The Internet is truly at a crossroads right now in that more and more elements of society are recognizing its potential significance. Cyberspace is no longer simply composed of academic scientists and computer hobbyists. Instead, major newsmagazines have declared that this holiday season will be the first where e-commerce plays a major role. Users can watch the grand jury testimony of a President on their computer screens and where web journalists like Matt Drudge can scoop more traditional television journalists such as Tom Brokaw. It is even a time when many a romance can be formed on AOL and a major motion picture can be made that deals with such possibilities. Quite simply cyberspace is at least in some ways becoming more like real space. A broad range of people from around the world are beginning to see cyberspace as a place where they can do just about anything, including buying gifts, watching "television", becoming informed, and even finding love.

But oddly enough as cyberspace becomes at least in some respects more like real space, more real space problems arise online. Individuals have to deal with things like fraud, defamation, and privacy. Companies have to worry about intellectual property. Nations must worry about preventing harms to their citizens, including harms their citizens may not want to avoid such as gambling. In this context, numerous questions arise. For example, what is one to do if the e-merchant from whom you just bought a sweater from happens to be nothing more than a few web pages on a server in Antigua designed to steal your credit card number? What should your state to do if the e-merchant you happen to deal with is instead a gambling site in Antigua? What can and should be done if you decide to forego an e-merchant entirely and go download songs from U2’s latest album at a free, unlicensed MP3 site? Can Iraq legitimately prosecute Matt Drudge if by posting something on his web page he breaks Iraqi law? Do I have any recourse if the web personal site I used to find love online sells my personal information to a marketer?

In the real world, governments have often dealt with issues like these by passing laws and by issuing regulations. More often than not, these laws prescribed a particular punishment that should be meted out for a given kind of proscribed conduct. Such a system can work fairly well if it is clear who broke a particular law and which set of laws should be applied to a particular questionable transaction. However, for several reasons such a system may be much less effective in governing actions and interactions that take place on the Internet. To begin with, identity is still fluid on the Internet. It can be difficult if not impossible to link up an online identity with a corporeal being and often it may even be hard to tell from which traditional nation state an online user is from. So long as a user remains anonymous, she cannot easily be held accountable for her actions, at least not through the means usually employed by territorial governments. Second, there is little consensus as to what actions on the Internet should subject a user to the jurisdiction of a particular territorial government. There is some agreement that users should be responsible for the effects they produce in a particular country, but what does it mean to produce effects in a particular country when one is simply putting something in cyberspace? There is no simple answer to when posting something on the web should subject a person to liability in any country where that something can potentially be accessed.

None of this is to say that the above traditional model of governance has no place on the Internet. There are many situations where the above framework may still be workable. It is sometimes possible to determine the identity of a user, and future technology such as digital identification may make it easier. Nations may also come to some sort of agreement regarding what constitutes causing an effect in a particular country in certain contexts and thus who should have jurisdiction in those contexts. However, the reality is that both individuals and countries also often have very different conceptions about what type of conduct should be proscribed, and it is unlikely people from around the world will come to an agreement over this issue with regard to all of the types of conduct possible on the Internet.

In light of this fact, this paper proposes a couple of technology based solutions to Internet governance problems that will hopefully give governments as well as users the ability to either block or avoid potential harms. The first solution this paper proposes can give a traditional territorial sovereign power to control what kind of activities its citizens participate in online. This solution relies largely on technology, but its successful implementation also depends on governments requiring service providers to implement it and may requirement governments to issue digital identification. Therefore, there will still be a need for more traditional avenues of rulemaking such as legislation and the treaty process.

Our second solution is an attempt to empower individuals and nongovernmental organizations. The hope is that this system will allow individuals to set up electronic zones on the Internet and that each zone will have its own set of rules created by the users and maintainers of the sites within the zone. Such a system will allow individuals to avoid what they consider to be harmful on the Internet and will allow individuals to find places where their conduct will be deemed acceptable. If successful, these zones might lessen the need for regulations on the part of territorial sovereigns. A huge open question though is how well can people regulate themselves within these zones. When the Internet was small, self-regulation was reasonably effective, but it is not certain that a norms based system could survive now that the Internet has such a diverse user base. However, this system will also rely on these sovereigns to an extent. Again some form of digital id may be needed for zones to hold members accountable for violations of rules, and if these zones are based on some form of contractual relationships, some traditional sovereign may be needed in extreme cases to provide remedies for breaches of those contracts.

Finally, it is important to note that the viability of any legal or technical solution this paper proposes also depends largely on who ends up shaping the technical contours of the Internet. Therefore, sovereignty over the architecture of the Internet is just as important an issue as sovereignty over what people can do on the Internet. In the last few months, a great deal has happened in this area, namely the formation of an organization called ICANN. There has also been a great deal of pressure to let the private sector play a significant role in determining the structure of the Internet.

This paper begins with a brief overview of both the history of traditional sovereignty and the history of the Internet. It then explains how traditional sovereigns are trying to use existing legal structures to gain control on the Internet and some of the difficulties they are encountering in their attempts. A case study on gambling follows that illustrates some of these difficulties in greater detail.

The paper then deals with the significant question of who will have the power to shape the Internet and thus influence who can exercise control on it. This leads to an analysis of the roles ICANN and other current standards making bodies are likely to play.

From there the paper examines the two technical solutions to Internet governance mentioned above and considers both the feasibility and desirability of those solutions from the perspectives of current governments, engineers, and individuals. Finally, it looks at the advantages and disadvantages of letting a decentralized market take control of governance on the Internet and questions whether or not norms based Internet governance is still possible in some situations.

For the purpose of this White paper, Sovereignty will refer to control. Who, or what, is in control of what a person can do on a network, and what form that network takes? This paper will address not only who controls the Internet, but also who should be in control, in order to facilitate a workable and fair system of Internet governance.

According to one possible definition, sovereignty refers to an attribute of a powerful individual. Historically, sovereigns controlled territory because of divine or historic authority; an authority that had little, if anything, to do with the consent of the people. Sovereignty was based primarily on geographical borders: another political power could violate a ruler's sovereignty by entering the territory of the sovereign without his permission. The American and French Revolutions pioneered systems under which sovereignty really stemmed from the desires of the people, and the definition of the word has never been the same since. During the framing of the U.S. Constitution, the debate raged whether sovereignty over a territory and its inhabitants stems from the ruler or from the inhabitants themselves. Americans concluded that sovereignty originates in, and remains with, the people themselves. Most other nations never re-evaluated sovereignty in the intense way that the United States did; however, the definition of the term morphed over time. Now, far from its totalitarian roots, the term sovereignty is now often used synonymously with self-determination, and the battle for sovereignty is the battle for independent control of one's territory or self. Still, sovereignty is "supreme authority, which on the international plane means legal authority that is not in law dependent on any other earthly authority," and international law still protects sovereignty, but the sovereignty of the people over themselves rather than the sovereignty of a so-called "sovereign." In recent years, commentators have suggested that the model of sovereignty has begun a shift from a horizontal model, with several sovereigns of somewhat equal power to a more vertical, hierarchical model, where sovereigns are ruled by greater sovereigns and overlapping sovereignty exists at the national level as well as the personal level.

People are often the subjects of overlapping hierarchical sovereigns. Every American, for example, is subject to the sovereignty of at least two sovereigns: the U.S. and their state of residence. Most are also subject to even more overlapping sovereigns - their employer, their church, their family, their school. These overlapping sovereigns have differing levels of control over certain areas of life, but the hierarchy of control among these sovereigns is generally clear. On the Internet, the hierarchy of sovereigns is not so well-defined. A person's employer may have at least as much control over what he can do on the Internet (through the use of firewalls, proxy servers, and other mechansims), as his national government might have.

Because the fudamentals of sovereignty have historically been territory-based, the Internet subverts the traditional notion of sovereignty. As its name suggests, Cyberspace may be interpreted as a "space" apart from geography. The location of information in cyberspace can be viewed as a location of its own, in the ether between two communicating computers. Although actions taking place in cyberspace may have effects in the locations of both the sender and receiver of information, the actions take place in a third "space," neither the location of the sender nor the location of the receiver. This conception is inconsistent with the traditional basis of sovereignty, however. Until now, national borders have almost always been the basis for creation and administration of laws. The current system of legal governance is based on the geography of national borders. Nations make laws governing citizens of the nation, conduct taking place in the nation, and conduct having an effect in the nation. Although the people who use the Internet are at all times governed by their real-space sovereigns, the sovereignty, or control, of the Internet itself and actions taking place within it remains up in the air.

Since the first embryonic beginnings of the Internet, parties have vied for power over cyberspace and its inhabitants. Only relatively recently have international governments and their legal systems asserted control in the traditional way discussed above.

To really understand the answer to the question, "Who's in charge of the Internet?" it is appropriate to explore the history of computer networking in general. To varying degrees, the construction of the Internet we know today was a government research project, a scientific experiment, a commercial enterprise, and a spontaneous grass-roots effort. Many of the people and organizations that hold power over the physical and virtual architectures of the Internet do so because they inherited such power. On the other hand, some of the "reigns" have changed hands over the years in very interesting ways.

In the Beginning

ARPANet

The most direct ancestor of the Internet was an experimental computer network called the ARPANet. ARPA (renamed DARPA in 1972) was the Advanced Research Projects Agency, part of the Department of Defense. Motivated by Cold War concerns, the DoD was funding networking research at universities and research centers across the country. The ideas behind ARPANet arose from three parallel research efforts, running from 1961 through 1968, at the Massachusetts Institute of Technology, Rand Corporation, and the National Physical Laboratory in the United Kingdom.

The equipment on the network was paid for by ARPA-funded research institutions; the connecting hardware was built under ARPA contract by Bolt Beranek and Newman, Inc. (now owned by GEE). In 1968, the first four nodes on the net were at universities in the Western states. By 1971, there were fifteen nodes at various U.S. research centers and universities, and in 1973, the first international connections were made to the University College of London, England, and the Royal Radar Establishment, in Norway. The network was thus under the tight

control of the U.S. Department of Defense and its partners.

ARPANet was not an "internet," because it was really only a single network of computers all running NCP, the Network Control Protocol. The term "internet," of course, refers to a larger network which results from the combination of two or more smaller, clearly distinct networks. (We refer to _the_ Internet, with a capital "I" because it is the only network of international proportions that runs using IP, the Internet Protocol. For our purposes, the slew of computer networks that followed came in three varieties.

Commercial networks

In 1974, Telenet debuted from BBN, and in 1977, Tymshare introduced Tymnet. These allowed computer users (mostly academics, developers, and hobbyists) to connect their computers to distant servers via dedicated landlines. This provided a significant savings over making long distance phone calls.

Several years later, modern dialup services began to appear. TRINTEX was founded by IBM and Sears in 1984, becoming Prodigy in 1988. In 1985, Quantum Computer Services (later America Online) began doing business, making use of Telenet and Tymnet. Overseas, in 1982, France Telecom rolled out MiniTel, a metered collection of commercial and information services. Two years later, there were over 800,000 users and 1,000 services from which to choose.

