W3C home > Mailing lists > Public > public-webpayments@w3.org > May 2015

Re: The Payments Architecture within which a Web Payments Architecture occurs

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Fri, 15 May 2015 01:50:54 -0400
Message-ID: <5555893E.6090300@digitalbazaar.com>
To: public-webpayments@w3.org
On 05/15/2015 12:51 AM, Joseph Potvin wrote:
> Some respectful challenges to Manu's comments:

Some respectful responses follow. :P

> RE: "Regulations and formal law are reactionary beasts."
> Litigation, generally yes. But there are indeed lawyers whose writing
> of civil code is similar in context to writing source code. Your
> under-estimate the realm of law.

We're talking past each other.

I said that in response to what you said here:

> The W3C has no workable choice but to take as given what payment 
> systems are deemed to be in law, and how the governance of payment 
> systems are regulated in law.

Melvin raised the point that the laws as they stand today aren't clear
in some of these areas and it's very difficult to get a regulator to
provide an opinion on a software system that's not in production.

So, what you're saying doesn't cover us in the way you seem to be
implying, but perhaps I'm misunderstanding.

We know the regulatory stuff is difficult because we've tried to get the
regulators to say how they'd regulate some of the new payment systems
that are being created. In most every case I've personally experienced
(and we've written to 50+ regulatory bodies asking for a formal opinion
on some of these systems) they've refused to provide anything that even
closely resembles a binding opinion even if the system didn't violate
any law.

It's not that I underestimate the realm of law. It's that we have real
experience doing what you're saying we should do and the outcome in
almost every case where there was no legal reason we couldn't do what we
were trying to do was: "What you're doing /seems like/ it's legal and
within regulatory parameters, but we still reserve the right to bring
legal action against you later."

My point is that even if we go through the pain of getting a legal
opinion, it's not really worth much unless the legal opinion finds that
we're clearly violating some law somewhere. We're already pursuing the
"find out if we're clearly violating a law or regulation" route by
engaging lawyers to tell us if they think we are. However, the best
answer we can get back is "No, we don't think so, but that doesn't mean
you won't see litigation."

> RE: "To be clear, the WPIG in no way, shape, or form is going to do 
> something that willfully violates known regulations"
> But what of the obligation to make sure the WPIG is effectively 
> knowledgable of the underlying global-level foundations of the 
> relevant laws and regulations?  For example, has the WPIG assessed 
> its work in relation to the UNICTRAL Model Law on e-Commerce? 
> http://www.uncitral.org/pdf/english/texts/electcom/05-89450_Ebook.pdf

No, we haven't done that yet as it would be premature - there is no
solidified Web Payments Architecture yet.

Can you recommend a lawyer that will do good pro-bono analysis of how
that document relates to the Web Payments work? Better yet, do you think
UNICTRAL would do an analysis of the Web Payments Architecture against
all their relevant documents and provide a binding opinion?

We'd happily take them up on that if they were willing.

> (BTW -- that comes from 1996. I think you'll argree that it was 
> rather forward-thinking for its time, if we set aside the assumption
>  or bias that IF it's a UN org, THEN it must be slow and 
> bureaucratic.)

You can be forward thinking /and/ slow and bureaucratic. :)

> RE: "Theoretical architectural concerns, legal theory, and
> regulatory theory rarely enter the discussion unless it's clear that
> not thinking about them is going to create a deployment problem."
> Manu, that's like saying to a bridge engineer: "Theoretical 
> mathematics concerns, physics theory, and systems theory rarely enter
> the discussion unless it's clear that not thinking about them is
> going to create a deployment problem." Uhh, ya well, good luck.

That's not what I mean. Clearly, applying science when solving a problem
is important. I prefaced the statement above with this:

> In general, W3C Working Groups care about solving real problems, real
> interoperability, technical excellence, and serving the needs of
> everyone that uses the Web.

The point being that W3C prioritizes solving real problems first and
theoretical problems (aka non-existent) second. You seem to be raising a
number of theoretical problems "what if regulators ding you?" rather
than pointing out real problems like "you're violating BIS FPMI
Principle #21, and that will result in X happening".

Your point that we need to be more aware of the legal and regulatory
landscape is taken. However, I think the group knows that and is
counting on the lawyers in this group and the IG to point out when we go

Asking for us to analyze some 250 page legal document to become aware is
not going to have the desired outcome because:

1. We are not lawyers.
2. It requires far more bandwidth than we have.
3. It has little to do with the technology being created, or if it does
   have something to do with the technology being created, no one has
   been able to clearly articulate exactly how and in what way.

> RE: "We should be very careful about suggesting that we put something
> in the critical path, like waiting on changes in UNCITRAL or ITU, to
> make progress.
> As mentioned, AFAICT everything being sought under the W3C WP IG is 
> nicely accommodated the complementary standards, so this FUD about 
> "waiting on changes" is a red herring.

You said this:

> The thought I'm attempting to underline is that a Web Payments 
> Technical Architecture must point to an explicit external source
> that provides a generic Payments Achitecture, preferably one provided
> and maintained by a genuine global standards body, or something that
> in effect serves that function.

A generic Payments Architecture document does not exist. I don't count
that BIS document you pointed to as a "generic Payments Architecture".
Since that document doesn't exist and it's not in W3C's purview to
create it, it seemed as if you were suggesting a 10 year initiative to
create that document so that W3C could refer to it.

> RE:  If the creation of the Web took that path
> Um, actually, it did as you well know. It's called the W3C.

No, it didn't. One of the reasons the W3C specifically steered clear of
ITU and ISO is because the standard cycles were so painfully long and
the process was closed. The W3C Process is setup so that we can make
rapid progress, in view of the public, driven by implementations, not
lawyering. While it's important to liaise the UN, ITU, and ISO, let's
not put them in the critical path. That's the point I was making.

-- manu

Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: The Marathonic Dawn of Web Payments
Received on Friday, 15 May 2015 05:51:19 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:40 UTC