Sharing is Caring: Governing the Internet
Sasa Jovanovic, Second Prize, Undergraduate Category, Essay Contest 2019
January 31, 2020
Sasa Jovanovic is a senior at Bowdoin College in Brunswick, ME studying government, economics, and digital & computational studies. The daughter of a computer programmer, she was always fascinated by the interplay between society and technology, particularly intrigued by the question of institutional resilience in response to rapid innovation. She has won several recognitions for her work with respect to question of Internet regulation, including being named a youth ambassador to the Internet Governance Forum by the Internet Society, a RightsCon Young Leader by AccessNow, and is a Grua/O'Connell Scholar and Innovation Fellow at Bowdoin College. She is currently pursuing a senior thesis on data protection law and plans on attending law school in the future.
Ninety-one percent of Americans consent to terms and service conditions on the Internet without reading them. Myself included, on some conscious level willingly giving up my preferences, information, and online history for a BOGO sale at J. Crew. And yet, like most of Americans, I too, am shocked when my privacy online is violated.
Like, when Edward Snowden reveals the global surveillance practices of the NSA in 2013.
Or, when Facebook sold information of its users to Cambridge Analytica to shape voter behavior through predictive analytics in 2017.
Or, when Alexa, the home cloud device produced by Amazon, sends 1700 recordings of an American couple to an unrelated German man in 2018.
Perhaps, it is because, "when it comes to privacy and accountability, people always demand the former for themselves, and the latter for everyone else." Maybe we don't know how much we value our privacy until we've lost it, preferring the instant gratification of convenience that comes with a personalized online experience. Or maybe we just don't know that instant when we've lost it in the first place.
There is an ethical responsibility to regulate the Internet.
As much as technophiles love to espouse the Internet as the greatest thing to have happened to humanity since chopped liver (because who doesn't love chopped liver?), the technology has likewise committed its fair share of offenses, which cannot be ignored in a discussion of its regulation. Privacy aside—cybersecurity, digital inclusion, net neutrality, cyberbullying, and censorship are just a handful of other policy issues that concern the mal-use of the Internet, daily infringing upon users' rights and liberties. The protection of these rights and liberties are not confined to the material world, but must likewise be upheld in the digital realm. For the sake of the 4.5 billion Internet users around the globe, we cannot lay the debate to rest.
For the purposes of this article, when I use the word "regulate" in relation to the Internet, I refer to the development and application of shared norms, principles, norms, rules, decision-making procedures and programs that shape the use of the Internet. Implicit in this regulation is likewise a corrective mechanism that assigns punishment when regulation is abused.
Groundbreaking. The Great Equalizer. The Digital Revolution.
Many of the problems we are encountering in cyberspace are not new. Take privacy, as an example. Predicting modern dilemmas by over a hundred years, Supreme Court Justice Louis D. Brandeis and Samuel D. Warren wrote "The Right to Privacy," responding to technological developments of their own time, instant photography and audio recording, modest precursors to the Snapchat and Skype of today. Sure, Justice Brandeis could not have predicted the consequences of algorithmic bias, or driver-less cars, or the "question dictionary" as my grandmother calls Google. But he foresaw the potential dangers of unconstrained innovation on the civil liberties of the people, and he called for collective action to address it.
Who is responsible?
For the purposes of this article, "responsibility" will incorporate both the merit-based view, or the notion that blame is assigned to a party in according to the party which "merits" such blame, as well as the consequentialist view, which assigns blame only if this results in a change of behavior of the respective party.
Philosophers have quarreled for decades on the proper distribution of blame amongst actors which has led to animated discussion on disentangling the individual from the collective. Proponents of individual responsibility include Max Weber, who argues that the isolation of genuinely collective actions are too arduous and that groups cannot substitute for individuals in terms of formulating intentions for behavior. H.D. Lewis adds to Weber, claiming it is preposterous for an individual to be responsible for the actions of others as collective responsibility suggests.
To make individual responsibility theory relevant to questions of the Internet, I will return to the cookies policy problem that started this article. According to individual responsibility theory, because I was ignorant of the cookies policy, I would be considered responsible, therefore strictly liable, for failing to do the due diligence of reading through the terms of and conditions. Additionally, responsible would be the individual authors of the cookies policy itself, for formulating a policy that resulted in ill decision-making on the part of the consumer, in this case, myself.
What individual responsibility argument misses, is that is assumes that society does not ascribe blame to groups, when, in fact, it does all the time. David Cooper acknowledges that while it may not be necessarily correct to assume that a practice is ethically acceptable simply because it is a social norm, and therefore adds to the defense of collective responsibility. Suggesting that collectives are often irreducible to individual actions, the desire to assign blame such as to correct for a moral fault then must address the group rather than the indiscernible individual. The group acts as a single unified, moral agent.
Returning to the cookies policy problem, collective responsibility theory would likely ascribe fault to J. Crew as an organization. By doing so, collective responsibility theory effectively holds that the actions of the authors of the cookies policy were so heavily influenced by their employment to J. Crew, a type of group membership, that their actions could not be discerned from that of the organization. So, J. Crew as a whole is expected to be held liable for any confusion surrounding its policies. In this schematic, I too can be perceived to be a part of a group, as a member of the consumer population.
Neither theory is optimal. Where individual responsibility theory goes too narrow, failing to consider the social dynamics of decision-making, collective responsibility theory goes too broad, failing to realize the inherent incentive it puts into place for individuals to claim that their guilt goes only so far as their membership.
Shared responsibility theory has been hugely influential in the Internet governance space. Partly, it has to do with the Internet's scale, which encapsulates half the world's population, facilitating connections amongst all spheres of the global society regardless of territorial boundaries. The standards that Internet architects have developed since its inception further support shared responsibility, especially the principles of openness, in technical structure that allows for interoperability; global reach, in connection which allows for accessibility; and general purpose, which permits limitless innovation and collaboration.
Mostly, it is because everyone and no one owns the Internet, this decentralization effectively incentivizing every user to become a stakeholder in the success of the Internet, purely to reap personal benefits.
Internet governance turns on the concept of multistakeholder-ism, and incorporates stakeholders from government, the private sector, civil society, academia, and other groups. Incorporating the spirit of the Internet in its very governance, multistakeholder-ism encourages participation on behalf of these different entities such as to address the variety of needs from each group through collaboration.
It is not a perfect system. While the universality of the model suggests that one multistakeholder platforms would be enough to serve the purpose of shared responsibility, there is in fact an abundance of multistakeholder platforms, including the United Nations, the Internet Society, ICANN, amongst others. As a result, significant progress is lost due to disharmony amongst the various forums. Conflicting priorities amongst the involved groups themselves can also lead to stagnated progress, to the detriment of Internet users. Perhaps the greatest fault of the multistakeholder platform is that it struggles to enforce punishment. Since coordination is difficult amongst the sheer breadth of stakeholders involved, the multistakeholder approach fails to hold parties accountable even if the standards were agreed upon by all parties.
These challenges do not suggest that shared responsibility is no longer applicable, or that multistakeholder-ism is inherently flawed. Rather, it suggests the opposite. In order to have multistakeholder-ism work and be truly reflective of the spirit of the Internet, the respective platform needs to be empowered. It must have the ability to overcome disharmonies, streamline discourse, and enforce punishment. We do need a chorus of Internet stakeholders involved in the discussion of the Internet, but we do not need the cacophony of governing bodies that contribute to apprehension concerning its future.
All we need is one.