Amateur networks

Many computer enthusiasts circa 1980 ran Bulletin Board Systems (BBSes) wherein anyone could connect to an individual's personal computer via modem. In 1983, amateur operators formed a self-governing, volunteer-run organization called FidoNet, which allowed for the efficient distribution of e-mail and news via the phone system.

Academic and internal corporate networks

As the word of the utility of networking applications (like e-mail) made its way around corporate and academic circles, a plethora of acronym nets running a variety of different protocols emerged. It seemed like everyone wanted on the bandwagon -- there was everything from the Asia's JUNet (the Japan UNIX Network) to the academia's HEPNet (the High Energy Physics Network) to business' DECNet (of the Digital Equipment Corporation).

When considering who owned, operated, funded, and benefited from

these networks, the arrangements seem somewhat complicated. For example, BITNet (Because It's Time) was a cooperative network founded at the City University of New York and Yale University in 1981. No doubt partly because it used IBM's mainframe platform and protocol, Big Blue funded the network from 1983 to 1987. In

particular, IBM helped establish a gateway to the European Academic and Research Network (EARN). During this time, the Canadian government launched a successful effort, called NetNorth, to put all of its universities on BITNet.

Another collaborative effort between academia and industry, started in the same year as BITNET was the Computer Science Network (later the Computer and Science Network). CSNet was built by through a collaboration of academics at the Purdue University, and the Universities of Delaware and Wisconsin, and corporate scientists at Rand and BBN. Seed money was provided by the National Science Foundation, in an effort to provide connectivity to universities not on ARPANet.

Usenet

Usenet was started in 1979 by three grad students at Duke University and the University of North Carolina at Chapel Hill, as a web of dialup connections using the Unix-to-Unix CoPy program (UUCP). It was characterized by a strong philosophy of open access and democratic anarchy; the network was sometimes referred to as the "poor man's ARPANet."

Usenet is defined by the reach of the newsgroups, which are created by the anarchistic process of convincing operators all over the network to carry them. Most early news readers were researchers at universities or corporations who found the information they carried useful or socially relevant. Sometimes, institutional equipment would be networked without official approval from management. In other cases, employees were able to convince their administrators that the intellectual benefits from participating in news exchange justified the telecommunications costs.

There was something of an administrative culture clash between the new UC-Berkeley node on Usenet, which was also an ARPANet site, began (probably without "official" approval) forwarding ARPANet e-mail traffic in newsgroup form. Many Usenet readers became upset at the fact that they were not allowed to _send_ to these lists. Even NSF needed to obtain special permission from the Department of Defense before it could use the ARPANet to connect two remote parts of CSNet. The prohibition on receiving Usenet traffic was lifted in 1981.

The Birth of the Internet

The concepts of modern internetworking technology were formalized in the research community by Robert Kahn and Vint Cerf at a meeting of the InterNetworking Working Group, in 1973 at the University of Sussex, England. A decade later, on January 1, 1983, the ARPANet switched over to the TCP/IP protocols. (Transmission Control Protocol is an verification layer that runs on top of the routing-layer Internet Protocol.)

Many of the networks mentioned heretofore were then connected to the ARPAnet. Prodigy launched an Internet e-mail gateway in 1983; FidoNet was connected in 1988. NNTP, the Network News Transport Protocol, was designed to carry newsgroups efficiently over TCP/IP on the Internet.

Many of the old networks were made obsolete by the explosion of new connectivity on the Internet. ARPANet (after spinning off MILNET) was decommissioned in 1990; CSNet was shut down in 1991, and BITNET was scheduled for downage in 1996.

NSFNet and privatization

By 1985, the National Science Foundation had realized the incredible benefits that e-mail and other forms of electronic communication had to offer the scientific community. It sought to bring connectivity to institutions of higher learning in a cross-disciplinary manner. NSF had also decided to include its project within the Internet framework built by DARPA, and coordinated this effort through a variety of governmental and technical bodies; still other bodies mediated international cooperation.

The agency contracted out responsibility for establishing and maintaining a high-speed (for the time) backbone for "NSFNet" to Merit Network, Inc., with IBM and MCI involvement. (The group later formed Advanced Network and Services, Inc.) NASA and the Department of Energy also contributed infrastructure to the new network. Once again, research institutions, public and private alike, enjoyed the benefits of operating pieces of the global network on the government dollar.

However, the government architects also had eventual privatization in mind the entire time. NSFNet policies were carefully tailored to achieve this end. The government-funded network provided a model for private development, showcasing both local and long-distance data transport mechanisms, high level peering structures (called Federal Internet Exchanges, FIXs), and interoperability with the rest of the Internet.

The agency also directly leveraged privatization through the academic funding it provided. Government policy simultaneously encouraged local network operators to seek commercial customers (saving money through economies of scale) and prohibited commercial traffic on the NSFNet backbone. Long distance data carriers like Performance Systems International, Inc., General Atomics, and UUNET Technologies, Inc. provided the commercial equivalent to NSF's "long-haul" services, forming the Commercial Internet eXchange (CIX) Association in 1991.Meanwhile, local ISPs began clustering around network access points and retailing capacity to individual and corporate customers.

By 1995, the commercial infrastructure had progressed enough to allow the privatization of the NSFNet backbone. The agency redirected its funding to enable regional academic customers to purchase long-distance connectivity from the private sector. (It also created the "new" NSFNet for high-bandwidth connections among

supercomputing centers and universities, called vBNS, the Very high speed Backbone Network Service.)

"Killer apps" out of control

By the early 1990s, e-mail and newsgroups had exploded in popularity across academia, the corporate world, and limited segments of everyday society. In May, 1991, the third "killer app" arrived on the cyber scene. The first web servers went online at CERN (the French acronym for the European Laboratory for Particle Physics), publishing the technical specifications for HTTP, HTML, and URI (Uniform Resource Identifier: think "URL"), and soon providing sample client/server implementations.

Why CERN? Why 1991? The hypertext concept, so familiar to us today, was certainly not new. The term itself was coined in 1960 by Ted Nelson, though Vannevar Bush had described a hauntingly similar idea in a 1945 paper on the "Memex." In 1967, Andries van Dam of Brown University had built the Hypertext Editing System, which NASA used to help manage complex documentation in the Apollo Program. Networking had been around since at least 1968, but the combination of the two never really caught on until the CERN project.

Perhaps the world wasn't ready for HTTP - maybe people with the right sort of expertise had not encountered problems of the type that hypertext solved. Perhaps more likely, maybe the networked hypertext idea had just never been presented in a form that a critical mass of users would adopt. Most relevant to the interests of sovereign powers, however, it seems that no matter who conceived the World Wide Web, once the technology began its inexorable spread, it would be very difficult to control. The technology introduced a new, much more decentralized paradigm for communication, which allowed individuals to elude the control of geographically constrained governments. Virtually anyone from a multinational corporation to a private, middle-class individual can feasibly produce web content, and even more can view that content.

Even more importantly, the popularity of the web expanded far beyond the research community, and in the past few years, has enjoyed unprecedented interest from new sectors of society. The sudden wave of commercial competition for scare resources, as well as the immense cultural, legal, and interpersonal conflicts created by the peoples of the world bumping elbows in cyberspace, have left us in the current state of institutional crisis.

One of the advantages of the Internet over other methods of communication and commerce is that it enables access to a much wider, even a worldwide, audience. Spatial distance and national borders are irrelevant to the creation of an Internet business, many of which are conceived for the express purpose of expanding sales horizons across borders. In a sense, a person can be everywhere in the world, all at once. This ease of communication raises a vital legal question, however: when a person puts up a website on his home server and allows access to it from all points on the globe, does he subject himself to the governance of every law- and rule-maker in the world? Under the current system, in order to decide what state's or nation's laws govern disputes that arise over Internet issues, a court first must decide "where" Internet conduct takes place, and what it means for Internet activity to have an "effect" within a state or nation.

Even apart from the Internet, this border-centric view of the law creates certain difficulties in an economy moving toward globalization. Entire bodies of law have been developed by every nation to deal with the resolution of international conflicts of law, conflicts that arise when geography and citizenship would allow a dispute to be decided by the laws of more than one country, and the laws of those countries are not consistent with each other. Conflicts of law are particularly likely to arise in cyberspace, where the location of an occurrence is never certain, where ideological differences are likely to create conflicting laws, and where rules are made not only by nations and their representatives, but also by sub-national and transnational institutions.

A court does not have power over every person in the world. Before a court may decide a case, the court must determine whether it has "personal jurisdiction" over the parties. A plaintiff may not sue a defendant in a jurisdiction foreign to the defendant, unless that defendant has established some relationship with that forum that would lead him to reasonably anticipate being sued there.

In the U.S., the Due Process clause of the Constitution's Fourteenth Amendment sets the outermost limits of personal jurisdiction. If a party has substantial systematic and continuous contacts with the forum, a court may exercise jurisdiction over a party for any dispute, even one arising out of conduct unrelated to the forum. This is known as general jurisdiction. For example, a corporation or person can always be sued in its state of residence or citizenship or its principal place of business, regardless of whether or not the claim arose there.

If a party is not present in the state or does not have systematic and continuous contacts with the state, courts may exercise jurisdiction over a party for causes of action arising out of his contacts with the state, or arising out of activities taking place outside the state expressly intended to cause an effect within the state. This "effects" test is described from the American Law Institute's Restatement (Second) of Conflict of Laws 37 (1971), which provides:

To do this, the court must look to the state's "long-arm" statute, which sets the parameters for the state's exercise of its constitutional power to govern conduct by non-citizens (including both Americans and foreigners). Long-arm statutes vary widely from state to state. For example, Arizona grants the broadest possible freedom to its courts: "Arizona will exert personal jurisdiction over a nonresident litigant to the maximum extent allowed by the federal constitution." New York, on the other hand, gives a more restricted and specific charge to its courts with its statute, which allows personal jurisdiction over those who transact business or commit a tortious act within the state of New York, and over those who commit an act outside the state that could reasonably be expected to have a tortious effect within New York. The Federal courts have the equivalent of a long-arm statute of their own, in Federal Rule of Civil Procedure 4(k) (Rule 4(k)), which provides three basic grants of jurisdiction. First, it authorizes federal courts to "borrow" the long-arm statute of the state in which the federal court is located. Second, Rule 4(k) authorizes federal courts to exercise grants of personal jurisdiction contained in federal statutes, such as the federal securities and antitrust law, which have their own jurisdiction provisions. And third, Rule 4(k)(2) grants long-arm jurisdiction in an international context, within the boundaries of the Constitution, over parties to cases arising under federal law who are not subject to the jurisdiction of any particular state. The concept of being able to have minimum contacts with the United States as a whole has profound implications for the Internet and international jurisdiction. Users all over the world, without establishing contacts in a particular state, could establish contacts with the entire country with nearly every foray into cyberspace.

