Reigning In the Power of Tech

The current era, at the beginning of the 2020s, is marked by a dominance of the tech industry. Most of the wealthiest people on earth are owners of tech companies, hoarding billions of dollars from their customers. The platforms they are running wield enormous power over their users and are excellent vehicles for targeted advertising and behaviour regulation. The balance of power between the platform owners and their respective users has become locked in an unbalanced position, with the owners able to accumulate ever more wealth and power. Without some countervailing power, there will be no end to this trend. It is not too hard to imagine what the consequences of this ever-continuing trend will be: a total power grab leading to authoritarian rule by a network of tech plutocrats and their friends. What can we do to organize some of the necessary countervailing power?

Diagnosing the problem

I see several characteristics that distinguish the current "platform economy" from earlier, more equitable market economies.

The first is that platforms are collective infrastructures, under the control of private companies. Their size matters; the value of their services increases as the user base grows. You see this especially in social media: when a platform operates around connecting people, it matters how many people you can connect to. This characteristic leads to natural monopolies. And natural monopolies in the hands of private companies are generally bad news. These situations lead to wealth hoarding and abuse of power.

The second is that the Internet is a global infrastructure, which means that there is insecurity about the jurisdiction that applies to the services delivered by tech companies, especially when there is cross-border traffic. Lack of a global legal framework and judiciary means that the companies offering services can look for the most profitable legal framework to operate under, which is often not in the interest of the users or in the public interest.

The third is that contracts are often non-negotiable. Tech companies have resorted to complex terms-of-use which users can either opt into, or be excluded from use. When the user opts in, he has effectively signed a contract. This behaviour, combined with monopolistic markets, allows internet service providers to skew the terms-of-use to their own advantage.

This brings me to the fourth point: data hoarding. With the user opt-ins in hand, the tech companies have been implicitly allowed to gather enormous amounts of user data, which can then be used to allow for targeted advertising or influencing operations. Many of these tech companies sell user data to other companies specialized in analysing data for PR purposes. This all combines into a great threat for privacy and freedom.

How to tackle these problems?

The four characteristics that I just described do have some synergy, which means that tackling one or two might solve the whole problem. There are some existing initiatives tackling the issues involved with the internet economy.

When you look at monopolies, anti-trust laws could provide a vehicle for action. Elizabeth Warren has proposed some actions along these lines during her presidential campaign, most notably breaking up Facebook. In essence, this would not break the monopoly of Facebook, but it would guarantee the independence of different platforms interoperating (Facebook, Instagram, WhatsApp). Another action that would help in this regard is legislating interoperability standards across platforms, so that users can be connected over different platforms. "Four corner models", these are called in some contexts. In these types of models, each user chooses his own provider, and the providers form a network along which services can be delivered between two users. The network standards are publicly monitored. A problem with this approach is that it works much better when a market is still forming than when the monopolies have already been established. The cost of entry to such a market is prohibitive in most cases.

The international legal context is harder to tackle. What you see here is some bigger entities trying to move ahead with creating new legislation in hopes of setting a new standard. The EU's General Data Protection Regulation (GDPR) is a prime example of this. For the rest, this seems to be a given situation that is hard to solve reasonably soon.

The non-negotiable contracts are a serious problem with few efforts to get rid of them. What you see here is tech standardization groups, such as the U.S. National Institute of Standards and Technology (NIST), incorporating this phenomenon as part of the definition of "cloud services". Supposedly because this makes life easier for the consumer: you just have to click to get access ("no human interaction", they call this). Hardly anyone, however, reads what they agree to at the time of signing. I am convinced that more can be done to tackle this, and much of the rest of this essay will deal with that. Essentially, I think there should be legislation that these model contracts need to be negotiated first, before they can be put to the individual clients to accept them. As counterparty to these model contracts I will plead for client associations.

The fourth problem, data hoarding by tech companies, is a major target of GDPR. Of course, since GDPR is European, it doesn't apply everywhere. But also, since GDPR requires mostly transparency, it is not a fool-proof guardrail against opportunistic use of data by tech companies. They can still be transparent and ask for a (pretty much forced) opt-in.

From this overview, I conclude that the third characteristic, the non-negotiable contract, would be a good target to look into for further legislation. Let's explore what that might look like.

Basic idea for negotiable contracts

Under the current legal framework, service providers (esp. Cloud services) can dictate their own standard contracts to their clients. There is hardly any room for negotiating deviations from these standard contracts. My idea is to only allow this practice to continue, if the standard contracts have been negotiated collectively with the client base. In order to allow the client base to organize as a collective, the service provider should be obligated to found client associations for each service or contract type that its business model requires.

The negotiation would concern all terms of use, except the price, which could still be unilaterally set by the service provider. Therefore, not only the service levels of the service would be under scrutiny, but also the privacy policy, liability, etc. If a negotiation failed, the service would have to be discontinued. In case of conflict, parties may lay their dispute before a court of the country where the service provider is registered. The client association would register in the same country.

Client associations are formed by members, and becoming a member of the association would be an integral part of the model contract for the service. Thus, every client would automatically be a member of the client association. The client association is a democratic organization, it is ruled by a general assembly of clients, who can all cast one vote. Both real persons and companies or institutes can be members of a client association. It depends on who is the contract partner. Members can come from all over the world.

It would be wise for governments to set model statutes for client associations, so that the inner workings of these associations are uniform, at least at the start. Associations may vote to change these regulations.

