Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
Legal Issues in Agents for Electronic Contracting+
Irene Kafeza1, Eleanna Kafeza2, Dickson K.W. Chiu3, Senior Member, IEEE,
1
Faculty of Law, University of Hong Kong
Department of Marketing and Communications, Athens University of Economics and Business
3
Dickson Computer Systems, 7A Victory Avenue, 4th floor, Homantin, Kowloon, Hong Kong
2
email: [email protected], [email protected], [email protected]
Abstract
Intelligent agents are a new emerging technology that
allows for machine-to-machine contract formation. Agents
equipped with a set of rules instructed by humans, surf the
web, discover other agents and/or humans, and take decisions forming agreements in an autonomous way. Despite
recent legislations on electronic contracting, there are no
legislations governing automatic agent transactions except one preliminary attempt in the USA. In this paper, we
are looking into the new legal issues that arise due to intelligent agents in automatic contracting. There are few
scattered opinions in the literature and are inadequate to
address these issues. So, we present a legal framework to
analyze these novel issues and show why even recent legislations cannot adequately address this problem. We
identify many of these issues which are rooted at the authorization management in agent delegation. Therefore,
we advocate solutions that consider both legal and technical aspects. Based on current legal and business practices,
we develop a conceptual model for agent authorization.
We propose the use of a Contract Agent Authorization
Platform (CAAP) that also supports alerts and acknowledgments, and illustrate the platform with typical use
cases. We attempt to investigate the ambiguities of the
existing legal framework on contracting agents that
emerged due to new technical developments in the field.
1. Introduction
A new era of electronic contracting is emerging where
intelligent agents are negotiating, formulating, and monitoring contracts. New technological advances are making
possible for machine to machine contracting. An agent is a
piece of software that is programmed to execute a set of
instructions given by the user. In the existing practice
agents are surfing the web to find beneficial deals for the
customer, negotiate a price, and create a contract. In the
near future, e-commerce will evolve and agents will be
able to negotiate and monitor more complicated deals than
simple purchasing of goods. Agents will represent users
without being explicitly instructed to do so. Agents could
+
arrange trips for users based on the information found on
their calendars, their preferences, and their habits. Although much work has been done in the area of developing intelligent agents and machine to machine communication, there is a growing interest on legal aspects that
arise when intelligent agents are contracting. This transformation of the contracts landscape raised some crucial
legal issues and key regulatory challenges.
The use of Internet and new software technologies has
resulted in legal problems and most existing legal framework is inadequate to deal with them. The Internet provides opportunities for new ways to damage or otherwise
affect legal relations and markets worldwide. For example,
Internet pornography, hacking, Internet money laundering,
and identity theft are criminal acts and as such are prosecuted by the laws in all jurisdictions. The criminalization
of hacking was an important step towards the regulation of
the Internet. Computer systems, their data, and their processes are protected of exploitation by unauthorized parties.
But the issues are not so clear in the case of electronic
contracting. In the process of the transition from offline to
online, the contracting environment has changed markedly
through the use of electronic agents. The legal framework
has sought to keep up but the technology involves fast.
In a closed system where the user does not allow third
parties to enter unless those with a previous authorization,
it is easier to decide the unauthorized use of the resources.
Intelligent agents can perform deals and formulate contracts mainly in an open environment. As a result, the
seller, whether it is a web-site or a seller agent, tries to
advertise the services it offers. Therefore the notion of the
protection in open systems is quite different than a closed
one. In open systems the user invites others to interact
with his agent, to visit the website, and use the system’s
computational resources aiming at financial benefit. If the
agent does not act as the user’s expectation, either based
on the user instructions, either because of a malfunction of
the agent, either because the agent can easily be manipulated by a third party, either because the user of the system
did not estimate appropriately the benefit, etc., then it is
not easy to decide who is liable for the damages.
We are grateful to Dr. Felix W.H. Chan of the Faculty of Law, University of Hong Kong for his advice and comments
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
1
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
Let us consider this conceptual example. Suppose
agent B acted on X’s behalf in stock exchange by negotiating, buying, and selling shares. X instructed B to buy
5,000 shares of S Inc. for two dollars each. B went to bulletin boards of various companies, placed advertisements,
checked chat rooms, and so on, to gather information. Finally, B decided to buy shares from agent A of Company
C, which has a link in its website to a financial news service (say, Bloomberg web page) stating that Company C
was about to be subject to a take-over and could result in
40 percent rise of stock within minutes. B communicated
with A asking whether there were bank guarantees. Knowing that X would like to take advantage of this opportunity, based on X’s preferences and previous purchases as
well as rules that allow B to use this information, B
immediately buys 5,000 shares for X. However, X later
found out that Company C has no such shares and it was
common knowledge among the investors that C was
convicted of distributing 2 million shares, inappropriately
registered to the investors. There were news headlines
that C’s investments had no bank guarantees as they
claimed and that their agent A had made knowingly false
statements in order to attract and mislead other investors.
X suffered economic loss from this transaction that could
not happen if delegated to a human representative since
everyone would have known C’s bad reputation and conviction.
Now, many questions arise. Can X challenge the validity of the contract on the ground that B is just software and
not a person capable to have intention to enter into contracts? Can X claim that B has operated in excess of his
implied authority by buying more shares? Can the other
party argue that this is their internal relationship problem?
Can X sue the physical agent A to recover the loss in assets? However, this is not possible because agent A does
not own any assets. Can it be argued that the software in
agents A or B has bugs? Can it be argued that the agents
are not properly representing their owners? Would it be
different if there was a requirement and available mechanisms to check the validity of the agents’ authorization?
