Tag Archives: internet monopolies

Why a Dumb Internet is Best

Functional splintering [of the internet] is already happening. When tech companies build “walled gardens”, they decide the rules for what happens inside the walls, and users outside the network are excluded…

Governments are playing catch-up but they will eventually reclaim the regulatory power that has slipped from their grasp. Dictatorships such as China retained control from the start; others, including Russia, are following Beijing. With democracies, too, asserting their jurisdiction over the digital economy, a fragmentation of the internet along national lines is more likely. …The prospect of a “splinternet” has not been lost on governments. To avoid it, Japan’s G20 presidency has pushed for a shared approach to internet governance. In January 2019, prime minister Shinzo Abe called for “data free flow with trust”. The 2019 Osaka summit pledged international co-operation to “encourage the interoperability of different frameworks”.

But Europe is most in the crosshairs of those who warn against fragmentation…US tech giants have not appreciated EU authorities challenging their business model through privacy laws or competition rulings. But more objective commentators, too, fear the EU may cut itself off from the global digital economy. The critics fail to recognise that fragmentation can be the best outcome if values and tastes fundamentally differ…

If Europeans collectively do not want micro-targeted advertising, or artificial intelligence-powered behaviour manipulation, or excessive data collection, then the absence on a European internet of services using such techniques is a gain, not a loss. The price could be to miss out on some services available elsewhere… More probably, non-EU providers will eventually find a way to charge EU users in lieu of monetising their data…Some fear EU rules make it hard to collect the big data sets needed for AI training. But the same point applies. EU consumers may not want AI trained to do intrusive things. In any case, Europe is a big enough market to generate stripped, non-personal data needed for dumber but more tolerable AI, though this may require more harmonised within-EU digital governance. Indeed, even if stricter EU rules splinter the global internet, they also create incentives for more investment into EU-tailored digital products. In the absence of global regulatory agreements, that is a good second best for Europe to aim for.

Excerpts from Martin Sandbu,  Europe Should Not be Afraid of Splinternet,  FT, July 2, 2019

Facebook Denizens Unite! the right to privacy and big tech

The European Union’s (EU) approach to regulating the big tech companies draws on its members’ cultures tend to protect individual privacy. The other uses the eu’s legal powers to boost competition.  The first leads to the assertion that you have sovereignty over data about you: you should have the right to access them, amend them and determine who can use them. This is the essence of the General Data Protection Regulation (GDPR), whose principles are already being copied by many countries across the world. The next step is to allow interoperability between services, so that users can easily switch between providers, shifting to firms that offer better financial terms or treat customers more ethically. (Imagine if you could move all your friends and posts to Acebook, a firm with higher privacy standards than Facebook and which gave you a cut of its advertising revenues.)

Europe’s second principle is that firms cannot lock out competition. That means equal treatment for rivals who use their platforms. The EU has blocked Google from competing unfairly with shopping sites that appear in its search results or with rival browsers that use its Android operating system. A German proposal says that a dominant firm must share bulk, anonymised data with competitors, so that the economy can function properly instead of being ruled by a few data-hoarding giants. (For example, all transport firms should have access to Uber’s information about traffic patterns.) Germany has changed its laws to stop tech giants buying up scores of startups that might one day pose a threat.

Ms Vestager has explained, popular services like Facebook use their customers as part of the “production machinery”. …The logical step beyond limiting the accrual of data is demanding their disbursement. If tech companies are dominant by virtue of their data troves, competition authorities working with privacy regulators may feel justified in demanding they share those data, either with the people who generate them or with other companies in the market. That could whittle away a big chunk of what makes big tech so valuable, both because Europe is a large market, and because regulators elsewhere may see Europe’s actions as a model to copy. It could also open up new paths to innovation.

In recent decades, American antitrust policy has been dominated by free-marketeers of the so-called Chicago School, deeply sceptical of the government’s role in any but the most egregious cases. Dominant firms are frequently left unmolested in the belief they will soon lose their perch anyway…By contrast, “Europe is philosophically more sceptical of firms that have market power.” ..

