This article originally appeared in the World Economic Forum on July 19, 2021. It was co-authored with Jo Ann Barefoot, founder and CEO of the Alliance for Innovative Regulation, and Owain Service, founder and CEO of The Cognition Company.
Governments have been grappling with the challenge of how to regulate new and rapidly expanding industries while safeguarding against potential risks ever since technological change first accompanied the Industrial Revolution. In the 18th and 19th centuries, governments had to support the development of entirely new industries while addressing problems in areas such as child labour, sanitation and air quality.
These challenges needed to be addressed as a result of the dramatic economic and social effects of these industries. There were very clear benefits to the government in supporting their development, but also huge potential harms in allowing the market to dictate terms.
Today, governments face a similar tightrope act in regulating the global digital economy being forged by the Fourth Industrial Revolution. The public sector must enable firms to develop innovative new digital products and services, while building in regulatory safety measures against possible harms and clear guidelines within which firms can operate safely.
The difference is that, this time, public-sector institutions rooted in the 20th century and organized around regulating single industries need to be modernized to keep up with large firms increasingly spanning multiple sectors as part of the new digital economy. Take financial services: Activities like shopping and paying for goods on social media have both retail and financial services components and are subject to regulation by multiple organizations. As a result, new regulations continue to be rolled out, overseen by different agencies, to cover additional areas, which is creating a patchwork of regulators both domestically and internationally.
Even new cross-sector regulations often still need to be broadened in order to equitably address the full scope of rapidly expanding digital activities. For example, GDPR in Europe, a policy designed to safeguard consumers by protecting individual data, can make it difficult for start-ups and scale-ups to access the vast amounts of consumer data held by large firms. Yet often, larger firms can still share data across their own platforms. This creates new competition challenges, which are regulated by a different set of institutions.
So what can be done? To be effective, governments have to redesign the way they regulate the world’s rapidly growing digital economy, taking into account four new, parallel, emerging digital challenges.
1. Scope
Over the past century, regulators have identified challenges within markets that have lent themselves to developing agencies or regulatory bodies that dealt with that specific market – such as energy or telecommunications. Or they focused on a specific challenge, such as how to deal with monopolistic power.
But in the digital economy, the biggest companies stretch across everything from consumer goods and retail, to telecoms and energy. Regulatory bodies need to be refocused around similarly broader definitions of issues and markets as well.
For example, in the United Kingdom, the Competition and Markets Authority (CMA) and the Information Commissioner’s Office (ICO) are cross-sectoral competition and data protection agencies that set standards across the entire economy. In a recent review of digital markets, the CMA has recently started to redefine markets and market power.
In the United States, the Federal Trade Commission treats data protection as part of its broader mandate to protect consumers and has experience looking at automated decision-making. It may adopt an even more holistic view of data protection and competition under its new chair, who is a well-known figure in antitrust circles.
2. Scale
Regulators also need to find a way to keep up with unprecedented financial firepower that gives large technology firms the ability to outflank them on many fronts. Some of the largest companies have annual budgets larger than the GDP of most countries. With digital services that are integral to everything from how we shop to how we get around to how our financial services are processed, the operations of large digital players are critically important to the functioning of national digital economies. As a result, some policy-makers are considering regulatory frameworks requiring operational resilience requirements.
In addition, many digital services are now spread across geographical boundaries. As a result, regulation in one domain might not provide a full solution in the absence of agreements among a wider range of nations and states. This is where supranational bodies play an important role in setting standards for national regulation and providing guidance on global issues like cross-border data-sharing.
There are precedents for international regulation in the financial services market like the Financial Stability Board, which monitors financial markets, coordinates financial authorities and sets international standards. The massive, international, cross-sectoral scale of digital markets will create new issues and make international coordination difficult. Nonetheless, this is no reason to shy away from it, recognizing it may need to take the form of regional, rather than global, coordination of like-minded nations in the short term.
3. Digital products
Regulating digital data versus other commodities similarly needs to be reimagined. There is an implicit assumption that physical products sold on a digital platform are covered by current regulatory regimes.
However, the current lack of an explicit cross-sectoral consumer protection body in any country leaves consumers exposed to the digital exploitation of rules where products and services fall between sectors. An example is that consumers might erroneously assume that food sold by online retailers complies with national safety standards. Another is that an unregulated credit “Buy now, pay later” offer can feel like a loan to a borrower, in much the same way that a charge card or bank overdraft might. But while it may feel the same to a customer, the protections offered differ.
Even where firms are subject to the same regulation, the reality of day-to-day supervision is that digital activities are often not yet scrutinized in the same way and therefore not subject to the same supervisory intensity.
4. Digital behaviour
Finally, regulations need to be designed to address new forms of digital behaviour. One of the biggest lessons from past regulatory reforms has been that individuals don’t always respond in the way that regulators expect. When the UK government, for example, began to significantly open up the electricity and gas markets, there was an assumption that free markets would lead to consumers shopping around and switching suppliers for a better deal.
These assumptions were based on standard economic assumptions about how consumers seek to maximize their own self-interest. But it turned out that the vast majority of people stuck with the incumbent supplier.
Digital regulatory approaches need to be built around a more sophisticated understanding of what people are actually doing with new digital products and services, rather than how we might expect them to behave – even if consumers themselves are not always aware of how their data is being used and its value extracted.
A sustainable digital economy
Technological innovations are becoming ever more embedded in our day-to-day lives, generating valuable new opportunities but also digital risks that are increasing exponentially. Truly protecting consumers, while encouraging more technological advances, will require a more modern, holistic, regulatory architecture from governments.
As a starting point, policy-makers can begin to reconcile digital tugs of war between regulatory agencies by creating regulatory colleges and cooperation forums that help to provide solutions to some of the cross-sectoral challenges the new digital economy is throwing up. This is starting to happen, for example through the Digital Regulation Cooperation Forum in the UK, which seeks to understand where coordination points are required and address them head-on.
But what is really needed is a new oversight architecture that is fit for purpose in the age of the digital economy. Such a digital economy regulatory architecture should bring together and holistically address newly emerging cross-sectoral risks in terms of scope, scale, products and behaviour.