Associations also set membership contribution, which can be collected via the service provider's infrastructure (meaning the association may force the service provider to add the contribution to its own service fee). The association is responsible for organizing oversight on the compliance to the provisions in the model contract by the service provider.

Associations are governed by a board, which is elected by the members. The boards govern the negotiations, prepare the (virtual) general assemblies and can employ people, e.g. to do the oversight work. It would be my preference to set a fixed size of the board depending on the number of association members, in order to avoid political manipulation of board size.

Example: intermediary platform

To show how a rule framework like this might work, let's take Uber as an example. Uber is a platform which connects passengers to drivers, in order to provide transport as a service.

Uber has two types of contracts to support: passenger contracts and driver contracts. These are two distinctive roles in their business model. Therefore, Uber must found at least two client associations, one for passengers and one for drivers. Each of these client groups has different contract provisions.

The Uber Driver Association would collectively negotiate the conditions under which Uber can assign rides to drivers. This type of format would lead to the Association functioning as a type of labor union. This would be a very welcome correction of the current misbalance of power between Uber and its drivers.

The Uber Passenger Association would primarily negotiate a guaranteed quality-of-service. Uber will need to take responsibility for this quality, since they are the party with which the passengers interact. They cannot hide behind a role as intermediary. The price of the service will still be dynamic, determined by Uber.

Consequently, having to deal with collectives of both drivers and passengers leads to additional constraints on Uber's business model. Many of these are the same constraints that taxi companies have to deal with, which rebalances the playing field.

Example: social media platform

A similar example could be made of the biggest social media platform currently running: Facebook. Simply said, Facebook's business model revolves around three groups of stakeholders: users (the ones who form networks), advertisers and news providers. Assuming this basic business model, Facebook would have to install three client associations.

The Facebook User Association would be in a position to negotiate Facebook's editorial policy, since all contract provisions would be negotiable. Another interesting notion is that the Facebook User Association would have over a billion members, which would allow it - even with a small contribution of like ten cents a year - a huge budget to monitor Facebook.

If Facebook would like its platform to remain free to use, Facebook could choose to compensate the membership fees set by the user association. Platform providers should be allowed to do this.

Another very interesting potential dynamic could be that Facebook could try to shift responsibility for policing user behavior to the Facebook User Association. Hey look, they're your members! I think it would be smart if Facebook would do this, and to relegate their own role to an executive role, leaving the legislative and judiciary to the User Association. Similarly, Facebook could shift responsibility for the veracity of news content to the Facebook News Provider Association. Let the ethical aspects of the business be governed by democratically elected boards.

With this type of dynamic in place, the whole structure and culture on social media platforms would change in a generally good direction, mostly depending on the characteristics of the majority of members.

Challenges and requirements

Hopefully, these two examples illustrate the potential of having client associations to negotiate model contracts and organizing oversight over contract provisions.

Introducing such associations faces some challenges which need to be met:

1. There should be a start-up period for the introduction of new services, during which the client association can be set up. For example, one could set a beta-period for the service of two years, during which the association needs to be organized and the first model contract needs to be negotiated.
2. As a transitory measure when such legislation becomes applicable, a similar start-up period should be allowed, possibly supplemented with a transition period for adapting the service to the agreed contract.
3. There should be reliable platforms, preferably public platforms, for supporting the inner workings of client associations, such as membership management, remote conferencing and voting, taking into account worldwide membership.
4. There should be legal procedures for splitting or merging services and their respective client associations. Such actions cannot be taken unilaterally by the service provider.
5. There should be some form of global digital identity management, in order to prevent identity fraud and thus avoid double voting in client association elections. It facilitates reliable membership administrations.
6. The legal requirements to form client associations need to be targeted and scoped accurately, so that not all types of services face this requirement.

The last point requires a bit of elaboration. The concept of service delivery is quite generic, but the essence of the membership requirement only applies to certain types of service. This proposal concerns generic services, contracted using non-negotiable model contracts, with the following characteristics:

1. Based on a subscription model, in which service delivery takes place over a longer period of time;
2. Using the Internet for service delivery.

As for the size and scope of client associations, these should match the scope of the service. A service provider cannot divide its worldwide membership into geographical associations, without limiting the scope of the service in the same way. Similarly, if Facebook would like to integrate WhatsApp into Facebook, it would need to merge their respective user associations as well (which would need to vote on that proposal).

An introduction strategy

It will be difficult to introduce such a legal framework in a worldwide context, therefore a strategy is needed for gradual adoption by different jurisdictions. The advantage of this model is that it is highly beneficial to individual consumers, which makes the incentive for companies to adopt it much bigger - it can be a good way to enter a market dominated by a monopolist. Therefore, if the EU, a relatively big player on the world stage in this respect, were to adopt a legal framework, which would nullify any contract opted into by EU-citizens without representation in a client association, then things might start to move. The GDPR took a similar strategy to introduce better privacy regulations to internet services delivered worldwide to EU-citizens.

I would therefore propose to follow a strategy similar to the GDPR for a framework allowing collective bargaining by a client base via client associations. Countries that do not legally support associations will have a serious disadvantage in this new context, which might possibly lead to service providers relocating.

Finally, I would like to mention that user associations already exist in practice. Some companies develop their products and services governed by the demands of their user association. Therefore, the concept is feasible in practice.

Michiel van de Sande, April 30, 2020
This essay is the personal opinion of the author.