banner1.gif (23790 bytes)

Electronic Data Interchange (EDI) and the Law

By Eric S. Freibrun, Esq.

Electronic Data Interchange (EDI) is the exchange and conduct of routine business transactions in a computer-processable electronic format. Typical applications include purchase orders, acknowledgments, pricing schedules, order status inquiries, shipping and receiving scheduling and confirmation, invoices, and payments. EDI is, in essence, electronic paperless contracting between two commercial parties.

EDI has been in use for over twenty years, in various formats, and originated as companies sought to develop more efficient means to conduct business. The availability and advance of computer and telecommunications technologies presented an opportunity to enhance the efficiency of many paper-based business processes. In the late 1970s, the American National Standards Institute began developing the first of many sets of domestic and international standards for data communication, and this process continues as the technologies evolve.

EDI has proven itself as a viable means of expediting and facilitating binding contractual relationships between commercial parties. Notwithstanding that EDI trading partners may intend to be contractually bound by the terms of their electronic transactions, the law is very unclear on the question of whether EDI contracts are legally enforceable. This issue becomes increasing relevant as large companies continue to require not only their most important larger trading partners, but even their smallest suppliers, to conduct business with them electronically. Further, fraud in electronic funds transfer has been increasing, highlighting the potential weaknesses of current electronic communications techniques and record keeping. As technologies advance, we can only expect EDI volume to increase, with billions of dollars changing hands -- pursuant to "contracts" whose legal enforceability is questionable. As there are no reported cases on EDI or any U.S. federal or state laws dealing directly with the subject (except for a federal regulation concerning uniform data transmission standards for federal agencies), commercial parties trading by EDI do so in a world of legal uncertainty.

To be enforceable, a contract must have these three basic elements: offer, acceptance and consideration. If the parties intend their EDI transactions to be enforceable as contracts, the transaction sets (the various electronic data, messages and signals constituting the EDI transaction) must contain all the information traditionally necessary to form a paper contract. EDI contracts typically comport with these requirements by communicating a purchase order transaction set (the offer); a purchase order acknowledgment transaction set (the acceptance); and an electronic payment (the consideration).

Are EDI contracts enforceable? The short answer is probably yes, if one analogizes from the law applicable to conventional paper contracts signed by real people. Since EDI typically involves the transfer of goods between merchants, the Uniform Commercial Code ("UCC") will likely apply and its provisions liberally interpreted to facilitate the formation of legally enforceable commercial contracts. At a minimum, the "statute of frauds" requirements of the UCC must be met -- the contract must be signed and in writing if it involves the sale of goods for over $500. But EDI transactions are not in writing nor do they involve a human signature.

The UCC requires a written contract to be "signed by the party against whom enforcement is sought" in order to authenticate the document, to verify that it does indeed originate from its identified source. Some flexibility is permitted as to the form of authentication, e.g. any symbol or signature can be used if the intent is to authenticate. EDI transactions can be electronically "signed" by containing within their data streams algorithms which authenticate the identity of the sender, in effect acting as a "password" -- the electronic equivalent of a personal signature. This password can be read by the recipient by means of an electronic "key." If EDI trading partners agree upon the method of authentication to be used in their EDI transactions which they intend to serve as binding agreements, it seems logical that the law should regard these transactions as legally binding consistent with the parties' intent. Yet, as the UCC does not define the meaning of "authenticate," it is impossible to determine the precise legal requirements for EDI signatures.

Whether an EDI transaction set can be considered a "writing" under the UCC statute of fraud requirements is also an entirely unsettled legal question. The definition of "writing" under the UCC includes "any...intentional reduction to tangible form." Yet electronically executed contracts are not clearly defined as included in this definition, either by the UCC or case law. Nevertheless, because EDI transactions are the "digital analogs" of written contracts -- their electronic equivalents -- they should be as enforceable as conventional paper contracts, provided they can be properly authenticated.

Various organizations exist to assist companies engaging in EDI or contemplating doing so by providing guidelines and data transmission standards. Examples include the Data Interchange Standards Association, located in Alexandria, Virginia, and the International Chamber of Commerce. But the best way for EDI trading partners to increase the odds that their EDI transactions will be legally enforceable is to enter into an EDI Trading Partner Agreement.

Trading Partner Agreements are written contracts between two or more parties wishing to trade electronically via EDI or related technologies. At a minimum, the agreement should express the parties' intention that their EDI transactions be considered as valid and enforceable as conventional paper contracts. It should further address apportionment of risk (especially where third party data transmission service providers are used), security procedures, signature definitions, the definition of receipt of a communication, business issues generally contained in standard purchase order terms, the need for confidentiality of certain data, statute of frauds issues (e.g. identifying legal theories by which applicable "signed writing" requirements may be deemed satisfied), arbitration and miscellaneous items such as agreed upon transaction sets and data transmission standards and protocols.

With respect to EDI, commercial law has not kept pace with commercial practice. Until legislatures address EDI legal issues, a comprehensive EDI Trading Partner Agreement remains the best means by which trading partners can define the nature and scope of their EDI trading relationship, and bolster the enforceability of their EDI transactions.

Attorney Eric Freibrun specializes in Computer law and Intellectual Property protection, providing legal services to information technology vendors and users. Tel.: 847-562-0099; Fax: 847-562-0033; E-mail:

Copyright Eric S. Freibrun, Esq., Law Offices of Eric S. Freibrun, Ltd. All rights reserved.