How are the rules made on the internet?

Foto: joexx /

The internet is regulated on the basis of a multi-stakeholder model. That means that states, internet firms and civil society together decide how the internet is to be run. What challenges do they face? Where is the greatest need for action? Interview with Wolfgang Kleinwächter

iRights.Media: How is internet regulation different from other regulatory areas?

Wolfgang Kleinwächter: Originally the regulation of the internet was about addr­essing specific technical issues: for example, determining how individual services and servers communicated with one another. States didn’t play a role. At the end of the 1960s a procedure was developed which is called “Request for Comments” (RFC) and you could say that this is the rulebook of the internet.

These RFCs came about in consultations that the technical community organized amongst itself. They are not linked to classical regulation criteria, such as a territory or a population. The discussion processes are open: all interested parties can get involved. That is the biggest difference from the way that parliaments create legislation, or the way that states draw up treaties.

How did this method of regulation come about, in which all participants are involved, and how did it spread beyond the technical community?

In the 1980s and the 1990s, it came to be understood that it was not possible to separate the technical and political regulation of the internet. The legal expert Lawrence Lessig summed this up when he said, “Code is law”. Codemakers create new virtual spaces which then challenge lawmakers.

That has changed the relationship between the people who write code and the people who make laws. Manuel Castells described the new relationship between hierarchies and networks in his 1999 book The Network Society. Closed, opaque, top-down models of politics are complemented or replaced by open, transparent bottom-up models. That creates a drive towards a new model of politics, what is called the multi-stakeholder model, in which parties who are directly affected by and implicated in political decisions, i.e. service users and providers, are involved in the decision-making process. In this model, governments remain an important factor, but the technical community, the business sector and civil society must all have an equal involvement in drawing up rules. De facto, it also involves expanding representative democracy to involve participative elements.

Would it not be enough to regulate things at the technical level? Why do other players—businesses, experts or states—need to be included in internet regulation?

The technical structures of the internet and the applications that are built on them have far-reaching political, economic and cultural consequences. For example, twenty years ago the MP3 format shook a whole branch of industry—the music industry—because it impacted audio files in particular. That threw up whole new questions connected with intellectual property and copyright. The development of technology has undermined existing business models and legal systems. If laws ignore technical conditions or innovative business models, then they will be stepping out into the void. If they contradict users’ interests, civil society will be out in the cold. The only way to find a sustainable solution is that all interested parties and participants should be involved in developing norms and rules to shape the internet.

What are the strengths and weaknesses of this model? Does the network structure make it more vulnerable or even more reliable than traditional models of governance?

It is too soon to say. The jury is still out for such models of participation. However, we must bear in mind that procedures involving many participants are more complicated than those with only two participants. It is already difficult enough when governments negotiate with each other. When business, civil society and scientists get involved, international negotiations will become even more complicated.

The Chinese government has interests that differ from those of the American government. The interests of a large company like Google are different to those of medium-sized businesses. In civil society, we have a broad spectrum of different views; even in the scientific community there are different perspectives.

So making this model work is a long-term project. But the first steps have already been made. With the so-called IANA transition, a global resource will be administered by the international community jointly, on the basis of a multi-stakeholder model—this refers to domain names such as .de, .org It’s only one leg of the journey, but this does show us how things could go in the future.

States can respond very defensively to attempts to remove their regulatory powers.

It is certainly a welcome development that the leading industrial powers are currently supporting this multi-stakeholder model. At the G7 meeting in Japan, at the OECD meeting in Cancún in Mexico, at the G20 meeting in Hangzhou, at the World Summit on the Information Society—support for this model can be found everywhere. But everyone understands it differently. Many think that the multi-stakeholder model is only good as long as the governments retain control. But it is important that the multi-stakeholder model be developed further, and that we answer the question of how different interest groups can cooperate as equals and share decision-making powers.

There are certain issues where even democracies are reluctant to move in this direction. For example, on cyber-security, governments will flatly refuse to work together with civil society. But that is the wrong reaction. In the long term, even questions of security will prove insoluble unless all participants are involved in one way or another.

What are the three key areas of internet regulation which must be resolved?

The first is security. That means national security, so questions of cyber warfare, cyber weapons, cyber terrorism. But it also refers to cyber-crime and the technical security of networks. The second major complex is economic matters. That relates to electronic trade. This is an area that places new pressure on the World Trade Organization. One can see in the protests against TTP, TTIP and TISA that the old models of separate trade agreements aren’t working any more. This is where new developments come in which are designated by terms like “Industry 4.0” and “The Internet of Things”. This brings us to the concept of “Work 4.0” and the question of how jobs will work in the future. The third complex of problems are general questions of human rights: freedom of speech, protection of privacy, freedom of assembly and so on. Security and human rights are as important in internet policy as they are in world politics. Security is involved here again. Is the protection of privacy and free speech a threat or a support to national security?

We will be discussing these three questions—security, business and human rights—for the next twenty years.

In China and other parts of the world there are massively divergent applications of a general agreement on how the internet should work. What is the best way to respond to this?

China is hurting itself if it erects barriers that limit the activity of its big companies—like Baidu, Weibo, AliBaba or China Mobile. It is in China’s own interest to find a balance. Finding a way to balance out interests will dominate the political discussions of the coming years.

Less democratic states which want to control everything are affected by questions of sovereignty. There is a real risk that the whole thing will break up into a fragmented internet. In an extreme case, that could mean that you would need permission if you want to send an email to a different country—a kind of entry/exit visa system. Technically that is possible, even if it would be absurd and damaging from every point of view. But then war is also absurd and harmful, but people still do it.

The open and free internet to which we have become so accustomed to over the last thirty years can be torn apart. The internet is a network of networks, and every network can be governed separately—for political or economic reasons. If Facebook were to say that the internet is OK, but only if everything happens via Facebook, then that also would be a closed community. That is not an unrealistic worst-case scenario. That’s why we have to act to ensure that such scenarios do not become a reality and that citizens’ basic rights are upheld and strengthened in the digital realm.

Interview by Philipp Otto.

“Das Netz – digitalization and Society. English edition” gathers writers, activists, scientists, politicians and entrepreneurs to think about the developments of our digital life. More than 50 contributions reflect on the digital transformation of society. It is available as a free PDF. Download here!

Wolfgang Kleinwächter

Wolfgang Kleinwächter

Wolfgang Kleinwächter is Professor Emeritus for Internet Policy and Regulation at the University of Aarhus in Denmark. From 2013 to 2015 he was a leading member of ICANN, the Internet Corporation for Assigned Names and Numbers, which is responsible for the central administration of internet addresses.
Wolfgang Kleinwächter

Latest posts by Wolfgang Kleinwächter (see all)