Can X argue that agent A had asked for his ratification in
all previous transaction but did not do so this time? Can X
sue the programmer? Can the programmer argue that X
did not operate according to the instructions or within the
documented technical limits? This list of ambiguous legal
questions can grow further almost unlimitedly.
It seems that the adoption of new technological advances in intelligent agents area as well as the massively
use of such agents depends on solving the legal issues
first. From a business perspective, trade is not encouraged
in such an environment where the rules are not clear and
where technological innovation can be used easily as a
means for fraud and deception. The lack of adequate legal
response, international standards, and the cross-border
nature of electronic trade make it even more difficult to
resolve any possible disputes, thus discouraging people to
use this new technology.
In this paper, we review the existing approaches and
the existing legal framework. Then, we give an overview
of the existing legal issues and also of problems that are
eminent to come. We try to bridge the gap between the
theoretical and philosophical point of view about agents
with the practice. Furthermore, we propose a solution
framework with a Contract Agent Authorization Platform
(CAAP) where we discuss the directions that might lead to
a viable solution to the problem.
2. Background and Problem Definition
There is not a uniform definition for agents. Casual
definitions of agents can be “a software thing that knows
how to do things that you could do probably yourself if
you had the time” (Hermans 1996). He et al. (2003) presented an excellent survey on agent-mediated ecommerce. In summary, agents are software tools that
have:
• social ability: agents interact with other agents or individuals,
• reactivity: agents respond to changes that occur in their
environment,
• pro-activity: agents are programmed to pursue goal
directed behavior,
• adaptivity: agents assimilate to the user’s habits and
benevolence assuming that they do not have conflicting goals, and
• mobility: some agents can move in an electronic environment, in our case the Internet.
These properties of an agent significantly change the
nature and the capabilities of this piece of software. In
contrast to traditional software, agents can be used to take
decisions on users’ behalf and enter a transaction automatically based on its personalized, continuously running,
and semi-autonomous nature. The terms selected to describe the interactions of agents attribute to them humanlike capabilities. Although for the time being such capabilities seem to be an obstacle and lead to philosophical
questions about agents, still agents are a piece of software
programmed to execute requests posed by the user.
A variety of types of electronic agents exist: there are
buying and selling agents, matchmaking agents, information filtering agents, etc. Watcher agents, for example, are
looking for information specified by the user and either
notifies the user directly or store the information for future
access (such as Fish wrap and Newshound or Dow Jones’
Personal Journal). There are learning agents that adjust
their performance to individual’s preferences, knowing
them from the user’s previous behavior (such as Firefly,
Web hunter, News Weeder). Shopping agents are capable
of comparison shopping and finding the best price for the
requested item (such as BargainFinder). Information re-
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
2
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
trieval agents are capable of complicated searches by
completing independently the search criteria defined by a
user (such as Architext, AppleSearch, Pageakeeper). In
our study, we discuss agents that are used for e-commerce
transactions. These agents have at least three basic functions: product brokering, merchant brokering, and negotiation (Maes et al. 1999). That is, agents are capable of:
• retrieving information based on criteria provided by
the buyer,
• deciding what to buy resulting in a “consideration set”
of products (product brokering), which combines with
merchant information to determine from who to buy
after evaluating the merchant alternatives (merchant
brokering), and
• considering how to settle the terms of the transaction
(negotiation).
Intelligent agents search the Web for making beneficiary deals for their users. Assuming that an intelligent agent
based on the instructions given to it by the user, searches
the web and identifies a beneficiary deal with an agent that
represents company, and both agents agree. The question
is whether this is a formation of a contract.
The term contract is overloaded. In everyday life we
use the term contract to refer to an agreement between two
or more parties. An electronic contract extends this notion
and refers to electronic agreements; agreements that are
created through electronic means. In e-commerce every
time intelligent agents interact and agree upon the execution of a task, we have an electronic agreement. The formation of an electronic agreement has several stages:
searching for the parties, negotiation, drafting of the contract, execution, control, and monitor of the contract. The
legal term contract as defined in the American Law Institute’s Restatement Second of the Law of Contracts states
that “a contract is a promise or a set of promises for the
breach of which the law gives a remedy, or the performance of which the law in someway recognizes as a duty.”
From this point of view, a legal contract introduces the
notion of enforceability; a party that does not fulfill its
contractual obligation has a penalty. Moreover, the law
limits the capacity of certain person to bind oneself by a
promise, or to enforce a promise made to them like minors, mentally disordered, etc. From this point of view,
only a person can have contractual capacity, but not an
electronic agent.
Whether automated formulated agreements among intelligent agents constitute a contract with legal obligations
is of fundamental importance for the evolution of ecommerce. Making business relations and initiating business interactions is of importance only if the necessary
means of trust exist. In e-business where the parties are
having cross-border agreements with parties they do not
know (in the case of intelligent agents they might not even
know that they are having an agreement) legal obligations
should be clear. The issue is that legal obligations are con-
nected to contracts such obligations bind the parties that
participate in it.
The answer to the above question is not straightforward. There are philosophical and technical issues related
to it. Is an intelligent agent a legal person thus bound by
its actions? How could a software tool be a legal person
and how the user is then bound by its actions? The user of
the agent should be responsible for the agent, if this is
always the case then is an intelligent agent a simple communication tool? Is this the case even when agents decide
and act based on users’ preferences? Could agents be
viewed as a form of traditional agents bound by the
agency law? Who is liable in case an agent makes damages? Is the use of the computational power of an open
system considered to be damage? Can an agent subcontract part of his job to another agent? What happens if
an electronic transaction goes wrong resulting in an economic loss?
