Why Tech Policy matters for the web
TL;DR government interest is expanding from the networking and infrastructure layer to also include the application layer, where technology has global, customer-facing societal impact. Application development teams must be cognisant of potential, and in some cases inevitable, government intervention on a global scale. For some teams and geographies, it will be a matter of compliance, and for others, it will be about influencing and shaping immature legislation. Having product owners, software engineers, and designers who can bridge the intent of policy, with the best technical implementation and user experience, will be critical for many applications’ success.
I am about to immerse myself in a year long sabbatical, where I will think, reflect and debate the intersection of technology, socioeconomics, regulation, and business management.
In this essay, I would like to document some changes in my motivations for doing this and share my most recent thoughts on the topic. I’m confident that my thoughts and opinions will continue to evolve. So I intend to have another go at this half-way into my year, and then again at the end.
At the beginning
My original view on why technology policy mattered was heavily swayed by my professional experience. Through my work with Australian government agencies, I had witnessed first-hand the public sector struggle to keep up with web-technology. I thought that by developing a better understanding of why and how policy affected technology adoption, I would be able to help the public sector and foster public-private collaboration.
Almost a year after drafting my course application, my views on this have changed. For starters, there are many fantastic organisations that are already working hard to address my original concerns (see 18F, GDS, DTO, Code for America). In essence, I was worried about government’s ability to use technology to improve the way it delivered services to citizens and improve its own operations. But I was completely missing the bigger picture.
The bigger picture
World governments have the power to fundamentally shake one of the most powerful tools available to humanity today, the Open Web. Traditionally, regulation of web-related technology has been focused on the infrastructure. We’ve seen an emphasis on telecom regulations, spectrum management, and ensuring fair and affordable access to the Internet. This means that when it comes to government intervention, we typically hear about issues such as cyber-security, net neutrality, and the irresistible temptation for mass surveillance. However more recently, the general public and special-interest groups have put pressure on governments to start regulating at the application layer.
Growth in sharing economy services such as AirBnB or Uber, have led to protests and demonstrations that put significant pressure on governments to take regulatory action. Even though the European commission has taken a more encouraging stance towards these services, local governments continue to ban them.
Search products have become most people’s gateway to the web. In response to a user complaint, and in the spirit of protecting user privacy, the EU established a “right to be forgotten". Despite being criticised as paving the way for censorship, the EU parliament continues to consolidate legislation among member states, giving regulators “wide-reaching powers".
The Internet of Things is taking technology into unchartered territory, exposing web interfaces to connected devices (intimate through to industrial). The Commissioner of the FTC has already identified security as the deterministic success factor for internet-connected devices, such as those employed in smart homes. With such a close tie into our physical world, even the EU has stepped in with "an action plan for Europe".
A final worrying example of government intervention at the application layer is Turkey’s Prime Minister, Recep Tayyip Erdoğan's pledge to ‘eradicate’ Twitter. What we notice in this example, is a government official's desire to shut-down a specific application, rather than enforce a broader ban on internet communication. Given that regulation has traditionally only focused on the infrastructure, the available technical instrument to enforce this “ban" was through telecommunication providers. In this case, the ban was fulfilled by forcing local telecommunication providers to reset a DNS record, a naive and easily bypassed solution.
Naturally this list is not comprehensive (see the eHealth and FinTech industries, for example) and this kind of intervention is not completely new (see the famous IE browser bundling case: Microsoft Corp. v Commission of the European Communities, or EU legislation on browser cookies). However, what’s special and intriguing about these recent examples, is that they directly target applications that facilitate interactions in the physical world: staying in someone’s spare bedroom, taking a ride with a stranger, protecting your chances of landing a new job, or ordering more milk by speaking into a device in your living room. In short, government interest is expanding from the networking and infrastructure layer to also include the application layer, where technology has global, customer-facing societal impact.
My observation with regards to applications, is that the EU has become more direct than ever. For example, the European Commission has opened a public consultation on the “safety of apps", explicitly referencing the application layer. Furthermore, showing interest in “Enhancing interoperability and standards" may lead to interesting challenges for web-browser vendors, who build browser applications based on the web’s open standards (i.e. potential intervention at the web-standards level).
My view on why technology policy matters for the web has taken on a much more strategic angle. Application development teams must be cognisant of potential, and in some cases inevitable, government intervention on a global scale. For some teams and geographies, it will be a matter of compliance (e.g. internet banking), and for others, it will be about influencing and shaping immature legislation (e.g. search or IoT).
Having product owners, software engineers, and designers who can bridge the intent of policy, with the best technical implementation and user experience, will be critical for many applications’ success. Particularly those built for the web and intended for global audiences. For example, we need teams who understand enough about regulation to explain to legislatures why asking users for “informed consent" (e.g. EULAs and Cookie Banners) every time they visit a website, is an ineffective user experience. The requirement to bridge legislation and UX is going to be vital for any teams building web-applications on top of sensitive user data (e.g. Facebook, Gmail, internet banking, search) or applications that trigger real-world, physical interactions (e.g. Tinder, AirBnB, Amazon, eBay).
Here’s to the year ahead
As I delve deeper and deeper into the web platform, I am more excited today than I have ever been about the potential impact that can be had online. I am excited for the year to come and there has never been a better time to explore the intersection of technology, socioeconomics, regulation, and business management.
For bonus points
I choose to focus on the web, because it is my area of most significant experience. However, I acknowledge that the importance of tech policy extends beyond the web and the internet as a whole. Governments are showing interest in regulating many internet-connected physical technologies, such as self-driving cars and drones, as well as more traditional technology-heavy sectors such as healthcare and renewable energy. The constant however, is that development teams need to be mindful of growing government intervention.