28 May 1998 - 30 May 1998

The International Regulation of Cyberspace

Chair: Mr Ian Taylor MBE MP

The concept of our conference had sprung in some degree from an awareness that the special characteristics of the new world of activity opened up by dramatic advances in computer power and communications availability stood to pose an array of new conundrums, for example in the legal field.  But we reminded ourselves early on in our discussions, and mostly managed to remember throughout, that cyberspace and its potential represented primarily opportunity, empowerment and enrichment rather than problems or difficulties.  Regulation, whatever its source or form, should therefore be approached in the first instance not as constrainer or policeman but as facilitator to help deliver the dividends available in the freer, faster, more open and less costly conduct of commerce and other business, and in the spread of social, educational and artistic understanding and enjoyment.

None of us doubted that the progressive impact of the information-technology revolution would be massive and worldwide;  analogy with the invention of printing was recurrently invoked.  It was nevertheless urged that we should not too readily regard cyberspace as entirely sui generis and in need accordingly of unique régimes of comprehension and management.  In essence, IT made possible huge increases in the speed, volume and therefore facility of activities that were in themselves familiar;  and the starting presumption should be that the structures - legal and other - already developed for those activities should continue to apply unless there emerged cogent specific reasons for modification.

Caution about special régimes was further enjoined by the fact that the exploitation of cyberspace was plainly in fast-moving flux, and future patterns and relative saliences were hard to discern;  as the near-serendipitous emergence of both the internet and the world-wide web already illustrated, there was little ground for supposing that commentators would be less bad at long-term impact prediction in this field than they had customarily been in respect of past technological step-changes.  And we were healthily reminded that the real shapers and limiters of discovery exploitation, especially in earlier stages, were typically sociological and political rather than technical, as the discomforts of institutional and attitudinal adjustment came to the fore.

Most of us seemed minded to judge, in this setting, that the initial presumption must be against regulation and in favour of letting free markets - competition as the best of all regulators - sort out how cyberspace should best be managed.  Hasty or fussy regulation amid change carried high risks of unintended consequences and distorting stimuli to evade barriers.  If there had to be regulation, its characteristics should be flexibility, responsiveness, simplicity and comprehensibility to ordinary publics - and if all that was difficult to formulate and to agree internationally, then so much more reason for a wait-and-see modesty of approach.  Differences of emphasis did however show through our discussion of basic approach:  some participants believed that regulation should be essentially responsive, addressing issues only as their reality and importance became unmistakable;  others, arguing that in practice this might too often mean hasty politically-forced “do something” response to particular scandal or disaster, preferred to aim at a higher element of anticipation before difficulties became acute and options for tackling them escaped grasp.  But we all recognised that no single axiom, whether reactive or proactive, could prescribe for every case.

These generalities were healthily brought to earth by reminder that if the huge benefits of cyberspace for efficient business were to be realised some regulation or harmonisation was essential. Certainty and predictability were proper benefits for business to want maximised, even though international commerce had long been accustomed in some degree to operating in diverse environments and managing attendant risk.  Even at the purely instrumental level it was increasingly necessary to remove obstacles by seeking common rules and standards in such matters as the paperless authentication of documents and signatures - in which the available technology could itself provide high levels of dependability.

Beyond this, we knew, there loomed awkward problems about jurisdiction.  Cyberspace might not be a totally unique realm, but a radically distinctive feature was its virtual dissolution of the concept of location.  National boundaries could not function as a ready dimension of its activity, given the universality of potential access.  If constraint was to apply - for example in defence of the laboriously-built structure of intellectual property rights, or to prevent or punish the dissemination of content judged intolerable - was it to be geared to the tightest régime existing anywhere, or to the loosest?  Might the guiding concept be that the law of the country of origin governed? - but even if (by no means beyond question) origin could be established, this would be very difficult in political practice.  International jurisdictional agreements even if achieved in principle - a large “if” - were moreover almost always vulnerable to domestic pressures in awkward instances.  We found no neat answer on jurisdictional and (related to that) liability issues;  we suspected that business and comparable activity would have, for at least a considerable time to come, to do without global tidiness and clarity.  Caveat the inputter, or the user, might have to be the watchword.

