronic communities-is eligible for recognition as a separate legal system to the extent that it contains these three features. Electronic communities must offer normative rules for conduct; they must institutionalize rulemaking and rule application; they must sanction rule violators.33
Professor Hart observed that legal rules fall into one of two classes: primary rules, which impose duties; and secondary rules, which define powers to make and apply primary rules.34 Primary rules pertain to the normative dimension. Secondary rules institutionalize and channel coercive forces. Cyberlaw is a complete legal system to the extent that it has both types of rules. Any claim for self-regulation in cyberspace must be tested according to these criteria-the existence of rulemaking, adjudication, and coercive enforcement means.
Much can be done through conventional contracts to set up communities to which sovereigns will defer. Bank clearing house systems, WESTLAW licensing agreements, and collective bargaining agreements are good examples of contractual arrangements that establish internal governance mechanisms for the parties to the contract. Assuming a valid contract can be formed among the members of an electronic community, as discussed in this section, such a contract can achieve the criteria identified by Raz: norms, institutionalization, and coercion. A community contract can set specialized standards for conduct within the community. By providing for arbitration, such a contract can arrange for application of these rules through specialized community institutions. Indeed, it can arrange for on-line, cyberspace-based common law courts through appropriate arbitration clauses. Such a contract can also provide directly for coercive enforcement, by specifying liquidated damages, by requiring posting of a bond against which penalties may be imposed, or by providing for expulsion from the community (with or without forfeiture of property left within the community, e.g., intellectual property). In other words, contracts can provide the framework for a complete legal system.
Most of the models of self-governance35 (all except the military one) depend upon private contracts as the normative, institutionalizing, and (to a lesser extent) coercive source of law. Even constitutional and international arrangements use documents similar to contracts in some ways to express the delegated powers. Parties to purely private contracts can achieve some immunity from outside legal institutions by waiving application of traditional law and recourse to traditional legal institutions. Thus, contract principles are a natural starting point for the establishment of an independent electronic community.
But the contractual nature of some electronic communities may be problematic.36 Some electronic communities are anonymous, have rapidly shifting membership, and may exist for any particular member only for as long as it takes her to send a request to a World Wide Web or news server and receive an item of information as a response. In these communities, there is no negotiation and no ongoing social relationship. There may be a contract, but it may be so brief in duration that it may be an intellectual stretch to say that the consumer of these services joins a community and agrees to participate in self-government. In this type of electronic community, contractual models associated with standard form contracts unilaterally issued by one party are most relevant.37 This is because one party in these anonymous electronic communities will almost certainly publish the electronic equivalent of a standard form contract to which the participants will become parties to some extent. Standard form contracts have become inevitable as managerial direction has replaced market forces for a vast range of commercial transactions.38 Professor Rakoff describes the reality that consumers almost never read the terms of standard form contracts, and that it would be eccentric to insist on changes. The drafting organizations would almost certainly not agree to changes,39 and neither the drafting organization nor the consumer really expects the lawyer-crafted terms of the standard form to be followed.40 In these settings, it may be unclear whether someone involved with community resources really is a "member" of the community, subject to its normative rules, institutions, and enforcement mechanisms, and within any shield of immunity and deference.41
In these circumstances, Professor Rakoff and others have suggested new rules of contract enforcement. Professor Slawson suggested that the standard terms in a form contract be enforced only when they are consistent with the reasonable expectations of the parties.42 Slawson would determine the reasonable expectations according to the nature of the transaction. Both Slawson and Rakoff reviewed leading cases explaining how their suggestions are not revolutionary departures from what courts actually do when confronted with standard form contracts.43
Making standard contracts unenforceable, however, engenders uncertainty. A better approach may be to construct a different contract regime, in which contract terms posted in some formal way and subject to review or challenge might be presumptively valid, but not otherwise. This approach borrows the concept from insurance regulation that the standard contract is generally subject to review by the insurance commissioner before it can be used with purchasers of insurance. It also borrows from ERISA,44 which requires that employee benefits plans be published and filed with the Department of Labor. Whenever someone offers a contract defining a self-governing electronic community, that person can specify the way in which the offer is to be accepted and can also indicate what sort of an exchange is sought by the offeror (by the content of the offer and the circumstances under which it is made).45 The offer can specify that it may be accepted by conduct (for example, hitting the enter key on one's computer), or by making a promise (such as giving a credit card number representing an implied promise to pay a stated subscription fee).
When the party to whom the offer is addressed (the offeree) engages in the specified conduct or makes the promise, she accepts the offer.46 Typically, this conduct or promise also constitutes the offeree's half of the desired exchange, frequently called consideration.47
This limitation of contract can be mitigated to some extent by internalizing the enforcement function. Then enforcement of private community norms does not depend on the willingness of a traditional court to enforce a contract; the private community enforces it directly. Internalization of the enforcement function reduces the dependence of the self-governing community on traditional legal institutions to enforce its decisions, although it may increase the possibility of legal liability in traditional forums for the injury resulting from internalized enforcement.49 The possibilities for internalized enforcement are greatly enlarged by the possibility of the privatization of Internet domain registration, under the International Ad Hoc Committee (IAHC) recommendations.50 Someone who does not obey the rules or who flouts a decision can be denied an Internet domain name, effectively excluding him from the Internet (or at least from the part of the Internet within the scope of that domain registry).
The legal limitations on contracts concern the extent of comity; limits on the prescriptive jurisdiction of the private community. As Judge Posner once wrote, "If a consent decree provided that a violator could be punished by having his ears cut off, the judge could not sign it."51 Despite the strong tendency for courts to enforce private arbitration agreements and arbitration awards, they are not enforceable when they contravene public policy.52 Moreover, it is not clear that private arbitrators may be given authority to award punitive damages.53 Further, contracts "in restraint of trade" are unenforceable,54 and conduct undertaken pursuant to private contractual arrangements may produce tort liability.55 The boundaries of self-government are determined by the scope of such liability, and by the limits of contract enforceability. Many of the limitations discussed above can be addressed by carefully designing a contractual system with all of the features necessary for a completely legal system, as per the Raz formulation. Hence, despite these limitations, contracting is the best way to achieve autonomy for electronic communities.
The legal frameworks for all three examples are contractual, explicitly in the case of America Online and the IAHC recommendations, and implicitly in the case of a.c.e.n.a. The contractual frameworks in all three cases are complete, in that they authorize rulemaking, adjudication, and enforcement. They contemplate coercive measures: termination of service by AOL, expulsion from the Internet by revoking domain names in the IAHC recommendations, and direct "killing" of messages in the case of a.c.e.n.a.
