Last night, I had the pleasure of joining Meetup.com GC David Pashman's NYU Law class on Internet and Business Law for Technology Companies as a guest speaker. Over the course of the past semester, David’s students have played the role of internet company General Counsel, working on a variety of legal and public policy issues — everything from terms of service & privacy policies to considerations around patents, copyrights and regulation of the “peer economy”.
The big question that I posed to the group was about Regulation 2.0. The idea that, given the huge volume of real-time data produced by modern web services and the potential for radical transparency based on that, there is an opportunity to explore completely new regulatory approaches. Approaches that, rather than make up-front decisions about an activity (say, ride-sharing or peer-to-peer apartment renting), as we do in a “1.0” regulatory regime, we can instead be more permissive on the front-end, while at the same time introducing increased accountability through transparency. If this kind of approach worked, it would theoretically be simpler and cheaper to operate, while at the same time allowing for more new kinds of activities to be explored without fear of regulatory shut-down.
That is the big idea — that our regulatory regime can shift from “1.0” regulation to “2.0” regulation, the same way that online communities of user-generated content and transactions (think back to Ebay’s peer rating system) have developed internal systems that generate trust and enhance community safety.
A few months ago I drew up the basic idea like this:
Assuming you agree that there’s potential to forge a more effective, efficient, scalable regulatory regime based on transparency and accountability, that raises two major practical challenges, which I posed to the NYU students:
Protecting User Privacy: A transparency-based regulatory regime necessarily depends on some kind of data sharing agreement between web platforms (think Skillshare, Airbnb, Sidecar, etc) and the public (either the entire public, or maybe certain government entities). How do you square that with the need to protect the privacy of your users? How do you communicate the trade that users could be making (i.e., transparency in exchange for the freedom to participate) in a way that makes sense?
Protecting the Freedom to Experiment: Many new, web-enabled, network oriented businesses start off by operating in legal gray areas. This is almost a guarantee in some respects, as these companies explicitly exist to forge a new model, establish new norms, and prove that new ways of doing things are possible and ideally beneficial to all participants. But that puts them in an extremely tenuous situation: exploring new models while protecting users, avoiding undue regulatory or legal scrutiny (especially during early phases). An approach built on transparency would seem to need an explicit safe harbor in exchange for that transparency, otherwise it’s difficult to imagine that companies would voluntary participate.
Both of these considerations are borne out in the recent kerfuffle between Airbnb and the NYS Attorney General’s office. The AG is wants the data to suss out “bad actors” on the platform, and Airbnb wants to protect their users privacy (and likely, to some extent, the details of their business model. But this case is already years in the making. Can we imagine what it would have looked like to build a new Airbnb in a “regulation 2.0” era where transparency in exchange for freedom to operate was the norm? Can we imagine that in other sectors that are emergent now (such as digital health)?
It’s seems clear to me that 1.0 regulation in the era of web and mobile everything is not going to work. So we need to forge a new model — one that’s innovation-oriented, scalable, and takes advantage of tools & data that never existed before. This idea of “regulation 2.0” is a direction I’ve been thinking about a lot — I think there is a kernel of truth in it that we should try and build around.