1© 1999 Mark A. Lemley.

Professor of Law, University of Texas School of Law; Of Counsel, Fish & Richardson, P.C. Thanks to Rose Hagan and the participants in the Berkeley Center for Law and Technology conference on the Legal and Policy Framework for Global Electronic Commerce for comments on an earlier draft.

. WILLIAM J. CLINTON & ALBERT GORE, JR., A FRAMEWORK FOR GLOBAL ELECTRONIC COMMERCE (1997), available at <http://www.ecommerce.gov/framewrk.htm> [hereinafter FRAMEWORK].

2. See id. 9 ("The United States believes that the marketplace, not governments, should determine technical standards...."); see also id. at Background (referring to governmental control over standards development as a "[p]otential area ... of problematic regulation").

3. See id. 9 ("Standards are critical ... as they can allow products and services from different vendors to work together"; "the marketplace ... should determine technical standards and other mechanisms for interoperability"; "Numerous private sector bodies have contributed to the process of developing voluntary standards that promote interoperability.").

4. See id. ("[W]e urge industry driven multilateral fora to consider technical standards in this area."). The Magaziner Report also endorses the standards model of the Internet Engineering Task Force ("IETF"), see id.; see also, infra Part III. On the other hand, the Report does note that "in some cases, multiple standards will compete for marketplace acceptance." See FRAMEWORK, supra note 1, 9.

5. See FRAMEWORK, supra note 1, 9.

6. Network effects occur when the value to each consumer of a particular product is in part a function of how many other consumers buy that product. A good example is the telephone, which has no value to consumers unless it connects them to other people, preferably as many as possible. For a detailed discussion of network effects and law, see Mark A. Lemley & David McGowan, Legal Implications of Network Economic Effects, 86 CALIF. L. REV. 479 (1998) [hereinafter Lemley & McGowan, Network].

7. Parties can and do conduct electronic commerce without agreeing on all of these things expressly, but that simply means either that there is implicit acquiescence to a particular standard (the use of a credit card number, for example, or an "agreement" that the transaction will not be encrypted) or that the parties haven't considered the issue yet. For an argument that electronic cash has been unsuccessful largely because credit cards are being used online with great frequency, see John D. Muller, Selected Developments in the Law of Cyberspace Payments, 54 BUS. LAWYER 403, 406-07 (1998).

8. For a discussion of tipping, see Michael L. Katz & Carl Shapiro, Network Externalities, Competition, and Compatibility, 75 AM. ECON. REV. 424 (1985).

9. For a fuller explanation, see Mark A. Lemley, Antitrust and the Internet Standardization Problem, 28 CONN. L. REV. 1041 (1996) [hereinafter Lemley, Standardization]; Lemley & McGowan, Networks, supra note 6.

10. U.S. GOV'T WORKING GROUP ON ELEC. COMMERCE, FIRST ANNUAL REPORT iv (Nov. 1998), available at <http:www.doc.gov/ecommerce/E-comm.pdf> [hereinafter FIRST ANNUAL REPORT].

11. See id. at 20 (discussing several facilitative roles for the National Institute of Standards and Technology).

12. For an early description of this fight, see A. Michael Froomkin, The Metaphor is the Key: Cryptography, the Clipper Chip, and the Constitution, 143 U. PA. L. REV. 709 (1995); see also A. Michael Froomkin, It Came From Planet Clipper: The Battle Over Cryptographic Key "Escrow," 1996 U. CHI. LEGAL F. 15 (1996).

13. FRAMEWORK, supra note 1, 6.

14. For cases discussing the government's regulation of encryption under the International Trafficking in Arms Regulations, see generally Junger v. Daley, 8 F. Supp. 2d 708 (N.D. Ohio 1998); Bernstein v. U.S. Dept. of State, 945 F. Supp. 1279 (N.D. Cal. 1996); Karn v. U.S. Dept. of State, 925 F. Supp. 1 (D.D.C. 1996).

15. For a discussion of the government procurement policies related to key escrow encryption, see Howard S. Dakoff, Note, The Clipper Chip Proposal: Deciphering the Unfounded Fears that Are Wrongfully Derailing Its Implementation, 29 JOHN MARSHALL L. REV. 475, 482-84 (1996). Of course, supporting a standard in the marketplace is not the same as mandating choice of a particular technology. See Lemley & McGowan, Networks, supra note 6, at 544-45.

16. A circumvention device is one that effectively bypasses or disables a technological protection system designed to encrypt or restrict access to a piece of data, particularly a copyrighted work. See generally 17 U.S.C. 1201(a)(1) (1998).

