Do (not) touch: Self-regulatory safe harbour of social platforms

Event report

[Read more session reports and live updates from the 13th Internet Governance Forum]

The session addressed the general call, from civil society and government sectors, to regulate online platforms. Regulation is necessary, considering the reach and scope of platforms. Personal data shared by platform users has been employed to modulate democratic election results. There are also concerns related to privacy rights. Panellists agreed that the self-regulatory model is not enough anymore and considered that a multistakeholder approach is the best option to regulate platforms, encompassing public authorities and the platforms themselves. The point was raised that platforms should be more proactive in the risk assessment of sharing personal data. They should make users aware, in an accessible way, of the risks they are exposed to when providing personal data.  

The session was moderated by Ms Olga Kyryliuk, CEO, The Influencer Platform, who highlighted that currently there are calls for the regulation of online platforms from both civil society and government sectors. This has encountered practical obstacles, including the fact that many companies operating online platforms are based in foreign countries which are not willing to regulate them. In addition, there are no easy answers on how online platforms should be regulated, considering that so many rights are at stake. However, Kyryliuk agreed with President Macron’s view that online spaces do need more public regulation. 

Mr Claudio Lucena, Researcher, FCT Portugal, Professor, UEPB, Brazil, believes that regulation of online platforms is inevitable considering their scope and reach. Social media platforms have started to be described as a threat for many consolidated social values, such as democracy and privacy. Lucena stressed that online platforms have evolved over the two last decades and the kind of information exchanged in these spaces has changed a lot, now being much more sensitive. Kyryliuk asked where we are going now in terms of regulation, and Lucena responded that we need to have a multistakeholder approach and learn how to regulate together. Companies will have to cooperate in order to make the process feasible. 

Mr Nicolas Diaz Ferreyra, Research Fellow, University of Duisburg-Essen, started by saying that our digital data is intangible. Since the beginning, Internet users have shared extensive personal data on online platforms, because they were not aware of the risks involved. The idea that our personal data is valuable has only recently become widespread. He suggested that researchers, policy makers and the private sector should concentrate on risk assessment, awareness, and development of good practices. Such practices exist in any other sector in which consumers are involved. Terms of service should include clarification of the risks related to sharing personal data on online platforms.

Mr Salvador Camacho Hernandez, CEO, Kalpa Protección Digital, Private Sector, Latin American and Caribbean Group (GRULAC), indicated that people in Mexico are not getting connected to the Internet anymore. They are getting connected exclusively to Facebook and have no clue that they are giving away their data. He considers that one of the main competitors to Domain Names are the social media platforms. It is very easy and apparently free to have an account on them. Therefore all kinds of businesses have migrated to online platforms instead of having a personal page and a domain name. Having a Domain Name implies much more freedom, in terms of data flux, however the monopoly of online platforms have threatened this freedom. Hernadez concluded by suggesting that users should be paid for the data provided on platforms. 

Ms Natalia Filina, EURALO Individuals Association, ISOC, Private Sector, Eastern European Group, emphasised the role of digital education in properly addressing the risks related to data on online platforms. She also believes that self-regulation is no longer enough to protect the rights of users.

Ms Catherine Garcia Van Hoogstraten, Faculty of Public Management, Law and Security, The Hague University of Applied Sciences, considered that public and private partnerships (PPPs) are a possible legal solution to combat cybercrime on online platforms. PPPs are already provided for by the Budapest Convention, which is a framework of procedural law for the purpose of public/private cooperation. However, a precondition for international public and private cooperation is enabling criminal justice authorities to have the necessary powers to investigate cybercrime, and secure electronic evidence. Therefore such powers are already provided by articles 16 to 21 of the Budapest Convention, and must be clearly defined in national criminal law.

By Ana Maria Corrêa