Despite this netiquette convention, on April 12, 1994, the Phoenix-based law firm of Cantor & Seigel (C&S) sent a message (often called a "post") advertising its legal services to thousands of newsgroups. The response was virtually instantaneous, as thousands of users voiced their disgust in discussions on newsgroups such as news.admin.misc. and news.admin.policy. USENET subscribers were outraged by the commercialization of the system. C&S were "flamed"59 by thousands who alleged, inter alia, violations of USENET conventions, and disregard for netiquette. Unaffected by these protests,60 and realizing the vast, low cost advertising potential of the USENET,61 C&S announced their intentions to form an advertising company, Cybersell.62 Because flaming failed to end the practice, a search for other, more coercive, means was initiated.
A.c.e.n.a. was established on April 25, 1994 to channel concerns about such USENET abuses.63 The most prominent assailant of identified "spam" is Cancelmoose(TM), an anonymous member of the newsgroup.64 Operating from a European site, Cancelmoose effectively rids the network of bothersome postings by means of "cancelbots," 65 or cancel messages. A response is posted soon thereafter, notifying the newsgroup of the cancellation. Furthermore, a message is sent to the "spammer," the individual or group who posted the message, notifying him of the action, the reasons for the action, and what steps to take in the future to avoid a similar occurrence.
The readership of a.c.e.n.a consists predominantly of news administrators who can set filters that control the flow of messages to and from the site. Cancelmoose's cancel messages contain a readily detectable signature which enables site administrators to screen the cancels if desired. There is widespread approval of the actions of Cancelmoose by those active in the newsgroup. Furthermore, those disapproving a particular cancel maintain the ability to disregard the cancel messages by reconfiguring the receiving site.66
The main questions with respect to rulemaking are not procedural; they concern representation. How does one know that an electronic group like a.c.e.n.a has legitimate rulemaking power? What is the likelihood that the views represented in that discussion group adequately reflect the views of those to be bound by the rules? One answer, of course, is that the a.c.e.n.a. newsgroup is accessible to anyone using the Internet, and only persons using the Internet will be bound by the rules. In other words, anyone who is bound had an opportunity to participate, and failure to participate is not a persuasive argument for not being bound.
The adjudicatory function is somewhat trickier. Needed flexibility could be lost if lawyers (and others) insist on imposing the details of a modern civil procedural system on the adjudicatory process in cyberspace. The usual question in evaluating adjudication is compliance with due process. To avoid the risk of violating due process, it is appropriate to consider the evolution of adjudication in the Anglo-American tradition. Such an evolutionary perspective reveals the flexibility of the due process concept. Initially, the adjudicatory decision-makers were persons with actual knowledge of the facts.67 The earliest juries had virtually plenary power to decide the case, without the constraints of modern notions of the fact-law distinction, and they also were witnesses to the conduct giving rise to the dispute. So the basic idea was that the legal system gathered together a group of people from the community who had personal knowledge of what went on and then permitted them to decide whether the conduct should be punished. That is not too far removed from the situations in a.c.e.n.a when most of the participants of the discussion of a particular incident have seen the offending message for themselves.
It was not always feasible, however, to assemble a jury that already knew what went on. Thus, it was necessary to develop methods for the disputants to tell their stories to the adjudicatory decision-makers. There are, of course, a variety of ways of telling stories, some effective and some not, some faithful to the real facts and some not. The notion of story telling to the adjudicatory decision-makers gradually evolved into formal mechanisms for determining who is entitled to tell a story (usually a professional lawyer) and rules for deciding how the story could be told-rules of evidence. The core idea of the modern jury trial, however, is not to be found in the definitions of the legal profession or in the current versions of the rules of evidence or civil procedure. The core ideas are to be found in the concept of giving each side an opportunity to tell its story, so that the people with the greatest interest in developing the story fully from the two opposing perspectives can do so. With that as a guide, a.c.e.n.a can be evaluated more fully. Arguably, its openness permits both accusers and defenders of a message to tell their stories to the decision-makers-the net-administrator participants on a.c.e.n.a. Viewed thus, a.c.e.n.a. satisfies the test for fair adjudication.
The enforcement function is perhaps trickiest of all, because it is here that the risk of an unaccountable invasion of private rights is greatest. A private adjudicatory decision does little harm if there is no coercive enforcement. It is important that due process have occurred before the deprivation represented by enforcement. In this regard, it is useful to look to traditional approaches to private individuals' authority to arrest (seizure of the person) or to seize property pursuant to judicial decree. The Statutes of Winchester identified private individuals as significant actors in the criminal justice process.68 The role of the private citizen extended beyond simply protection of his own possessions; individuals owed a duty to society to join in the attempts to apprehend criminals.69 Private citizen arrests, searches, and seizures have traditionally been upheld under statutory or common law principles of citizens' arrests.70
Cancelmoose acts pursuant to the consensus of the participants in a.c.e.n.a. The consensus formed in a.c.e.n.a. can be viewed as the equivalent of a combination of a jury verdict and a warrant or a judgment. Viewed thus, Cancelmoose is equivalent to a deputy sheriff executing an arrest warrant after a criminal conviction, or a private party actually under color of a judgment. Using such analogies, we can see that the enforcement mode of a.c.e.n.a. is legitimate and "fair."
The other side of the coin, however, is that Cancelmoose does not enjoy a status equivalent to that of a public officer such as a sheriff (a sheriff is not self-appointed). And the a.c.e.n.a. process "authorizing" Cancelmoose to act is much more fluid and informal than the highly formal process of receiving a jury verdict and entering judgment on it. These differences animate arguments that a.c.e.n.a. is not "fair."