We were mostly sceptical about the prospects for controlling the content of cyberspace traffic, even if (which we did not generally assume) that were desirable.  There was virtually no chance of agreeing substantive international norms - general guidelines leaving much room for more discretionary local implementation in detail were perhaps the limit of feasibility;  and moreover we were conscious that the most vigorous aspirants to content control were usually countries of non-democratic tradition.  We knew that pornography - especially child pornography - was a commonly-cited concern;  but we heard vigorous argument that, quite aside from the problem of shifting definitions and understandings, the proportionate scale and the forwardness of this in cyberspace were often exaggerated.  Useful devices of control - for example by parents - were anyway widely feasible by technical means at the “user” end, albeit not at national frontiers.  Privacy troubled us rather more.   Definitional problems again apart, we acknowledged that an important human right was at issue, but we could not readily see how to protect it internationally (a difficulty not new or peculiar to cyberspace, we recalled, but now made more acute by swift global access).  We did note a new dimension, in that IT could increasingly provide surveillance of a massive range of individual activity, down to the detail of shopping habits.  This could scarcely be prevented;  the best safeguard for the individual might be transparency - a requirement by law that the fact of surveillance for commercial or similar purposes should at least be disclosed to its object.

Were measures needed to limit or counterbalance damage that might be done by the potential of cyberspace to legitimate functions of public authorities?  We heard examples of how new avenues of commerce, like “distance” shopping, might so complicate tasks such as revenue-raising at state or province level as to force centralising shifts of tax structure (alongside more benign effects like readier and more accurate collection).  We traversed fairly briefly the familiar issues of cryptography, with its awkward tension between commercially-motivated (and sometimes government-mistrusting) desires for private access to “strong” cryptography to protect both confidentiality and the integrity of information, and the demand of governments, for reasons of national security and (still more, nowadays) of crime-fighting, to retain the power of ultimate access to information flows.  Unsurprisingly, we found divergent views about the merits of such methods as code custody by trusted third parties as a means of reconciling these conflicts.  Separately from that, we registered the desirability of international agreements about cross-border cooperation and harmonised rules of evidence to combat wrongdoing conducted in or through cyberspace.

We spent a good deal of time considering the responsibilities of government as ring-holder and regulator.  We acknowledged that if markets untrammelled were not working well, self-regulation by industry was usually the next best option;  but that was not always surely achievable, and governments were inescapably looked to by citizens to step in if unacceptable things were perceived to be happening, whether in the form of bad behaviour by other actors or of the failure of systems upon which the community had become dependent.  Government however had capabilities and roles not limited to last-resort regulation or rescue;  they should be alive to the positive facilitating contribution they might make as pioneers, as major purchasers, as example-givers, as seedcorn subsidisers, as research investor or possibly - though industry should usually be given first attempt at this - as setters of standards in respect of technological method ans (perhaps still more) of service level and quality.  This last point should remind us, so several participants urged, that government’s first concern should be for the consumer.  That in turn underscored the role of government in assuring fair and effective competition, dissolving bottlenecks, breaking strangleholds and furthering price and cost transparency (especially as present patterns, for example in the availability of information without charge, might well alter significantly).  The fair competition required was not just within categories of communication but also between them;  technological advance was progressively breaking down compartmentalisation and forcing convergence, and this salutary process ought not be impeded or distorted by regulations over-specific in terms of current technologies, or by failures of neutrality as between media, or by bureaucratic rigidities failing to match real-life evolution.

