On the one hand the internet is so good at remembering things that we have to create legal frameworks to force it to forget. On the other hand, in those instances where we expect the internet to remember things in the same way we used to rely on libraries link-rot and content-drift has resulted in valuable information no longer being traceable.
The concept of a sovereign nation-state grew out of the Treaty of Westphalia that established the absolute authority of a sovereign power over its territory. Technology compresses distances and helped improve control over the far flung regions of nation-states. The internet compressed distances even more. This coupled with globalisation has challenged the concept of sovereignty. Nations have opposed this with data localisation laws and slowly big tech companies are agreeing to be bound by concepts of regional sovereignty.
When measures being put in place to prevent third-party cookies from tracking individuals across the internet, companies that relied on these cookies to deliver personalised services had to find workarounds. Privacy activists are concerned that all this does is concentrate power in the hands of fewer gatekeepers. We can use this opportunity to move away from advertising as the business model for the internet and explore the subscription model.
Nowhere in the world have age verification obligations been imposed on online services like in India’s data protection law. Requiring users to prove their identity before the link they have clicked on can open will break the internet. Requiring children to get parental consent is not necessarily a good thing as parents often have a lesser understanding of privacy risk than their children who are digital natives. Instead we should hold platforms accountable for harms caused to children.
Data is not the new oil. It is infinite and unconstrained by geography. It is not destroyed when it is consumed and can be used simultaneously or repeatedly without degradation in quality. Countries should not try to regulate data like they regulate oil - by bringing it under their physical control. They should not only try and force big tech to share the datasets they have created, but also make the effort to learn what it takes to build datasets of our own—and then go about building them relevant to our context.
Lawrence Lessig was the first person to come up wtih the idea of regulating the Internet through code, suggesting that restrictions on digital platforms could be implemented through code. This approach, that could streamline complex, multi-party transactions, make them scalable and reduce the risk of non-performance is an idea whose time has come.
The first draft report of India’s Non-Personal Data Committee suggests democratizing data and introducing a new category of data principal - the community. However, absent guidelines for data trusts, the potential risks of politicization and favoritism within community action groups could result in potential misuse.
In times of uncertainty - such as during a pandemic, conspiracy theories abound. This gives lie to the notion that free speech ensures that truth will prevail. Since the internet lacks bi-directional links and user-editable pages, its design contributes to misinformation spread, unlike Wikipedia’s more reliable, interconnected model.
The Supreme Court of India’s recent judgment on internet shutdowns was initially seen as a strong denouncement, but closer examination reveals it’s not an outright condemnation. While emphasizing that shutdowns must be reasonable and proportionate, the court did not elevate internet access to a fundamental right, nor did it provide a clear ruling on the constitutionality of internet shutdowns.
There is a tension between data collectors and data subjects regarding ownership and value of their data. WHile traditional ownership concepts have not really succeeded when it comes to data regulation, contained within the idea of either collector-centric or subject-centric data trusts we might find an alternative approach to data governance.
