My Lords, I have the privilege to introduce this debate on the report of the Communications Committee. I do so as chairman of that committee. I am most grateful to the staff of our committee for their assistance in preparing the report: Theo Pembroke, the clerk; Niall Stewart and Theo Demolder, the policy analysts; and Rita Cohen, the committee assistant. They have turned their excellent minds to a whole range of complex issues and have given the committee first-rate advice. I also thank Professor Andrew Murray of the LSE, who provided in-depth and expert advice throughout this inquiry. Of course I thank the members of the committee, who have brought have brought great expertise, experience and insight to this study of a complex and vitally important area of public policy. I declare an interest as a freelance consultant to Finsbury, a PR company, and I am an electoral commissioner.
The internet has enabled people and organisations to communicate, participate in society and democracy, and to transact business on a scale which would have been unimaginable only a couple of decades ago. However, regulation has not kept pace with the nature and scope of the digital services which now affect the lives that we live. A large volume of activity occurs online which would not be tolerated offline, including abuse and hateful speech. A handful of very large tech companies have come to dominate the environments in which they operate, buying up potential competitors. Self-regulation by online platforms is inconsistent, unaccountable and inadequate, so there is a compelling and urgent case for further regulation.
What is needed is not just more regulation but a new approach to regulation. More than a dozen UK regulators have a remit covering the digital world, but no single body has complete oversight. Regulation of the digital environment is fragmented, with gaps and overlaps. Problems are neglected until they become emergencies. Policymakers offer knee-jerk responses to media stories which may have unintended consequences. One of our witnesses described this as “regulation by outrage” and compared it to whack-a-mole. Regulation needs to be better co-ordinated, more consistent and in line with the public interest.
In our report we set out proposals to ensure that rights are protected online as they are offline while keeping the internet open to innovation and creativity, with a new culture of ethical behaviour embedded in the design of services. UK regulators have a world-class reputation and help to make the UK an attractive place for business. Tech companies should work with regulators to build well-considered, stable regulation which leads to consistent and predictable outcomes. There is a great opportunity for the UK to benefit from the soft power that comes with the international reputation of its regulators and for tech companies to be part of a programme of thoughtful, measured reform.
We had two key recommendations which shaped our report. First, we recommended the creation of a new digital authority to co-ordinate regulators and to identify and address gaps in regulation. Its board would consist of the chief executives of the relevant regulators with independent non-executives. It would work, crucially, with Government, Parliament and civil society to draw up priorities and work across its component bodies. It would continually assess the regulatory landscape and from time to time make recommendations on what new regulatory powers were needed.
The authority would also play a vital role in providing the public, the Government and Parliament with the latest information on technological developments. Under our vision, there would be an important role for Parliament in monitoring progress and responding where regulatory gaps are identified by granting new powers as necessary. To this end, we proposed a new Joint Committee of Parliament with a remit to consider all matters related to the digital world. This will enable Parliament to maintain democratic scrutiny over the regulators. The work of this Joint Committee would be informed by the digital authority, which would regularly report to it.
In their response to our report, the Government state that they aim to provide co-ordination and oversight through their digital charter programme. They note several initiatives to strengthen the regulation of digital technology, including the work of expert reviews. However, our concern is that implementing the recommendations of each of these separate pieces of work could further fragment the regulatory landscape. Many reviews and reports have recommended new regulators. However, we believe it is time for co-ordination, not proliferation, of regulators. That is why we propose the digital authority as a forward-looking, horizon-scanning body that consolidates and supplements what is already there. We think the horizon-scanning role is vital, enabling us to get ahead of technology changes that will affect our society and to design, with the industry, public policy solutions to address emerging risks.
For those who worry about the impact of regulation on innovation and freedom of expression I argue that, by anticipating the future impact of technological development, regulation is likely to be more proportionate and considered. With much greater co-operation from industry in the process, credible solutions at the design stage are also more viable. That is why we see the digital authority as a UK centre of expertise that can support our regulators, Government and Parliament and attract talent that is so often poached by the big tech companies.