Several of the above issues have been mentioned in the
literature and there is no consensus even within researchers from the same jurisdiction. Let us proceed to review
the existing approaches and the existing legal framework.
3. Recent Legal Framework in Intelligent
Agents Contracting
Intelligent agents are part of an evolving approach to
businesses that could eventually alter the communications
landscape in a global scale. The characteristics of intelligent agent’s legal framework are just beginning to become
clear and the legal framework that currently governs these
activities must be clearly drawn and re-evaluated. In this
section, we introduce some recent legislation on electronic
contracting. However, there is only one attempt in the
USA to enact more detailed legislation, addressing the
issues in electronic contracts formed by agent.
In the context of European law the most significant initiatives affecting electronic contracts have been the Directives on Distance Selling1, on Electronic Commerce2, and
on Electronic Signatures 3 . These Directives, in contrast
with USA legislation, are referring to electronic contracts
without further specification to contracts concluded by
electronic agents. The objective of the Directives is to
establish a uniform legal framework for all member states.
Nevertheless, the European legal framework regarding
electronic contracts is unclear due to disparities between
1
Directive 97/7/EC of the European Parliament and of the Council of
20 May 1997 on the protection of consumers in respect of Distance Contracts, OJ 1997 L 144
2
Directive 2000/31/EC of the European Parliament and of the Council
of 8 June 2000 on certain legal aspects of information society services ,in
particular electronic commerce, in the internal market, OJ 2000 L 178/1
3
Directive 99/93/EC of the European parliament and of the council of
13 December 1999 on a Community framework for electronic signatures,
OJ 2000L13/12
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
3
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
national legislations. Hong Kong enacted the Electronic
Transactions Ordinance4 which adopts an open Public Key
Infrastructure (PKI) system that encourages the formation
of contracts. Singapore’s Electronic Transactions Act has
specific provisions on how to form a contract electronically5. Australia has enacted the Electronic Transactions
Bill that sets the general rules about the validity of electronic transactions6.
In USA, the Uniform Electronics Transaction Act
(UETA 1999) is an extensive law attempting to regulate
electronic commerce, promulgated by the Uniform Law
Commissioners in 1999, approved by the American Bar
Association, and adopted in several states. UETA is an
effort to establish uniform legal standards for electronic
commerce transactions. As stated at the UETA, the primary objective of this act is to establish the legal equivalence of electronic records and signatures with paper writings and manually-signed signatures, removing barriers to
electronic commerce. The idea underlying UETA is the
enforceability of electronic transactions at the same level
as at the paper transactions without changing the substantive rules of law that applies. In that way the Act provides
stability and significant efficiency and cost savings. UETA
applies to transactions in which parties have agreed to
conduct transactions by electronic means (UETA, Section
5(b)).
The Uniform Computer Information Transactions Act
(UCITA) is a more ambitious statute than UETA. Historically, UCITA is the result of an effort to revise the article
2 of the Uniform Commercial Code in order to conform to
the technological advances. The National Conference of
Commissioners on Uniform State Laws (NCCUSL), an
organization of commissioners from every state for drafting uniform state laws, established a committee to draft a
new article 2b in the Uniform Commercial Code in order
to support the future advances of the new technologies
which later on resulted in UCITA.
UCITA’s objective is to provide a full set of commercial law rules for computer information transactions.
UCITA is a uniform commercial code applicable to computer information transactions. 7 An electronic agent can
respond to a term in an electronic record if it is “conspicuous” and presented in a form that a reasonably configured
electronic agent could take it into account or react to the
term without review of the record by an individual. A
“Conspicuous” term with respect to an electronic agent
includes a term or references to a term that is so placed in
a record or display that the person or electronic agent cannot proceed without taking action with respect to the particular term or reference (Section 102, Definitions 14(B)).
An “Electronic agent” is defined as a computer program, or electronic or other automated means, used by a
person to initiate an action, or to respond to electronic
messages or performances, on the person’s behalf without
review or action by an individual at the time of the action
or response to the message or performance (Section 102,
Definition 27). An electronic message can be communicated to either a person or an electronic agent (Section
102, Definitions 28). The person that employs an electronic agent for making an authentication, performance, or
agreement, including manifestation of assent, is bound by
the operations of the electronic agent, even if the person
was not informed or reviewed the agent’s operations or the
results of the operations. 8 A manifestation of assent is
valid when the person is aware or has the opportunity to
review the record or term or a copy, and intentionally engages in conduct or makes statements by which the other
party or its electronic agent may conclude that the person
assents to the record or term. An electronic agent manifests assent to a record or a term when authenticates it or
engage in operations that indicate acceptance. Furthermore
if the law requires specific assent for a term, the manifestation of assent must relate specifically to the term and the
assent can be proved in any manner. An electronic agent
has the opportunity to review a record or term if it is made
available in a manner that would enable a reasonably configured agent to react to the record or term9.
UCITA states that a contract can be formed by electronic agents10. A contract is valid if it is formed by the
interaction of the electronic agents when they engage in
operations that indicate acceptance of an offer, unless the
court rules that it is a result from fraud, electronic mistake,
or the like. The interaction between electronic agents and
individuals acting on their own behalf or for another person can form a valid contract as well.11
4. Legal Analysis of Agents and Contracts
4
Hong Kong Bilingual Laws Information System,
http://www.justice.gov.hk/eng/index.htm
5
Electronic Transactions Act, Part IV, Electronic Contracts - Section11: Formation and validity; Section12: Effectiveness between parties;
Section1 3: Attribution; Section14: Acknowledgement of receipt; Section15: Time and place of dispatch and receipt.
