Digital Platform Regulation - Impossible?

Digital platform regulation is in the spotlight again. Amid questions around competition, allegations of shortcomings in stewardship and lawsuits alleging negligence, calls to regulate digital platforms by governments, the media and civil society are louder than ever.

But this is a discordant chorus: its volume should not mask the wide divergence in approaches to platform regulation playing out round the world.

Allegations have been levelled at platforms for their role in amplifying hateful content during the violence in Myanmar. More recently, a lawsuit has been filed in Kenya against Meta on the basis that its recommendations systems magnified hateful and violent posts in the context of the Ethiopian civil war.

Elon Musk’s Twitter takeover has served as a further catalyst for wider discussions, notably in the press, on regulatory frameworks surrounding digital platforms. For example, with regards to Twitter’s compliance with the EU’s Digital Services Act, due to enter into force in 2024, censorship over journalists and issues surrounding anticompetitive practices mandated by the billionaire have faced criticism.

Elon Musk’s Twitter takeover has served as a further catalyst for wider discussions on regulatory frameworks surrounding digital platforms.

But the challenges posed by digital platform regulations cut both ways. Not all regulation is good regulation. In the absence of strong democratic institutions and appropriate checks and balances, they are likely to have a chilling effect on fundamental rights such as freedom of expression.

Concerns arise when governments leverage regulatory tools to reaffirm control over platforms without due process. In July 2022, the Economic Community of West African States (ECOWAS) Court ruled Nigeria’s ban on Twitter was a violation to freedom of expression, access to information and press freedom.

In some parts of the world, the rise of digital platforms has renegotiated long-standing settlements on the right to freedom of expression, which is deeply rooted in the International Covenant on Civil and Political Rights (ICCPR) and regional human rights treaties.

Striking The Right Balance

These trends and developments attest to three realities: First, the regulatory landscape surrounding digital platforms is a crowded – and increasingly fragmented – space. Second, as opposed to ‘classic’ power relationships between the state and individuals, digital platforms have grown into major and influential players in setting the boundaries and norms of freedom of expression and other rights. The social contract is now a negotiation between three parties.

It is precisely because of the power they hold that digital platforms are under such scrutiny: the question in most governments is no longer whether to regulate, but how?

Third, the question of digital platform regulation carries high stakes over the upholding of democratic values and human rights as the ‘digital public square’. It may even be argued that in some cases, digital platforms further the cause of democratic and timely participatory civic engagement.

Rapid and unfettered growth and a relative lack of licensing requirements, which digital platforms are generally not subject to in contrast with other forms of media (e.g., radio, television broadcasting, etc.) have propelled platforms into a critical societal role, and in doing so their terms of service have reshaped norms around freedom of expression.

It is precisely because of the power they hold that digital platforms are under such scrutiny: the question in most governments is no longer whether to regulate, but how.

Regulatory Trends

States and other governing bodies have been approaching the question of digital platform regulation differently leading to a fragmented regulatory landscape across the globe. Even within geographic or linguistic regions, legislation is often disparate and disconnected.

In Europe, the European Union’s Digital Services Act requires that clear terms of service and redress systems are in place for users; the publication of transparency reports; and the appointment by each member state of a national independent regulator as the digital service coordinator.

But neighbouring countries may choose not to align themselves with this approach. Belarus, Russia, and Turkey all put forward further restrictions on politicized content types (e.g., those offensive to public morality) and potential sanctions on individual platform employees or directors.

Globally recognized legal or normative frameworks, like international human rights, have not yet translated to digital spaces. Industry attempts to set rules – Facebook’s Oversight Board, for instance – have been welcomed but do not appear to have deterred governments from taking matters further.

Globally recognized legal or normative frameworks, like international human rights, have not yet translated to digital spaces.

