Security gap makes B2Bs wary of e-markets
Share this content

The first study into the legal aspects of online B2B trade says that companies should say ‘no safety, no sale’, and that e-marketplaces should issue contracts, respect confidentiality and ensure security.

“Companies have every right to feel uneasy about sharing their data in e-marketplaces,” said Jaap Favier, senior analyst at Forrester. “In the offline world, companies sign non-disclosure agreements all the time. Importantly, the EU’s strict digital-privacy laws apply to individuals and not to companies, so corporate data provided to an online exchange doesn’t fall under EU law.”

“The EC filled a significant security gap when it issued the EU Directive on Digital Signatures, but beyond that, the law takes a hands-off approach: eMarketplaces don’t have to install online locks, alarms, and vaults, nor do they have to guarantee that their technical measures create a secure trading place,” Favier added.

To make B2B exchanges succeed, the report advises that buyers and sellers get to know each other’s identity and contractual terms before they complete a transaction. Participants should set up disclosure levels to ensure that sensitive data can’t reach their competitors. Contracts from e-marketplaces must explicitly state that owners of the Net market have the same status as members – to prevent them from snooping into data and to remove concerns about abuse of market information. Firms will reward e-marketplaces that listen with more business.

Net markets should redesign their security, and should check continuously that users have security clearance for every page they visit. Only authorized buyers and sellers should get access to pages with other members’ contract terms and conditions.

“Members must demand that an e-marketplace accepts liability for correctness and timeliness of all distributed data,” Favier continued. “Users should require it to indemnify members in cases of processing errors, and walk away from markets that won’t comply. But liability will work both ways – members must guarantee legality by not sending data that could be harmful or infringe on copyrights. Should a dispute make it to court, the Rome Convention leaves the choice of law and court up to the contracting parties, and European participants must require jurisdiction and applicable law in the EU.”

For the report ‘eMarketplaces Face The Law’ Forrester spoke with 40 European companies that participate in e-marketplaces, and interviewed five help providers involved in setting up more than 100 marketplaces combined. Additionally, Forrester spoke with Paul Timmers, head of sector for e-commerce at the European Commission, and analyzed all legal and regulatory matters in close cooperation with four leading international law firms.

Forrester Research is an independent Internet research firm, analyzing technology change and its impact on business, consumers, and society. Established in 1983, Forrester is headquartered in Cambridge, Massachusetts; its European Research Center is in Amsterdam, Netherlands, and its UK research centre is in London.

Forrester Research


Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.