6
7
Electronic Transactions Bill, Part I-Preliminary, Section 5
UCITA applies to computer contracts and not to the sale of goods
contracts nevertheless it gives the parties the option to “opt into” and
UCITA govern their contract formation provisions if a material part of
the transactions subject matter includes computer information, Section
104
However, by reviewing the literatures in law, UCITA
(section 103) as well as other related proposals can be
characterized as having a limited scope of application and
that most of the electronic agents transactions fall outside
8
Section 107, Legal recognition of electronic record and authentication; use of electronic agents
9
Section 112, Manifestation of assent
10
11
Section 202, Formation in general
Section 206, Offer and acceptance: electronic agents.
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
4
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
its scope of application. UCITA provisions are complex,
ambiguous, and possibly violating legal foundations of
contracts. We analyze in detail these problems in this section.
However, by reviewing the literatures in law, UCITA
(section 103) as well as other related proposals can be
characterized as having a limited scope of application and
that most of the electronic agents transactions fall outside
its scope of application. UCITA provisions are complex,
ambiguous, and possibly violating legal foundations of
contracts. We analyze in detail these problems in this section.
4.1. Agent’s Ambiguity in Contracting Foundations
A contract consists of three essential elements: (1) an
agreement, (2) an intention from both parties to be legally
bound, and (3) a valuable consideration. To determine
whether the first element exists and an agreement has actually been concluded, it is necessary to examine whether
the negotiations that have taken place between the parties
(offeror / offeree) can be defined as an offer and acceptance.
An offer may be in three forms: (1) in the form of an
offer of an act for a promise as when a person offers goods
or services that when the other party accepts the offeror is
obliged to reward him for them, (2) in the form of an offer
of a promise for an act as when a person gives a reward
for a doing of a certain thing, and (3) in the form of a
promise for a promise. The first two cases refer to “unilateral” contracts in which only the fact of the performance
of one party makes obligatory the execution of promise of
the other. The third case is the “bilateral” contracts where
there is an outstanding obligation from both parties.
Furthermore, an offer is effective when, and not until,
it is communicated to the offeree. A valid acceptance also
must be communicated to the offeror and must be an absolute assent to the terms of the offer by words or conduct. If
a contract is to be made, offer and acceptance must correspond. In this stage, the problem of the “battle of the
forms” may arise where one party sends the other an offer
on his general conditions of business and the other accepts
subject to his own general conditions. An electronic agent
acting on behalf of a buyer, for example, offers to buy
goods from another on a standard form which incorporates
the buyer’s standard terms and conditions of trade. The
seller accepts the offer through his electronic agent by a
confirmation on a form, which contains his standards conditions of trade that may differ substantially from those of
the buyer’s. The arising issues are whether there is a contract and if, whose conditions and standard forms prevail.
One solution could be that the party should program his
electronic agent to obtain the other party‘s consent to his
own conditions by a confirmation slip in an earlier stage.
The agent could be programmed so that automatically
prior to offer-acceptance stage obtains this slip.
Another issue is whether an agent’s acceptance is instantaneous or non-instantaneous in the communication
method that creates different legal commitments. In real
life, the acceptance can be regarded as a communication
by instantaneous methods, such as email, Electronic Data
Interchange (EDI), telephone or by non -instantaneous
methods such as post. In instantaneous methods, the general rule is that the acceptance must be communicated to
the offeror, but if the communication has not arrived at
once the acceptor can try again later. In non-instantaneous
methods, the acceptance is considered completed when the
letter is posted. In this case, the offeror is bound from the
time the acceptance is posted but not delivered. In the
agent environment, that means if postal rule is accepted,
the contract is valid from the moment that the transmission
of the agents system begins.
The second element for a valid contract is that an
agreement constitutes a binding contract when is reasonably regarded as both parties intended to create legal relations. The general rule for testing the intention is to attribute to the person his actual intention and not what was
present in his mind. We have to discover what one reasonable person was entitled to conclude from the other’s attitude. How this is possible in electronic agent’s environment? The judge in order to rule about one’s person intention asks him questions and concludes from all the surrounding circumstances considering his personality. One
possible solution for the agents is to check statically how it
acted on relevant situations and what are the parameters of
his instructions on how to react under these situations.
The third and last substantive element of a legally enforceable contract is a consideration that is something
must be given in exchange of a promise. An agent can be
programmed to give specific consideration under specific
defined situations, for example, for a certain type of contract to give a certain type of consideration. Thus, this
aspect is relatively straightforward.
4.2. Ambiguity due to New Technical Issues
If a contract is to be made through electronic agents,
new issues that do not exist in real life formation of contracts arise through the process of these three elements.
For example, if a system administrator or Internet service
provider withdrawn or modify the intelligent agent, who is
liable for the contracts concluded by the agent under this
new set of rules? Who is liable for the agent’s actions if
the owner is not aware or does not consent to the alteration
of instructions? If the system administrator who provides
the platform in which the agents run, disrupt the communication either intentionally or not, and the process of
forming the contract is disrupted who is liable? For example, in an international supply contract of sales when the
agents negotiate the transfer of ownership of goods, if the
other party introduces new terms in the acceptance, this is
a counter-offer that amounts to the rejection of an offer. If
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
5
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
the administrator closes the platform and the counter-offer
does not reach the party, he may employ a carrier to ship
the goods while the other party will deny delivery and
payment.
Sometimes, in international contracts an offer has a
clause that stipulates the contract may be considered completed if the other party does not respond within a predefined time limit. In case the other party denies the terms
but the platform is not working, do we have a valid contract? One possible solution could be that the party may
escape liability on the force majeure ground. The force
majeure clause may exclude the party from delivering the
goods to be supplied under the contract without any further liability on its part upon the occurrence of unexpected
events beyond the party’s control such as strikes, inliability to obtain supplies, bad weather, etc. It is debatable
whether the unexpected closing of the platform could fit in
these categories of force majeure. The effectiveness of
technical alternatives (such as backup machines, migration
to other computers) or notifications for fallback to manual
procedures differs by cases and under different situations.