The IAHC was formed at the initiative of the Internet Society (ISOC)71 and at the request of the Internet Assigned Numbers Authority (IANA).72 In addition, the IAHC was supported by the Internet Architecture Board,73 the International Telecommunications Union,74 the International Trademark Association,75 and the World Intellectual Property Organization (WIPO).76 Beginning work in November 1996, the IAHC was to "define, investigate, and resolve issues resulting from international debate over a proposal to establish global registries and additional generic Top-Level Domains."77 IAHC sought comments from a wide variety of people and organizations and issued a final report with associated draft legal documents in February 1997. This report recommended changes in top-level domains for the Internet and a complete reorganization of the mechanisms for administering Internet domain names. The constitutional document, the generic Top-Level Domain-Memorandum of Understanding (gTLD-MoU), was signed in Geneva on May 1, 1997 and deposited with the Secretary General of the International Telecommunications Union.78 With the signing of the gTLD-MoU, the IAHC was dissolved and replaced by the Interim Policy Oversight Committee (IPOC). As of May 15, 1997, 110 entities had signed or indicated their intent to sign the gTLD-MoU, although there is much controversy over the inclusion of some entities on that list.79
A Domain Name System (DNS) is an essential component in the Internet's operation. It permits use of human-friendly addresses for nodes connected to the Internet such as "kentlaw.edu," "law.vill.edu," "cilp.org," "fcc.gov," and "ibm.com."80 The DNS functions through domain name servers that translate the human-friendly names into IP addresses (such as 22.214.171.124) through a series of interconnected domain name tables maintained on DNS servers. Tens of thousands of DNS servers are linked in a kind of hierarchical distributed look-up service.81
The IAHC was formed because of a growing set of controversies over the DNS as it now exists. The popularity and commercialization of the Internet has meant that multiple entities sometimes want to use the same domain name. Sometimes this occurs because the same few letters can signify more than one well known company, product, or service, or because some persons have registered domain names for the primary purpose of selling them to enterprises with which they appear to be associated. Many of the controversies relate to trademarks and service marks, as when enterprise A uses a domain name that is the same as a trademark registered to enterprise B. At the same time, Internet users outside the United States increasingly are restless with U.S. dominance of the DNS, a result of the Internet's origins in the U.S. Department of Defense.
The IAHC recommendations reflected the IAHC mandate to ameliorate conflicts over top level domains. They proposed a non-governmental solution to provide for competition among registries, and to develop an open process.82 The recommendations addressed the administration of domain name assignments and the behavior of the distributed look-up service that maps human-friendly names into IP addresses. In addition to recommending the definition of seven new top-level domains, the IAHC report declared that "the Internet top-level domain space is a public resource." The administration of this public resource presents public policy issues, and should be carried out in an open and public manner "in the interest and service of the public." 83
Of particular significance for this article, the IAHC recommended a new governance structure based on several memoranda of understanding, which both public and private sector entities were invited to sign. The gTLD-MoU-the constitutional document-became effective when it was signed by the IANA and ISOC. "Stewardship of the gTLD space was assigned to the gTLD DNS Policy Oversight Committee ("POC") comprising members named by the ISOC, IANA, [Internet Architecture Board], [International Telecommunications Union], International Trademark Association, WIPO and [the Council of Registrars]."84
Other memoranda created several regulatory bodies to carry out domain name policy. The Council of Registrars (CORE) was established by a Memorandum of Understanding (CORE-MoU), signed by multiple competing globally-dispersed registrars. CORE operates as a Swiss non-profit association. A gTLD DNS Policy Advisory Body (PAB) was formed from public and private sector consultation and oversees POC and CORE activities.85 "Changes to policy can be initiated by POC and enabled upon the agreement of ISOC and IANA, with the review of PAB and CORE." One could regard the legislative initiative function as residing with POC, subject to revision and possible veto by PAB and CORE.
Two international treaty-based organizations also play a role in implementing the IAHC recommendations. The International Telecommunication Union agreed to act as the depository for the gTLD-MoU and to publish the list of signatories.86 WIPO supports a dispute resolution mechanism for challenges of any domain name applicant's right to hold and use a second level domain name under the rules of the WIPO (Geneva) Arbitration and Mediation Center. WIPO would administer a new system of Administrative Domain Name Challenge Panels (ACPs). "These panels do not substitute for national or regional sovereign courts; they have authority over the domain names only, not the parties. Unlike courts, however, the challenge panels would have the ability to exclude certain names, such as world-wide famous trademarks, from all of the CORE gTLDs."87
Article 7 of the CORE-MoU reinforces WIPO's function. Registration agreements and application forms for assignment of secondary level domain names must include clauses that bind the registrars to follow ACP decisions and that bind applicants to submit to WIPO mediation, decision by an ACP and arbitration.88 The WIPO Center must notify CORE of any results and decisions of ACP, mediation or arbitration proceedings that require action.89
Appendix D of the gTLD-MoU provides substantive guidelines for administrative domain name challenge panels. Under the gTLD-MoU, ACPs and the associated mediation and arbitration mechanism only have jurisdiction over claims regarding use of a second level domain name that is identical or closely similar to an alphanumeric string that is deemed to be internationally known and for which demonstrable intellectual property rights exist.90
ACP procedures would allow for two types of exclusion. First, the second level domain name which was challenged could be excluded (that is, from the particular gTLD in which it was registered without the authorization of the owner of the intellectual property right). Second, a broader exclusion from some or all of the CORE gTLDs could be applied for, in 'exceptional cases.' Such cases would include at least trademarks which are globally known.91
Procedurally, any person can file a challenge requesting either exclusion or transfer of the requested second level domain name to the challenger.92 Appendix D provides criteria for ACPs to determine if a challenge has been established successfully.93 The ACP determinations, however, are of limited effect. "A determination of an ACP shall carry no precedential weight in any later national or regional court proceeding."94 Appeals are permitted, although Appendix D is unclear as to what body has jurisdiction over the appeal. Presumably it is the same or another ACP.95 Clearly, a de novo hearing by national or regional courts is contemplated.96
Unfortunately, the dispute resolution machinery proposed by the IAHC is limited to disputes over domain name assignment, especially those disputes that raise trademark or unfair competition issues. Moreover, it is an optional procedure, with a resort to national courts remaining available. As explained above, agreement on even this limited arrangement has been elusive. No doubt, agreement would be even harder to obtain with respect to a broader dispute resolution procedure and more ambitious use of domain names as leverage to enforce a broader set of international norms.
Notwithstanding these practical difficulties, it is useful to consider the possibility of using Internet domain names as a means of enforcing international norms in general. The growing importance of domain names in the Internet may provide the basis for a broader enforcement mechanism based on the IAHC recommendations, and may ultimately obviate the need for reliance on traditional legal institutions.
Would such a system work? Domain names as the centerpiece of a new private governance mechanism can serve some of the traditional purposes of legal remedies97 reasonably well, but not others. On the one hand, revoking a domain name is a poor way of compensating a victim. Even if a domain name is awarded to a complaining party, that provides no compensation for past infringement of the trademark. There is nothing in the proposed IAHC machinery, no matter how far it is extended, that would serve the compensation purpose well. On the other hand, revocation will exclude the target from the Internet, and that possibility may have economic consequences serious enough to represent a major deterrent. If an entity believes it will be put out of business if it violates rules, it will avoid violating those rules. Finally, revocation of domain names is a very effective means of preventing further misconduct by the target; without a domain name, the target cannot repeat any further misconduct through the Internet.