17. See FRAMEWORK, supra note 1, 4.

18. Digital Millenium Copyright Act, Pub. L. No. 105-304, 112 Stat. 2860 (1998).

19. For a superb analysis of this labyrinthine law, see Pamela Samuelson, Intellectual Property and the Digital Economy: Why the Anti-Circumvention Regulations Need to be Revised, 14 BERKELEY TECH. L.J. * (1999).

20. FRAMEWORK, supra note 1, 1. Indeed, government policy in this area is sufficiently schizophrenic that Congress had to amend the original draft DMCA to provide an exception for law enforcement officials, who otherwise would be committing a crime by attempting to do what key escrow would allow them to do. See 17 U.S.C. 1201(e) (1998).

21. FRAMEWORK, supra note 1, 7.

22. See Joseph Farrell, Creating Local Competition, 49 FED. COMM. L.J. 201, 211 (1996); Lemley & McGowan, Networks, supra note 6, at 551.


24. Some courts, notably the First Circuit in Lotus Dev. Corp. v. Borland Int'l, 49 F.3d 807 (1st Cir. 1995), have held that standard protocols may be entirely ineligible for copyright protection. Even if an interface protocol is eligible for copyright protection, it may still lose protection against all but the most literal copying if a court concludes during its filtration analysis that virtually all of the elements of the interface are unprotectable. For example, in Mitel v. Iqtel, the Tenth Circuit concluded that the arbitrary selection of code numbers in the operation of telephone call controllers was not sufficiently original to qualify for copyright protection. See Mitel v. Iqtel, 124 F.3d 1366, 1373-74 (10th Cir. 1997). But see American Dental Ass'n v. Delta Dental Plans, 126 F.3d 977 (7th Cir. 1997) (concluding that the listing of code numbers assigned to each element was a copyrightable part of a taxonomy of information, because different numbers could have been chosen); Atari Games Corp. v. Nintendo of Am., 975 F.2d 832, 840 (Fed. Cir. 1992) (holding that the arbitrary string of numbers in a lock-out device was not dictated by function and therefore could be copyrighted).

Program interface elements will also be uncopyrightable if they are dictated by external factors, such as the requirements of compatibility with a particular hardware or software platform. Thus, the Tenth Circuit concluded that the selection of values matched to codes in Mitel's call controllers, while sufficiently original to qualify for copyright protection, could not be protected because they were dictated by the needs of the industry. Mitel, 124 F.3d at 1366. See also Computer Assoc. Int'l, Inc. v. Altai, Inc., 982 F.2d 693, 707-09 (2nd Cir. 1992). On the other hand, other courts have found similar program elements to be copyrightable. See, e.g., Atari, 975 F.2d at 845; Engineering Dynamics, Inc. v. Structural Software, Inc., 26 F.3d 1335, 1347 (5th Cir. 1994); CMAX/Cleveland, Inc v. UCR, Inc., 804 F. Supp. 337, 355-56 (M.D. Ga. 1992).

25. For a general discussion of patents that confer market control on software standards, see Julie E. Cohen, Reverse Engineering and the Rise of Electronic Vigilantism: Intellectual Property Implications of "Lock-Out" Technologies, 68 S. CAL. L. REV. 1091 (1995).

26. For example, Microsoft's copyright in its operating system has served to give it effective control over the standards contained therein, despite questions as to whether Microsoft's applications program interfaces ("APIs") are themselves copyrightable. See Mark A. Lemley & David McGowan, Could Java Change Everything? The Competitive Propriety of a Proprietary Standard, 43 ANTITRUST BULL. 715 (1998) [hereinafter Lemley & McGowan, Java]. In part, this results from uncertainty about the copyrightability of the APIs themselves. In part, however, it also reflects the technical difficulty of designing a compatible operating system given the constraints of copyright law. See Lemley & McGowan, Networks, supra note 6, at 527-30.

27. See State St. Bank & Trust Co. v. Signature Fin. Group, 149 F.3d 1368 (Fed. Cir. 1998); see also U.S. Patent No. 5,794,210 (covering the concept of paying consumers to view ads); U.S. Patent No. 5,794,207 (covering buyer-priced auctions); U.S. Patent No. 5,790,793 (covering all Internet "push" technology); U.S. Patent No. 5,724,424 (covering a system of secure real time online payment); U.S. Patent No. 5,715,314 (covering electronic "shopping carts").

28. See FRAMEWORK, supra note 1, 4 (endorsing the concept behind the DMCA, and encouraging patent protection for software and telecommunications inventions). See also id. 3 (supporting the development of U.C.C. article 2B (now the draft Uniform Computer Information Transactions Act), which would effectively provide new and broader forms of intellectual property-like protection).

On the other hand, the Report does shy away from maximal protection in some areas: it is neutral on database protection, for example, and it encourages tougher reviews of software patent applications by the PTO. See id. 4.