Another new issue that could not happen in real life
contracting is who is liable if an agent is confused in a
platform that host several agents running together for different users. For example, due to system malfunction, the
reply of user U’s agent being “no” is exchanged with another agent transmitting a “yes” acceptance. Under this
circumstance, should U enter into a contract? The answer
here should be no. U is not entering into a contract since U
do not intent to do so. The liability lies to the administrator.
4.3. Contractual Capability of Agents
Until now we have discussed the three fundamental
elements of a contract in the electronic agent contracting
environment. Moreover, for a contract to be valid and enforceable there is a further important requirement which is
to be drawn by persons with contractual capacity. It is
accepted that such capacity is attributed in physical persons and legal persons. Since intelligent agents cannot be
considered natural persons, we discuss whether agents
could be regarded as legal persons that can make contracts.
It is debatable whether software agents can meet these
requirements in order to form a valid contract under the
traditional contract doctrines. A group of authors in the
literature has argued that the conference of legal personality to electronic agents can regulate these issues. The attribution of legal personality will enable agents to have
rights and duties, to be sue and sued, to own property. On
the other hand, all these properties initiated group of authors in the literature to oppose the conferral of legal personality to software agents on the grounds that the legal
landscape will change in such a way that uncertainty will
rule in the near future with no existing solid legal framework.
However, Bellia (2001) and Lerouge (1999) believe
that the answer to this question is not of great importance
because attributing legal personality to agents cannot resolve any legal issue. They believe that in all existing
cases, besides physical persons, legal persons (such as a
corporation, a government entity, a ship) exist only when
they have assets. If an agent has legal personality then it
can be either a principal with a duty to fulfill an obligation
or an agent to account to the principal for any malfunction.
In this sense a user that relies on the action of the software
will be protected but the problem is how such protection
can exist if the agent has no assets. Bellia believes that
“electronic agents are another mode in which people are
doing business.”
Allen and Widdison (1996) argue that attributing all
computer communications to the principal and holding the
trader bound to any unexpected communications would
not be fair and commercially reasonable. They argue that
traditional approaches are inadequate as it considers faceto-face communications and the law should be adapted to
the new technological advances.
Regardless if we assume that an intelligent agent is a
legal person or if the user of the person is liable for its
actions and uses it as a mere communication tool, the next
question that has to be answered is whether the use of an
intelligent agent can be assumed as an act of promise or
conduct. According to the contract definition, a contract is
a promise or a set of promises. When intelligent agents
negotiate a deal, they cannot manifest assent in the same
way as humans. Thus, it is not clear whether agents can
convey a promise. A party that enters into a contract has to
be aware of the commitment and this is guaranteed if the
party manifests assent of the terms.
We can assume that a person manifests assent by conduct when using an electronic agent. Lerouge (1999), associates the question of manifestation of assent by conduct
with the question of whether the electronic agent has the
opportunity to review the electronic record. He states that
use of intelligent agents to enter into contracts presumes
the person’s assent to the contract even though he may
subjectively intent otherwise or does not know exactly the
moment and the content of the contract. Middlebrook and
Muller (2000) state that the opportunity to review the record should be in a manner that would enable a “reasonably configured electronic agent” to react to the contract.
Unless international technical standards specify the agents
interactions, the concept of “reasonable configures electronic agent” will remain fuzzy and give ground for litigation.
Kerr (2001) also discusses this issue and states that a
contract can arise only after the expressed or implicit animus contrahendi in order to be enforceable. Moreover, he
states that the exchange of promises is not enough and a
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
6
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
mutual assent on the nature and scope of the rights and
obligations between the parties (meeting of the minds) is
necessary. The underlying idea of the meeting of the
minds is the voluntary nature of the contract. This is a
result of the fact that each party has exercised its freewill
and has chosen to trust and rely in the mind of the other
person and thus assumes duties and obligation. Computers
are unable to act voluntarily and therefore unable to reach
the meeting of the minds.
One might consider that intelligent agents serve the
same function as human agents. According to common
law principles, a human agent must accept his mandate
and both parties have to consent and be different persons
and as long as the person understands what he is doing, is
capable to be an agent without himself having full contractual capacity. Similarly, in civil law the agency relationship arises when one person acts as representative of another person, ordered or allowed by the law. The agent is
not acting on his own behalf and it is not necessary to have
capacity to contract. In this sense, an incapacitated person
may be an agent. In both legal systems, legal personality
should be attributable to the agents, which introduces
again the issue of whether an agent is a legal person or
not.
4.4. Lack of Consensus
It is clear from the above analysis that in the literature
already several major legal issues have been discussed and
there is no consensus on the way that they should be addressed. As agents evolve and as their use becomes more
popular new problems will arise. Issues like can the user
of the agent or the owner of the computer that the agent
terminates the process thus interrupting a transaction? In
future developments, there might be the case that agents
are given assets and they will be charged to manage these
assets based on the user preferences, a predefined set of
rules, or rules found by the agents themselves on the web.
In the future, agents could have a portfolio to handle and
do so not only based on a set of known pre-defined rules
but also based on user preferences and past history.