In order to be subject to personal jurisdiction in a state that is not his domicile, not only must a person fit under the ambit of the state's "long-arm" statute, but also the state's jurisdiction must be valid under the Due Process Clause of the Fourteenth Amendment. The Supreme Court set the standard for constitutional exercise of jurisdiction in International Shoe Co. v. Washington. Pursuant to the Due Process Clause, a nonresident defendant may not be sued in a forum unless it has first established sufficient "minimum contacts with [the forum] such that the maintenance of the suit does not offend traditional notions of fair play and substantial justice." In addition, the nonresident's "conduct and connection with the forum [must be] such that he should reasonably anticipate being haled into court there." This test relies on courts to decide, according to "traditional notions of fair play and substantial justice," what contacts are sufficient.

Courts will generally hold that contacts are sufficient to satisfy due process only if the nonresident "purposefully availed" itself of the benefits of being present in, or doing business in, the forum. According to a the plurality of the Supreme Court in Asahi Metal Industry v. Superior Court, a connection sufficient for minimum contacts may arise through an action of the defendant purposefully directed toward the forum State. The placement of a product into the stream of commerce, without more, is not an act of the defendant purposefully directed toward the forum State, but advertising or marketing in the forum state may fulfill the deliberate availment requirement. There must be clear evidence that the defendant sought to serve the particular market.

If the minimum contacts test is met, a court may only exercise jurisdiction if it is "reasonable" to do so. In determining reasonableness, a court must weigh and consider the burden on the defendant to litigate in the forum, the forum state's interests in the matter, the interest of the plaintiff in obtaining relief, efficiency in resolving the conflict in the forum, and the interests of several states in furthering certain fundamental social policies.

In sum, under U.S. law, if it is reasonable to do so, a court in one state will exercise jurisdiction over a party in another state or country whose conduct has substantial effects in the state and whose conduct constitutes sufficient contacts with the state to satisfy due process. Because this jurisdictional test is ambiguous, courts in every state of the U.S. may be able to exercise jurisdiction over parties anywhere in the world, based solely on Internet contacts with the state.

B. Internationally

There is little dispute that nation-states can prosecute Internet users (or anyone else, for that matter), whatever their location, for revealing national secrets, falsifying official documents, or inciting war. These activities threaten national security, wherever they are committed, and therefore fall under international standards for jurisdiction. Similarly, it is a universal crime to publicly incite torture or genocide. These universal offenses may be prosecuted extraterritorially by any nation, regardless of the citizenship or location of the user.

These are easy cases, however. Nations may also be interested in enforcing non-universal laws extraterritorially; for example, In Germany, it is illegal to import or distribute material espousing a Nazi or Neo-Nazi viewpoint. Such material is not difficult to find in USENet or on the World Wide Web. German authorities may be interested not only in interpreting German laws to classify Internet viewing as "importation" of material, but also (in part because of the difficulty of locating those who break an importation statute without leaving their own homes) in prosecuting those who make such material available to Germans via the Internet. If German authorities attempted to prosecute a U.S. citizen or resident for such an offense, however, they would be met with great opposition by the U.S., which certainly would not enforce any judgment against the U.S. citizen in such a case, because the German statute violates U.S. Constitutional principles. Under U.S. law, it would be prohibitively difficult to prevent German users from viewing such a site and therefore the result of such a prosecution would be to chill otherwise legal (if unpleasant) speech in the U.S. Under the current system, it is possible to envision that German courts may have jurisdiction over Americans who publish such material, even though the material may not be "purposefully directed" (one interpretation of the American standard) toward Germany in the way a mailing of flyers would be.

As discussed above, U.S. courts apply the same "effects" test to foreign parties as to American parties. If minimum contacts exist, parties from other countries may be haled into court in the United States just as parties from one state may be haled into another. Similarly, Americans may be tried by courts in other countries depending on the rules of that country. Although each country's laws are different, most rely on some sort of "effects" test resembling the U.S. test, whereby a party is subject to jurisdiction in a place where his conduct has an effect. This jurisdiction traditionally is subject to a "reasonableness" test. According to section 421 of the Restatement (Third) of the Foreign Relations Law of the U.S., exercise of jurisdiction is generally reasonable if the party is a citizen, resident, or domiciliary of the state, or if:

This standard differs somewhat from the U.S. standard for interstate exercise of jurisdiction; for example, transitory presence (known as "tag" jurisdiction), accepted in the U.S., is not generally accepted as a method of international jurisdiction.

Every nation has an obligation to exercise moderation and restraint in invoking jurisdiction over cases that have a foreign element, and they should avoid undue encroachment on the jurisdiction of other States. Although countries are given great discretion in deciding whether to exercise jurisdiction over conduct in other countries, international law dictates that a country exercising its jurisdiction in an overly self-centered way not only contravenes international law, but can also "disturb the international order and produce political, legal, and economic reprisals."

Based on this traditional moderation, and the relatively high threshold of the "reasonableness" standard discussed above, it is unlikely that foreign nations will have the sort of long-arm power over citizens of other nations as states have over citizens of other states within the U.S. today. Scholars have suggested that individual persons and small commercial entities whose only contacts with a nation are on-line are, in all likelihood, more insulated from international jurisdiction than they are from interstate jurisdiction. This is largely speculative, however, because international Internet jurisdiction cases have thus far been rare, and nations have not hesitated to pass laws conferring global jurisdiction for Internet activities.

The Supreme Court has not discussed the impact that technology might have on the analysis of personal jurisdiction. Lower courts, on the other hand, have explored the question of cyberspace jurisdiction. While most have held that merely creating and hosting a website available to all does not subject a person to general jurisdiction everywhere in the U.S., they diverge widely as to whether the presence of such a site will lead to specific jurisdiction over the party for the purposes of disputes arising from the website.

Some decisions suggest that a court may obtain personal jurisdiction over a non-resident defendant whose sole contact with the forum state arose through the Internet. Examples of these include: CompuServe, Inc. v. Patterson, Zippo Manufacturing v. Zippo Dot Com, Inc., Panavision International, L.P. v. Toeppen, and Maritz, Inc. v. Cybergold. In each of these cases, Internet contacts with the forum state exceeded those of a passive website: In CompuServe, the defendant knowingly reached out to and did business with CompuServe, knowing that CompuServe was an Ohio corporation. In addition, the dispute arose out of contacts with the forum state. In Zippo, the defendant's site required participants to submit address information in order to receive a news service; therefore, the site operators knowingly transacted business with residents of the forum state, where the plaintiff was headquartered. In Panavision, the defendant had set up his web site as part of a "scam" to make the plaintiff purchase the domain name from him, and as such had intentionally directed his actions toward the plaintiff's home state. In Maritz, the defendant's site invited users to send and receive information about services it offered, and the defendant company had sent information to over 100 users in the forum state. The court found that "[a]lthough [defendant] characterizes its activity as merely maintaining a 'passive website,' its intent is to reach all Internet users, regardless of geographic location."

Two other recent decisions, in declining to exercise jurisdiction, support the notion that passive Internet sites are not sufficient to support jurisdiction. In McDonough v. Fallon McElligott, Inc., a Minnesota defendant had displayed plaintiff's photographs on the Web without plaintiff's consent, in possible violation of California copyright and unfair competition laws. The Southern District of California held that: "Because the Web enables easy world-wide access, allowing computer interaction via the Web to supply sufficient contacts to establish jurisdiction would eviscerate the personal jurisdiction requirement as it currently exists . . . . Thus, [having] a Web site used by Californians cannot establish jurisdiction by itself." Similarly, in Benusan Restaurant Corp. v. King, the Southern District of New York held that the operator of a small Missouri jazz club called "The Blue Note" did not subject it to New York's trademark laws by merely erecting an advertising site on the Web.

The New York district court's holding in Benusan is at direct loggerheads with the District of Connecticut's holding in Inset Systems, Inc. v. Instruction Set, Inc. In Inset, a party utilizing the trademark of another company for its domain name and "800" number was subject to jurisdiction in the home of the party whose mark was infringed. Also in seeming conflict with Benusan and most other U.S. interstate Internet jurisdiction cases, the Federal Circuit found in Graphic Controls Corp. v. Utah Medical Prods., Inc., that a Utah corporation's activities, which included having an open-access website for ordering goods, having an "800" number, having meetings in New York unrelated to the cause of action, and sending "cease and desist" letters to party in New York, did not constitute minimum contacts with New York. In similar conflict with the above cases, the Southern District of New York held that creating a commercial and interactive (though not yet operational at the time of litigation) website that was available to, and used by, New York residents was not in itself enough contact to subject a publisher to New York jurisdiction in Hearst Corp. v. Goldberger. The District court found that exercising jurisdiction would violate traditional notions of fair play, and noted that the site operator did not purposefully direct his activities toward New York.

The disagreements between the cases above illustrate some of the variety among courts as to the proper approach to take when dealing with Internet jurisdiction. Approaches differed greatly, even among some of the above cases having similar final outcomes. States have not regularized an approach to the Internet, preferring to analogize it to real space. Erecting a website has been compared to publishing in a widely distributed general-interest magazine or putting an item (with the capacity to travel) in the stream of commerce by selling it locally. As the above illustrate, courts seem to be taking an approach resembling that recently laid down by the Ninth Circuit Court of Appeals in Cybersell, Inc. v. Cybersell, Inc., which held that the mere presence of a passive website on the Internet does not constitute the minimum contacts needed to subject a person to the jurisdiction of every court and that "something more," either interactivity or purposeful direction, is needed to justify jurisdiction. What degree of interactivity is required to constitute minimum contacts, however, remains largely unclear from case law. Under the rule set forth in Cybersell, a court would decide whether a website creates minimum contacts by examining the degree to which the site is commercial and interactive, and the degree to which the site is directed at citizens of the forum state. The more interactive a site is (i.e. the more exchange of information is possible between the site and the user), and the more commercial the site's nature, the more likely a court is to find that contact exists between the site owner and the distant user. Similarly, the more the site is directed at an audience in the forum site or designed to harm citizens of the forum state, the more likely a court will be to find that purposeful availment has occurred. Still, the Supreme Court has not addressed the issue of personal jurisdiction in cyberspace and many details still remain unresolved.

B. Internationally

U.S. courts have, basically, shoehorned Internet cases into the same jurisdictional rules that they use for non-Internet cases, with the result that U.S. courts lean toward limiting jurisdiction, regulating only sites that intentionally direct themselves into the U.S. in some way. Other countries have not limited their courts so. Several examples illustrate that jurisdictional issues are at least as severe and jumbled in the international context as they are within the domestic U.S.

In the United Kingdom, the Financial Services Act of 1996 makes it a

criminal offense to place investment ads in the U.K. unless they are issued or approved by the Financial Services Authority (FSA). In early 1998, the FSA notified the national U.S. mutual fund association that mutual fund Web sites which can be brought up on a screen in the U.K. are considered to have been issued in the U.K. This could have had a profound impact on the way in which U.S. mutual fund sites operated, however, the FSA stated that it would not take enforcement action against U.S. companies that complied with certain FSA regulations, including placing disclaimers or warnings on their Web sites.

Germany has passed a sweeping law that subjects any Web site accessible in Germany to German law, holding Internet service providers (ISPs) liable for violations of German content laws if the providers were aware of the content and were reasonably able to remove the content. This followed the settlement of a well-publicized incident between Germany and CompuServe, in which German authorities threatened to prosecute CompuServe for allegedly pornographic news groups. In response to the German threat, CompuServe blocked access to those newsgroups to all users, approximately 4 million worldwide. Later, CompuServe restored access and distributed free software for blocking pornography. This caused CompuServe's indictment for aiding in the distribution of pornography and computer games. Prosecutors charged that CompuServe did not do enough to block Germans from accessing the material.