A complete system for using domain name revocation as a remedy for enforcing international adjudicatory decisions requires at least three elements: rules for prescriptive jurisdiction, rules for adjudicatory jurisdiction, and rules for assuring compliance with the final order requiring that a domain name be revoked. The rules for prescriptive and adjudicatory jurisdiction have already been worked out.98 Such rules are necessary to determine which substantive norms and which adjudicatory decisions would be entitled to enforcement through the domain name system. When the substantive norms and the adjudicatory decisions emanate from international institutions, their jurisdiction would be determined according to the documentary sources of their power. Currently, those sources are treaties.
That leaves the need to assure that the "sheriff" in this new legal domain obeys the "writ of execution." The obligation to obey the writ of execution would be expressed much as the obligation to obey decisions of ACPs and IAHC arbitration is expressed in the existing Memorandum of Understanding: once a decision to revoke a domain name is reached by the designated body, any registrar in the system must revoke the domain name. A registrar who declines to fulfill that obligation would lose its status as registrar. The integrity of this system depends upon the continued willingness of everyone within the hierarchical chain of registrars to live up to their contractual commitments. As the scope of rules and decisions to be enforced by this means increases, however, the degree of compliance by registrars who intend to comply may diminish.
Despite performance of these governance functions, proprietary services are not subject to constitutional constraints applicable to traditional governmental entities.105 Nevertheless, to the extent it limits its power by contract, a proprietor must follow its own rules.106
If one has a purely contractual framework within which rules are made and enforced, as in the three cases cited in the notes to this section, the likelihood of state action is de minimis. The only remedy of someone disadvantaged by the private dispute resolver would be for breach of contract, as in Apex, or a related tort claim such as fraudulent misrepresentation or intentional interference with contractual relations. On the other hand, when the dispute resolution mechanism is sanctioned by statute, as in the Fair Credit Reporting Act, the situation looks more like Flagg Brothers v. Brooks,107 where the self help repossession was sanctioned by Article 9 of the Uniform Commercial Code, as adopted by the New York legislature. But in Flagg Brothers, the Supreme Court held that private conduct within a framework established by statute insufficiently engages the power of the state to represent state action. State action occurs only when enforcement powers of the state are used by private entities. One of the strongest examples of private enforcement is the landlord's common law right of distress: the power and privilege of seizing personal property on leased premises as a remedy for tenant nonpayment of rent. Exercise of the distress remedy generally has not been viewed as constituting state action, unless officers of the state such as deputy sheriffs assist the landlord.108 Thus, designers of private electronic governmental mechanisms have greater autonomy when their arrangements are purely contractual, and correspondingly less when the last step in the private process is resort to public judicial machinery.
The interesting thing about the following models is that, unlike traditional sovereigns, their boundaries are rarely marked by geography. Rather, other techniques are used for defining community membership. Voluntary membership models rely on consent to represent acceptance of a contractual framework for self-governance. By contrast, involuntary membership models must rely on some other legal justification for binding members to community norms and decisions, even when the remainder of their structure is contractual.
In the following sections, each model is assessed against Raz's three criteria for legal systems: the existence of normative rules, the existence of institutions, and the existence of coercive mechanisms. These criteria map roughly into the prescriptive, adjudicatory, and enforcement modes of jurisdiction.111 As the section on legal frameworks explained, complete legal systems-those possessing all there criteria-are more likely to achieve autonomy. In addition, the sections also illustrate the ways in which traditional sovereigns limit the boundaries of community power, while affording immunities to activities at the core of the communities.
An employment relationship covered by collective bargaining is a strong example of a self-governing community under American law. Even though specialized agencies have been set up at the federal level to establish the boundaries of collective bargaining communities and may, in limited circumstances, designate the representatives of employees,113 these agencies neither define the rules governing the employment relationship114 nor resolve individual disputes over terms and conditions of employment.115 The Supreme Court has characterized a community covered by collective bargaining as a specialized community unto itself.116
Collective bargaining communities have a considerable immunity from state tort law.117 The immunity is not absolute, and state law may be applied when it involves deeply rooted state interests.118 The federal antitrust laws also give way to collective bargaining community decisions, as long as they are made within the traditional scope of workplace governance.119
Collective bargaining has normative rules expressed in collective bargaining agreements. Most collective bargaining agreements are comprehensive in this regard, including rules on every major subject of workplace governance, although they typically have "management rights clauses" allowing the employer considerable discretion to make specified entrepreneurial decisions. Collective bargaining has its own set of institutions-periodic negotiation for making rules and grievance arbitration for resolving disputes over rule application and enforcement. Collective bargaining has coercive mechanisms. It channels the employer's power to discipline employees and terminate employment, and it organizes and channels the union's ability to put economic pressure on employers by striking. The union's strike weapon is less directly related to rule violation, although some collective agreements have exceptions to no-strike clauses that are triggered when employers violate rules set forth in the collective agreement.
Collective bargaining has all three Raz factors. The collective agreement institutionalizes workplace governance, it articulates norms, and it provides for coercive enforcement through strikes and termination of employment. As a model for network self-governance, collective bargaining is interesting because of its completeness and because of the limited immunities from antitrust and tort law enjoyed by its participants.
Nevertheless, members of military and naval forces are not completely immunized from civilian law. They may be charged with, arrested for, and tried for crimes committed within their forces.123 Under some circumstances, writs of habeas corpus may issue to military authorities to show why a member of the military or naval force is detained.124 Although damage actions are not allowed,125 injunctions may issue for violations of civil rights.126 Most of these cases involve internal military and naval disputes where the arguments against civil court intrusion are substantial. A fortiorari, members of otherwise autonomous military communities should be subjected to the surrounding legal system when the civil courts seek to adjudicate conduct in which a military authority injures a civilian.127
Military societies have normative rules for the conduct of individual members in the form of regulations and standing orders. They institutionalize rulemaking and enforcement through the chain of command and through rules defining the scope of the powers in each level of the chain of command, and they have courts marshal for dealing with rule violations. Military societies have coercive mechanisms that are employed directly against rule violators, including loss of pay, incarceration, and expulsion (discharge) from the service. They thus satisfy all three Raz criteria.