5. Contract Agent Authorization Platform
Authorized Agents
Agreement Agents
Communication
Tool
Contract Agents
Agents with
Customized Delegation
Agents with
Legal Personality
Increasing Autonomous Capability
Figure 1. Overview of Agents Contractual Capability
From a legal point of view, researchers and legislators
are trying to come up with a uniform solution that will
govern all transactions made by intelligent agents. On the
other hand, our CAAP aims at high reliability of agents
programming, communications infrastructure, and other
technical improvements that can indirectly help the management of contract agent. We believe that a combination
of legal and technical solutions would best serve the ecommerce community. In particular, based on current legal and business practices, we mimic such automation
with agents in our model in order to address the legal ambiguities in contracting foundations and those due to new
technical issues, as discussed in the previous section.
5.1. Scope of the Proposed Platform
We perceive that a high percentage of the solution relies on technological part and therefore a computersupported solution with a controlled and customizable
degree of authorization to agents might be more beneficial
because of the diversity of requirements and situations.
Because intelligent agents have a wide range of capabilities and can be programmed to behave very differently,
only a user customizable solution can be practical and
really help the situation. This is also because the status and
the enforceability of a contract depend on the specific case
and have to adhere to users’ needs.
Conceptually, we can create a hierarchy of authorization based on the legal analysis (see Figure 1). At the top
authorization level are agents that the user assigns legal
personality to them. At that level the agent is free to get
involved to any contract formation where the other party
accepts this level of authorization. In this kind of authorization, the agent can also convey its assets to the other
agent in order to facilitate the decision of the agent to participate in a contract or not. At the lowest level the agent
can be a communication tool which makes the user liable
for the agent’s action. If the agent is a communication tool
then whatever arrangement the agent is doing the user is
liable for it.
In between, agents can have customized degree of authorization and automation (i.e., delegation) based on the
situation and the liability of their users. For example, a
user may allow an agent to contract with other agents as
long as a message reaches his/her mobile within a short
period after the transaction. As another example, consider
the case where an agent is programmed by the user to assume manifestation of assent by the other agent only in the
case where the user of the agent sends an email stating that
he read the contract and agrees.
In addition, we differentiate between two types of
agents: the agreement agents and contract agents. Agreement agents are agents that perform agreements in the
existing infrastructure or the users of the agents do not
wish to be protected by giving contractual dimension to
their transactions. These are cases where trust already exists. For example, it might be interesting from law point of
view whether a user that requests from an agent to buy a
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
7
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
book from amazon.com actually has a contract or not. But
the user trusts that amazon.com will charge the credit card
appropriately and do the delivery as agreed. In case amazon.com debits the card without delivery, the user has the
alternative to sue under the tort of unjust enrichment. Contact agents are agents with contractual capabilities where
the user wants to precede to agreements only if there is a
legal contract between the participating parties.
From the legal analysis of the previous sections, we
identify a large number of legal issues are rooted from the
proper authorization of agents. Therefore, based on PKI
concepts and technologies, we propose a Contract Agent
Authorization Platform (CAAP) as a foundation of a technical solution. We target to manage contract agents in our
CAAP, which is a trusted party to be operated by authorities.
5.2. Conceptual Model and Typical CAAP Use Cases
Figure 2 depicts our conceptual model for agent authorization in the Unified Model Language (UML, OMG
2001) class diagram to be supported in the CAAP. The
essential functions of the CAAP include the following:
• Issue of electronic agent certificates
• Authentication of the users and their agents through
electronic certificates
• Validation of agents’ bids
• Witness of electronic contracts with validation to ensure contract terms are with the agents’ authorization
limits
• Alert agents’ owners in case of authorization violations
• Non-repudiation support
E-Cert
Agent
Certificate
Human User
Agent
Authorization
Profile
Mission
Authorization
Rules
Negotiation
success
Contract
send to
Counter Party
Authorization
Alert
raise
raise
Figure 2. A Conceptual Model for Agent Authorization
There are five phases of contract agent operation support in our CAAP: user registration phase, agent registration phase, mission specification phase, negotiation phase,
and contractual phase as explained below.
Before using the CAAP, users must first register in the
CAAP, with their identity verified with an electronic certificate (e-cert). Registered users can specify various authorization rules for controlling their agents. Rules are
organized into authorization profiles for potential reuse
and customization. Users must also register each of their
agents before delegating them to missions. A registration
results in an agent certificate which captures the agent’s
descriptions, functions, the owner’s e-cert, the CAAP’s
access method, and other relevant information. The agent
certificate is digitally signed by the CAAP.
When a user delegates an agent into a mission, the user
may choose to override the agent’s authorization profile
with a mission authorization profile. Normally, the mission authorization profile is equal to the contract authorization profile. In some situations, a mission may comprise
more than one contract, say, when the agent is delegated to
buy some quantity of goods. However, for example, if the
agent is not allowed to buy too much from a supplier, the
user may set these two profiles different.
In addition, the negotiation authorization profile may
be set larger than contract authorization profile to increase
the agent’s flexibility and therefore the efficiency of the
negotiation. However, if the contract exceeds the contract
authorization as a result, then an alert will be sent to the
user for approval to clarify legal responsibilities. All these
authorization profiles should also be loaded into the
agent’s knowledge so that the agent can perform the delegation in accordance with its authorization.
In the negotiation phase, the agent may negotiate with
one or more counter-parties, which may be humans or
agents. Our CAAP does not intend to interfere with the
normal tasks of the agent because this may involve a large
overhead and should be the responsibility of the agent’s
own running platform. However, counter-parties may obtain the following services from the CAAP: 1) verify the
authenticity of the agent certificate, 2) verify if the contract terms are under its authorization limit, and optionally
3) verify if an agent’s bid is under its authorization limit.
However, we cannot allow the counter-parties to directly
access the authorization limits because this may expose
sensitive information regarding the reservation prices.
