33 comments

[ 3.3 ms ] story [ 36.8 ms ] thread
I don’t think it can be regulated. I believe it will develop into a black market (dark web). Most regulations in the American industry are usually for just profit or are crippling. Its hard to imagine internet regulation going well.
The challenges for regulation are two-fold, in my opinion:

1. It just doesn't work. Legal and regulatory solutions are too slow and poorly designed to be effective, see for example the EU browser consent decree applied to Internet Explorer. IE didn't fail because Microsoft was forced to offer a choice of browser; it stumbled because of other nimbler competitors (particularly Chrome) that were able to innovate despite Microsoft's historical success. Similarly, Windows' monopoly of the 2000s was nothing like as entrenched as a business like oil: the dominant player is always at risk from technological shifts (e.g. browser-based apps) that render old advantages (Win32) less profound.

2. The marketplace is global. Heavy regulation of US or EU companies is a competitive disadvantage when Chinese companies operate in a very different dynamic. The US could hypothetically force the dismantling of Facebook into its constituent products or the EU could add stricter rules on how it could monetize its services, but that just plays to the advantages of Tiktok and other companies that they have even less control over. It's unclear that this is in the interests of America or Europe.

[Disclosure: I work for Google, but it's Sunday and I don't speak for them; I'm just another muggle posting on the internet.]

So no regulation at all then? Just allow companies to use and abuse their "users" however they please?

This is a return to the era of robber barons. We must try to ensure that companies have incentives to do better, otherwise we have seen time and time again that they will do anything they please as long as it is profitable. Consumers will not "just choose the ethical option" because they either cannot afford to, they don't realise the consequences, or they just don't care.

I wouldn't say that. But doing _something_ isn't automatically better than doing nothing, particularly when the tools are blunt and those wielding them are inexpert in the domain to which they're being applied.

There are no easy solutions here. But I agree strongly with your premise of "incentivizing companies to do better", and I suspect there are other means than regulation to achieve that goal.

Can you give some examples of the alternatives to regulation you refer to?
Historically, companies as well as individuals respond well to economic incentive (both positive and negative). As an example from a different industry, carbon credits have created a market that encourages and rewards green activity; taxation on products and services that are perceived as "negative" acts as a constraint on supply and demand.

Equally, the government itself is a huge purchaser of services and has undue influence in how companies behave. The desire for companies to win federal and military contracts allows governments significant leverage; perhaps not in the Facebook case, but certainly in areas like cloud.

1. I don't think point this is self-evident. At a minimum you could tighten up the M&A rules so that the big guys can't just buy every potential competitor. Legislative solutions are probably too slow, but we could certainly form a regulatory agency that can deal with rule-making as new issues come to the front.

2. I don't think it's self-evident that regulation would disadvantage US and EU companies. Regulation that encourages competition and innovation is an economic advantage - not a disadvantage. Tiktok might be less attractive if there was a vibrant marketplace of federated social media services that don't send your data to the CCP.

How exactly could M&A regulations be written to prohibit purchasing a potential competitor before it becomes a significant actual competitor? Like what legally enforceable language could you actually use? At some level every business has the potential to become a competitor of every other business.
I think there is a major difference between "regulation" (e.g. CFAA, DMCA, SESTA) and antitrust, which is that monopolies are slow and stable and hard to get rid of in any other way.

Chrome defeated Internet Explorer by leveraging a different monopoly. That meant it had copious funding without needing to make money itself and it got a huge amount of free marketing by being featured on google.com. But just trading one monopoly for another isn't competition. Internet Explorer was a monoculture controlled by a single player, now Chrome is, is that better? Was Microsoft going to add features that allow the platform-independent web to compete with Win32 apps? Is Google going to add features that protect privacy and allow users to keep their data on their own machines? Are they going to care about not making things so complicated that no upstart can create a third party browser ever again? Getting away from that requires actual competition.

Meanwhile the actual antitrust enforcement actions we've seen have largely been stupid garbage (pretty much as expected), but they've also been painful and expensive stupid garbage, which gives the targets an incentive to avoid attracting their attention. And, most importantly, antitrust pretty much by definition only applies to really huge companies. If all they did was show up at the doorstep of any company with more than 50% market share and beat them with clubs until they're weak enough that someone else can take market share from them, that's still doing something useful, and most importantly it isn't doing the most dangerous thing regulation can do, which is the opposite of that -- impact smaller more fragile competitors and upstarts more than huge incumbents, which destroys competition.

I partially agree that regulations are slow or even atrocious. But, on the web, what true game-changing innovations were there in the last ten or so years? By and large, we're doing just the same things (poorly) on the web we used to in the 2000s. But "network effects" now place barriers to entry on a medium that once was supposed to be an easy means for self-publishing (for example, why don't more musicians put their songs on a paywalled web page for self-distribution? It's the kind of thing the web was made for, yet they have to go to endless pains with idiosyncratic and ever-changing web conventions, payment providers, SEO, and promotion on platforms to get a handful of clicks). What we're experiencing is a large consolidation end-game. In that situation, I think regulation is necessary, as "the web" can't get out of this without political will. I also disagree that the EU's ruling for IE had no impact; Firefox opened the door for browser diversity and merit. The same principles could be applied today to Android, to stop Google mandating bundling of their "services" and making Android phones cheap when the price to pay is privacy invasion and monopolism.