Despite large measures of autonomy, traditional sovereigns impose boundaries on religious communities. Religious organizations may be liable for fraud for statements made outside the religious context130 and for intentional infliction of emotional distress when they act coercively far beyond the bounds of customary religious practices.131
Religious communities can be complete Raz systems because they institutionalize, they articulate norms, and they coerce compliance by the prospect of expulsion from membership and from religious grace.
Private associations vary in the degree to which they have the three Raz attributes. Most private associations have normative rules, although their scope may be relatively narrow, limited to matters directly concerning the association rather than a broader range of human conduct. They have mechanisms for making rules to be recognized as such and usually have institutional arrangements for applying and enforcing rules. Coercive mechanisms in private associations usually are limited to expulsion, but some religious associations also subject rule violators to spiritual penalties or social penalties like shunning. Some non-religious associations like country clubs may subject rule violators to forfeiture of membership fees, which resemble a kind of security bond in this respect.
Bank clearinghouse functions are performed pursuant to clearinghouse bylaws and rules, which are contracts among participating banks. Although Article 4 of the Uniform Commercial Code supplies default rules for clearinghouse functions, these statutory rules routinely are altered by the clearinghouse rules.
Bank clearinghouses thus are examples of self-governing electronic communities. This example of self-governance is likely to be extended as electronic payment systems become more popular with buyers and sellers of goods and services in cyberspace.134 Nevertheless, there is nothing about the bank clearinghouse experience that suggests the extension of self-governance to persons or entities not actually signatories to the clearinghouse contract. Nor is there any indication that these communities are immune from rules developed by the surrounding legal system to address concerns of members of that larger community.
Financial clearinghouses have normative rules on the limited subject matter of allocating the risk of dishonor and setting time limits for the settlement functions in their financial communities. They have institutional mechanisms for applying the rules, although it is hard to find examples of clearinghouse agreements that provide for actual adjudicatory mechanisms for rule violations. Instead, the sanction for rule violation is to bear the loss. Enforcement takes the form of expulsion or bearing the loss.
Of primary interest is the limited liability that the corporate form provides to its members.136 Limited liability is premised upon the basic principles of agency.137 In many instances, the principle will shield its agents from liability. For example, in certain circumstances, only the corporation, and not its agents, are liable on contracts made in the corporation's name.138 However, there are other complex situations where the agent may be held personally liable. For example, the corporation and the agent, or both, may be liable for torts and crimes depending on the status of each party and the context in which such tort or crime occurred.139 This may also affect "foreign" corporations (corporations incorporated in one state but doing business in another state), and thus must comply with certain formalities as defined by the other state's domestic law.140 Absent compliance with these requirements, corporate actors may be found individually liable not only for torts and crimes, but also for contractual obligations into which they enter on the corporation's behalf. The same basic concepts for the treatment of foreign corporations apply internationally.141
The nature of limited liability for members of corporate communities is expressed by the legal fiction that a corporation is person. The corporation is treated as a separate legal entity, 142 which results in a tiered structure whereby management powers and limited liability may co-exist in a single individual in a corporation.143 This legal fiction permits-at least in many instances-a third-party victim to be made whole through a legal claim against the corporation as an entity. The entity theory has received virtually universal legal acceptance, and the fictitious person so created has been given many of the constitutional protections available to individuals.144
The entity approach, however, has been subject to some criticism, especially in the context of the multinational enterprise. While in a strictly legal sense, a multinational enterprise can most simply be characterized as "an aggregate of corporate entities, each having its own juridical identity and national origin, but each in some way interconnected by a system of centralized management normally exercising its control from the seat of primary ownership," a multinational enterprise "has no coherent existence as a legal entity." 145 There is, however, a body of law emerging which is applicable to multinational corporations.146 One such area consists of the rules of international law dealing with expropriation.147 Nevertheless, efforts at establishing international codes and guidelines are relatively weak in their influence thus far, primarily because they are not legally binding.148
In the future, one area in which truly international corporations may emerge is in Europe. The European Union encourages member states to adopt domestic corporation laws that conform to standards set by a European Union directive. Thus, the company incorporating in one member state can do business in other member states without discrimination. It will be interesting to evaluate European Union mechanisms for incorporation to determine if a European Union corporation can achieve corporate status vis-à-vis member states without being separately incorporated in each member state.
More or less independently, a body of commercial law developed in so-called "fair courts." Annual fairs took place in various places on the continent of Europe, attracting traders from Africa, Russia, and the Middle East as well as Europe. Each fair had a dispute resolution body that heard commercial disputes among the participating merchants. While the crown might appoint a judge to guide the proceedings, the juries consisted of merchants participating in that particular fair.154
By the late sixteenth and early seventeenth centuries, when national sovereigns began to encroach on the traditional law merchant, the law merchant governed a special class of people (merchants) in special places (fairs, markets, and seaports). It was distinct from local, feudal, royal, and ecclesiastical law. Its special characteristics were that (1) it was transnational; (2) its principal source was mercantile customs; (3) it was administered not by professional judges but by merchants themselves; (4) its procedure was speedy and informal; and (5) it stressed equity, in the medieval sense of fairness, as an overriding principle.155
Thereafter, certain factors led to the diminished importance of the law merchant as a separate legal system. These factors included the rise of nationalism, competition between different kinds of courts for legal business, the tendency of traders to settle down and conduct their affairs from a particular place rather than traveling from fair to fair, and the incorporation of certain substantive principles of the law merchant into municipal law.156 Nevertheless, as Mark Garavaglia has explained, the law merchant survives in modern commercial law under the guidance of international arbitration, commercial arbitration, and the Uniform Commercial Code.157
Thus, until the seventeenth century, the law merchant was an independent legal system with its own normative rules, its own institutions, and its own coercive measures. After that time, it lost the latter two features but retained its own normative rules.158 Nevertheless, Professor Philip De Ly has cautioned that modern international business law is not really an autonomous legal system in the sense that it "exists outside national legal systems; rather within national systems, it has some features of its own," derived from international origins and leading to a uniformity of international business law.159 Lex mercatoria does not have a monopoly on resolving transnational business disputes and may need national law to enforce decisions applying its rules. Yet, lex mercatoria is an independent body of law that can be applied by national courts under choice-of-law rules of contract provisions. Because of the tendency of national courts to apply their own law, international arbitration represents the best forum within which to apply and enhance the status of lex mercatoria as a complete legal system.160 Of course, the content of lex mercatoria must be known in order for it to play an enhanced role. One way to achieve this is through the publication of arbitral awards.161 One author described lex mercatoria as consisting of "self regulatory rules of professional organizations, usages, customs, general conditions, usual contractual clauses and techniques, arbitration rules, arbitral case law, general principles of private law and general principles of conflict of laws."162 The distinction between reliance on these sources of law and proof of customs and usages is subtle.163
Lex mercatoria is significant not only as a model of community autonomy, but also as a legal doctrine that may legitimate recognition of electronic community "law," as explained in Part III of this article. This is so because it is the clearest example of satisfaction of the four criteria that justify self-governance for electronic communities.164 Lex mercatoria, however is not a complete Razian system because it lacks its own institutions and coercive measures.