Malaysia's new cyberspace law also extends well beyond the borders of Malaysia. The bill applies to offenses committed by a person in any place, inside or outside of Malaysia, if at the relevant time the computer, program, or data was either (i) in Malaysia or (ii) capable of being connected to or sent to or used by or with a computer in Malaysia. The offender is liable regardless of his nationality or citizenship.

As mentioned above, the Constitution and states' long-arm statutes may permit court jurisdiction over out-of-state conduct, depending on the specific long-arm statute and the conduct involved. This means that many states may have concurrent jurisdiction over the same conduct. A similar situation exists in the international context. Because it is generally accepted as a matter of international law that nations may govern conduct of citizens of the nation taking place outside the nation, conduct by non-nationals that take place elsewhere but has significant and intended effects in the state or nation, conduct that threatens the sovereignty or security of the nation, and conduct that constitutes a universal crime such as torture and genocide, many situations may arise in which several nations' laws could govern the same conduct. To use a real-space example, imagine that A (an American shipping company) ships a batch of B's widgets from New York to B in Belgium, by way of France. The widgets are damaged during the French stopover and that this damage gave rise to a cause of action in tort between A and B. Assuming that A had significant enough contacts with both France and Belgium to warrant jurisdiction in both courts, B could sue A in the U.S., in France, or in Belgium, depending on which legal system would treat B more favorably. Additionally, B could sue in U.S. court but request that the court apply Belgian law to the dispute, or sue in Belgian court but request that the court apply French law, or any other combination of courts and laws.

The many applicable laws will not necessarily be substantively compatible. Different states and nations will have different interests and each will want its laws to govern each dispute. This situation becomes extremely poignant when laws are not only inconsistent, but also incompatible; for example, in some states of the U.S., it is illegal to provide or engage in Internet gambling, but in Liechtenstein, such gambling is government-sponsored. Although the situation of inconsistent laws occurs with moderate frequency now (especially in the antitrust and securities fields) it is likely to become even more common as cyber-commerce becomes more prevalent. This is because, in cyberspace, cross-border transactions are no more difficult than transactions with local parties.

When conflicts of law arise, courts must decide which law will govern. A court need not decide a dispute according to its own law; for example, a court deciding a dispute arising out of an automobile accident in another state would be likely to apply the driving standards of the state where the dispute arose, rather than of the forum state. Several methods exist to aid courts in the decision between laws. Historically, U.S. courts decided a dispute according to the law in the lex loci delicti, the "place of the wrong." In transnational cyberspace, however, the place of the wrong might be any of the nations that are on-line. There is no lex loci delicti.

The Restatement (Second) of Conflicts of Law rejected this historical formulation, preferring the so-called "most significant relationship" test, which values (1) the needs of the international system; (2) relevant policies of the nation in which the suit was brought; (3) the relevant policies of all interested states; (4) justified expectations of the parties; (5) certainty, predictability, and uniformity; (6) and ease of administration.

Several other approaches to choice of law have also been posited and accepted by some courts. The "center of gravity" approach, first adopted by the Court of Appeals of New York, might be characterized as a simplified version of the "most significant relationship" test of the Second Restatement. This approach authorizes courts to look at all the existing contacts between the various parties to a suit and various jurisdictions. Ultimately, the court should choose the law of whatever jurisdiction is most closely tied to the case.

Legal scholar Brainerd Currie espoused the "interest" approach, which encouraged courts to look to the history of the applicable laws and, if the laws of one state could be applied without impairing the other state's interests, those laws were to apply. In the case of a true conflict, in which one state's interests would always be impaired, Currie suggested using the law of the forum. California has accepted this approach, but instead of automatically applying the law of the forum in true conflicts cases, applies a "comparative impairment" analysis and applies the law of the state that creates the least impairment.

Finally, professor Robert Leflar has devised a test in which courts consider 1) predictability of result, (2) maintenance of interstate and international order, (3) simplification of the judicial task, (4) advancement of the forum’s governmental interests, and (5) application of the better rule of law.

Currently, U.S. states and the U.S. itself take a variety of approaches; none of the above approaches have been universally accepted.

Interestingly, most approaches other than the "place of wrong" approach eliminate the need to decide "where" the conduct in question occurred before deciding what law governs (although determining the location of an action may help create the list of nations' laws from which to choose). As the few reported cases show, however, courts may ignore traditional choice-of-law principles entirely and simply apply forum law to Internet-related disputes. Indeed, at least one state, responding to the problem of Internet-based gambling, has announced an intention to apply its own law to lawsuits resulting from in-state Internet contacts. The Minnesota Attorney General’s office has interpreted existing Minnesota law to prohibit all forms of on-line gambling, and has noted that "[g]ambling is just one example of illegal activity on the Internet" and "the same jurisdictional principles apply with equal force to any illegal activity." Courts have tended to apply the law of the forum state in Internet cases, without discussion.

It should be noted that many Internet activities are commercial and that many of these involve contractual transactions. These contracts may contain choice-of-law clauses defining what state's law will govern any dispute arising out of the transaction. Most ISPs, for example, include choice of law clauses in their service agreements; such clauses may greatly simplify choice of law questions on the Internet, as choice of law clauses are, for the most part, honored as a matter of international law. Many Internet activities are not commercial or even transaction-oriented, however, and choice of law clauses may not cure problems arising from non-transaction-oriented activities. Case law does not indicate what route courts might take in resolving true choice of law disputes arising from such activities. One commentator has suggested the creation of a choice-of-law treaty for the Internet.

Many questions remain about how courts will fit the Internet into the current system of jurisdiction. For this reason, people do not know what laws to live by. Although most people know the laws of their domicile state, many do not know the laws of states with which they will be interacting; therefore, under the current system, it remains entirely possible that a person could be haled into court in a foreign land for something that is perfectly legal in his domicile.

Simply put, the "effects" test doesn't work. It is true that states and nations are perfectly within their power in prosecuting foreign parties who provide illegal services (for example, a Nevada site that provides gambling to a Minnesota resident), and foreigners who commit crimes (for example, an American who posts names of businesspeople on a site available to Chinese dissidents). However, the architecture of the Internet makes it easy for people to obfuscate their identity and location and it is therefore impractical, under the current architectural regime, to make sites provide and deny service based on a person's identity; yet, that is exactly what the current legal system requires.

Most importantly, under the current regime, people can unwittingly open themselves to liability, by posting information on the Web that they consider proper. For example, a local company with the same name as a different company across the country and thereby expose itself to trademark liability; or an American could put up a site containing photos of women in short skirts, thereby exposing himself to criminal liability in countries under Islamic law.

If the current legal system is to maintain effective and fair control over the Internet, courts all over the world will have to make a clear move toward a new test for jurisdiction, and a consistent test for resolving choice of law disputes. If courts could agree to exercise jurisdiction based on an effects test with a much stronger element of purposeful availment than exists in the current system, the current style of legal governance might be able to serve the Internet in an effective and consistent way, without the excessive and unpredictable elements that it currently suffers from. For the purposes of fairness, mere awareness that a site could be accessed at a location would not be enough to trigger jurisdiction; rather, in order to be subjected to jurisdiction in a place other than his domicile or its primary place of business, a party would have to display intent to reach the audience in that location through advertising or special targeting subject matter, or a positive awareness of an audience's locations by way of interactions involving the exchange of information about realspace location. Under such a system, a party would still be subject to jurisdiction in its home state or nation, but not in a foreign jurisdiction unless the party sought out an audience in that foreign jurisdiction. Such a system would put the burden on state and local authorities to prevent the viewing of illegal material and to focus on laws regarding the use of illegal material, rather than laws the provision of such material. As hey are today, transactions would be susceptible to the jurisdiction of the domiciles of all parties involved and any jurisdiction in which the transaction was definitively intended to have an effect.

I. Introduction

One method traditionally used to deal with jurisdictional conflicts and conflicts of law is to create treaties and conventions. Although treaties are not always effective at curbing behavior, they have been a somewhat effective means of establishing a baseline of agreement between nations and thus they may still play a role in Internet sovereignty.

Treaties are negotiated between nations, often with the aid of international organizations such as the United Nations. Once negotiated and signed, treaties must be ratified by way of implementing legislation in each of the individual agreeing nations.

Treaties take time to negotiate, and given the relative youth of the Internet, few treaties have been negotiated regarding the Internet. This section will consider treaties as a means of Internet governance by considering two situations in which treaties have been suggested as solutions to problems raised by the Internet: copyright and taxation.

a. The WIPO copyright treaties

The World Intellectual Property Organization, an arm of the United Nations created to deal with intellectual property issues, has brokered two conventions dealing with copyright protection on the Internet. The WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty will serve as addenda to the Berne Convention (the primary convention regarding copyright protection. Among other things, the Treaties will make it illegal (in each ratifying state) to remove electronic rights management information (e.g. information identifying the author of the work or stating terms of use) and to circumvent technological protection mechanisms such as firewalls and encryption systems. A proposal to create a sui generis protection for electronic databases, considered simultaneously with the Copyright Treaty and Performances and Phonograms Treaty, was not adopted.

The WIPO Treaties are not yet in force and are not binding on any state at present moment. For the WIPO Treaties to enter into force, thirty states or intragovernmental organizations must ratify them. As of September 10, 1998, fifty-one states or intragovernmental organizations had signed the Copyright treaty, including the United States and European Communities (Union), and four states had ratified it, including Belarus and Indonesia. In addition, the U.S. ratified the treaties with the passage of the Digital Millennium Copyright Act in October 1998. Signing a treaty is an expression of an intent to ratify the treaty. The Treaties were accepted on December 23, 1996, however, and there is no limit on the among of time states may take to ratify them.

In order to be truly effective, these treaties must be unanimously accepted, to prevent the creation of copyright "havens" where people can go to violate copyright laws with impunity. In addition, the treaties do not answer all possible questions regarding Internet copyright. They do not definitively address enforcement, dispute settlement, Internet service provider liability, fair use, exhaustion of rights, place of publication, or the definition of a copy. As one commentator put it, however, "[d]espite these inadequacies, the resulting Internet Treaties are not an exercise in futility. They establish an international consensus on the application of copyright and neighboring right principles to digital technologies which can serve as the foundation for further legal infrastructure down the line."

b. The OECD taxation project

Most states impose some sort of income tax for money earned by a company in the territory. Where a company is taxed often depends on where its principal place of business is located. Many tax treaties currently in force, designed to prevent double-taxation, permit taxation of a company only in a place where it has a "permanent establishment." For this reason, an Internet businesses might choose to use server space in locations with little or no income tax, or to change servers frequently and in so doing, to not have principal place of business at all. Similarly, many states impose sales taxes on items purchased within the state. Given the difficulty of determining the location of a any party to a transaction in cyberspace, it could be too great a burden to require that sellers of merchandise in electronic commerce discover the location of and appropriate tax rate for their customers; however, states have an important interest in seeing that the Internet does not become a tax-free zone.