The marketplace being global might not very much longer be the case. For example, the EU court of justice has ruled (again) that personally-identifiable info just can't be transferred to the US under the "safe harbor" doctrine. And hasn't Google pulled out of China because they were required to give data to the government which however they weren't willing to on matters of principle?

It would be interesting to hear an insider story about the fall of AOL and Altavista.

It's clear that Google and Facebook are the problems and practically equivalent to the AOL walled garden.

I'm not sure that it would be impossible to disrupt them. What is lacking? Is it the fighting spirit?

> Chinese companies operate in a very different dynamic.

Chinese companies have their own regulations to deal with. I’m not sure it’s necessarily a disadvantage.

> 1. It just doesn't work.

* Unleaded gasoline

* Earthquake-proof building codes

* Air pollution (https://en.wikipedia.org/wiki/Clean_Air_Act_of_1963#Effects)

These are just a few that I quickly came up with off the top of my head. Obviously, not all regulation works. But it is so incredibly false to say there doesn't exist effective regulation that has made our lives much better.

Yes, totally. But the topic is “regulating technology”. In general this space is evolving far faster than oil or building codes, and regulating innovation is much harder than regulating established standards.
From the top of another head: Banning DDT, Removing Freon from AC systems, mandatory seat-belts and airbags in cars, Residential ground fault detection outlets, Electricity system codes, Gas line codes, Building safety codes ...
Can I veer horribly into my favourite tangent - I love the presentation style, the look-and-feel. It's a blog version of what he did at A18Z - a sort of sophisticated corporate but with the look of something that could be knocked up from Markdown.

I could steal the CSS, but that's is only 20% of the battle - getting graphs that match the snazz, getting everything just right, but with this off handed vibe.

As I get older this stuff matters.

(comment deleted)
Interesting but I found the opposite. Font a bit small, grey on grey hard to read and no links whatsoever! (Why not if you are writing for the web?) No strong personality comes across - and I like most of what Ben does. I find it actually visually less engaging than a lot of corporate blogs.
The mechanical turks, is something that shall be regulated ASAP... AT LEAST IN EVOLVED COUNTRIES!!!
(comment deleted)
>>> Today it might have 100x that. So, how many compliance people will Google have in five years?

Compliance goes hand in glove with regulatory reporting. Reporting to regulators should be a marginal cost thing - if the data internally is same, well managed and fully auditable in an automated fashion.

Doing this in finance is something the new challenger banks (ie monzo built about five years ago by ten coders and now has a million UK accounts) - this is something they can have one compliance person because all their systems are new and written with compliance in mind.

Doing this for most major banks is next to impossible. It would rewriting everything (#)

(#) Actuallly i would say this is a good strategic plan for most major banks. Might not be able to persuade the board but still.

This is a really interesting angle but I'd go somewhat further - it's not just the systems that need to be new, its the whole business! Monzo has had the advantage that its been able to design everything to fit both what is possible with automated systems and the current regulatory environment.

If you've got lots of edge cases from a legacy business then its probably not going to work anywhere near as well even if you could rewrite everything.

These challenger banks are also currently operating in relative niches. Yes Monzo has a million bank accounts, but in terms of their product offering, it isn't close to the breadth of your traditional "High Street" bank. As their product offering expands, their compliance requirements will become a lot more complex, and will lead to more compliance personnel being hired. They have also yet to experience a massive overhaul to the compliance requirements of their existing systems. I'm sure they are better placed to handle it than a traditional bank but it won't be easy.
I've seen this piece a few times, and it's broadly good, but I think it glosses over the fact that just because politicians want regulation or try to pass regulation does not mean it actually happens.

As a good example, we're now at the 10th anniversary of the original Digital Economy Act in the UK, the legislation that was going to disconnect persistent pirates from the internet and send out warning letters. This legislation passed. There was much writing at the time about how this was the end of the open internet, and from politicians about how this was the end of the wild west internet.

And yet, ten years later, not a single action has ever been undertaken under those provisions. No letters were sent. No disconnections ever happened. And that's because politicians ignored the complexity, declared something must be done and passed law that didn't actually parse into any real world actions. Primarily it was just completely barmy costs wise for rights owners to send letters, so they didn't and the regulator just quietly forgot about it after several consultations.

Much of this regulation feels very similar. Laws may be passed, but the vast majority of them will never result in any changes because frankly the quality of lawmaking in most jurisdictions is extremely poor. One or two bits certainly will, but most of it will fail badly.

Evans sets out the UK's Online Harms act as an example, but the Online Harms regulation is doomed for one simple reason - everyone and their dog in politics and lobbying keeps trying to project their problems on to it as something that will be solved. It's suddenly got to do a million things, while not having any resource to do so. It will inevitably collapse under it's own weight because nobody involved is brave enough to say it's scope is already too big to work.

> why your fellow-citizens didn’t vote the right way.

I'm a little concerned by the implication that regulating tech should focus on making sure that people vote "the right way".

Whoa, I don’t see this in OP post. Perhaps a political motivation was edited out to make their argument appear technically grounded when it has ideological underpinnings?
Right now there are three huge risks in regulating tech:

1. Slowing innovation 2. Creating monopolies 3. Crippling entire segments of the tech industry

The last chart is the most important: the cost of compliance affects small businesses, including startups much more than large companies.

Have there been many regulatory success stories? I can't think of many
Clean air, clean water, seatbelts, no wild economic swings from 1932 until 1986, meat packing plant sanitation, coal mine safety, nuclear power safety, OSHA, the National Park system, air traffic control, port authority - I could go on.