The frameworks for self-governance in all but the military communities are contractual. Antitrust and tort immunities are recognized by traditional sovereigns for many of the communities. Autonomy has its limits, however, in every model. Certain means and purposes justify application of traditional law, overriding the autonomy otherwise enjoyed by the community.
Aspects of all of these examples provide exemplars for electronic communities. Their utility depends, however, on working out institutional details for electronic counterparts and on developing appropriate immunities to define the boundary between electronic communities and traditional legal systems.
Self-governing communities must have institutions to serve as sources of law. Institutions in cyberspace for rulemaking would exist on top of and in parallel with geographic-based institutions like state and federal courts and international rulemaking and adjudicatory institutions.
One possibility is to establish an electronic structure for a continuing plebiscite, such as that represented by a.c.e.n.a.165 Alternatively, and more formally, electronic communities could identify a dozen or fewer experts in the norms and values of conduct in cyberspace to be rule-makers.166 The IAHC recommendation includes such a mechanism in its policy committee.167 In other contexts, the lawmakers need not be members of the community.
These "wise men and women" might function like the American Law Institute, publishing a restatement of appropriate principles to guide conduct in cyberspace. They also might function as arbitrators.168 They also might play ancillary roles like being called as expert witnesses by the regular courts presented with cyberspace disputes. There is no reason that a single panel of experts cannot serve multiple communities as the lawmakers for those communities. The concept is roughly like a state adopting a particular section of a restatement written by the American Law Institute. The state, acting through its legislature or courts, reaches outside its own institutions to incorporate a doctrine developed for use by multiple communities.
More formally, one can follow other aspects of the model suggested by the IAHC, and write a kind of constitution that builds representative rulemaking institutions in a hierarchy defined by the domain name registration system for the Internet. The limitations of this model relate to the fluidity of "citizenship"-the composition of constituencies-at lower levels of the hierarchy.
One can draft an arbitration agreement that represents a multilateral contract among all the members of a community, but the agreement will not effect individuals outside the community. Most existing models for self-governance present situations in which there is little doubt who is a member of the community, and thus little doubt as to the boundaries of the community's powers of self-government. For instance, nation-states are geographically defined, and international law places great emphasis on geographic boundaries in determining the reach of sovereignty. Further, the involuntary models, collective bargaining and military societies, have formal rules for determining who is a member of the community: induction and swearing in the case of military institutions and definition of an appropriate bargaining unit or craft or class in the case of collective bargaining. Finally, in the voluntary models, including private associations and bank clearinghouses, the act of joining and submitting to the rules of the private community defines the membership.
Electronic communities do not ordinarily have geographic boundaries, and thus that technique for defining membership and the boundaries of governance is unavailable. Furthermore, it is unlikely that traditional legal systems will provide formal rules to define membership along the pattern of the collective bargaining model or the military model until electronic community self-governance has been a reality for a considerable period of time.169 The private association and clearinghouse models, which focus on a voluntary act of joining, appear to provide the best starting point for analysis of electronic community formation.
There may be problems in adapting conventional tests for contract formation to some electronic communities. While the act of subscription to America Online, CompuServe, or Lexis Counsel Connect may be unambiguous, it is not clear what the relevant act is in "joining" an Internet newsgroup or a community whose activities are carried on through Web-based postings. Does one "join" and thereby become subject to the rules of that newsgroup simply by reading the back postings from a newsgroup on one occasion, or by clicking into a Web site? If so, for what period of time is one member subject to that community's rules? Perhaps, only when one is reading and posting. This answer satisfies the specialization justification for autonomy.170 However, the transitory nature of membership in this example defeats almost any conceivable sanctioning power that the community could have. The sanction would only be effective if the community's resources are so attractive that exclusion is effective.
Notwithstanding the previous discussion, one should not overplay the importance of precise community membership definition. One can generally define boundaries in relation to the practical nature of the community. Even traditional national states have variable membership. As new people become citizens, others renounce their citizenship, and aliens come and go, sometimes these individuals fall within the power of the state and sometimes not. Moreover, nation-states have mechanisms for bringing ex-members within their communities again forcibly, such as extradition and reciprocal enforcement. Similarly, in the collective bargaining context, the class of employees covered by a collective agreement changes constantly as new persons are hired, and existing employees retire or are terminated. While all communities must define some reasonably ascertainable boundaries, these boundaries are defined in relation to the practical nature of the community. It might be quite feasible to define membership in certain electronic communities as the traffic moving through the community facilities at any given time.
The risk of sweeping significant numbers of people under the jurisdiction of private legal institutions to which they have not consented in fact, and with which they may be unfamiliar, will exert pressure on traditional legal institutions-legislatures, courts, and agencies-to draw narrower boundaries. When plausible boundaries, albeit fuzzy ones, are definable, then the arbitration mechanism can interpret those boundaries in particular cases.
The second approach is to exclude community members who break the rules. Exclusion or expulsion is the most effective means of coercive enforcement of community norms. It is found in all the models for self-governance discussed above, except for lex mercatoria.174 When social or economic resources available only through membership are valuable and more or less unique, the threat of exclusion provides a powerful incentive for rule compliance. Although the availability of competitive alternatives reduces the likelihood of antitrust liability for exclusion,175 these same alternatives reduce the effect of exclusion as an enforcement technique. If a rule violator can just as easily go to another node on the Internet or to another service provider and get the same thing, exclusion is not very coercive. Nevertheless, the members of the network community may not focus on whether exclusion inflicts significant injury on the violator. Rather, they may seek to keep him out of that community and thus eliminate the possibility of his causing further injury within the community.
