The Silver Lining Of Internet Regulation: A Regulatory Impact Assessment

from the will-this-regulation-harm-the-internet? dept

To design better regulation for the Internet, it is important to understand two things: the first one is that today’s Internet, despite how much it has evolved, still continues to depend on its original architecture; and, the second relates to how preserving this design is important for drafting regulation that is fit for purpose. On top of this, the Internet invites a certain way of networking ? let’s call it the Internet way of networking. There are many types of networking out there, but the Internet way ensures interoperability and global reach, operates on building blocks that are agile, while its decentralized management and general purpose further ensure its resilience and flexibility. Rationalizing this, however, can be daunting because the Internet is multifaceted, which makes its regulation complicated. The entire regulatory process involves the reconciliation of a complex mix of technology and social rules that can be incompatible and, in some cases, irreconcilable. Policy makers, therefore, are frequently required to make tough choices, which often manage to strike the desired balance, while, other times, they lead to a series of unintended consequences.

Europe’s General Data Protection Regulation (GDPR) is a good example. The purpose of the regulation was simple: fix privacy by providing a framework that would allow users to understand how their data is being used, while forcing businesses to alter the way they treat the data of their customers. The GDPR was set to create much-needed standards for privacy in the Internet and, despite continuous enforcement and compliance challenges, this has majorly been achieved. But, when it comes to the effect it has had on the Internet, the GDPR has posed some challenges. Almost two months after going into effect, it was reported that more than 1000 websites were affected, becoming unavailable to European users. And, even now, two years after, fragmentation continues to be an issue.

So, what is there to do? How can policy makers strike a balance between addressing social harms online and policies that do not harm the Internet?

A starting point is to perform a regulatory impact assessment for the Internet. It a tested method of policy analysis, intended to assist policy makers in the design, implementation and monitoring of improvements to the regulatory system; it provides the methodology for producing high quality regulation, which can, in turn, allow for sustainable development, market growth and constant innovation. A regulatory impact assessment constitutes a tool that ensures regulation is proportional (appropriate to the size of the problem it seeks to address), targeted (focused and without causing any unintended consequences), predictable (it creates legal certainty), accountable (in terms of actions and outcomes) and, transparent (on how decisions are made).

This type of thinking can work to the advantage of the Internet. The Internet is an intricate system of interconnected networks that operates according to certain rules. It consists of a set of fundamental properties that contribute to its flexible and agile character, while ensuring its continuous relevance and constant ability to support emerging technologies; it is self-perpetuating in the sense that it systematically evolves while its foundation remains intact. Understanding and preserving the idiosyncrasy of the Internet should be key in understanding how best to approach regulation.

In general, determining the context, scope and breadth of Internet regulation is important to determine whether regulation is needed and the impact it may have. Asking questions that under normal circumstances policy makers contemplate when seeking to make informed choices is the first step. These include: Does the proposed new rule solve the problem and achieve the desired outcome? Does it balance problem reduction with other concerns, such as costs? Does it result in a fair distribution of the costs and benefits across segments of society? Is it legitimate, credible and, trustworthy? But, there should be an additional question: Does the regulation create any consequences for the Internet?

Actively seeking answers to these questions is vital because regulation is generally risky, and risks arise from acting as well as from not acting. To appreciate this, imagine if the choices made in the early days of the Internet dictated a high regulatory regime in the deployment of advanced telecommunications and information technologies. The Internet would, most certainly, not be able to evolve the way it has and, equally the quality of regulation would suffer.

In this context, the scope of regulation is important. The fundamental problem with much of the current Internet regulation is that it seeks to fix social problems by interfering with the underlying technology of the Internet. Across a wide range of policymaking, we know that solely technical fixes rarely fix social problems. It is important that governments do not regulate aspects of the Internet that could be seen as compromising network interoperability, to solve societal problems. This is a “category error” or, more elaborately, a misunderstanding of the technical design and boundaries of the Internet. Such a misunderstanding tends to confuse the salient similarities and differences between the problem and where this problem occurs; it not only fails to tackle the root of the problem but causes damage to the networks we all rely on. Take, for instance, data localization rules, which seek to force data to remain within certain geographical boundaries. Various countries, most recently India, are trying to forcibly localize data, and risk impeding the openness and accessibility of the global Internet. Data will not be able to flow uninterrupted on the basis of network efficiency; rather, special arrangements will need to be put in place in order for that data to stay within the confines of a jurisdiction. The result will be increased barriers to entry, to the detriment of users, businesses and governments seeking to access the Internet. Ultimately, forced data localization makes the Internet less resilient, less global, more costly, and less valuable.

This is where a regulatory risk impact analysis can come in handy. Generally, what the introduction of a risk impact analysis does is that it shows how policy makers can make informed choices about how some of the regulatory claims can or cannot possibly be true. This would require a shift in the behavior of policy makers from solely focusing on process to a more performance-oriented and result-based approach.

This sounds more difficult than it actually is. Jurisdictions around the world are accustomed to performing regulatory impact assessments which has successfully been integrated in many governments’ policy making process for more than 35 years. So, why can’t it be part of Internet regulation?

Dr. Konstantinos Komaitis is the Senior Director, Policy Strategy and Development at the Internet Society.

Filed Under: , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The Silver Lining Of Internet Regulation: A Regulatory Impact Assessment”

Subscribe: RSS Leave a comment
4 Comments
Anonymous Coward says:

The private internet of the future

We are all going to find out that the entire world is able to snoope on your internet browsing and a revolution will quickly react with unbreakable encrypted packets shifting back and forth with telltales to let you know if it has been opened by anyone other than the intended recipient. Quantum mechanics has some awesome properties we can exploit for our privacy needs.

Not an Electronic Rodent (profile) says:

Re: The private internet of the future

We are all going to find out that the entire world is able to snoope on your internet browsing and a revolution will quickly react with unbreakable encrypted packets shifting back and forth with telltales to let you know if it has been opened by anyone other than the intended recipient.

Unfortunately, the former has been true for years, indeed decades, and few people care. Many people who do care are trying to go the other way and make it worse.

Suspension of respiration pending latter outcome is considered sill-advised…

This comment has been flagged by the community. Click here to show it.

Not an Electronic Rodent (profile) says:

*Those* are the questions??

Does the proposed new rule solve the problem and achieve the desired outcome? Does it balance problem reduction with other concerns, such as costs? Does it result in a fair distribution of the costs and benefits across segments of society? Is it legitimate, credible and, trustworthy? But, there should be an additional question: Does the regulation create any consequences for the Internet?

That sounds eminently sane, so why is it that observation suggests the questions lawmakers actually ask are more along the lines of:
Am I taking a wild swing at a hot-button issue of the moment?
Can I blame the tech sector for the problem and sound marginally plausible?
Will my wild-ass "solution" sound plausible to anyone as unfamiliar with the workings of the internet as I am?
More importantly, will the "solution" appeal to my chosen target demographic of voters?
Am I going to look good in the news grandstanding and railing about how those evil tech companies are being obstructive?

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...