We allowed ourselve a brief excursion (an unscripted trailer to a planned November conference linking Ditchley and Harvard’s Kennedy School) into the impact of IT upon traditional political process. Regulation scarcely featured as an option here;  but we heard optimists proclaiming the empowering and devolutionary impact of readier information access for the individual citizen, and pessimists worried about single-issue demagogy, knee-jerk stance-taking and the erosion of representative government without balanced replacement.

Voices of unease were to be heard also about the possibility that the IT revolution would be of uneven global impact, maintaining or even deepening existing disparities.  One element of this was the dominance of English as at least the main navigational language of cyberspace even where content was properly responsive to other tongues;  there was a perceived undercurrent, it was suggested, of resentment of Anglo-Saxon IT imperialism, and countering this (even where it was not the expression of a desire for political control) might need measures for which markets alone could not be relied upon.  Beyond this special dimension there lay a wider concern about IT haves and have-nots, with the latter disadvantaged not only by lack of money but also by lack of education and understanding, sometimes exacerbated by ill-judged attempts at state constraint or manipulation.  The have/have-not divide might also, it was suggested, have an urban/rural aspect, possibly again requiring non-market addressal by government.

Throughout our debates there ran a thread of compromises having to be accepted and trade-offs to be made, as the occasional tension between desired freedom and desired order had to be resolved. But fears, hard cases and awkwardnesses should not rule.  At the end as at the outset of the conference the stronger strand was of opportunity to be exploited and benefit to be gained;  ultimately, we should trust the possibilities of cyberspace and our power to manage them.

This report reflects the Director’s personal impressions of the conference. No participant is in any way committed to its content or expression.

Chairman: Mr Ian Taylor MBE MP
Parliamentary Under-Secretary for Trade and Technology 1994-95

Dr David H Flaherty
Information and Privacy Commissioner, Government of British Columbia
Mr Kevin G Lynch
Deputy Minister, Industry Canada
Dr Michael Mehta
Adjunct Professor of Environmental Studies, School of Policy Studies, Queen’s University, Kingston

Monsieur Olivier Debouzy
Lawyer, August & Debouzy, Paris

Herr Joachim Schlette
Head, Technical Data Protection, Daimler-Benz Group

Mr Robert Bond
Partner Hobson Audley Hopkins and Wood;  Chairman ICC (UK) Electronic Commerce Committee
Dr Ray Crispin
Director, Communication Systems, Hewlett-Packard Laboratories
Mr Ron Danniels
Director, Cross sector Products, Logica UK Limited
Mr David Edmonds
Director-General of Telecommunications, OFTEL
Miss Diana Faber
Commissioner, The Law Commission
Ms Cheryl Gillan MP
Opposition frontbench spokesman on trade and industry
Mr Henry Manisty
Head of Government Relations and Regulatory Affairs, Reuters Limited
Mr Peter McCarthy-Ward
General Manager, UK Regulation, BT Regulatory Affairs Department
Mr William Macintyre CB
Director of CII, Department of Trade and Industry
Mr David Nissen
The Solicitor, Department of Trade and Industry
Professor Tim O’Shea
Master, Birkbeck College, London
Major General William Robins CB OBE
Director-General, Information and Communications Services, Ministry of Defence, 1995-98
Mr Andrew Saunders CB
Director, Communications - Electronics Security Group, UK Government

Mr Alan B Davidson
Staff Counsel, Center for Democracy and Technology, Washington DC
Mr Luis Hernandez
President, Netaxis, Stamford CT
Governor Michael O Leavitt
Governor of Utah
Mr Jack Q Lever Jr
Partnered Member, Intellectual Property Group, McDermott Will & Emery, Washington DC
Mr George M Newcombe
Partner, Simpson Thacher & Bartlett, New York
Mr Daniel Scheinman             
Vice President, Cisco Systems, San Jose CA
Dr Andrew L Shapiro
Writer, lawyer and policy analyst, Berkman Center for Internet and Society, Harvard Law School
Professor Eugene Skolnikoff
Professor of Political Science, Center for International Studies, Massachusetts Institute of Technology