Regulating for Responsible Technology: Making the case for an Independent Internet Regulator

We see a need for a new independent regulator that will champion new digital social contracts and uphold common standards across government, big tech and emerging technologies.

In April I explained why Doteveryone is calling for an internet regulator — one that understands the nuances of the digital world and can develop new regulatory approaches to keep up with fast-moving technological change.

Our People, Power and Technology research has shown people are concerned about the impacts of the internet on society. They feel disempowered in the face of technologies and have a strong appetite for greater accountability, from both private and public sector organisations, that are creating and using digital technologies everyday.

Over the past 2 months, with input from regulators, technologists, ethicists, legal specialists and data experts, we’ve been exploring how regulation can answer this call for more accountability.

Our new report, Regulating for Responsible Technology: Making the case for an Independent Internet Regulator brings together those discussions and outlines our vision for a new independent internet regulator.

So what’s the current situation with internet regulation?

“Regulation” covers a wide spectrum of activities, from enforcing legislation to horizon scanning for emerging digital issues, and there are countless responsibilities a regulator could hold. The challenge for us was to understand how a new body could fit into the UK’s already-crowded regulatory system, see what’s already working well and consider how regulators’ current approaches stand up to the challenges of the digital age.

In mapping the UK’s current regulation we found the following common trends:

  • Regulators are reactive, not proactive. Regulatory bodies are hesitant to regulate for hypothetical future problems, meaning they only take action once the impact of a technology is already being felt. The pace of technological change dwarfs the speed at which many regulators can react, meaning they are often left playing catch-up.
  • Digital capacity is lacking. Many regulators are struggling to build up the expertise needed to understand the complexities of emerging (and to some extent existing) digital technologies. Those that do have the right skills are often under-resourced. Cambridge Analytica whistleblower Christopher Wylie’s recent comments to the Digital, Culture, Media and Sport Committee sum up these problems: “One of the weak points of the ICO is the lack of technical people. The fact is, they’ve had to ask me a lot of questions that a database engineer would not ask”.
  • Cross-sectoral issues have a tendency to fall through the gaps. As innovations such as the Internet of Things and artificial intelligence proliferate through a vast range of previously analogue sectors, the boundaries between traditional sectors are becoming increasingly blurred. These grey areas between regulators and sectors allow some practices to evade scrutiny. Taking targeted digital advertising based on personal data as an example, the Advertising Standards Agency and ICO’s remits both touch upon the issue yet neither are currently taking ownership of it.
  • Social harms get crowded out. With issues such as individual data rights and security taking up much of the media and regulatory agenda, the impacts of digital technologies on society as a whole are given less attention. During our consultation, issues such as the impact of technology on inequality and digital device addiction were explicitly highlighted as needing more regulation.
  • The public needs more agency. An informed public that know how to stand up for their rights when they’ve been breached is a fundamental part of building accountability. Outside of the ICO’s protection of data rights, Ofcom and the Ombudsman Services (whose remits’ are limited to internet providers) there are few routes for the public to settle disputes with digital services and platforms outside of the courts.

And what should an independent regulator do?

Against this backdrop, we see a need for a new independent regulator that will champion new digital social contracts and uphold common standards across government, big tech and emerging technologies. We recommend several potential roles for this new body, including:

  • Building up regulators’ digital capabilities to match the tech sector so they can scrutinise the underlying technical structures of digital technologies. This may include auditing design processes, conducting independent impact assessments at an early stage of a technology’s lifecycle and developing industry standards for responsible design.
  • Developing a collective long-term vision for an internet that
    works for the good of society.
    This would be through deep public consultations and collaboration between industry and the public sector. It would mean understanding the ethical implications of digital technologies but with a rooting them in a real-world environment.
  • Expanding horizon scanning and foresight activities to identify
    emerging digital challenges. Conducting studies to develop an evidence-base around social impacts.
  • Strengthening collaboration between regulators on technological
    challenges that cross over traditional sector boundaries.
  • Empowering the public to understand the impacts of digital
    technologies so people can make use of regulation.
  • Developing mechanisms for consumers, citizens, creators and civil
    society to seek redress
    for issues that fall in the gaps between existing
    regulatory mechanisms, and exploring how collective redress can be applied to digital issues.

But what’s next?

We can achieve more together than we can alone

Regulating for Responsible Technology: Making the case for an Independent Internet Regulator takes a sweeping look at digital regulation in the UK, surveying the gaps and outlining overarching principles for effective regulation in the digital age.

As a next step we’ll be exploring how these principles can be applied in practice. We’ll be adding flesh to the bones of this report and set out a detailed vision for a new independent internet regulator for the UK in a follow-up report.

Regulators are only one of many levers for change. The state, civil society, business and the public all have an integral part to play in affecting real change on technology. This follow-up work will also explore how a regulator can work with these groups to perform the roles mentioned above.

At Doteveryone we recognise that we can achieve more together than we can alone. That’s why we’re again calling for the input and insights of others who are thinking about accountability in digital technologies. The findings of our report has opened up new avenues of discussion, and for the next stage of our work we are seeking your views on 11 key questions:

To address the gaps in the UK’s digital regulation

1.Which current and emerging social impacts of technology are in need of stronger regulation?

2.What tools can support existing regulators to adopt a proactive regulatory approach?

3. What mechanisms are most effective for building the digital capacities of all regulators?

The new regulatory principles and frameworks

4. The idea of applying a “duty of care”, “precautionary principles” and “governance by design” offer some approaches to regulating the unintended consequences of emerging digital technologies. What underlying framework can best regulate the issues associated with these new technologies?

5. Obligating small and emerging digital organisations to police their platforms and services may place excessive burden of them and stifle their growth. What metrics could be used to define thresholds for exempting digital organisations from regulation in these circumstances?

6. What regulatory tools can encourage more accountability during the design and development of digital technologies and services?

7. What approaches are most effective in encouraging the widespread adoption of ethical frameworks by technology organisations and government?

To regulate fast-moving technologies

8. What tools should be used by regulators to identify and address emerging and long term regulatory issues?

9. What tools should be used by regulators to explore the views and values of the public around digital issues?

10. How can regulators build and maintain their knowledge of the digital sector, and how is this best shared across sectoral regulators?

11. How can UK regulators working in the digital space promote international collaboration following Brexit?


If you’d like to have your say on these issues (or share your views on the report!), please get in touch at hello@doteveryone.org.uk by Wednesday 11 July 2018.