The Aspen Forum, coordinated each year by the Technology Policy Institute, serves as a platform through which leading voices in government, academia and private business can come together every year to discuss major public policy issues affecting the information and communications technology (ICT) sector. The theme for the 2015 edition of this conference, held in mid-August, was The Government Back in Business: Revenge of the Regulators? Panel discussions at this year’s event focused on increased government regulatory activity around the world in areas like net neutrality, the Internet of Things and data privacy.
One of the earlier panels of the three-day forum focused a bit on a topic which has come up here recently on IPWatchdog: the right to be forgotten, a principle which has spawned a looming legal battle between the French data protection agency CNIL and American tech multinational Google Inc. (NASDAQ:GOOG) Whose Rules? Internet Regulations in a Global Economy featured a five-member panel including members of both American and European regulatory agencies as well as representatives from major tech sector corporations. At the heart of the discussion were issues of how to implement an Internet infrastructure which is increasingly globalized in a way that meets the needs of local legal jurisdictions in terms of data privacy, security and more.
Moderator David Gross of the International Telecommunications Group started the proceedings by noting the submission of a document to the United Nations from the member nations of the Group of 77 plus China, a coalition which actually has 134 member countries. That document, a 10-year review on the results of the World Summit on the Information Society (WSIS), argued that Internet governance should involve the reasonable allocation of Internet resources in a multistakeholder approach that involves governments, the private sector, civil society and international organizations. It also asked for the international community to come to a consensus “as expeditiously as possible” on rules governing the cyberspace.
The balance between government policy and the development of Internet infrastructure has been a delicate line to walk in most cases. “There used to be a vision that the Internet would be a great leveller of government policy,” said Adam Kovacevich, Google’s director of public policy. “The techno-utopian views that once everyone is connected to the Internet, our norms on privacy and free expression may all get to a certain point… I think that philosophy has been disproven.” Kovacevich cited strong desires at the national level to have Internet policies that reflect local cultures and norms. “Now we’re in a phase of the debate where we have to figure out the territoriality debate.”
Territoriality has been a difficult aspect of public international law to apply to the Internet and information technology sectors. It’s a central aspect of the current flap between Google and CNIL, which wants Google to remove listings purged under the right to be forgotten from its main Google.com domain, which Google sees as its American property. Another issue discussed at the conference include the need to finalize safe harbor privacy principles which would establish rules for U.S. or European Union businesses which store customer data, bridging the gap between differences in data privacy standards in the two jurisdictions.
The issue of data privacy is viewed differently in the EU than it is on American shores. In Europe, consumers are seen as having the right to data privacy in the face of both businesses and governments; here in America, we’re a bit more concerned with the possibility that the government could be reading our texts but we don’t worry so much about the prying eyes of network operators. As was pointed out by Federal Trade Commission commissioner Julie Brill, the EU tends to take a proactive rights-based approach to data privacy issues whereas America tends to focus on harm reduction, a more reactive stance. Google’s point of view was reflected by Kovacevich: “We’re sympathetic to foreign governments that [data access for law enforcement] is slower than they’d like, but I think there are also voices in that debate that want to make sure… that there are consumer privacy protections put in place.”
Both Brill and Andrea Glorioso, an EU delegate to the U.S., noted that there were more similarities between the American and European systems than might meet the eye. “If you go beyond small differences,” Glorioso said, “after living for 13 months here in the U.S., I’m not convinced that many topics, like privacy, I don’t think that we have such deep-rooted differences.” Glorioso noted that citizens of the EU were just as likely to be ignorant of American privacy laws as Americans could be of Europe. “Some people in the EU don’t believe that you have privacy laws,” Glorioso said, also noting that the U.S. Constitution’s 4th amendment regarding privacy was proof of America’s deep-rooted belief in privacy of the individual.
Differences might be just as much disagreements in semantics as they are disagreement in principle. Brill, in response to a question on the right to be forgotten from Tony Hadley, senior VP of government affairs and public policy at Experian plc (LON:EXPN), noted that the phrase “right of obscurity” might be a better working title in the U.S., noting that we do have obscurity rights present in areas of criminal expungement law. “We do have a right of obscurity in the U.S.,” Brill said. “A lot of people are calling for it to be enhanced, though it’s not exactly what the CNIL is seeking.” However, as Kovacevic pointed out, there are areas of criminal law where offenses are never expunged, as in the case of sex offenders.
On both sides it was noted that the misunderstandings that now abound in the debate are fairly unhelpful. In the U.S., Brill talked about a developing point of view wherein many of the EU’s activities in regulating the Internet, such as the formation of the Article 29 Working Party as a data protection authority body, are seen as fundamentally protectionist and serve to buoy European companies over the success of American corporations operating on the continent. Differences in antitrust investigations between the EU and the U.S. are also a potential area of misunderstanding, according to Glorioso. He noted that investigations of U.S. tech companies are higher than EU-based companies in that sector, but that was only simply because U.S. companies were more successful; in other industries where EU companies perform better, those companies are investigated more than their American counterparts. “I see all kinds of news articles when the EU starts an examination but nothing when the that examination closes without pressing charges,” Glorioso said, citing a recent case where this had happened with Apple Inc. (NASDAQ:AAPL)
In the eyes of the tech corporation representatives on hand this particular day, the real issue at heart seemed to be the work of reaching out to customers in developing nations and connecting those individuals to the Internet. Kevin Martin, VP for mobile and global access policy at Facebook Inc. (NASDAQ:FB), specifically named Mexico, India and Brazil as regions of focus. “In those areas, the challenges are far beyond this regulatory debate,” Martin said. “The challenges are basic access.” Martin also discussed the point that 50 percent of those who use Internet.org, Facebook’s global Internet access initiative, end up subscribing to Internet services within 30 days. To support those goals, flexibility in regulatory regimes is required to address needs in different locales, Martin said.
Government interaction for building out Internet resources was also a core part of the comments made by Peter Davidson, senior VP for federal government relations at Verizon Communications Inc. (NYSE:VZ). The international harmonization of spectrum, for instance, could have a big impact on how companies like Verizon are able to rollout their products to consumers. “Harmonized spectrum means that companies can produce handsets and chipsets a lot easier,” Davidson said. “Internationally, governments can try to find compatible policies across borders.” Davidson did pick a bit at Brill’s point about EU regulations not being protectionist; although he agreed they might not be intended that way, Davidson argued that some policies do have a protectionist result. He advocated for an addition of a solid framework for ICT and data transfer regulation worked into the language of upcoming trade agreement deals like the Trans-Pacific Partnership (TPP), the Trade in Services Agreement (TiSA) and the Transatlantic Trade and Investment Partnership (TTIP).
Still, given all of the aspects of international Internet regulations that have yet to be hammered out, it looks as though the U.S. and the EU are the two international bodies closest to signing an agreement. Other bodies, such as Asia-Pacific Economic Cooperation (APEC), and stand-alone countries like India or Brazil have different Internet interoperability mechanisms that the FTC is hoping to address separately. Brill, for one, opined that when agreements are in place with the EU and APEC, the U.S. might receive data flows from both but either might require different interoperability regulations. So it appears that the G77+China may not get the Internet rules they seek in such an expeditious fashion, but further communication between American and European stakeholders in the data privacy and protection debate might plot a path forward for the rest of the world.
Join the Discussion
No comments yet.