Thus, before honoring authorization verification requests,
the CAAP must check if the bid is really issued by the
agent (for example, the bids have been signed by the
agent).
Should the CAAP detect a violation of any authorization limit, the agent’s user is notified with an alert mechanism (Chiu et al. 2004). If the user confirms allowing such
a deed of the agent, the CAAP records this confirmation as
evidence in case of future disputes and replies a positive
result to the counterparty; otherwise a negative result is
sent. Upon a negative verification, the counterparty should
usually reject the bid or the contract.
Although an optimistic bidder (agent or human) need
not verify every bid, contracts must be verified to ensure
within the authorization limits. This is particularly important as users may change authorization limits during mission progress. Further, the CAAP have to digitally sign the
validated contract and then store it in a non-repudiation
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
8
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
server. As such, the CAAP much strengthens legal protection against ambiguities in case of future possible disputes.
5.3. CAAP System Architecture
Figure 3 describes an implementation architecture,
which consists of three tiers, namely the front-end tier, the
logical tier, and the back-end tier.
The front-end tier interfaces with users and agents.
The CAAP Portal is a web-based interface for interactive
user access to the CAAP. The CAAP authenticates users’
identities with their e-cert from Certificate Authorities and
register them to the system. The Internet Alert Sender
sends alerts to agents and users with various mobile and
Internet technologies (Lin and Chlamtac 2000) such as
ICQ (I seek you), e-mail, Short Message Services (SMS),
etc. The Agents Programmatic Interface supports interactions with agents through agent communications languages (ACL), such as that of the Foundation for Intelligent Physical Agents (FIPA, http://www.fipa.org).
AVR = Authorization
validation request
Human
Users
Desktop
Laptop
PDA
Mobile
Contract Agent
Authorization Platform
Agents
rt
Ale
Web / WAP
Access
Ale
rt
Certificate
Authorities
Front-end Tier
&33$
3RUWDO
Authorization
profile
$XWKRUL]DWLRQ
3URILOH(GLWRU
Logical Tier
Agent registration AVR
request
Alert
$OHUW
0DQDJHPHQW
6\VWHP
Authorization
profile
Back-end Tier
$JHQW
3URJUDPPDWLF
,QWHUIDFH
,QWHUQHW$OHUW
6HQGHU
AVR
Authorization
Violation
$XWKRUL]DWLRQ
9DOLGDWRU
Agent cert
$JHQW
&HUWLILFDWLRQ
&HQWHU
Agent cert
Authorization
profile
$XWKRUL]DWLRQ
'DWDEDVH
E-contracts
Validation logs
1RQ5HSXGLDWLRQ
6HUYHU
Figure 3. Architecture of a Contract Agent
Authorization Platform
The logical tier implements all the necessary main programming logic for contract agent authorization. The
Agent Certification Center creates agent certificates upon
users’ requests for registration of their new agents. The
Authorization Profile Editor supports creation and maintenance of agent authorization rules and profiles, as well as
binds them to agents at different scopes (namely, lifetime,
mission, negotiation, and contract). The Authorization
Validator checks if the bids or contracts violate the agents’
authorization upon counter-parties’ requests. Upon authorization violations, the Alert Management System generates alerts to notify the agents’ owners for verification
and confirmations as described in the previous subsection. The agents’ owners can then connect to the CPPA
Portal for further details and responses to the alerts.
The back-end tier provides backing storage for the sys-
tem. The Authentication Database keeps operation data
such as the authorization rules and profiles, agent and user
information, and so on. However, the Non-Repudiation
Server is separated for sensitive legal records, such as econtracts, validation logs, and so on.
6. Discussions and Summary
To the best of our knowledge, there have not been any
attempts to combine legal analysis with a comprehensive
platform for the support of proper authorization management for contracting agents. The only close technically
oriented attempt is Hu’s (2001) proposal of agent certificates for authentication but it does not address the problem
of validating authorization limits, which is legally crucial.
In this paper, we have examined the legal issues that
arise when agents are used for e-commerce contracting. In
contrast to traditional contracts where the legal framework
is built upon face-to-face transactions, we have analyzed
the inadequacies of recent legislations regarding contracting agents and various legal ambiguities when agents contracting through computers and Internet communications.
This is a major issue since electronic trade can be developed well only if enforceable trust can be established in
the Internet. We have also looked into the philosophical
and practical aspects of the problem and proposed a technical solution based on the freedom to contract.
In our approach, we do not intend to solve all the legal
issues immediately but we propose a solid foundation for
establishing enforceable trust between agents’ communications by providing some fundamental platforms that can
help clarify them. We argue that as long as a global standard governing agent interactions does not exist, a customized solution based on user preferences could be adopted.
This approach is based on the general rule of freedom of
contract where each party has the freedom to choose to
enter into a contract on whatever terms it may consider
advantageous to its interests.
Based on our legal analysis, we have identified that
many of these issues are rooted from the authorization
management in agent delegation. Therefore, as a foundation of a technical solution, we propose the use of a Contract Agent Authorization Platform (CAAP) that supports
alert and acknowledgment. Based on current legal and
business practices, we mimic such automation with agents.
Therefore, we have naturally developed a conceptual
model for agent authorization and illustrated a CAAP architecture with typical use cases of the platform. With the
proposed comprehensive functions of the CAAP, we can
ensure that whatever happens cannot violate the agents’
authorization limit. The final electronic contract is validated against the agents’ authorization or with the users’
explicit consent, therefore establishing the agents’ contract
foundation. The alert and notification support in the
CAAP improves communication problems that arise from
new technical issues of agent computing. Further with
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
9
Proceedings of the 38th Hawaii International Conference on System Sciences - 2005
non-repudiation support, there are adequate evidences to
avoid most of the legal ambiguities.
