The EU on Internet governance: Strong on description – Weak on prescription

Last week,  the EC Communication on Internet Policy and Governance brought the long awaited EU approach to Internet governance, ahead of a decisive period in global digital politics.[1]

The EU’s digital politics are always followed with great attention. The EU’s hard digital power is based on the attraction of a 500 million-person market with high Internet penetration (65%). As the concentration of the Internet industry lobby in Brussels shows, this type of hard power matters. By negotiating with the EU on anti-monopoly and data-protection, Google and Facebook, among others, negotiate with the rest of the world (the EU’s arrangements with the Internet industry often inspire other countries and regions to take similar action).

The EU’s soft digital power is based on some sort of digital jiu-jitsu diplomacy of turning weaknesses into strengths. Namely, the EU does not have any major Internet company after Skype was bought by Microsoft. Paradoxically, this weakness could be turned into a strength in Internet governance (IG). Without the need to protect the economic interests of the Internet industry, the EU has more freedom to promote and protect public interests (user rights, inclusion, network neutrality). In this way, the EU can become the guardian of ‘Internet users’, and the promoter of an enabling environment for the growth of the EU’s (and the world’s) Internet industry. The EU can achieve both ethical and strategic goals, which is not often case in international politics.

The EU’s novel approach of developing different issue-based alliances has started emerging. At the WCIT-Dubai, Europe supported the USA, while in the discussion of ICANN status issues, Europe often allies itself with BRICS and developing countries. On data protection and privacy, the EU’s position is close to the position of the Latin American countries.

This digital geo-political background is important for analysing the EC Communication on Internet governance.  The EC Communication  provides a comprehensive description (and diagnosis) of the main issues in the AS (After Snowden) era in global Internet politics, but falls short on prescribing concrete solutions. The main message is that whatever medicine is provided for IG problems, it should not harm the patient (and the already-shaken trust in the Internet).

 

Here are the four main issues raised in the EC Communication:

First, not surprisingly, the EC focuses on the future of US supervision of ICANN (the Internet Corporation for Assigned Names and Numbers). Although this section has attracted media attention (bombastic headlines about the EU challenging the USA in global digital politics), it is only a reinforcement of the EU position that has been constant for a long time. The only new element is the EU’s request for a clear timeline for ICANN’s internationalisation (and/or globalisation).[2] The USA has anyway to decide what to do with its special links with ICANN by September 2015. This timeline was expected soon. The EC Communication stopped short of any prescription as to how the internationalisation of ICANN should be achieved.

 

Second, the EU proposes a ‘genuine multistakeholder’ model as a way to address the risk of policy capture in IG. It has become a real risk in IG bodies (IGF, ICANN, IETF), that entities with financial and organizational strengths can easily dominate policy discussions. Typically, when faced with the risk of policy capture, public institutions introduce procedural protection of the weakest, and rules of engagement (e.g. officials cannot accept gifts; conflict of interest statements).  Both Washington and Brussels have developed elaborate rules to contain the influence of lobbying groups within acceptable, legal limits.

For the IG multistakeholder bodies, the main challenge (hopefully not a Catch 22) will be to reduce the risk of policy capture without becoming heavily structured and regulated, in other words, by preserving a bottom-up and informal approach. The EU’s experience in developing checks-and-balances can be useful for the IG space, as would the USA’s. Paradoxically, unlike in the internal politics of the EU and the USA, where they are often the cause of inefficiency, elaborate checks-and-balances could be useful in the current stage of Internet governance. They can bring more stability, trust, and legitimacy to global IG.

 

The third important question addresses conflicts of jurisdiction and laws. The EU communication is among the first official documents that questions the ‘end of territoriality’ argument in Internet governance (frequently repeated in speeches: ‘the Internet has no borders’). Today, we are more anchored in geography than we were during the pre-Internet era. And, as long as Internet users, computer equipment and data traffic can be geographically located (as they can on the Internet, easily), the existing rules on jurisdiction still apply. The EU correctly points out that the problem of jurisdiction is not ‘qualitative’ but ‘quantitative’: ‘the sheer quantity of cross-border transactions of various types which take place online, call for a more thorough reflection on how existing rules apply to the Internet.’

The EC’s diagnosis of the issue focuses only on (non) contractual aspects of e-commerce. However, it misses three important areas of jurisdiction that have been attracting a lot of interest lately: protection of privacy (national or international rules), defamation (many legal issues, especially in the UK), and fiscal issues (where and how Internet business should be taxed).

 

Fourth, the EC Communication alerts about the risks of ‘ruling by code’ in digital world. Software code can ultimately become law, and  the Internet industry may take on, de facto, the role of parliaments and governments worldwide. Through standards and software design, Internet industries can shape how human rights are used and protected (freedom of information, privacy, and intellectual property, for example).

Regarding Internet standardization, one can argue that the EU is knocking on an open door, since most of the Internet standardisation bodies are already open to the public. But, in reality, the ‘open door’ is often only a possibility for many public institutions, one that they cannot effectively use. Some public institutions are only recently becoming aware that Internet standards can have such a profound impact on public policy (mainly after the Snowden revelation about the influence of the NSA on the Internet standardization). And, even if there is awareness, many public institutions are not equipped to follow the complex and fast-changing interplay between technical design and public policy.  The EC proposes that all stakeholders ‘strengthen (and where appropriate create) structured mechanisms to allow regular, early and truly inclusive upstream participation, review and comment in technical decisions’.

For the EU, ‘ruling by code’ is not a theoretical issue. A recent Google anti-monopoly case, which probably inspired the EC Communication,  shows how difficult it is to follow technological development. The Internet industry and technology have both changed so much over the three years since the EU initiated the Google investigation, that the current EU-Google settlement is considered to be too little, too late, as pointed out by Microsoft and Yahoo.  In the meantime, technological development has catalyzed the emergence of other policy issues,  such as those addressing mobile Internet.

 

As in Aesop’s fable about the tortoise and the hare, running after technology cannot help. Although comparing the EU’s speed with the hare could sound cynical, the EU – like any other public institution – plays the role of Aesop’s hare.  They cannot  win this race. The EU may have to change its role and become a tortoise, by ensuring that ‘technical specifications more systematically take into account public policy concerns’ as the EC Communication advises.