For this reason, the Organization for Economic Development (OECD), which calls itself a "club of like-minded countries" (its membership consisting of 29 of the most affluent countries on the globe) has undertaken to devise a system for facilitating taxation of on-line transactions. The drafting took place in close consultation with the European Union and the World Customs Organization. On October 10, 1998, the OECD released a series of 28 "Implementation Options," suggestions of various overlapping methods for facilitating tax payment by the players in electronic commerce. These take the form of suggested actions that revenue authorities might take. They range widely in subject matter, and include creating automated revenue service hotlines (option 2), enabling electronic payment of taxes (option 5), allowing digital tracing of businesses that do not adequately identify themselves (option 11), allowing digital authentication of documents (option 14), cooperatively creating a set of rules for taxing the sale of intangible goods, as opposed to tangible goods (option 17), and monitoring developments in electronic commerce in order to continue developing effective taxation methods (option 25). The OECD plans to redefine the "permanent establishment" requirement mentioned above (option 21) and monitor the application of existing norms in order to continue making proposals for improvement (option 22). The OECD is now calling for responses from the business community and from nations that did not participate in the drafting process.

the OECD options contemplate that nations will maintain individual control and administration of taxation, but in a coordinated way. It also contemplates that bilateral treaties may exist, under the framework of whatever taxation guidelines and/or conventions the project yields (option 27). This implies that any treaty created will have to allow for great variations in actual implementation from country to country. In addition, similarly to the Copyright convention above, any taxation plan developed, in order to be truly effective, would have to be accepted unanimously among nations, to prevent the creation of tax havens.

Treaties are appealing as a method of Internet governance. Nations are accustomed to negotiating treaties and may be prepared to consider them more readily than dramatic and confusing technological "solutions." Treaties are also appealing because they may be brokered by familiar and well-trusted bodies such as the U.N., WIPO and the OECD. In addition, treaties create binding, regularized laws that enable all people to be aware of the laws governing them. In many cases, they eliminate or alleviate jurisdictional battles, either by containing jurisdiction clauses or by conforming laws enough that jurisdiction will not have an effect on the outcome of a dispute.

Treaties have significant drawbacks, however. It takes a very long time to create and ratify a treaty: The Berne Convention for the Protection of Literary and Artistic Works, for example, was first adopted in 1886, and has gained members steadily since then. Of the 133 states who have ratified the Berne convention, only 15 had joined in 1919, thirty years after the treaty's adoption; approximately thirty states have joined since 1992 (the United States joined in 1989). The WIPO treaties, although less ground-breaking than the Berne Convention and therefore more likely to receive general acceptance in a shorter period of time, have taken two years to accumulate only four or five of the 30 ratifications needed to enter into force.

In addition, treaties are extremely difficult to create because it is often impossible, or nearly so, to reach consensus among national powers. For this reason, treaties may be a better solution to moderate- to low-controversy issues than to more controversial ones. The issue of gambling, for example, is unlikely to be resolved by creating a treaty, because of deep-set and fundamental philosophical differences between nations on whether or not Internet gambling should be legal. In the event of such ideological differences, nations who choose not to sign a treaty may become "havens" for activity that is illegal in other states. Especially in the Internet context, where transmission of materials from one state to another is no more difficult than transmission of materials down the street, the existence of "havens" can completely undermine the objectives of any treaty.

This is not to say that treaties cannot be an effective method of conforming international laws and preventing conflicts of law, merely to suggest that they cannot be considered a panacea for all of the ills of Internet governance. In fact, treaties may well be the most effective means to handle certain Internet issues, such as copyright enforcement, and may be very effective in combination with technological approaches to handle other issues (for example, treaties, combined with a digital identifications system, may be very effective in facilitating accurate taxation).

1. Introduction

Internet regulation in the status quo world, absent some new technologies or governance structures, is challenging. The Internet jurisdiction issues, alone, are complex and can be difficult to grasp. In order to see how regulation of the Internet works today, this section of this paper will explore the question of Internet gambling, an issue that raises many of the problems and complexities of sovereignty on the Internet.

Internet gambling is a reality. The Internet gambling industry was a $60 million business in 1996 and is expected to be a $600 million business in 1998. Grand Dominican Resort & Casino was getting thousands of "hits’ per day after only three months of operations. ICG Sports International made a profit of almost $250,000 in its first year. Jay Cohen, a former US stock trader, moved to Antigua in 1996 to set up the World Sports Exchange. His company has grown from only 20 customers to over 1000. They receive 100,000 bets per month. Although customers log on from Belgium, Japan, and Russia, 95% of their bets are placed from computers located in the US.

Almost every type of gambling is available on the Internet: lotteries, casinos, sports wagering, etc. Many commentators acknowledge that the "question is not whether [Internet] gambling will be available. The real questions are whether it will be legal and whether governments have the necessary tools to prosecute offenders." Most governments have policies regarding gambling by their residents. Some prohibit it. Some regulate it, and some offer gambling run by the state. Once a jurisdiction determines its policy on gambling, it must then implement that policy. Implementation includes not only the adoption of laws, but also their enforcement. It is this aspect of implementation that is most relevant, and most difficult to achieve, in the global Internet environment.

1. History

Gambling was first legalized in the US by Nevada in 1931. Then in 1946, after considering the economic benefits, New Hampshire became the second state with legalized gambling when it introduced the state lottery. Native Americans began bingo parlors in the 1970s and casinos opened in New Jersey in 1978. In a critical change to US gambling laws, Congress passed the Indian Gaming Act in 1988, authorizing gambling activities on Indian lands. As various sovereigns have realized the economic potential of gambling, they have introduced a variety of legalized gaming activities. In the last two decades legalized gambling has increased dramatically. There are lotteries in 37 states. Casinos are authorized in 20 states. Only Hawaii and Utah prohibit gambling completely.

II. Reasons to regulate:

A. Taxation and Revenue

Critics of Internet gambling prohibitions complain that US States don’t oppose gambling for policy reasons but want to reap the financial rewards of regulation via taxation or licensing. Given the fact that some form of gambling is now legal in all but two states in the US, it seems ironic that the US is at the forefront of trying to prohibit Internet gambling. These critics claim that US State governments would like to prevent Internet gambling sites from drawing away the funds that these entities currently reap through state-run or state authorized gambling. "It is really hypocritical when states like Missouri, Minnesota and Wisconsin, which sanction gambling for their own profit, start taking a moral stand against people betting with regulated businesses on the Internet. It seems like their real interest is protecting their pocketbook, not their citizens."

While it might be easier to raise funds via traditional territorial gambling, states can run Internet gambling sites or authorize private Internet gambling within their jurisdiction. These states could then reap financial benefits from Internet gambling as well as territorial gambling. Finances can be raised through license fees from gambling providers, taxes on gambling operations, company profits tax, and income taxes on winnings. States may desire to maintain the supremacy of territorial gambling, however, because of the economic stimulation that results. Real space gambling can stimulate an economically depressed or remote area and creates a large number of jobs.

B. Policy justifications for regulation or prohibition.

While the argument that some sovereigns oppose Internet gambling for purely commercial reasons does carry some weight, there are a number of other policy justifications for the prohibition or regulation of Internet gambling. The actual impact of gambling, and particularly Internet gambling, is unclear. In 1996, Congress created the National Gambling Impact Study Commission to examine precisely this issue. The Commission has been "tasked with producing a comprehensive and factual study of the social and economic impacts of legalized gambling on states, tribes, communities and individuals" within the US. Their goal is to "provide elected officials and citizens with reliable data and information that could be a resource in future deliberations and decision regarding legalized gambling." The Commission conducted its last meeting the week of November 9, 1998 and will be issuing final reports by June, 1999. Even in the absence of this comprehensive study, many sovereigns argue that there are a number of policy reasons to regulate or prohibit Internet gambling.

Morality

Some sovereigns believe that gambling is undesirable and government should not tolerate such activity. This argument does not work for most US jurisdictions because almost every state authorizes some form of real space gambling. States that authorize only lotteries, however, might try to distinguish between the morality of lotteries versus casino gambling, thus justifying a ban on one while allowing the other. Additionally, the two states that do prohibit gambling entirely may rely on this justification.

Increased gambling addictions

When gambling is legalized, gambling addiction increases by 100-550%. Because Internet gambling is so much more easily accessible and because it is available in private, Internet gambling may increase addiction even more than legalized real space gambling. In fact, Internet gambling is referred to as the "crack-cocaine of gambling addiction." Aside from simply desiring to protect its citizens from gambling addiction, preventing such addictions also reduces other losses. Gambling addiction results in significant external harms: 47% of compulsive gamblers engage in insurance fraud or theft and there is speculation that 40% of white collar crime is caused by addicted gamblers. In addition to economic crimes, total crime rates, including child abuse, domestic violence, and burglaries have increased dramatically upon the legalization of gambling. The national price tag for compulsive gambling is estimated to be $56 billion per year.

While states may claim that gambling addiction justifies prohibition or regulation, Internet gambling providers disagree. Some sites, such as Cohen’s World Sports Exchange offer links to Gamblers Anonymous. As Cohen himself says, "can you remember the last time you were in a liquor store and they handed you information on Alcoholics Anonymous?"

Age.

Current technology does not allow Internet gambling sites to effectively check the age of the gambler. Regulators are concerned that Internet gambling will therefore increase the trend of youth gambling.

Economic harms.

There is a fear that Internet gambling will significantly reduce consumer spending on other areas of the economy. Additionally, there is concern that increased gambling will result in decreased consumer saving which could hurt the national economy.

Fraud.

Regulators are concerned about the ability of Internet gambling sites to defraud their customers. Without regulation, it is possible that Internet gambling operators will not run the games according to stated terms and conditions and that they may not pay winning gamblers. Another concern expressed by regulators is their ability to ensure that providers are financially solvent and that currency translation is fair. Regulation can prevent fraud and abuse. To address these issues, some Internet gambling operators have instituted forms of self-regulation to address these issues. For instance, one site has offered its algorithms to consumers for inspections. Thus its customers can verify that the algorithms are not designed to induce fraud. Additionally, Internet gambling sites can contract with accounting firms to certify the legitimacy of their games and their finances. While these issues do present an argument for regulation by a sovereign, they do not necessitate regulation by the US or US states. These issues are adequately addressed by countries that currently allow Internet gambling.

Prevent money laundering.

Law enforcement officers are concerned that offshore wagering accounts will help conceal criminal profits. For example, if you want to launder money you could bet on both Florida and Georgia when they play each other. Obviously one will lose and one will win. If you structure the bets properly you can get the winner to pay double and end up with exactly the same amount that was wagered, except now the money appears clean.

Expectation of regulation

Because real world gambling is heavily regulated, the public may believe that on-line gambling is also regulated. If policy makers do not regulate this form of gambling, the public’s misconception could cause significant harm. This is only true, however, if most Internet gambling providers are not regulated. Instead, although most are not regulated by the US, they are generally regulated by the country in which they are based.

