The recent revelation that more than 50m Facebook profiles were harvested by app and given to political consultancy Cambridge Analytica has produced a backlash against the platform. But it is just the latest example of the risks associated with the internet, which forms the core of today’s digital revolution.
Over the last 15 years or so, mobile internet has rapidly increased not just the number of people who are connected to the internet, and thus able to participate in the digital economy, but also the frequency and ease with which they can connect. From GPS navigation to ride-sharing platforms to mobile-payment systems, on-the-go connectivity has had a far-reaching impact on people’s lives and livelihoods.
For years, it was widely believed that an open internet — with standardised protocols but few regulations — would naturally serve the best interests of users, communities, countries, and the global economy. But major risks have emerged, including monopoly power for mega-platforms like Facebook and Google; vulnerability to attacks on critical infrastructure, including financial-market systems and electoral processes; and threats to privacy and the security of data and intellectual property. Fundamental questions about the internet’s impact on political allegiance, social cohesion, citizen awareness and engagement, and childhood development also remain.
As the internet and digital technologies penetrate economies and societies more deeply, these risks and vulnerabilities become increasingly acute. And, so far, the predominant approach to managing them in the West —self-regulation by the companies that provide the services and own the data — does not seem to be working. Major platforms can’t be expected to remove “objectionable” content, for example, without guidelines from regulators or courts.
Given this, we seem to be facing a new transition from the open internet of the past to one subject to more extensive control. But this process carries risks of its own.
Though there is a strong case for international co-operation, such an approach seems unlikely in the current climate of protectionism and unilateralism. It is not even clear that countries will agree to treaties banning cyber warfare. Even if some semblance of international co-operation were mustered, non-state actors would continue to act as spoilers — or worse.
Against this background, it seems likely that new regulations will be initiated largely by individual states, which will have to answer difficult questions. Who is responsible — and liable — for data security? Should the state have access to user data, and for what purposes? Will users be allowed to maintain anonymity online?
Countries’ answers to such questions will vary widely, owing to fundamental differences in their values, principles, and governance structures. For example, in China, the authorities filter content deemed to be inconsistent with state interests; in the west, there is no entity with legitimate authority to filter content, except in extreme cases (for example, hate speech and child pornography). Even in areas where there does seem to be some consensus — such as the unacceptability of disinformation or of foreign meddling in electoral processes — there is no agreement on the appropriate remedy.
The lack of consensus or co-operation could lead to the emergence of national digital borders, which would not only inhibit flows of data and information, but also disrupt trade, supply chains, and cross-border investment. Already, most US-based technology platforms cannot operate in China, because they cannot or will not accept the authorities’ rules about state access to data and control over content.
Meanwhile, the US has blocked the Chinese company Huawei from investing in software startups, providing network equipment to wireless carriers, or (along with ZTE) selling mobile phones in the US market, owing to the firm’s alleged ties to the Chinese government. Huawei and ZTE both maintain their activities are purely commercial and that they play by the rules wherever they operate. US officials continue to insist the companies pose a security risk.
By contrast, nearly all European countries, including Britain, are receptive to Huawei and ZTE, both of which are major players in Europe. Yet Europe is creating its own barriers, with new data-protection and privacy rules that may well impede the application of machine learning. Unlike China and the US, Europe is not yet home to a mega-platform of the type that is leading the way in machine-learning innovations.
With the entire global economy becoming inextricably linked to the Internet and digital technologies, stronger regulation is more important than ever. But if that regulation is fragmented, clumsy, heavy-handed, or inconsistent, the consequences for economic integration — and, in turn, prosperity — could be severe.