Whether regulatory harmonization is feasible or desirable at all remains, however, debatable, particularly in light of countries’ respective priorities, norms, and legislative landscapes. It remains to be seen how platforms will manage regulatory regimes as divergent as those in Ireland and those in Indonesia, or manage the expectations of lawmakers in the US where most platforms call home.

Risk Mitigation & Solutions 

There remains little international agreement on a model to regulate digital platforms and it is unrealistic to hope for a ‘one-size-fits-all’ approach in light of diverse local democratic contexts. Local laws and customs, sociopolitical realities on the ground, the standing of human rights approaches, as well as the power relationships between the state, the people, and other private entities, all differ from country to country, and all inform national approaches to platforms.

Nevertheless, policymakers, legislators, the tech industry and other key stakeholders must take into account the following considerations to mitigate and reduce risks of human rights violations, and ultimately foster digital platforms and technologies made by all and for all:

The right balance must be struck to provide for an appropriate regulatory framework, taking into account:

  • Human rights compliance, and in particular with regards to the right to exercise freedom of speech, freedom of information, and privacy concerns; 
  • The need for safeguards against risks of harm, in particular against vulnerable users and parts of the population (e.g., children, minorities, etc.
  • The power relationships between powerful stakeholders on the one hand (i.e., states, platforms, shareholders) and the population on the other hand must be kept in check.

Discussions and deliberations surrounding the regulation of digital platforms, as well as the establishment of regional and international standards, or soft law, should be inclusive and of multistakeholder nature.

Governments should demonstrate greater political will to include civil society when shaping the regulatory landscape surrounding digital platforms.

Stakeholders with significant resources should facilitate and pave the way for inclusive and multistakeholder discussions both at the national and international levels, in addition to leveraging these resources to improve the general understanding on the dynamics and trends in a crowded and fast-paced space.

There is a need for digital platforms, in particular those bearing great presence (and influence) over the public to acknowledge the important role and influence they have; take responsibility over their approach to content moderation while preserving and safeguarding human rights norms; and engage with users across different regions in a more equal, non-discriminatory manner.

Processes established and/or led by the private sector to implement digital platform regulation must maintain a degree of democratic oversight - which must be inclusive and will inevitably lead to uncomfortable, but necessary, conversations.

Yasmin Afina is Research Associate, International Security Programme at Chatham House

You Might Also Read: 

Dissent Over British Internet Safety Laws:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Cyber Security Strategies Need To Evolve Alongside The Enterprise
Scandinavian Airline App Compromised »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

KPMG

KPMG

KPMG s a leading provider of professional services including information technology and cyber security consulting.

Verisec International

Verisec International

Verisec International AB is a Swedish Tech company focused since inception in enabling Trust in Digital Transactions, through the development of proprietary cutting-edge technologies and services.

CrowdStrike

CrowdStrike

CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

I-Tracing

I-Tracing

I-TRACING are experts in IT security, specialized in legal compliance of information systems, security of information systems, and the collection of digital evidence and traces.

StrongKey

StrongKey

StrongKey (formerly StrongAuth) is a leader in Enterprise Key Management Infrastructure, bringing new levels of capability and data security at a price point significantly lower than other solutions.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

Security Management Partners (SMP)

Security Management Partners (SMP)

Security Management Partners (SMP) is a trusted partner to financial services, healthcare and businesses that need to manage their information, securely.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Atlant Security

Atlant Security

Atlant Security is a cyber and IT security company offering consulting and implementation services.

Infoline Tec Group Berhad

Infoline Tec Group Berhad

Infoline Tec Group Berhad is principally involved in providing IT infrastructure solutions, cybersecurity service provider and solutions, managed IT and other IT services.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.

Netcraft

Netcraft

Netcraft is a global leader in cybercrime detection and disruption, combining cutting-edge technology with decades of experience to protect organizations of all sizes from digital threats and attacks.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.

Amtivo Group

Amtivo Group

Amtivo provides Certification, Inspection and Training services to national and local Government bodies, multi-nationals, enterprise clients and SMEs.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.