Effective enforcement of electronic community norms is easier when the community has reasonable solidarity. Solidarity is characterized by several important preconditions to informal community governance. Most important among these are the likelihood of continuing relationships among the people making, enforcing, and violating the rules as well as the existence of multidimensional relationships in the community.176 While the first of these prerequisites may be met in electronic communities, the second usually is not. Participants in electronic network communities may have continuing relationships, but their relationship is unidimensional; it involves only a particular type of communication and none of the other important human activities. This unidimensionality greatly weakens the force of informal community sanctions, such as social disapprobation by other members of the community and ultimately expulsion from the community.177 If a violator of network community norms gets expelled, he simply can connect to another network. At least, he can do this if the market structure is competitive.
Most restraints are judged under a rule of reason analysis in which the anticompetitive effects of the restraint are weighed against the procompetitive effects.183 However, this rule of reason analysis entails a fact-intensive inquiry that produces significant societal costs in terms of business certainty and litigation efficiency.184 Therefore, "there are certain agreements or practices which because of their pernicious effect on competition and lack of any redeeming virtue are conclusively presumed to be unreasonable and therefore illegal without elaborate inquiry as to the precise harm they have caused or the business excuse for their use."185 This is a per se antitrust analysis. Exclusive dealing arrangements are evaluated under the rule of reason analysis.186 However, the per se analysis is applied to certain concerted refusals to deal.187
Nonetheless, "not every cooperative activity involving a restraint or exclusion will share with the per se [concerted refusals to deal] the likelihood of predominantly anticompetitive consequences."188 The per se approach is most often utilized when there are joint efforts to disadvantage competitors by denying relationships that the competitors need in the competitive struggle, the dominant parties have market power, and the practices are not justified by any plausible arguments that they were intended to enhance overall efficiency.189 In cyberspace, there is no anticompetitive effect when the person excluded is not a producer. However, in other situations, the excluded individual may be a producer. For example, a packet routing consortium may decline to handle packets belonging to a network service that fails to apply the rules agreed upon by the consortium. In these circumstances, the bodies of self-governance must be prepared to explain how the sanction of exclusion enhances competition.
Health Care Peer Review190 is a particularly pertinent area of antitrust analysis of self-governance191 because health care peer review, like cyberspace adjudication and enforcement is a form of specialized self-government. The result of peer review often is exclusion from a particular facility or specialty, just as the result of cyberspace adjudication may be exclusion from all or parts of cyberspace.192 "Although revocation of doctor's privileges may, perforce, eliminate competition by decreasing the number of doctors in a given specialty, this alone will not give rise to an antitrust violation."193 An essential element of a section 1 violation is proof of an unlawful objective, and "[c]orrective action against a physician does not violate the antitrust laws if the physician's peer reviewers had legitimate medical reasons to believe that the physician provided substandard care." That is so because monitoring the competence of physicians through peer review is clearly in the public interest.194 Actual support for the peer review decision enters into the analysis because if "the peer group's conclusions are so baseless that no reasonable medical practitioner could have reached those conclusions after reviewing the same set of facts," a fact finder may infer the existence of an illegitimate motive.195
Generally, antitrust scrutiny of competitive collaboration to impose and enforce rules should focus on whether any restraints on competition are (1) ancillary, that is truly necessary for legitimate purposes, and (2) crafted to minimize the risk of anticompetitive effects.196 On the other hand, restrictions on competition cannot be defended successfully by mere claims that they are inspired by pure or public spirited motives; instead, the actions must be justified as not incompatible with maintenance of effective competition.197 "Coercive boycotts" of unapproved providers are "almost certainly unlawful regardless of their arguably worthy purpose," and that antitrust immunity depends on the peer review organization simply making a report to others like public licensing authorities, hospitals, insurers, referring physicians, and patients themselves who decide for themselves whether to act on the advice provided by the peer reviewers.198
The case law and commentary on physician peer review is directly applicable to "peer review" by competitors in cyberspace. The public policy in favor of self-regulation of cyberspace is similar to the public policy in favor of self-regulation in the medical profession. Market structures are similar, and the utility of due process in deflecting claims of anti-competitive motivations is the same in both industries. The crucial question is whether public policy is stronger in the case of physician self-regulation because it is useful to go beyond the external standards, and because it is clear to everyone that physicians have a profession that outsiders are hard-pressed to analyze. Advocates of similar treatment for cyberspace must show how the criteria for autonomy199 are satisfied as strongly for cyberspace as for medicine. They probably are. Specialized rules and adjudication are needed as much for cyberspace as for medicine. Traditional communities are probably more indifferent to the content of most cyberspace rules than to most medical practitioner rules because the latter are almost all likely to have effects on nonmembers of the medical professions. The inherent likelihood that a specialized legal system will be more efficient, that it will induce greater voluntary compliance, and that it will regulate behavior that otherwise would escape regulation tilt the political balance in favor of autonomy in both areas.
In order to facilitate Internet self-governance, it is important to formulate a more extensive antitrust immunity. First, proof of an anticompetitive purpose that is not legitimated by some plausible need for standardization would defeat the immunity: only those decisions that could be related to a legitimate private government objective would be within the revised immunity. Private governance regimes such as those proposed by the IAHC clearly have a purpose other than restricting competition; indeed they were developed for the purposes of increasing competition in the market for domain name administration services. Second, due process should accompany both rulemaking and adjudicatory and enforcement decisions. Assuring due process would militating in favor of accountability, access to decision-makers, and rationality of decision-making.
There also are potential problems with contractual liability when entities covered by the IAHC machinery implement decisions to exclude malefactors. The IAHC machinery cannot be implemented without standardizing contracts of service through the full range of Internet Service Providers. Such standardized contracts not only should present the arbitration alternative for domain name disputes; they also should wave any liability for breach of contract for the enforcement of decisions reached through arbitration.
Legal formalities such as signature and writing requirements and witness and attestation requirements in the law of contracts and wills serve three functions: cautionary, evidentiary, and channeling.202 As digital technologies reduce formality, one must ask whether the need for these functions has been reduced, or whether the need still exists, but they can be performed in other ways with new technologies.
A tension exists between informal decision-making in electronic community self-governance on the one hand and the concepts of procedural due process on the other. As a particular example, if government decision-making becomes a kind of ongoing conversation instead of being manifested in discrete decisional documents like final rules, statutes, and judicial decisions, one must question whether the traditional procedural due process requirement that one have notice of a rule that one is obligated to obey is present. The only way one has notice of the current version of the rule is to participate continuously in the conversation over it. Even if one participates, there is no certainty that the rules will be the same next week as it is today. This kind of uncertainty traditionally is viewed with alarm by advocates of the rule of law.
