By rssfeeds-admin 
Policymakers have none of that technical expertise, but are the legitimate source of policy decisions in any functioning society. They don’t have the means to develop new technical proposals: while most countries have a national standard body, their products are a poor fit for a global Internet, and those bodies generally lack specific expertise.
So, it might seem logical for policymakers to turn to Internet standards bodies to develop the technical solutions for their policy goals, trusting the open process and community involvement to produce a good solution. Unfortunately, doing so can create problems that will cause such efforts to fail.
What’s the Problem?
First, as discussed previously the voluntary nature of Internet standards acts as a proving function for them: if implementers don’t implement or users don’t use, the standard doesn’t matter. If a legal mandate to use a particular standard precedes that proof of viability, it distorts the incentives for participation in the process, because the power relationships between participants have changed – it’s no longer voluntary for the targets of the regulation.
Second, Internet standards are created by consensus. That approach to decision making is productive when there is reasonable alignment between participants’ motives, but it’s not well suited to handling fundamental conflicts about societal values. That’s because while technical experts might be good at weighing technical arguments and generally adhering to widely agreed-to principles (whether they be regarding Internet architecture or human rights), it’s much more difficult for them to adjudicate direct conflict between values outside their areas of expertise. In these circumstances, the outcome is often simply a lack of consensus.
Third, jurisdictions often have differences in their policy goals, but the Internet is global, and so are its standards bodies, who want the Internet to be interoperable regardless of borders. If policy goals aren’t widely shared and aligned between countries, it becomes even more difficult to come to consensus.
Fourth, making decisions with societal impact in a technical expert body raises fundamental legitimacy issues. That’s not to say that Internet standards can’t or shouldn’t (or don’t) change society in significant ways, but that’s done from the position of private actors coordinating to achieve a common goal through well-understood processes, within the practical boundaries of the commonalities of the applicable legal frameworks. It’s entirely different for a contentious policy decision to be delegated by policymakers to a non-representative technical body.
So, what’s a policymaker to do?
Patience is a Virtue
One approach that’s often recommended to policymakers is to avoid specifying the work or even a venue for it in regulation or legislation until after it’s been created and its viability is proven by some amount of market adoption. Instead, the policymaker should just hint that an industry standard that serves a particular policy goal would be useful.
However, this approach comes with a few caveats:
- A set of proponents that drives the standards work has to emerge, and they need to be at least somewhat aligned with the policy goal
- Consensus-based technical standards are slow, so policymakers have to have realistic expectations about the timeline
- If the targets of the regulation don’t participate in the standards process, they may be able to reasonably claim that what results can’t be implemented by them
These issues aren’t impossible to address: they just require good communication, alignment of incentives, management of expectations, and careful diligence.
Add a Configuration Layer
If the technology already exists or there’s an established effort to create it, one intriguing way to manage the gap is to span it with a new entity – one that creates neither technical specifications nor policy goals, but instead is explicitly constituted to define how to meet the stated policy goals using already available technology. That leaves policy formation in the hands of policymakers and technical design in the hands of technologists.
In technology terms, this is a configuration layer: clearly and cleanly separating the concerns of how the technology is designed from how it is used. It still requires the technology to exist and have the appropriate configuration “interfaces”, but promises to take a large part of the policy pressure off of the standards process.
An example of this approach is just being started by the European Commission now. At IETF 123, they explained a proposal for a Multi-stakeholder Forum on Internet Standards Deployment that fills the gap between the definition of Internet security mechanisms and the policy intent of making European networks more secure. Policymakers have no desire to refer to specific RFCs in legislation, and Internet technologists don’t want to define regulatory requirements for Europe, so the idea is that this third entity will make those decisions without defining new technology or policy intent.
Getting this right requires the new forum to be constituted in a particular way. It has to be constrained by the policymaker’s intent, and can’t define new technology. That means that the technology has to be amenable to configuration – the relevant options need to be available. The logical host for the discussion is a venue controlled by the policymaker, but it needs to be open to broad participation (including online and asynchronous participation) so that the relevant experts can participate. Transparency will be key, and I suspect that the decision making policy will be critical to get right – ideally something close to a consensus model, but the policymaker may need to reserve the right to overrule objections or handle appeals.
Needless to day, I’m excited to see how this forum will work out. If successful, it’s a pattern that could be useful elsewhere.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.