Regulation of the digital world has not kept pace with its role in our lives, says the Committee.
In its report Regulating in a Digital World the committee notes that over a dozen UK regulators have a remit covering the digital world but there is no body which has complete oversight. As a result, regulation of the digital environment is fragmented, with gaps and overlaps. Big tech companies have failed to adequately tackle online harms.
Responses to growing public concern have been piecemeal and inadequate. The Committee recommends a new Digital Authority, guided by 10 principles to inform regulation of the digital world.
The chairman of the committee, Lord Gilbert of Panteg, said: “The Government should not just be responding to news headlines but looking ahead so that the services that constitute the digital world can be held accountable to an agreed set of principles.
“Self-regulation by online platforms is clearly failing and the current regulatory framework is out of date. The evidence we heard made a compelling and urgent case for a new approach to regulation. Without intervention, the largest tech companies are likely to gain ever more control of technologies which extract personal data and make decisions affecting people's lives. Our proposals will ensure that rights are protected online as they are offline while keeping the internet open to innovation and creativity, with a new culture of ethical behaviour embedded in the design of service.”
Recommendations for a new regulatory approach:
A new ‘Digital Authority’ should be established to co-ordinate regulators, continually assess regulation and make recommendations on which additional powers are necessary to fill gaps. The Digital Authority should play a key role in providing the public, the Government and Parliament with the latest information. It should report to a new joint committee of both Houses of Parliament, whose remit would be to consider all matters related to the digital world.
10 principles for regulation
The 10 principles identified in the committee’s report should guide all regulation of the internet. They include accountability, transparency, respect for privacy and freedom of expression. The principles will help the industry, regulators, the Government and users work towards a common goal of making the internet a better, more respectful environment which is beneficial to all. If rights are infringed, those responsible should be held accountable in a fair and transparent way.
Recommendations for specific action:
Online harms and a duty of care
- A duty of care should be imposed on online services which host and curate content which can openly be uploaded and accessed by the public. Given the urgent need to address online harms, Ofcom’s remit should expand to include responsibility for enforcing the duty of care.
- Online platforms should make community standards clearer through a new classification framework akin to that of the British Board of Film Classification. Major platforms should invest in more effective moderation systems to uphold their community standards.
- Users should have greater control over the collection of personal data. Maximum privacy and safety settings should be the default.
- Data controllers and data processors should be required to publish an annual data transparency statement detailing which forms of behavioural data they generate or purchase from third parties, how they are stored, for how long, and how they are used and transferred.
- The Government should empower the Information Commissioner’s Office to conduct impact-based audits where risks associated with using algorithms are greatest. Businesses should be required to explain how they use personal data and what their algorithms do.
- The modern internet is characterised by the concentration of market power in a small number of companies which operate online platforms. Greater use of data portability might help, but this will require more interoperability.
- The Government should consider creating a public-interest test for data-driven mergers and acquisitions.
- Regulation should recognise the inherent power of intermediaries.
The 10 principles the committee recommends should guide the development of regulation online are:
Parity: there should be the same level of protection online as offline
Accountability: processes must be in place so that individuals and organisations are held to account for their actions and policies
Transparency: powerful businesses and organisations operating in the digital world must be open to scrutiny
Openness: the internet must remain open to innovation and competition
Privacy: measures should be in place to protect the privacy of individuals
Ethical design: services must act in the interests of users and society
Recognition of childhood: the most vulnerable users of the internet should be protected
Respect for human rights and equality: the freedoms of expression and information online should be protected
Education and awareness-raising: people should be able to navigate the digital world safely
Democratic accountability, proportionality and evidence-based