Tech lobbyists in Brussels worry that Ms Vestager agrees with those who believe that their data empires make Google and its like natural monopolies, in that no one else can replicate Google’s knowledge of what users have searched for, or Amazon’s of what they have bought. She sent shivers through the business in January when she compared such companies to water and electricity utilities, which because of their irreproducible networks of pipes and power lines are stringently regulated….

The idea is for consumers to be able to move data about their Google searches, Amazon purchasing history or Uber rides to a rival service. So, for example, social-media users could post messages to Facebook from other platforms with approaches to privacy that they prefer…

Excerpts from Why Big Tech Should Fear Europe, Economist, Mar. 3, 2019; The Power of Privacy, Economist, Mar. 3, 2019

Your Biometric Data in Facebook

A federal judge has dismissed a class action lawsuit against Facebook after the California-based social media site claimed there was a lack of personal jurisdiction in Illinois.The plaintiff in the case, Fredrick William Gullen, filed the complaint alleging violations of the Illinois Biometric Information Privacy Act. Gullen is not a Facebook user, but he alleged that his image was uploaded to the site and that his biometric identifiers and biometric information was collected, stored and used by Facebook without his consent. The Illinois Biometric Information Privacy Act, implemented in 2008, regulates the collection, use, and storage of biometric identifiers and biometric information such as scans of face or hand geometry. The act specifically excludes photographs, demographic information, and physical descriptions….

In the Facebook case, no ruling has been made on whether the information on Facebook counts as biometric identifiers and biometric information under the Illinois Biometric Information Privacy Act. Instead, the judge agreed with Facebook that the case could not be tried in Illinois.

However, the company is currently facing a proposed class action in California relating to some of the same questions….How the California class action will play out remains to be seen. California does not yet have a clear policy on biometric privacy.A bill pending in the state’s legislature would extend the scope of the data security law to include biometric data as well as geophysical location, but it has not yet become law.  The question of privacy in regards to biometric information is one that has garnered increasing attention in recent months. On Feb. 4, 2016 the Biomterics Institute, an independent research and analysis organization, released revised guidelines comprising 16 privacy principles for companies that gather and use biometrics data.

Excerpts from Emma Gallimore, Federal judge boots Illinois biometrics class action against Facebook, Legal Newswire, Feb. 22, 2016, 12:15pm

See also the case (pdf)

How to Stop the Expoitation of Internet Users

Data breaches at Facebook and Google—and along with Amazon, those firms’ online dominance—crest a growing wave of anxiety around the internet’s evolving structure and its impact on humanity…The runaway success of a few startups has created new, proprietized one-stop platforms. Many people are not really using the web at all, but rather flitting among a small handful of totalizing apps like Facebook and Google. And those application-layer providers have dabbled in providing physical-layer internet access. Facebook’s Free Basics program has been one of several experiments that use broadband data cap exceptions to promote some sites and services over others.

What to do? Columbia University law professor Tim Wu has called upon regulators to break up giants like Facebook, but more subtle interventions should be tried first…Firms that do leverage users’ data should be “information fiduciaries,” obliged to use what they learn in ways that reflect a loyalty to users’ interests…The internet was designed to be resilient and flexible, without need for drastic intervention. But its trends toward centralization, and exploitation of its users, call for action

Excerpts from Jonathan Zittrain, Fixing the internet, Science, Nov. 23, 2018

American Oligarchs

Warren Buffett, the 21st century’s best-known investor, extols firms that have a “moat” around them—a barrier that offers stability and pricing power.One way American firms have improved their moats in recent times is through creeping consolidation. The Economist has divided the economy into 900-odd sectors covered by America’s five-yearly economic census. Two-thirds of them became more concentrated between 1997 and 2012 (see charts 2 and 3). The weighted average share of the top four firms in each sector has risen from 26% to 32%…

These data make it possible to distinguish between sectors of the economy that are fragmented, concentrated or oligopolistic, and to look at how revenues have fared in each case. Revenues in fragmented industries—those in which the biggest four firms together control less than a third of the market—dropped from 72% of the total in 1997 to 58% in 2012. Concentrated industries, in which the top four firms control between a third and two-thirds of the market, have seen their share of revenues rise from 24% to 33%. And just under a tenth of the activity takes place in industries in which the top four firms control two-thirds or more of sales. This oligopolistic corner of the economy includes niche concerns—dog food, batteries and coffins—but also telecoms, pharmacies and credit cards.

