The Right Way to Regulate the Tech Industry

Over the past decade, tech giants have risen to become the biggest companies in the world, all while operating with little formal, structured government oversight. But this lack of oversight has come at a cost. Today’s patchwork of privacy laws and industry self-regulation lack transparency and coherence: The combination drives up the cost of innovation and doesn’t go far enough to encourage healthy competition or to protect the billions of people worldwide who now rely on the products and services tech companies produce.

A growing chorus of businesses, lawmakers, and regulators are now calling for big tech companies to be broken up, while tech executives are asking for closer government regulation.

So, what is the right way to regulate the tech industry?

One way that governments can put tech companies on a level playing field, both with each other and with competitors in regulated industries, would be to introduce a regulator for the tech industry in their country. Having a regulatory regime with nationwide statutes and clearly defined rules of engagement would also cut the cost of innovation while holding companies accountable for mitigating abuses of their inventions, ranging from criminal acts like recruitment of terrorists and child pornography to socially harmful acts like sharing user data and facilitating the spread of fake news.

For a national tech regulator to be effective, it would need to adopt regulations and new supervision methods capable of staying ahead of the potential threats posed by accelerating technological change.

The first country to figure out the best way to regulate the broader tech industry could become the focal point for the next chapter of the world’s digital revolution. Drawing on lessons from other regulated industries, we propose several ideas for how to accomplish this with big tech.

Create an overarching regulatory structure. To regulate tech, governments first need to determine the appropriate regulatory scope for the industry. Defining what is within the regulated perimeter, what is outside, and how new companies and their activities are brought in is crucial in establishing how to engage with both regulated and unregulated areas. It provides clarity for both individuals and companies on what is protected and what is not.

Focus on three overarching objectives. Tackle the most pressing issues facing the industry: safeguarding individuals and society from maltreatment; promoting responsible innovation and robust competition; and establishing understandable and consistent parameters for data privacy( and monetization(

These regulatory goals need to be reinforced by metrics that will enable an agency to judge if tech companies are complying with national statutes. If they are not in compliance, the agency should be empowered to carry out a specific range of disciplinary measures to encourage appropriate behaviors such as cease-and-desist orders, comply-or-explain requirements, fines, or legal sanctions.

Develop standards-based regulations. Innovations coming out of tech companies and the risks that accompany them are evolving so rapidly that it’s easy for regulators to fall behind. Standards-based regulatory regimes( capable of adapting to technological and social change can help regulators get out in front and stay there.

Standards can be reworked for new risks, but changes to regulations and laws require extensive public consultation. With a standards-based approach, regulators can introduce new ...