III. US Regulation

1. Federal

While the federal government has increasingly played a role in gambling regulation, gambling has traditionally been the province of state legislatures. Thus, "[a] canopy of federal gambling laws rests over the thicket of state gambling legislation." Although the US Department of Justice has officially claimed that Internet gambling is illegal, there is no current regulation designed to prevent Internet gambling per se. Instead law enforcement officials using federal law will have to apply laws designed to prohibit gambling over other media.

1. Existing US regulations:

The Transmission of Wagering Information Act, 18 USC 1084, is the federal law most applicable to Internet gambling. The statute provides that:

Operating an online gambling site should qualify as being "in the business of betting or wagering," as required by the statute. Although commentators agree that the statute can be used to target Internet gambling, it is not a perfect fit. First, the statute specifically mentions sports betting or contests. It is uncertain, therefore, whether the statute could be used against Internet gambling providers that operate casinos or lotteries. Additionally, the statute was intended to apply only to wire transmissions.

Two other items of this statute are important to note. It explicitly allows law enforcement to enjoin common carriers who knowingly allow their phone lines to be used by gambling operations. The statute does exempt transmissions in interstate or foreign commerce where the betting activity is legal in both jurisdictions.

Although the statute clearly applies to foreign businesses that supply gambling to the United States, these entities may be able to argue that they fail to meet the criminal intent requirement necessary for violation of Section 1084. This argument is not likely to succeed in a US court. First, Internet sites are available to virtually every country in the world including the US. In fact, there are more US users of the Internet than there are users from any other country. Thus the likelihood is that a site (especially one available in English) will be visited by US citizens. The US Sixth Circuit Court of Appeals ruled that a site that approved a user’s application for a password with knowledge of the user’s location had knowledge that their product would be disseminated in the user’s location. Offering a warning or disclaimer that Internet gambling may be illegal in the US does not negate the criminal intent element. A casino operator can reasonably foresee that the service may still be used illegally in the US despite such a disclaimer.

2. Proposed Federal Legislation:

The patchwork nature of existing federal regulation results from the traditional role of State and local governments in regulating gambling. Federal law, however, may be more appropriate for Internet gambling because of its interstate and international nature. Additionally, Internet gambling presents legal problems, such as extradition, that state governments are not prepared to handle.

Thus, in 1997, Senator Kyl introduced the Internet Gambling Prohibition Act of 1997. This regulation passed the Senate on July 23, 1998 in a 90-10 vote. Although the act was introduced in the House twice, it never made it to the floor for a vote. It is unclear if this type of provision will pass next term, but the Senate vote indicates that the law in question garnered significant political support.

The purpose of the law was to amend Section 1084 of Title 18 so that gambling via the Internet and any other computer network would specifically be proscribed. Additionally, the law was designed to expand the reach of Section 1084 beyond sports betting to all forms of gambling. Specifically, the bill would have made it illegal to engage in the "business of betting or wagering knowingly us[ing] a wire or electronic communication facility for the transmission in interstate commerce of bets or wagers or information assisting in the placing of bets or wagers…" Additionally, the law is no longer limited only to gambling operators, but criminalizes betting itself.

One of the iterations of the bill, according to Fojut, redefined the meaning of "common carriers" to include ISPs. If this provision remains in the bill, ISPs will be "obliged, along with other common carriers, to ‘discontinue or refuse, the leasing, furnishing, or maintaining’ of a facility in violation of th[e] statute upon notification ‘by a Federal, State, or local law enforcement agency.’" The law further provided that law enforcement agencies could enjoin carriers who refused to terminate access after being notified of an offending site.

Although the US is still working under the patchwork of laws in existence prior to the development of the Internet, federal law enforcement officials arrested several people for Internet gambling in March, 1998. The government appears to have carefully targeted the people arrested. All those arrested where Americans; some were living in the US. All claim to have been licensed by foreign countries. They all conducted some part of their operations within the United States. They were all operating openly, some even taking out ads in US magazines. Only operators and others involved in the business of sports gambling were arrested, no players were targeted. If any cases could be successfully prosecuted under the existing patchwork of laws, it should be these. Regardless of the long term legal results of these cases, the arrests are having an immediate impact. Many sportsbooks are barring bets from Americans and some are closing their doors completely.

2. State Regulations

Traditionally, most gambling regulations were passed by state governments. "Each state determines whether gambling will be permitted within its boundaries - and if it is permitted, what specific forms of gambling will be allowed. Existing Federal law does not preempt state law from also applying to on-line gambling activities. Instead, Federal gambling laws are designed to aid the states in enforcement of their laws.

1. State attempts to enforce their regulations:

So far, most state enforcement attempts have come against organizations that have a US presence. While the jurisdictional reach of the States over these entities is unclear, their jurisdictional reach over entirely foreign operated organizations is even less clear. Following are some examples of US State approaches to the Internet gambling issue.

Minnesota:

Minnesota has been particularly active in trying to enforce gambling prohibitions on Internet gambling organizations. The Attorney General has issued a statement on Internet Jurisdiction. In this statement Minnesota asserts that "persons outside of Minnesota who transmit information via the Internet knowing that information will be disseminated in Minnesota are subject to jurisdiction in Minnesota courts for violations of state criminal and civil laws." The statement then claims that "services outside of Minnesota that offer Minnesota residents the opportunity to place bets on sporting events, purchase lottery tickets, and participate in simulated casino games…are illegal in Minnesota."

Not only are the gambling organizations subject to these laws, the AG claims that "credit card companies and Internet access providers that continue to provide services to gambling organizations after notice that the activities of the organizations are illegal would be subject to accomplice liability." Minnesota residents can also be penalized for Internet gambling. "[A]ny person in Minnesota who places a bet through one of these organizations is committing a crime." One of the penalties of the crime is forfeiture of the device, the computer, used to commit the crime.

Minnesota filed the first US Internet gambling lawsuit on July 18, 1995. Minnesota is suing Granite Gate Resorts, Inc. of Nevada for deceptive trade practice, false advertising and consumer fraud. Granite, which was intending to launch WagerNet an Internet gambling service based out of Belize, claimed that its service was legal. The Minnesota Supreme Court ruled that the state has jurisdiction to press charges against the Nevada company. The Defendant has said that it will appeal to the Supreme Court of the United States. The Supreme Court has not yet ruled on US jurisdictional reach over Internet providers.

Missouri:

Missouri law proscribes almost all types of gambling, including Internet gambling. Missouri is pursuing a suit against Interactive Gaming & Communications Corp. (ICG), a corporation based in Pennsylvania. An undercover investigator from the Attorney General’s office placed bets with ICG totaling over $100. ICG is now enjoined by court order from accepting bets from Missourians. The AG also filed a civil lawsuit against ICG and ordered it to pay more than $66,000 in penalties and costs to the state. If ICG is found guilty of "promoting gambling," the corporation could be required to pay up to $10,000 in fines. ICG president, Simone, could be required to pay up to $5,000 and is subject to a prison term of up to five years.

Missouri has also issued a temporary restraining order preventing Indians and two Internet gambling businesses from promoting on-line gambling in Missouri.

Wisconsin:

The Wisconsin Attorney General entered into a consent decree with On-Line International, Inc. and its parent corporation, World Wide Web Casinos. The Wisconsin corporation, On-Line International, which distributed computer software to facilitate Internet gambling will be dissolved. Wisconsin claimed that distribution of Internet gambling products violated the State criminal gambling statutes. The State filed other lawsuits against different entities trying to operate gambling sites on the Internet.

Florida:

Florida Attorney General, Robert Buttersworth, has taken a completely different approach to Internet gambling. In response to questions about the legality of internet gambling by Florida residents, Buttersworth concluded that "[d]espite the prohibitions against gambling provided by federal and state law, at present the structure and operations of the Internet pose an extraordinary challenge." According to the AG, "[e]volving technology appears to be far outstripping the ability of government to regulate gambling activities on the Internet and of law enforcement to enforce such regulations. Buttersworth indicated that regulation and policing of the Internet should be addressed at the national or international level and has therefore declined to prosecute any Internet betting cases, including in-state bettors.

Instead, Buttersworth is using alternative means to shut down offshore Internet gambling sites. His goal is to make doing business offshore difficult by working with financial transaction providers. He negotiated with Western Union to cut off money transfers to and from Caribbean sports books. This enterprising AG is also targeting potential Internet gambling advertisers.

New York:

In an interesting twist on state Internet gambling law, one state has gone on-line itself. Internet gambling is no longer the sole province of private providers. New York State’s Off-track Betting (OTB) is joining the fray.

4. Other Regulation - Non US

International regulation resembles that in the US in that there is no unified approach to gambling regulation. Unlike US jurisdictions, however, many international jurisdictions have explicitly legalized Internet gambling.

Australia

The Australian government has decided to support Internet gambling. They identified the key difficulty for regulators as "find[ing] a way to deal with a situation where gambling products can be delivered over a telecommunication network that has no cognizance or recognition of State borders or local rules." In this context, "traditional controls are rendered inoperable." They therefore decided that regulation, rather than prohibition, would provide the best answer in this setting. According to Australian regulators, the introduction of legalized gambling has always, at least in Australia, resulted in a reduction in illegal gaming. The idea is that if the Australian government can provide trusted, well-regulated products as an alternative to other Internet gambling sources, that their citizens will choose to use the Australian products.

Of course, Australians will still have access to foreign Internet gambling providers. However, providers not regulated by Australia will not be allowed to use traditional forms of advertising to penetrate the local market. In addition to the advertising ban, the Australian government thinks that Australian citizens will use providers licensed in Australia in order to ensure their own protection. Players will know that the games are fair, that the provider is not criminal, that the provider will be able to pay significant prizes, and that personal information and privacy will be respected.

Another goal of the Australian system is to prevent Internet gambling by minors. The system would require players to register before they are allowed to gamble. Registration requires proof of identity, age and place of residence. Although this is a laudable goal, and one that the US would want to achieve as well, it is not clear that the Australian regulatory system will help to achieve it. If Australian licensed providers are off-limits to minors, they will simply choose a foreign licensed provider. These foreign operators may not provide the security options of the Australians, but they may be accessible to minors. Determined minor gamblers will likely sacrifice security for the ability to bet.

Importantly, Australia does not plan to enforce prohibitions from other jurisdictions, such as the US. Overseas players will be able to engage in activities that are available for Australians. Otherwise, Australia would have to attempt to apply conditions and restrictions "desired by thousands of individual different localities." Instead, Australia and New Zealand want to become major players in the emerging global Internet gambling industry. Additionally, they have determined that ISPs should not be liable for the content for which they act only as a conduit.

Liechtenstein:

Liechtenstein, one of the world’s smallest countries, operates a casino in six different languages, including Chinese. Liechtenstein claims that people coming to their web site are coming to Liechtenstein and thus are only subject to Liechtenstein’s laws. Despite this claim, the tiny country has agreed with its two larger neighbors, Austria and Switzerland, that it will not allow their citizens to participate in Liechtenstein’s on-line lottery.