The ability of big firms to influence and navigate an ever-expanding rule book may explain why the rate of small-company creation in America is close to its lowest mark since the 1970s … Small firms normally lack both the working capital needed to deal with red tape and long court cases, and the lobbying power that would bend rules to their purposes….

Another factor that may have made profits stickier is the growing clout of giant institutional shareholders such as BlackRock, State Street and Capital Group. Together they own 10-20% of most American companies, including ones that compete with each other. Claims that they rig things seem far-fetched, particularly since many of these funds are index trackers; their decisions as to what to buy and sell are made for them. But they may well set the tone, for example by demanding that chief executives remain disciplined about pricing and restraining investment in new capacity. The overall effect could mute competition.

The cable television industry has become more tightly controlled, and many Americans rely on a monopoly provider; prices have risen at twice the rate of inflation over the past five years. Consolidation in one of Mr Buffett’s favourite industries, railroads, has seen freight prices rise by 40% in real terms and returns on capital almost double since 2004. The proposed merger of Dow Chemical and DuPont, announced last December, illustrates the trend to concentration. //

Roughly another quarter of abnormal profits comes from the health-care industry, where a cohort of pharmaceutical and medical-equipment firms make aggregate returns on capital of 20-50%. The industry is riddled with special interests and is governed by patent rules that allow firms temporary monopolies on innovative new drugs and inventions. Much of health-care purchasing in America is ultimately controlled by insurance firms. Four of the largest, Anthem, Cigna, Aetna and Humana, are planning to merge into two larger firms.

The rest of the abnormal profits are to be found in the technology sector, where firms such as Google and Facebook enjoy market shares of 40% or more

But many of these arguments can be spun the other way. Alphabet, Facebook and Amazon are not being valued by investors as if they are high risk, but as if their market shares are sustainable and their network effects and accumulation of data will eventually allow them to reap monopoly-style profits. (Alphabet is now among the biggest lobbyists of any firm, spending $17m last year.)…

Perhaps antitrust regulators will act, forcing profits down. The relevant responsibilities are mostly divided between the Department of Justice (DoJ) and the Federal Trade Commission (FTC), although some …[But]Lots of important subjects are beyond their purview. They cannot consider whether the length and security of patents is excessive in an age when intellectual property is so important. They may not dwell deeply on whether the business model of large technology platforms such as Google has a long-term dependence on the monopoly rents that could come from its vast and irreproducible stash of data. They can only touch upon whether outlandishly large institutional shareholders with positions in almost all firms can implicitly guide them not to compete head on; or on why small firms seem to be struggling. Their purpose is to police illegal conduct, not reimagine the world. They lack scope.

Nowhere has the alternative approach been articulated. It would aim to unleash a burst of competition to shake up the comfortable incumbents of America Inc. It would involve a serious effort to remove the red tape and occupational-licensing schemes that strangle small businesses and deter new entrants. It would examine a loosening of the rules that give too much protection to some intellectual-property rights. It would involve more active, albeit cruder, antitrust actions. It would start a more serious conversation about whether it makes sense to have most of the country’s data in the hands of a few very large firms. It would revisit the entire issue of corporate lobbying, which has become a key mechanism by which incumbent firms protect themselves.

Excerpts from Too Much of a Good Thing, Economist, Mar. 26, 2016, at 23

Who Controls Peoples’ Data?

