Why regulating layer-7 companies is not the solution to protect users’ rights

In several regions of the world, including the US, India, and Europe, proposals are being made to create a stricter legal framework for big tech companies, both in terms of anti-trust law and platforms’ liability over illegal hate speech. These companies are very often depicted as the “Tech Giants/Titans” posing a threat to countries’ sovereignty that therefore need to be regulated. This essay aims first to challenge this view, and then to show why regulation, as presently envisioned, is not tailored to safeguard human rights including the right to privacy and freedom of expression. Finally, alternatives to our current model will be analyzed.

Private empires are not new

In the first place, it should be identified in what way some tech companies have shaped our political economies to be labeled as “Tech Giants”. The Open Systems Interconnection model (OSI) sets seven layers according to which a telecommunication system is organized, from the physical layer (first layer) that corresponds to the electrical, logical and physical characteristics of the system, like the type of cable used, to the application layer (seventh layer), the closest layer to the final user, that interacts directly with users’ data and software applications that implement a communicating component. Because historically companies operating in the first layers were government monopolies in many countries, the links with the state on that level are still strong. At layer 7, the situation is different insofar that tech companies have transformed the organization of some industries states had long cooperated with, for example in the retail, advertising, and publishing sectors. As known, layer-7 companies rely on data collection to make profit.

In this regard, the evolution in authoritarian states is very interesting; at the beginning of the Internet era, governments in these states have feared internet platforms and adopted a strategy of information scarcity by censoring content and blocking access. Then, they realized that these technologies could offer a great potential to control and influence their population and started taking advantage of all the information and data collected on their citizens to consolidate their power and social control (ex: China). In other words, if layer-7 companies have disrupted political economies, the power to control them still lies in the hands of states.

Insofar, the comparison between powerful tech companies from today and oil multinationals in the past is interesting (see: https://www.nytimes.com/2020/08/31/technology/big-oil-faded-will-big-tech.html). Indeed, in both cases, we deal with a model in which big companies rule the economy and the stock market, influence anti-trust law, and have an impact on public opinion (big oil firms like Exxon had an impact on climate change views like tech companies influence political opinions of voters on today’s platforms). In this model, states cooperate with the private empires, e.g. business interests of oil companies determine foreign policy and diplomacy in the Middle East or the collaboration between governments and tech in the pandemic context (see: https://www.orfonline.org/expert-speak/treading-the-unusual-alliance-between-big-tech-and-the-government-post-covid-19-74472/)

Why regulation is not the solution and what are the alternatives

For a few years now, political actors in democracies have been trying to legally frame layer-7 companies, especially the European Union first with the GDPR, and now the DSA as well as the DMA. Though the political intentions go in the right direction, to better protect the right to privacy and to fight against manipulation and hate speech online, (over)regulation does not seem to achieve this end. Indeed, the solution proposed has simply the effect of moving the hegemony from the private sector (the tech companies) to the public sector (the executive and judiciary powers) to a certain extent. Anyhow, it still favors a centralized system with opaque software; yet having one entity in possession of user’s data, be it public or private, cannot be the solution.

Instead, platforms that rely on a free and open-source software and a decentralized governance should be promoted and implemented. Only that way can we ensure that user data remains truly private and can we prevent users from being manipulated by sponsored and targeted political content. These alternatives have existed for a few years now, like Diaspora, MeWe? or Mastodon, three platforms that use an open-source software and that propose to join or create pods (small communities of people who share similar interests). Yet, the deployment of these solutions is not preferred by governments. Since it would become much more complicated for them to extract specific data when needed (in criminal matters for example) if data privacy is really respected and if tech actors become fragmented, they are not pushing for this alternative path. This leaves only one option: society-rooted activism and mass education (from an early age).