Caribbean Countries:

Many Internet gambling providers operate out of Caribbean Countries. Several of these countries heavily regulate these operators in an effort to prevent fraud and ensure the legitimacy of the games. In Antigua, for instance, annual licensing fees run between $50,000 and $75,000. In addition, providers must undergo rigorous personal and credit investigations. They also must post bonds, sometimes as high as $500,000, to ensure that they can pay winners. Despite these significant regulations, or maybe because of them, Antigua is a popular base for Internet gambling providers. Twenty-six sites were already licensed in Antigua in January 1998, and there were forty applications under review at that time. Similarly, Belize established a Computer Wagering Licensing Board, which supervises the on-line gambling industry. Licensing is required and licensed providers are required to post bonds in order to operate an Internet gambling site out of Belize. Other Caribbean countries that have legalized Internet gambling include Grenada, Cook Islands, and Turks and Caicos Islands, St. Kitts, St. Martin, and the Netherlands Antilles.

5. Enforcement Issues

While it is clear that governments may have logical justifications for prohibiting or heavily regulating internet gambling, it is unclear how they will be able to enforce their laws. Many government officials concede that there may be no way to enforce prohibitive Internet gambling legislation. Senator Richard Bryan (D. Nev.) claims that , "there is no way of regulating it." "International Internet gambling? We can’t do anything about it," says John Russel, spokesman for the US Department of Justice. Senator Kyl, author of the Internet Gambling Prohibition Act of 1997, states that, "I don’t believe it can be regulated, so we have to prohibit it." It seems, however, that the opposite is true. Prohibition may not be possible, but some regulation of the majority of Internet gambling providers probably is.

Despite these doomsday statements, there are many targets law enforcement may attempt to reach in regulating Internet gambling. The primary target of real space gambling regulation is the provider because the player was typically viewed as the victim of the crime rather than a perpetrator. Because of the difficulty in enforcing laws against providers located in foreign countries, regulators may choose to regulate the gambling consumer or the facilitator in the Internet context. Enforcement against the consumer may prove more difficult than enforcement against the provider. While enforcement against the facilitator is easier to achieve, that option has some policy tradeoffs and thus is not necessarily the best answer.

1. Where does the transaction take place?

The question of legal violation and thus the question of enforcement can only be asked once it has been determined where the activity occurred. "No discussion of the legality of an activity could be conducted without reference to which laws are being broken." Although the people on either end of an Internet gambling transaction are connecting via cyberspace, both are located in physical space as well. The company is run from a physical location and the gambler initiates gambling from a physical location.

Most Internet gambling occurs "‘on-site’, meaning that they are run on the gambling provider’s server." Many operators claim that if the transaction takes place entirely on the operator’s server, then the transaction has not occurred in the US and no US law has been violated. According to the Electronic Frontier Foundation, and many Internet gambling providers, the gambler/user travels into the jurisdiction in which the provider is located.

2. Internet gambling providers

A key difference between Internet gambling and real space gambling is that the provider of Internet services does not need to be near the jurisdiction of the consumer. Thus, the provider can choose to locate anywhere in the world. As noted above, many jurisdictions specifically authorize Internet gambling operators. Because Internet gambling is legal in these jurisdictions, US law cannot require sovereigns to assist the US in preventing Internet gambling sites from setting up shop. However, US courts may enforce US laws against an operator who causes an act that produces a detrimental effect in the United States. Thus, operating an online gambling facility in a foreign jurisdiction that authorizes such activities does not entirely insulate these providers from US law.

US courts can enforce their laws against Internet gambling providers who cause a harmful effect in the US jurisdiction if they can show that the court has personal jurisdiction over the provider. Some US courts have granted jurisdiction over Internet providers located within the US but not in the state asserting jurisdiction. Because the courts seem to grant jurisdiction over web sites that offer interactive services, gambling operators are likely to be subject to these rulings. Asserting personal jurisdiction over international providers, however, may prove more difficult.

Once a court gains jurisdictional authority to prosecute an entity, it must jump yet another hurdle. In order to enforce US law, the US court must have physical custody of the violator. Gaining physical custody of a violator located off-shore, known as extradition, usually requires the existence of a treaty between the US and the nation where the provider is located. While the US has extradition treaties with some nations, no such treaty exists with many of the small nations that have legalized gambling. Additionally, criminal suspects can only be extradited for committing crimes that are specified in the treaty. In order to extradite an Internet gambling provider, therefore the treaty would have to make gambling an extraditable offense. Since these nations have specifically legalized gambling, and some have stated that they will not enforce foreign prohibitions, it is highly unlikely that the US will be able to negotiate an effective treaty to ensure the extradition of Internet gambling providers.

Because the extradition picture is so bleak some legal commentators have suggested such outrageous behavior as obtaining custody by force! While both impossible on a large scale, and insupportable generally, such action would create the necessary physical custody and US courts have held that due process rights are not affected by abduction from a foreign country.

The US can prosecute individuals who are involved in the management, operation and ownership of Internet gaming sites, including officers, directors, shareholders and managers. Even if these people are US citizens, however, they are only subject to US jurisdiction if they are in the US, or return to the US. If any of these people, US citizens or not, come to the US, they will be subject to the laws of any US court that has asserted jurisdiction over them.

3. Enforcement against the bettor

While federal law currently only criminalizes gambling operators, many state laws also prohibit betting. Bettors are located in the state that is trying to regulate them, and therefore are not subject to the jurisdictional problems inherent with offshore Internet gambling operations. Enforcing laws against Internet gamblers, however, will be very difficult and therefore will probably not result in sufficiently curbing the targeted behavior. Obtaining evidence of the crime will be extremely difficult. The user is most likely to gamble from within the home, a location that is substantially protected by the US constitution. Thus the means of collecting proof will be limited to 1) insider report from a family or friend who tells law enforcement - this will not happen often enough to prevent Internet gambling in any sufficient way; 2) setting up a sting gambling site - this could possibly be considered entrapment; and 3) surveillance of home user via wiretap. Although a wiretap could be the most effective it is likely to be illegal because it will be almost impossible to show probable cause. Additionally, wiretaps are extremely costly and will be ineffective if the gambling sites uses encryption. Law enforcement probably will not be able to gain information from the internet gambling providers either. Because operators are outside US jurisdiction there is no way to gain access to their records.

C. Enforcement against facilitators

Because it is so difficult to enforce Internet gambling legislation on the bettor and on offshore gambling operations, law enforcement may turn to Internet Service Providers and other facilitators as the target of regulation. These entities are desirable targets because they are identifiable (in contrast to the bettors) and subject to personal jurisdiction (in contrast to the operators).

1. Internet Service Providers (ISPs)

There are some negative consequences to holding ISPs liable. First, regulators who support the growth of the Internet fear that such liability will discourage the development of new technologies. Additionally, there is a concern that ISP liability will result in chilled speech. If ISPs are held liable for the content or actions of their users they will have to monitor all messages, Internet traffic, websites etc. This is obviously an impossible task, and thus ISPs will discontinue those services for which they are most at risk.

Regulators have therefore examined the option of requiring ISPs to cut off service to specific offending sites, rather than holding ISPs liable for damages from Internet gambling operators. Thus regulators could effectively shut down offending sites, and yet avoid some of the negative implications that come with holding the ISP liable. While requiring ISPs to discontinue service to targeted sites may assist in enforcing US regulations, this will not be the case if the ISPs are located off-shore. ISPs located in foreign countries would be insulated form US action in the same way that internet gambling providers located in those countries would be protected - courts do not have physical control over them.

The US could require AOL, CompuServe and other full service ISPs to disallow access to a particular site. Although this will only prevent users with such services from accessing prohibited sites, the reduced flow of traffic may still be significant. Additionally, the US could provide a list of all forbidden sites to all US ISPs - not just full service providers - with the requirement that they disallow access. In order to succeed under this tactic, the US would have to invest significant amounts of money in locating offending sites and providing updated lists to US ISPs. The government would also have to monitor the ISPs to ensure that they are disallowing access to these sites. If this system was successfully implemented, most sites would be shut down before they could establish a clientele. Additionally, those sites that did exist would not be easy to find for the average Internet user since any site listed in a well-known search engine would be quickly found and targeted by the government.

1. Financial facilitators

As with ISP regulation, regulation of financial facilitators could enable enforcement of Internet gambling laws. Before bettors can start gambling, they must establish an account and deposit funds with an Internet gambling provider. If US customers do not have the means of transferring funds, they will be unable to gamble. The two most typical means of establishing an account are wire transfer and credit card cash advances. The major credit card corporations - Visa, MasterCard, and American Express - are subject to US jurisdiction and US law. Major wire service companies, such as Western Union, are also subject to US law. Not all financial transactions can be prevented, however. Some Internet gambling sites accept money orders or bank checks. In this case, the issuing bank may not know where the money will be going and is thus less susceptible to criminal liability for aiding a crime.

There are several means of using financial facilitators to prevent US customers from gambling. First, some states have indicated that these organizations will be held liable for accomplice liability if they transfer funds to Internet gambling providers. If financial facilitators are subject to prosecution for aiding or conspiring to commit a crime, they may decline to facilitate the money transfers that Internet gambling operators require before players can start betting. This tactic is susceptible to the same issues discussed above regarding criminal liability. The prosecutor would have to prove that the facilitator knew that the money transfer would facilitate illegal activity in order to establish criminal liability. Banks whose clients write personal checks would be least susceptible to this knowledge requirement.

While holding a credit card company liable for aiding a crime may not be possible, another option for deterring credit card companies from facilitating these transactions may be available. If credit card companies can not recover funds from consumers who use them for gambling, they are unlikely to transact with Internet gambling providers. The ability of US bettors to decline to pay Internet gambling credit card charges is currently being litigated. A woman in California has declined to pay her credit card bills, claiming she does not have to pay because Internet gambling, the source of her debt, is illegal. The outcome of the case could have a huge impact on the Internet gambling industry. According to I. Nelson Rose, an American Bar Association expert on gambling law, Internet gambling is doomed without credit cards.

In addition, law enforcement has another option available to prevent funds transfer. Rather than holding these organizations liable, law enforcement officials can negotiate with them to prevent the transfer of funds. The Florida Attorney General has brokered such a deal with Western Union. This major wire transfer company has agreed not to transfer funds to internet gambling providers. Thus the law can, through alternative mechanisms such as deal negotiation and non-enforcement of debts, disable some of the most typical means of facilitating the prohibited behavior.

1. Other facilitators - Advertisers and Search Engines or Indexes

Two other areas of possible regulation have not yet been explored by law enforcement. The government could attempt to lessen the prevalence of internet gambling by regulating advertising on the Internet - disallowing US advertisers from placing ads on Internet gambling sites. Additionally, government could regulate index providers or search engines that assist the consumer in finding these sites. Currently, Internet gambling sites are easy to find. In addition to typical search engines, there are a number of gambling Internet indexes available. These sites include: <placeyourbet.net/topsites>, <www.guardian.co.uk/gambling>, <www.gambling.com>. The information provided by these sites varies. Some merely provide content and links to other sites while others provide ranking systems of gambling operators. While both of these means are subject to some enforcement problems, coupled with the above targets, they could assist in lessening the occurrence of Internet gambling.