29. See Lemley & McGowan, Java, supra note 26, at 750-53.

30. Indeed, even in the case of Java one might reasonably be concerned that if the standard prevails, Sun will assert its intellectual property rights in the standard to close it to others. See id. at 769-72 (raising this concern, and suggesting ways to deal with it).

31. Figuring out what the answers should be would take far more space than I have here. I hope to embark on this project in the near future.

32. 888 F. Supp. 274, 281, 284 (D. Mass. 1995).

33. See Lemley, Standardization, supra note 9, at 1080-90 (arguing that standard setting organizations should not be subject to antitrust liability in network markets unless they restrict rather than promote access to a standard).

34. In a series of negotiations regarding rules promulgated by the European Telecommunications Standards Institute ("ETSI"), the United States put substantial pressure on ETSI to back down from its original rule requiring disclosure and nondiscriminatory licensing of member intellectual property rights embodied in ETSI standards. For discussions of the evolution of ETSI intellectual property rules, see Cortien Prins & Martin Schiessl, The New Telecommunications Standards Institute Policy: Conflicts Between Standardization and Intellectual Property Rights, 8 EUR. INTELL. PROP. REV. 263 (1993); Mark Shurmer & Gary Lea, Telecommunications Standardization and Intellectual Property Rights: A Fundamental Dilemma?, in STANDARDS POLICY FOR INFORMATION INFRASTRUCTURE 391-96 (Brian Kahin & Janet Abbate eds., 1995).

Ironically enough, the Federal Trade Commission has taken the opposite position, bringing action against a member of a standard setting group that asserted patent rights in a group standard in violation of the organization's by-laws. See, e.g., In re Dell Computer Corp., No. 931-0097 (F.T.C. 1996). It seems odd to argue both that private group standard setting rules violate the antitrust laws, and that failing to comply with those rules violates the antitrust laws.

35. See Intergraph Corp. v. Intel Corp., 3 F. Supp. 2d 1255 (N.D. Ala. 1998); In re Intel Corp., FTC Docket 9288 (complaint filed June 8, 1998), available at <http://www.ftc.gov/os/9806/intelfin.cmp.htm>. The FTC case was recently settled by consent decree. Intel agreed not to cut off its supply of chips and technology to plaintiffs who sued it, provided they met certain conditions. See Federal Trade Commission, In re Intel Corp., Agreement Containing Consent Order, FTC Docket 9288 (visited Apr. 14, 1999) <http://www.ftc.gov/os/1999/9903/d09288intelagreement.htm>.

36. This is not to say there are no such standards under development. See Mueller, supra note 7, at 412 ("In the midst of the vigorous competition among various companies and consortia to establish their proprietary payment methods, many leading financial services and technology companies are also participating in efforts to develop open technology standards."). Among these putative group standards for electronic commerce are BIPS, see Financial Services Technology Consortium, The Bank Internet Payment System (BIPS): Leading the Way to Electronic Commerce (visited Mar. 12, 1999) <http://www.fstc.org/projects/bips/>; the Account-Based Secure Payment Objects Standard, see CommerceNet, Open Mailing Lists (visited Mar. 12, 1999) <http://www.commerce.net/resources/lists/open.html>; the Internet Open Trading Protocol, see Internet Engineering Task Force, Internet Open Trading Protocol (last modified Feb. 16, 1999) <http://www.ietf.org/html.charters/trade-charter.html>; the Payment Facility Object Framework, see Object Management Group, Electronic Payment RFP (visited Mar. 12, 1999) <http://www.omg.org/schedule/Electronic_Payment_RFP.htm>; and the XML standard for extending HTML to enable machine-driven commerce, see Veo Systems, Abstract, The XML Revolution in Internet Commerce (visited Mar. 12, 1999) <http://www.veosys.com/xml/white_papers/whitepapers2.html>.

37. See, e.g., Elizabeth Judd, BITS CEO Tells E-Money About the Group's Upcoming Initiatives, E-MONEY, July 1998, at 26 (quoting Catherine Allen); Muller, supra note 7, at 410 ("Interoperability among different smart card systems is crucial to the development of smart cards, and industry leaders continue to work towards establishing worldwide open standards."); Richard Poynder, Today's Technology: Understanding E-Money and E-Commerce, E-MONEY, July 1998, at 18, 21; Cynthia Weaver, Smartcards in the United States: What is Holding Up the Show?, E-MONEY, Aug. 1998, at 3, 4.

38. See Weaver, supra note 37, at 4:

The worldwide problem of insufficient interoperability is another major hindrance to smartcard acceptance.... [The major vendors] are still waging a war over standards for their disparate electronic purse specifications.... Not until a universal standard for financial services applications is adopted by the international community will the United States forge ahead with smartcard open systems.