Our second key recommendation was that all online regulation should be underpinned by 10 principles, including accountability, transparency, respect for privacy and freedom of expression. These principles would help the industry, regulators, the Government and users work towards a common goal of making the internet a better, more respectful environment that is beneficial to all. Responding to our report, the Government said that these were aligned with the principles set out in their online harms White Paper. However, we argued for principle-based regulation that is flexible and seeks to ensure appropriate outcomes. This is necessary in the fast-changing world of the internet. Our principles are not just an aspiration for what regulation should look like; they are intended to inform both the development of policy and the implementation of regulation. In each case, they cannot be taken separately; policymakers and regulators must consider them together, carefully balancing competing factors such as regulation and innovation, online safety and freedom of expression.
The Government have done considerable work to address online harms through their White Paper. I welcome efforts to introduce robust regulation, but our concern is that they appear to be doing this in isolation from other work. To begin, we noted that questions of design are at the heart of how the internet is experienced. It affects how users behave online and how decisions are made about them. The architecture of many online services is designed to capture users’ attention so that their data—essential to the business models of most of the large tech companies—can be extracted. Personal data are processed using black-box algorithms that are not transparent. Extraction is not limited to data that users upload; behavioural data are gleaned from users’ online activity. We recommend that users should have greater control over the collection of personal data; maximum privacy and safety settings should be the default.
The Government noted that the general data protection regulation addresses a number of these points, but this law is new and its application untested. We identified grey areas that the Government should clarify, such as inferred data. We also suggested ways to increase transparency and accountability in line with our principles. For example, we recommend that data controllers and data processors should be required to publish annual data transparency statements detailing which forms of behavioural data they generate or purchase from third parties, how they are stored, for how long, and how they are used and transferred. This is quite different from the privacy statements that currently exist.
The internet presents challenges to competition law. Digital markets develop quickly, whereas the competition regulator relies on meticulous and ex post analysis. There is widespread concern that competition authorities place too much emphasis on price. Meanwhile, the digital economy is characterised by the concentration of market power in a small number of companies that operate online intermediary platforms. These platforms benefit from network effects to gain dominant positions in their respective markets. Some of them provide services to consumers without charge. As intermediaries in markets they can shift costs from consumers to suppliers, while both are dependent on them. Information gained from direct access to consumers also gives platforms a competitive edge, and they have huge big data sets. There is concern that they use this information to identify and buy up emerging competitors. The Government should consider creating a public interest test for data-driven mergers and acquisitions. To deliver this, the digital authority could help co-ordinate the work of the Competition and Markets Authority and the Information Commissioner’s Office, both of which gave us thoughtful evidence.
Regulation should also recognise the inherent power of intermediaries. Greater use of data portability might help, but this would require more interoperability. I welcome the review by Professor Jason Furman that explored these issues and made recommendations. The noble Lord, Lord Tyrie, has called for the Competition and Markets Authority to have greater powers to regulate in the interests of consumers; I look forward to his contribution to this debate. Technology companies provide venues for illegal content and other forms of online abuse, bullying and fake news. Although they acknowledge some responsibility, their responses are not of the right scale to deal with the problem.
The Government’s proposal to introduce a duty of care accords with our recommendation. However, we did not wish to recommend a new regulator to enforce this duty. We recommend that, at least initially, Ofcom should be responsible for enforcing the duty of care. In so doing it should focus on the process for dealing with online harms rather than on content or on specific instances of wrongdoing. Big platforms should invest in better moderation processes. They should be held to the standard they set out in their own terms of service. We also recommend that online platforms should make community standards clearer through a new classification framework akin to that of the British Board of Film Classification. I would be grateful if the Minister could respond to that recommendation. I also ask him for assurances about the impact of the duty of care on the press and how the Government intend to balance journalistic freedom with regulation of online harms.
Looking at the speakers’ list, I know we will enjoy a thoughtful and fascinating debate this evening and look forward to noble Lords’ contributions. I beg to move.