With the recent technical maturity, adoption, and diffusion of PKI and electronic certificate infrastructures, we
believe our CAAP proposal is a direct and viable extension. However, a main technical challenge and effort is the
specification of authorization limits. This involves a
proper encoding of users’ requirements, intention, and
preferences. To streamline the procedure for this as well as
negotiation and other phases of electronic contracting, we
have developed methodologies involving the notion of
electronic contract templates (Chiu et al. 2003). We are
also extending this methodology for more general specification agent authorization limits with constraints and authorization verification in the form of the Constraint Satisfaction Problem (CSP, Tsang 1993) and Belief-DesireIntension (BDI) agent architecture (He et al. 2003), both
of which are widely adopted in artificial intelligence and
agent computing. However, based on our experience, we
observe that the first phase of deployment in electronic
marketplaces and other common Internet trading scenarios
are relatively straightforward (as opposed company or real
estates acquisitions) because the number of issues and
variables are small.
We perceive gradual but successful adoption of CAAP
or related platforms in the near future. This is because our
approach not only helps in legal issues, but also technical
issues (such as agent reliability, which is another direction
of our ongoing research) as well as social issues (such as
the build up of trust and a positive image of technical reliability). Only after technical validation and success can
further legislation be studied and enacted. However, the
successful experience in electronic transactions and contracting can serve as a good reference and starting point.
There are several open issues that need to be resolved.
In most cases, we envision that a combination of enactment of legislation with the support of technical solutions
is required to solve the problems. For example, if the user
wishes to fully authorize the contracting agent, legislation
can be enacted to give legal personality to the agent. However, users are responsible to transfer adequate assets (or
equivalent insurance) to the agents and the other parties
can go against the agents’ assets upon dispute. Then,
agents can use solutions in artificial intelligence to make
“their own” decisions based on user preferences. If agents
own assets, their users are protected because the decision
of the agents out at stake the specific assets, while the
other parties are also protected because they can go
against the agents.
In addition, electronic communication can be used in
an efficient way to facilitate the performance of a contract.
For example, in real life a breach of contract can occur
because a party fulfills its contractual obligation inadequately. Our proposed CAAP can solve problems before
arising. For example, critical points of the execution can
be identified and messages can be sent to the parties on
time to remain of the contractual capabilities and request
progress reports. Associated legislation should verify that
if a party receives the pre-obligation messages, then unless
otherwise proved, the party was fully informed, aware,
and had the appropriate time to fulfill the obligation. Further for the promotion of international laws of electronic
agents and avoid other ambiguities in contracting, we need
to investigate a systematic way for digital unification of
concepts (i.e., ontologies), such as through Semantic Web
technologies12.
In our future work, we are also addressing specific jurisdictions and developing agent models that can adhere to
the existing laws. We are investigating formal and detailed
design of agent authorization protocols. We are also considering the legal and technical aspects of delegation, network of trust, and authorization chains. Investigations in
cultural and trust issues are also in our agenda.
References
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
T.Allen and R. Widdison, “Can Computers make Contracts?”,
Harvard Journal of Law, 1996
Anthony J. Bellia, “Contracting with electronic agents,” Emory
Law Journal, 2001.
D.K.W. Chiu, S.C. Cheung, and S. Till., “An Architecture for EContract Enforcement in an E-service Environment,” In HICSS36,
CDROM, 10 pages, IEEE Computer Society Press, Jan 2003.
D.K.W. Chiu, Benny Kwok, Ray Wong, E. Kafeza and S.C.
Cheung, “Alert Driven E-Services Management,” HICSS37, IEEE
Computer Society press, CDROM, 10 pages, Jan 2004 (Best Paper
Award, Decision Technologies track).
M. He, N.R. Jennings and H.-f. Leung, "On agent-mediated electronic commerce," IEEE TKDE, 15(4):985- 1003, July-Aug. 2003.
Jean-Francois Lerouge, “UCITA: The use of electronic agents
questioned under contractual law: suggested solutions on a European and American level,” 18 J. Marshall J. Computer & Info.
L.403, 1999.
B. Hermans, “Intelligent Software Agents on the Internet: An Inventory of Currently Offered Functionality in the Information Society and a Prediction of (near-)Future Developments” (1996),
http://www.firstmonday.dk/issues/issue2_3/ch_123/index.html
Kerr, “Providing for autonomous electronic devices in the Uniform
Electronic commerce Act,” In Proc. Uniform Law Conference of
Canada, 2001, Toronto, Canada,
http://www.law.ualberta.ca/alri/ulc/current/ekerr.htm
Y.-H. Hu, “Some thought on Agent Trust and Delegation,” In Proc.
AGENTS’01, ACM Press, pp. 489-496, 2001.
Y.-B. Lin and I. Chlamtac, Wireless and Mobile Network Architectures, John Wiley & Sons, 2000.
P. Maes, R. H .Guttman, A. G .Moukas, “Agents that buy and sell,”
CACM, 42(3):81-83, March 1999.
Object Management Group, Foreword UML specification 1.4, Sept.
2001.
Stephen T. Middlebrook, John Muller, “Thoughts on Bots: The
emerging law of electronic agents,” Business Lawyer, 2000.
E. Tsang, Foundations of Constraint Satisfaction, Academic Press,
1993.
UETA, Legislative Fact Sheet, http://www.nccusl.org, 1999.
12
See: http://www.w3.org/2001/sw/WebOnt for Web-Ontology (WebOnt) Working Group.
0-7695-2268-8/05/$20.00 (C) 2005 IEEE
10