The McKinsey Global Institute estimates that cross-border flows of goods, services and data added 10 per cent to global gross domestic product in the decade to 2015, with data providing a third of that increase. That share of the contribution seems likely to rise: conventional trade has slowed sharply, while digital flows have surged. Yet as the whole economy becomes more information-intensive — even heavy industries such as oil and gas are becoming data-driven — the cost of blocking those flows increases…

Yet that is precisely what is happening. Governments have sharply increased “data localisation” measures requiring information to be held in servers inside individual countries. The European Centre for International Political Economy, a think-tank, calculates that in the decade to 2016, the number of significant data localisation measures in the world’s large economies nearly tripled from 31 to 84.

Even in advanced economies, exporting data on individuals is heavily restricted because of privacy concerns, which have been highlighted by the Facebook/ Cambridge Analytica scandal. Many EU countries have curbs on moving personal data even to other member states. Studies for the Global Commission on Internet Governance, an independent research project, estimates that current constraints — such as restrictions on moving data on banking, gambling and tax records — reduces EU GDP by half a per cent.

In China, the champion data localiser, restrictions are even more severe. As well as long-established controls over technology transfer and state surveillance of the population, such measures form part of its interventionist “ Made in China 2025 ” industrial strategy, designed to make it a world leader in tech-heavy sectors such as artificial intelligence and robotics.

China’s Great Firewall has long blocked most foreign web applications, and a cyber security law passed in 2016 also imposed rules against exporting personal information, forcing companies including Apple and LinkedIn to hold information on Chinese users on local servers. Beijing has also given itself a variety of powers to block the export of “important data” on grounds of reducing vaguely defined economic, scientific or technological risks to national security or the public interest.   “The likelihood that any company operating in China will find itself in a legal blind spot where it can freely transfer commercial or business data outside the country is less than 1 per cent,” says ECIPE director Hosuk Lee-Makiyama….

Other emerging markets, such as Russia, India, Indonesia and Vietnam, are also leading data localisers. Russia has blocked LinkedIn from operating there after it refused to transfer data on Russian users to local servers.

Business organisations including the US Chamber of Commerce want rules to restrain what they call “digital protectionism”. But data trade experts point to a serious hole in global governance, with a coherent approach prevented by different philosophies between the big trading powers. Susan Aaronson, a trade academic at George Washington University in Washington, DC, says: “There are currently three powers — the EU, the US and China — in the process of creating separate data realms.”

The most obvious way to protect international flows of data is in trade deals — whether multilateral, regional or bilateral. Yet only the World Trade Organization laws governing data flows predate the internet and have not been thoroughly tested through litigation. It recently recruited Alibaba co-founder Jack Ma to front an ecommerce initiative, but officials involved admit it is unlikely to produce anything concrete for a long time. In any case, Prof Aaronson says: “While data has traditionally been addressed in trade deals as an ecommerce issue, it goes far wider than that.”

The internet has always been regarded by pioneers and campaigners as a decentralised, self-regulating community. Activists have tended to regard government intervention with suspicion, except for its role in protecting personal data, and many are wary of legislation to enable data flows.  “While we support the approach of preventing data localisation, we need to balance that against other rights such as data protection, cyber security and consumer rights,” says Jeremy Malcolm, senior global policy analyst at the Electronic Frontier Foundation, a campaign for internet freedom…

Europe has traditionally had a very different philosophy towards data and privacy than the US. In Germany, for instance, public opinion tends to support strict privacy laws — usually attributed to lingering memories of surveillance by the Stasi secret police in East Germany. The EU’s new General Data Protection Regulation (GDPR), which comes into force on May 25, 2018 imposes a long list of requirements on companies processing personal data on pain of fines that could total as much as 4 per cent of annual turnover….But trade experts warn that the GDPR is very cautiously written, with a blanket exemption for measures claiming to protect privacy. Mr Lee-Makiyama says: “The EU text will essentially provide no meaningful restriction on countries wanting to practice data localisation.”

Against this political backdrop, the prospects for broad and binding international rules on data flow are dim. …In the battle for dominance over setting rules for commerce, the EU and US often adopt contrasting approaches.  While the US often tries to export its product standards in trade diplomacy, the EU tends to write rules for itself and let the gravity of its huge market pull other economies into its regulatory orbit. Businesses faced with multiple regulatory regimes will tend to work to the highest standard, known widely as the “Brussels effect”.  Companies such as Facebook have promised to follow GDPR throughout their global operations as the price of operating in Europe.

