Ten Principles for a New Approach to Regulating the Internet

Elizabeth Warren wants to be the Democrat nominee in the 2020 presidential election. Last week she added a new promise to her manifesto: "It's time to break up Amazon, Google and Facebook," she announced. This is not a natural for the modern American psyche -- success should be rewarded, not challenged. But she believes the current generation of tech giants are unfairly stifling the next generation of tech success.

"I want to make sure that the next generation of great American tech companies can flourish. To do that, we need to stop this generation of big tech companies from throwing around their political power to shape the rules in their favor and throwing around their economic power to snuff out or buy up every potential competitor," she said. She calls out Facebook buying Instagram and WhatsApp, Amazon forcing Diapers.com to sell at a discounted rate, and Google buying Waze (2013) and DoubleClick (2007) as examples.

The problem for the tech giants is that this is not just a little local difficulty -- there seems to be a worldwide groundswell of concern over the power of the tech giants. A UK parliamentary committee has already described them as acting like 'digital gangsters'. This weekend, the UK House of Lords Select Committee on Communications published a new report (PDF): 'Regulating in a digital world'.

The Lords report covers similar ground to Warren. "Facebook's acquisition of Instagram was perhaps the biggest recent failure of regulation. Instagram was probably the greatest risk to Facebook's monopoly, although it was not providing exactly the same service: 'It was slicing off a part of Facebook that people engage with very strongly, which was the photo-sharing part, and creating a social network that could quite healthily run parallel to Facebook'."

The report points out that big tech's misuse of personal data makes the case for further regulation compelling, but concludes: "The need for regulation goes beyond online harms. The digital world has become dominated by a small number of very large companies. These companies enjoy a substantial advantage, operating with an unprecedented knowledge of users and other businesses. Without intervention the largest tech companies are likely to gain more control of technologies which disseminate media content, extract data from the home and individuals or make decisions affecting people's lives."

It accepts that in the UK there are already more than a dozen digital world regulators -- but just as a patchwork of best-of-breed security can leave gaps in security, so a patchwork of regulators can leave gaps in regulation. "The digital world does not merely require more regulation but a different approach to regulation," say the Lords. There are two fundamentals to the report proposal: a set of ten agreed principles "that shape and frame all regulation of the internet", and a new Digital Authority to oversee regulation. 

"In this way," says the report, "the services that constitute the digital world can be held accountable to an agreed and enforceable set of principles."

The ten principles are:

Parity. This principle says that whatever is illegal offline should also be illegal online. The practice is not so easy. How can you enforce (as opposed to simply require) age limitations in cyber?

Accountability. There needs to be a process or processes to ensure that both individuals and organizations can be held to account for their actions. Microsoft argues that existing legislation needs to be better enforced, rather than new regulation introduced. But, concludes the report, "The evidence suggests that all parties, including internet platforms, regulators and governments, are failing to ensure access to redress."

Transparency. This is linked to accountability. Without transparency, accountability cannot be enforced. It is particularly important online because of the imbalance of power between the tech giants and their users. Last summer, Canadian company founder Jackson Cunningham, explained https://medium.com/@jacksoncunningham/digital-exile-how-i-got-banned-for... how he had been 'banned' by AirBNB, with no explanation and no appeal. "Weíre becoming increasingly dependent on a handful of major tech giants to get through our basic daily routine. Imagine waking up one day and no longer being able to check your Gmail, buy things on Amazon, or book an Uber." It is this sort of opaque and unaccountable behavior that worries the Lords' committee.

Openness. Openness is a difficult principle. The internet was built on the principle of openness; but one witness to the committee commented, ìchildrenís best interests have been ignored probably because of the utopian vision that all internet users would be treated equally.î But the report is equally concerned about challenges to that 'openness', and calls out net neutrality as a pre-requisite. It also notes that the practice of confining users within a 'walled garden' also threatens internet openness.

Privacy. Privacy is an obvious principle. Many people would assume it has been covered by GDPR, but the report suggests there is a gap between what the data protection framework provides and what users expect. It adds, "As technological development increasingly results in connected homes, cars and cities, the balance between convenience and privacy will require debate and must be reflected in clear standards."

Ethical design. The principle here is that internet technology should not be designed to take advantage of psychological insights. Online gaming is perhaps an example. Some games are psychologically designed to keep players online and paying for in-game extras -- the game is secondary to the absorption. The same happens with new applications, where the ability to acquire more personal data is the driving force rather than the benefits of the application.

Recognition of childhood. "Any principle-based approach to regulation," states the report, "must recognize childrenís rights, their legal status and the concept of childhood."

Respect for human rights and equality. The tech giants frequently stress how their platforms support human rights by protecting dissidents. However, just as they support rights, they can also take them away. Use of the internet is now so deeply embedded in everyone's everyday life that removal or impairment of access can affect how we live. "With these benefits come risks," notes the report. "Several witnesses discussed online abuse and harassment directed against specific groups according to gender, sexuality, race or religion." But it can also be accidental. The increasing and automatic use of algorithms for censorship within platforms can and does get things wrong.

Education and awareness-raising. The principle here is that this should not be left to parents, teachers and the government. "Tech companies which provide online services," says the report, "should take responsibility for providing educational tools and raising awareness, including raising awareness of how their services work and potential harms of using them."

Democratic accountability, proportionality and evidenced-based approach. In some ways, this final principle is directed more at the regulators than the internet companies. The committee seems to accept that bad laws are simply bad. But at the same time, self-regulation doesn't work. Regulation needs to be evidence-based. "In cases of high risk it may be appropriate to act to prevent harm before the evidence is conclusive." But if it proves to be a bad regulation, there may need to be some mechanism for reversing that regulation. 

In the United States, Elizabeth Warren wants to reduce the power of the big tech giants. In the UK and throughout Europe, there is growing interest in controlling and perhaps curtailing their power. These are just wish-lists; but are indicative of a worldwide concern that big tech has too great an influence on daily life of the people and political governance of the lawmakers. Together, these proposals indicate that internet companies should not consider GDPR as the final say in regulation, but perhaps just the entree to increasing and expanding regulation.

Related: Pocahontas Descendant on Sen. Elizabeth Warren's DNA test

Related: Ireland's Data Protection Commission Reports Multiple GDPR Investigations

Related: Google's $2.73 Billion Fine Demonstrates Importance of GDPR Compliance 

Related: German Competition Watchdog Demands More Control for Facebook Users 

Related: Is Facebook Out of Control? Investigations and Complaints Are Rising

view counter

Original author: Kevin Townsend
Mastercard to buy Ethoca to reduce fraud in digita...
Introducing the new challenger bank model
 

Comments

Already Registered? Login Here
No comments made yet. Be the first to submit a comment