REWRITING THE RULES

Governments can’t handle tech regulation. It’s time for companies to take over

As anxiety mounts about the risks we face from driverless cars, artificial intelligence, and social media, it is increasingly common to hear calls for regulation, not only from legislators, but also from the corporate titans that are inventing our future.

What we don’t hear nearly enough, however, is the call to invent the future of regulation. And that’s a problem.

Our existing regulatory tools, like the online terms and conditions that we all blithely accept, and the complex regulations that government bureaucracies pile on, are not up to the task. They are not fast enough, smart enough, or accountable enough to achieve what we want them to achieve, whether that’s greater privacy, data security, or personal safety. And they are too expensive for most people to rely on.

For example, it may be too early to tell, but if the avalanche of new “click to agree” boxes on webpages in response to the EU’s new General Data Protection Regulation is any indication, the effective impact on user privacy and control is going to be small because people still don’t know what they’re agreeing to. It will also be costly for individual consumers to monitor and challenge in court what corporations are actually doing with their data.

 A key reason that our regulatory tools are growing so useless is that we have not devoted the same funding, energy, or time to updating the way we develop regulation as we have to developing new technologies.  A key reason that our regulatory tools are growing so useless is that we have not devoted the same funding, energy, or time to updating the way we develop regulation as we have to developing new technologies. We continue to rely on tools invented to manage the economies and societies of the 19th and 20th century, tools that are badly out of step with the 21st.

So how do we build the systems we need to cope with and regulate the new economic and social challenges we are facing?

The key is to harness the same creativity and inspiration that built Facebook and other tech giants to build the regulatory systems of the digital age, rewarding for-profit and nonprofit innovators who can come up with better regulatory tools.

I call this “super-regulation.” It’s “super” because it elevates governments out of the business of legislating the ground-level details and into the business of making sure that a new competitive market of private regulators operates in the public interest.

Think about the task of regulating new gig-based e-companies like Uber. Governments want to ensure the safety of all those who use the service and fairness for those who work for it. But under our current approaches to regulation, that requires a whole slew of regulatory standards covering labor rights to data security to vehicle safety standards. These are standards that morph from country to country, creating terrific headaches for innovators, and terrific failures for users and workers.

 This shift toward a bigger role for private companies in the design of regulatory schemes is already underway, spurred by the twin pressures of globalization and digitization. These private regulators, if they are competing, will be incentivized to invest in inventing better ways to achieve those results. In the case of on-demand driving services like Uber, this might see regulators investing in machine learning technology to better anticipate accident risks, or technology delivered across a driver’s phone to monitor speed or other driving behaviours directly. Cheap online dispute resolution mechanisms, perhaps linked to blockchain, could be employed to ensure drivers are paid as promised.

This shift toward a bigger role for private companies and organizations in the design of regulatory schemes is already underway, spurred by the twin pressures of globalization and digitization—both of which leave great gaps in traditional and nation state-based regulation.

The drivers of this shift are often ultimately regulated companies themselves—looking to define a reasonably reliable playing field on which they and their competitors meet. This effort sees companies like Microsoft, for example, leading efforts to build global standards for privacy and cybersecurity, and Google submitting to AI safety principles.

Companies are also writing many of the rules governing their own conduct through their terms of service—which in theory are the product of “agreement” with their employees and customers but which in fact are under almost complete corporate control.

These pressures to have more of the rules written by private entities that are closer to what is happening, at increasingly high velocity, on the ground and in the cloud is not going to go away. Traditional bureaucracy-led regulation is only going to fall further behind and grow more irrelevant.

That’s why it’s critical that we create a supervised market for private regulators. That way we get the best of both worlds: the goals of regulation are still set by accountable governments but the technology of regulation, the detailed way in which those goals are met, is pushed into a market process whereby third parties better serve both masters.

Private regulators would have to keep governments happy in order to keep their license to regulate. And they have to keep their regulatory clients happy by developing easier, less costly and more flexible ways of implementing regulatory controls.

The sooner we move beyond the idea that conventional regulation can handle the challenges of our powerful new technologies, the better. The call to regulate is an empty one unless we figure out how to harness the power of markets, and new approaches to government accountability, to that task.

This article is part of Quartz Ideas, our home for bold arguments and big thinkers.

home our picks popular latest obsessions search