Excerpts from   Data protectionism: the growing menace to global business, Financial Times, May 13, 2018

The Internet: from Subversive to Submissive

Free-Speech advocates were aghast—and data-privacy campaigners were delighted—when the European Court of Justice (ECJ) embraced the idea of a digital “right to be forgotten” in May 2014. It ruled that search engines such as Google must not display links to “inadequate, irrelevant or no longer relevant” information about people if they request that they be removed, even if the information is correct and was published legally.

The uproar will be even louder should France’s highest administrative court, the Conseil d’État, soon decide against Google. The firm currently removes search results only for users in the European Union. But France’s data-protection authority, CNIL, says this is not enough: it wants Google to delete search links everywhere. Europe’s much-contested right to be forgotten would thus be given global reach. The court… may hand down a verdict by January.

The spread of the right to be forgotten is part of a wider trend towards the fragmentation of the internet. Courts and governments have embarked on what some call a “legal arms race” to impose a maze of national or regional rules, often conflicting, in the digital realm
The internet has always been something of a subversive undertaking. As a ubiquitous, cross-border commons, it often defies notions of state sovereignty. A country might decide to outlaw a certain kind of service—a porn site or digital currency, say—only to see it continue to operate from other, more tolerant jurisdictions.

As long as cyberspace was a sideshow, governments did not much care. But as it has penetrated every facet of life, they feel compelled to control it. The internet—and even more so cloud computing, ie, the storage of vast amounts of data and the supply of myriad services online—has become the world’s über-infrastructure. It is creating great riches: according to the Boston Consulting Group, the internet economy (e-commerce, online services and data networks, among other things) will make up 5.3% of GDP this year in G20 countries. But it also comes with costs beyond the erosion of sovereignty. These include such evils as copyright infringement, cybercrime, the invasion of privacy, hate speech, espionage—and perhaps cyberwar.

IIn response, governments are trying to impose their laws across the whole of cyberspace. The virtual and real worlds are not entirely separate. The term “cloud computing” is misleading: at its core are data centres the size of football fields which have to be based somewhere….

New laws often include clauses with extraterritorial reach. The EU’s General Data Protection Regulation will apply from 2018 to all personal information on European citizens, even if the company holding it is based abroad.

In many cases, laws seek to keep data within, or without, national borders. China has pioneered the blocking of internet addresses with its Great Firewall, but the practice has spread to the likes of Iran and Russia. Another approach is “data localisation” requirements, which mandate that certain types of digital information must be stored locally or remain in the country. A new law in Russia, for instance, requires that the personal information of Russian citizens is kept in national databases…Elsewhere, though, data-localisation polices are meant to protect citizens from snooping by foreign powers. Germany has particularly stringent data-protection laws which hamper attempts by the European Commission, the EU’s civil service, to reduce regulatory barriers to the free flow of data between member-states.

Fragmentation caused by government action would be less of a concern if other factors were not also pushing in the same direction–new technologies, such as firewalls and a separate “dark web”, which is only accessible using a special browser. Commercial interests, too, are a dividing force. Apple, Facebook, Google and other tech giants try to keep users in their own “walled gardens”. Many online firms “geo-block” their services, so that they cannot be used abroad….

Internet experts distinguish between governance “of” the internet (all of the underlying technical rules that make it tick) and regulation “on” the internet (how it is used and by whom). The former has produced a collection of “multi-stakeholder” organisations, the best-known of which are ICANN, which oversees the internet’s address system, and the Internet Engineering Task Force, which comes up with technical standards…..

Finding consensus on technical problems, where one solution often is clearly better than another, is easier than on legal and political matters. One useful concept might be “interoperability”: the internet is a network of networks that follow the same communication protocols, even if the structure of each may differ markedly.

Excerpts from Online governance: Lost in the splinternet, Economist, Nov. 5, 2016