Id. See also Poynder, supra note 37, at 21 ("Until and unless a globally accepted purse architecture appears, or the main purse products are modified to be interoperable, then this situation [the prevalence of "proprietary, fragmented," standards that aren't interoperable] will do much to prevent the successful international proliferation of e-commerce....").

39. Thus, in both the PC market and the VCR market, the result of a standards competition was that a minority of consumers and suppliers were excluded from the network even years after it was clear which standard had won the competition. See, e.g., Paul David, Clio and the Economics of QWERTY, 75 AM. ECON. REV. 332, Issue 2 (May 1985) (noting the risk of such suboptimal lock-in).

40. See FIRST ANNUAL REPORT, supra note 10, at 20.

41. Cf. Jane Kaufman Winn, Open Systems, Free Markets, and Regulation of Internet Commerce, 72 TUL. L. REV. 1177 (1998) (arguing that government should not pass laws that favor particular technological choices before the technology is fully developed).

42. Winn's caution against technology specific legislation, see id. at 1183, need not concern us overlong here. What I am suggesting is not a preference for a particular technical standard, but for a process of achieving that standard and for a particular set of rules regarding the use of whatever standard results.

43. For a discussion of the history of banking and payment system regulation in the United States, see Kerry Lynn Macintosh, How to Encourage Global Electronic Commerce: The Case for Private Currencies on the Internet, 11 HARV. J.L. & TECH. 733 (1998); Jane Kaufman Winn, Clash of the Titans: Regulating the Competition Between Established and Emerging Electronic Payment Systems, 14 BERKELEY TECH. L.J. * (1999).

44. Commentators have sharply divided on whether compatibility and/or standardization should justify reverse engineering or copying of parts of a plaintiff's computer program. Virtually all recent courts have endorsed reverse engineering in some circumstances. See Alcatel USA, Inc. v. DGI Technologies, Inc., 166 F.3d 772 (5th Cir. 1999); DSC Communications Corp. v. DGI Technologies, Inc., 81 F.3d 597, 601 (5th Cir. 1996); Bateman v. Mnemonics, Inc., 79 F.3d 1532, 1539 n.18 (11th Cir. 1996); Lotus Dev. Corp. v. Borland Int'l, Inc., 49 F.3d 807, 819-22 (1st Cir. 1995) (Boudin, J., concurring); Sega Enters., Ltd. v. Accolade, Inc., 977 F.2d 1510, 1527-28 (9th Cir. 1992); Atari Games Corp. v. Nintendo of Am., Inc., 975 F.2d 832, 843-44 (Fed. Cir. 1992); Vault Corp. v. Quaid Software Ltd., 847 F.2d 255, 270 (5th Cir. 1988); Mitel, Inc. v. Iqtel Inc., 896 F. Supp. 1050, 1056-57 (D. Colo. 1995), aff'd on other grounds 124 F.3d 1366 (10th Cir. 1997).

Most commentators have similarly endorsed such a reverse engineering right. See, e.g., JONATHAN BAND & MASANOBU KATOH, INTERFACES ON TRIAL (1995); Julie E. Cohen, Reverse Engineering and the Rise of Electronic Vigilantism: Intellectual Property Implications of "Lock-Out" Technologies, 68 S. CAL. L. REV. 1091 (1995); Lawrence D. Graham & Richard O. Zerbe, Jr., Economically Efficient Treatment of Computer Software: Reverse Engineering, Protection, and Disclosure, 22 RUTGERS COMPUTER. & TECH. L.J. 61 (1996); Dennis S. Karjala, Copyright Protection of Computer Documents, Reverse Engineering, and Professor Miller, 19 U. DAYTON L. REV. 975, 1016-18 (1994); Maureen A. O'Rourke, Drawing the Boundary Between Copyright and Contract: Copyright Preemption of Software License Terms, 45 DUKE L.J. 479, 534 (1995); David A. Rice, Sega and Beyond: A Beacon for Fair Use Analysis ... At Least as Far as It Goes, 19 U. DAYTON L. REV. 1131, 1168 (1994).

On the other hand, some early decisions rejected compatibility as a justification for copying. See Apple Computer v. Franklin Computer, 714 F.2d 1240 (3d Cir. 1983); Digital Communications Assoc. v. Softklone Distributing Corp., 659 F. Supp. 449 (N.D. Ga. 1987). And one current case suggests limits on the reverse engineering right. DSC Communications Corp. v. Pulse, 1999 WL 126067 (Fed. Cir. 1999). See also Anthony Clapes, Confessions of an Amicus Curiae: Technophobia, Law and Creativity in the Digital Arts, 19 U. DAYTON L. REV. 903 (1994) (arguing that no right to reverse-engineer software should exist); Arthur Miller, Copyright Protection for Computer Programs, Databases, and Computer-Generated Works: Is Anything New Since CONTU?, 106 HARV. L. REV. 977 (1993) (same).