The multilateral international framework also should reduce uncertainty by specifically empowering certain existing multilateral institutions (such as the World Intellectual Property Organization, the International Telecommunications Union, and the World Trade Organization) with certain ministerial powers to support the private Internet governance institutions. Of the existing multilateral organizations, the World Trade Organization is especially desirable because of its commitment to open competition and its recent negotiation of a telecommunications agreement.
The Internet functions through bits and bytes being routed through the Internet protocol to autonomous nodes and networks throughout the world. Thus understood, the Internet is a prime candidate for self-regulation and private governance. But the Internet also functions through real people, corporations, and non-profit organizations. It functions through hardware, software, and communications channels owned by real people and organizations. Those people, organizations, and their tangible property are currently, and will remain for the foreseeable future, subject to outside legal institutions. Unless appropriate steps are taken to harmonize regular law with new forms of private Internet self-governance, self-governance of the Internet will be frustrated when more than 200 legislatures and thousands of administrative agencies around the world develop their own rules. People will second-guess the decisions of expert Internet adjudicatory bodies. Further, losing parties in the self-governance institutions will ignore decisions they do not like because they need not fear enforcement from the regular police and army. DNS servers, routers, firewalls, and web servers that comply with the private regulatory regime, nevertheless, will be punished and put out of business for failing to comply with traditional law.
This is not a positive scenario. Policy-makers can prevent it only if they by take action designed to develop a comprehensive contractual framework for self-governance. This development should draw particularly on the foundation suggested by the IAHC. Traditional sovereigns should shield it with an over-arching treaty framework of forbearance to assure adequate breathing room to new private self-governance within the Internet.
Regardless of the particular aspects of self-governance that might apply, the concept of self-governance is not helpful unless some electronic communities proceed to take the first few steps. Those steps involve the development of principles, codes of good practice, and even stronger forms of rules. The community should develop them through conventional contractual mechanisms, and actually apply them through some form of arbitration or contractual fact-finding. If an electronic community cannot get this far with self-governance, it will not get further; nor will traditional legal systems accord it the deference or immunity it desires.
Self-governance for the Internet is desirable for several reasons: self-governance may be more efficient; electronic network communities need different rules and procedures; open networks escape enforcement of conventional rules; and self-governance promotes voluntary compliance. Self-governance for the Internet is legally feasible within contractual frameworks and already exists in certain parts of cyberspace. These contractual models, properly supplemented by aspects of other models for private autonomous communities, will provide a complete system for private rulemaking, adjudication, and coercive enforcement of community decisions. Antitrust and tort immunity is necessary to permit such a system to function effectively. Fortunately, there is much precedent for such immunities, and they can be limited by criteria for open participation, due process, and protection for traditional norms.
Self-regulatory systems meeting certain criteria can inspire that confidence. The participants in the October 8th meeting reached agreement in principle on five such criteria, which are set forth below. The strength of agreement was greater for the first three criteria than the fourth and fifth, and greater on the text of each criterion than on the explanatory notes that follow the statement of each criterion. The explanatory notes are examples and limitations to explain the intended operation of the criteria. Not every participant on October 8th agreed with every word of the principles and the explanatory notes, but the following statement fairly reflects the judgment of the group taken as a whole.
These criteria are intended for use by the designers of self-regulatory systems, by government policy-makers, and by judges who must determine the degree of deference to accord the decisions of private self-regulatory bodies for the Internet. When a self-regulatory system meets all the criteria, its private decisions made consistent with its constitutional documents are entitled to judicial deference and to some insulation from antitrust and tort law.
• The process for amending and setting rules should be fully disclosed.
• Rules should be able to be created and changed only after an adequate notice period.
• Initiation and results of adjudications should be fully disclosed, including the factual and legal basis for the decision.
• Enforcement procedures and decisions should be fully disclosed.
• Who is making decisions and how they were selected should be publicly disclosed.
• Adjudicatory decisions should be preceded by some form of hearing appropriate to the factual issues, and to the magnitude of the interests at stake.
• Decisions on rules and adjudications should be preceded by notice.
• Review of self-government decisions should be available, but should be confined to whether due process was made available not to the correctness of the decision on the merits; exceptions to this limitation on review should be reserved to cases implicating the protective principle below.
• Additional accountability stems from the felt duty of all industry providers to assure that the net continues to work smoothly.
• Policy-making should be centralized only for issues as to which there is a need for a single, central rule, such as the policy of concurrence or interoperation.
• Each registrar is accountable to registrants according to the terms of the registration contract, and vice versa, provided that the registrar does not engage in fraud.
• Countries may or may not choose to require that actions within a country code comply with, and are thus accountable to, the law or policy established by that local government. In any event, the relationship between any particular country code domain and the law or institutions of a particular country should be disclosed to registrants, who should be free to decide whether or not to contract to register within such domains.
• Registries, which set policies for any particular domain and the corresponding set of registrars, should promise each other that they will enforce their own stated policies, and should be accountable to each other for doing so.
• Registries, individually and in groups, should appoint or elect appropriate bodies to resolve disputes and make rules with respect to registrations within their domains.
• One or more new entities, constituted as membership organizations or non-profit corporate entities (perhaps with multiple classes of stock), membership in (or ownership of) which is open to all in exchange for appropriate fees, should establish or oversee policies for various domains.
• Entities governing particular domains may appoint or elect a centralized entity to coordinate their actions and/or play the centralized roles previously performed by IANA.
• The decisions of such domain policy setting entities should be entitled to deference by local courts under doctrines similar to the business judgment rule, and under the criteria expressed in this document.
• Insofar as the officers or trustees of entities exercising policy oversight over domains are elected on the basis of membership or stock ownership, individual persons or corporations should not be allowed to accumulate or vote multiple or duplicative memberships or ownership interests. Such memberships or stock interests may have multiple classes, reflecting appropriately the relative economic stake or representative reach of the institutions eligible to hold such classes of membership or stock.
• Composition and deployment of policy oversight entity.
• Freedom of entry among registrars (multiple business models).
• Consumer choice (portability and variety).
• Insurance against private failure leading to collapse of system by way of surety bonds and maintenance of "slave" servers.
• There must be some recourse to national sovereignty.
• Dispute policy must come from a source other than registrars.
• It may be desirable for all registrars to follow the same dispute policy.
• Adjudicators (dispute resolvers) should be empowered to set aside overreaching contract provisions. "Overreaching" must be carefully defined but, for example, the agreement that "anyone with a trademark registration wins" is an example of overreaching.
• Domain name holders (but not holders of e-mail addresses) must be known; anonymity is not permitted.
• Some guidance should be provided on jurisdictional issues.