6. Conclusion - Where do we go from here.

The answer to Internet gambling is not to prohibit it on a federal level. A more reasoned approach is to determine the policy justifications for regulation and to implement reasonable rules that will ensure these policy goals are addressed while also creating an environment in which Internet gambling operators are likely to follow the rules rather than attempt to circumvent them. That way the state or country can ensure that local providers are regulated in a fashion desired and that a portion of the proceeds can be gleaned by the country through regulatory fees or taxes.

Operators of web sites have indicated that they would submit to US regulation if the US would allow Internet gambling rather than attempt to prohibit it. "If Senator Kyl thinks we’re not regulated well enough down here [in Antigua], bring us home. Whatever standards they set, we’ll live up to. Why not offer a federal license? They can regulate it, tax it. The real issue here is who is going to get the gamblers’ dollars." By allowing internet gambling in the US, subject to regulation, states could alleviate many of the concerns that they have raised in opposition to Internet gambling.

International agreement:

While many agree that international cooperation would be the best means of addressing Internet gambling, there has been no effort to organize such cooperation to date. One reason may be that many other countries are happy with the status quo and that the US has yet to adopt a formal policy on Internet gambling. Additionally, the position the US may be heading toward - prohibition of Internet gambling - is directly at odds with much of the existing world policy. Cooperation is difficult to achieve when policies and interests diverge so significantly. Despite this challenge, if the US decides to regulate Internet gaming, US Gaming Commissioner Leo McCarthy believes that the federal government will have to rely on diplomatic contacts and treaties with other nations. "If it is a regulatory situation where you are dealing with other governments and are trying to persuade them to respect the social attitudes and the individual states within our nation, it obviously has to have a lot of federal input."

International cooperation or treaties in this area would only be effective if a majority of countries agreed to abide by the treaty terms. As long as some countries decide to break with the agreement, internet gambling providers can locate their operations in those countries. The issue of havens is only relevant, however, if a sufficient number of countries disagree with the treaty. St. Martin can house only a certain number of internet gambling providers. Additionally, locating such an operation in a haven will prevent foreign courts from gaining physical control, but if any member of the operation travels outside of the haven, they may then be prosecuted.

A group of Internet gambling operators have formed the Interactive Gaming Council. Their hope is to create model regulations, and possibly even establish an international regulatory agency. That way, Internet gambling providers could more easily operate in more than one country.

Even without this type of initiative, the Internet gambling industry is not the paragon of evil that some US and State officials fear. "The reputable sites are regulated by governments around the world. These are legitimate governments that are concerned about who they regulate. How arrogant is it for American politicians to say that those nations aren’t good enough to regulate this industry?" A representative for Antigua has expressed similar consternation over US posturing. "The issue in the Unites States should not be whether Internet gambling should exist in Antigua or not. Antigua is a sovereign state and isn’t their concern. We are no banana republic." Instead, the Antiguan government has indicated to the US State Department that it wold be best for everyone if they could all work together. "It is not America’s job to be the world’s police force on the Internet."

Under the current legal regime and technical structure, everyone who has access to the Internet is able to access all Internet sites. If one country tries to punish an Internet site operator in this context, the repercussions will be felt throughout the global Internet community. If this type of system emerges, the jurisdiction with the strictest laws will be able to impose its values on the rest of the world.

DNS Architecture and Root Server Controversy

One of the most lively controversies that has been created by the commercial explosion of the Internet involves a technology that was originally designed to do nothing more than provide a convenient way of finding remote hosts on the early Internet. Domain names are the hot electronic real estate of the 1990s, and have quickly become a scarce resource. The controversy boils down to how the names should be allocated, and more importantly, how the namespace should be expanded. But as we shall show, the answer to the second question will have to be different from the usual anarchistic democracy of Internet "engineering."

Jon Postel and the Early Days

On the early ARPANet, a canonical list of all hostnames was maintained by one person, Jon Postel, in one file, "HOSTS.TXT". Working under government research grant at UCLA, Postel also edited the Request for Comments series, the "documents of record" of the ARPANet, and later the Internet. RFCs were published on paper by the Stanford Research Institute (also under DARPA contract), though soon found their way

onto the budding network.

In the early 1980s, the explosion of LANs, PCs, and UNIX workstations, and the growing needs of internetworking necessitated the invention of a distributed name-to-numerical address translation system. And so, the Domain Name System was born, and Jon Postel and his colleagues, under the auspices of USC's Information Sciences Institute, were given control of the root servers. (SRI was responsible for seeing that domain names were dutifully registered with the servers.) The combined functions of Postel and SRI, which also included the allocation of IP numbers, was given the umbrella title of the Internet Assigned Numbers Authority (IANA).

In 1992, Network Solutions, Inc. (NSI) was awarded a contract from the National Science Foundation to take over the running of the DNS servers and registry of Top Level Domains (TLDs, like .gov and .edu). The eventual commercial and political implications of this decision - and subsequent NSI policy choices - were apparently not foreseen at the time. In order to appreciate the fully complexity of the current crisis, some technical exploration of the DNS system is necessary.

How DNS works

In this example, the user's computer (beland.mit.edu) is configured to direct DNS queries to the local MIT servers. As the diagram shows, strawb.mit.edu has a database which includes information (the IP address) on where to find other computers in its domain, like www.mit.edu, in order to download content (in this case via an HTTP connection).

The user may also find the computer www.amazon.com by an indirect route. The request for the Amazon Web server's IP address is first sent to strawb.mit.edu, which determines the request should be referred to the next-closest machine likely to be knowledgeable about the name in question. In this case, the "D" root server handles the query, locates the ".com" database, and determines that a referral to the machine ns.amazon.com is in order. Finally, the Amazon DNS server knows where to find the desired web server, and sends the appropriate IP address (208.216.128.15) back to the user's computer.

Divisions of Responsibility

Currently, the IANA, operated by ISI/USC (until 1998 under the direction of the late Jon Postel) still manages the RFCs and assigns assorted minor Internet protocols classification numbers. IANA is also responsible for allocating unique series of IP addresses to ARIN (American Registry for Internet Numbers), RIPE (Reseaux IP Europeens), and APNIC (Asian Pacific Network Information Center), which sub-allocate addresses to large ISPs in North America, Europe, and the Asia/Pacific region, respectively. Addresses are then sub-allocated again to smaller ISPs and eventually individual users and hosts.

The InterNIC, the registry for generic Top Level Domains, gTLDs, is operated by government contract with NSI, which charges fees for registrants of .com, .org., and .net. (NSF sponsors .edu and .gov domains.) Coordination of subdomains is left to the registrants; country code Top Level Domains (ccTLDs) are generally managed by some agency in the country in question. However, there has been some controversy as to the qualifications that ccTLD administrators must have; in particular, they might not be affiliated with - or even approved by - the national government.

The thirteen root servers are owned and operated by a variety of organizations around the world, about half of which are agencies or research partners of the US government. The actual equipment in United States is distributed among seven sites in California, Maryland, and Virginia. Foreign servers are located in Keio (Japan), London, and Stockholm. By mutual agreement, the databases are synchronized with NSI's master "A" root server database.

The Alternate Root Server Dilemma

"Alternate" root servers arose in 1996, partly in protest over the NSI "monopoly" over gTLDs. While there have been many proposals to extend the "official" gTLD list from the current six, NSF and InterNIC have not done so. However, nothing in the DNS protocols _requires_ all DNS software to defer to any particular set of root servers. Alternate servers seek to challenge this government-sponsored monopoly, but in doing so, threaten two essential features of domain space, as it was originally envisioned - uniqueness and universality.

The illustrated example, above, shows three popular alternative services, AlterNIC, eDNS ("e" for "enhanced"), and name.space. AlterNIC sports such new gTLDs as .bank, .asia, .games, .kids, .radio, .wired, and .xxx; name.space operates an installed base of DNS servers in New York, San Jose, Amsterdam, and several Scandinavian countries.

In order to be able to resolve domain names offered by these organizations, users must either operate their own DNS servers, or convince their local system administrator (most likely an ISP) to reconfigure the DNS software to point at the alternate servers.

To illustrate how this works, let us return to the example. As a general rule, to successfully resolve a hostname into an IP address, a DNS server must either have the information in its own database, or know (perhaps after a series of queries or referrals) where to find a server that does. In the diagram, the "reconfigured user" is a believer in AlterNIC, and has directed all DNS queries to its servers. This allows the user's computer to access some new AlterNIC-run domains, like .kids and .xxx, and also the traditional gTLDs like com, because the AlterServers can refer those requests to the conventional root servers.

This user may decide to create a hot new web site at celebrities.xxx, and advertise it via some mailing lists. Unfortunately, when Joe User, who is a customer of a dialup ISP (like AOL, Compuserve, or any one of hundreds of local providers) that does not use AlterNIC (like the vast majority of Internet users). Joe will not be able to access this new site, because the conventional root servers (nor any other DNS server in Joe's chain) point back to AlterNIC. Moreover, Joe's favorite search engines can't find the site, because their equipment does not use AlterNIC either. Universality has been destroyed.

Now consider eDNS, a competing service. eDNS users (like our doomed theoretical friend) cannot use any domains AlterNIC has created, because eDNS will obviously not refer users there. In fact, eDNS might decide to (or accidentally) create some of the same gTLDs as AlterNIC. Even worse, eDNS may rather unintelligently try to undermine the NSI .com domain by constructing a conflicting registry. The doomed user in the diagram is thus directed to a "renegade" amazon.com instead of the "real" domain he or she was probably expecting. In both cases, uniqueness has been destroyed.

The splintering of the DNS hierarchy would probably be a economic disaster for businesses trying to establish name recognition online, not to mention an inconvenience to users. Fortunately, alternative domain name servers have not gained much popularity.

The United States government is now finding itself in the undesirable position of having to respond to demands to break the NSI monopoly to allow competition in TLDs, while simultaneously trying to maintain the uniqueness and universality of the namespace. The government's proposed solution is at the heart of a most current controversy...and the next section.

As is apparent from the history, domain names were initially administered by the US government. More recently, the government delegated that responsibility, through contracts, to the Internet Assigned Numbers Authority (IANA) and Network Solutions, Inc. (NSI). IANA has administered the Internet address system since Jon Postel helped to invent it over 30 years ago. IANA assigns the numbers that give domain names their address. NSI registers the actual names on top level domains of ".com," ".org," and ".net."

With the increasing globalization and commercialization of the Internet, it is clear that it is no longer appropriate, nor is it possible, for the US to retain control over the domain name system (DNS). Instead, the US government has been seeking an alternative form of Internet governance. While there are several options of possible governance, the US government has proposed a unique and novel plan - the development of a private, not-for-profit organization representing the global Internet community. "The transfer of Internet assets and authority from the U.S. Government to the New Corporation represents a major departure for the private administration of a global resource." The US proposal calls upon the Internet industry to fulfill a daunting task: "build the international, nonprofit corporation that will eventually govern one of the most important resources for the next century."

While the proposal for the new organization might appear to create simply another "geeky technical standards group," it is actually "the beginning of something big - a unique form of government for the global Internet." Commentators have referred to the creation of this company as a Constitutional Convention. "If there is going to be this one entity that has a great deal of power, you’d have to say that the process of deciding how that power will be exercised is