Strategies to Reduce Barriers to the Free Flow of Information Online

telegraph.png.scaled500
We live in a global economy and society built on our investments in computer and network technology. Our connectedness—our ability to work and communicate easily with those outside of our borders–is the foundation of our digital economy. Policymakers are increasingly recognizing that the free flow of information online is important both for promoting democratic values (see Secretary Clinton’s remarks last year on Internet Freedom) and for promoting commerce (see the Department of Commerce’s Internet Policy Task Force examination of this issue). Yet barriers, both new and old, impair our connectivity and limit the potential of free trade. Especially from the commercial perspective, restrictions on the flow of information impact innovation, collaboration, trade, investment and economic activity.

Examples of barriers to the free flow of information include local data storage requirements for cloud computing, outdated regulations for voice-over-IP (VoIP) services, inadequate protect of digital copyrights, overlapping and conflicting data privacy regulations, restrictions on content and speech and liability for intermediaries, such as user-generated content sites. While these barriers and their origins have been explored in other contexts, I would like to address some of the potential solutions available to improve the free flow of information by looking at three specific issues: cloud computing, online copyrights, and electronic identities.

First, it’s worth noting just how important the free flow of information is to our economy. Data is increasingly relevant to our economy whether as a fundamental part of a service, such as financial services, health care services, telecommunication services, or computing services, or as a traded-good itself such as digital media. Data is everywhere and it is growing. We live in a world where 4 billion people have mobile phones. A recent report from the McKinsey Global Institute (MGI) found that in 2010, enterprises stored more than 7 extabytes of new data and consumers stored more than 5 exabytes of new data (1 exabyte equals 1 billion gigabytes). And this doesn’t count much of the data that is being discarded—in health care, for example, MGI estimated that 90% of data was not saved. And all of this data is being moved around. Cisco Visual Networking Index forecasts that within 3 years annual global IP traffic will 667 exabytes annually.

Perhaps more importantly, the potential economic impact of this data is substantial. For example, MGI estimates that the potential value from data for health care in the U.S. to be over $300 billion annually.

But we need policies in place to enable these transactions to occur and take advantage of the information economy potential. Just as the free flow of physical goods, capital and labor are integral to the global economy, the free flow of data is critical to the information economy.

Cloud Computing

Cloud computing refers to the practice of selling IT as a service on a metered basis, including software as a service, platform as a service and infrastructure as a service. Cloud providers offer enormous potential for cost savings across organizations, both in the government and the private sector, by creating, secure, reliable and energy-efficient data centers that can provide virtualized IT capability able to quickly scale to meet an organization’s needs without large capital costs. The economic investment in this area is large. For example, in the next 3 years, organizations are expected to spend over $40 billion worldwide on software-as-a-service alone.

However, organizations cannot realize the potential of cloud computing unless they are free to obtain and use these services without unnecessary government restrictions or conflicting rules. In particular, we have seen the threat of local data storage requirements (typically justified as a precaution to ensure privacy and security) which would require the physical presence of a data center within a specific geographic location thereby eroding many of the benefits of a distributed computing infrastructure. In addition, because of the virtual nature of cloud computing, conflicting legal requirements on the treatment of services present barriers to adoption and use.

To avoid creating balkanized cloud computing services, governments should work to both ensure fair treatment in relation to data stored out of the cloud and to standardize agreements on the treatment of data stored in the cloud between nations. The goal should be to harmonize legal requirements where possible to achieve clarity, but not at the expense of seeking out the lowest-common denominator of practices from around the world. Some of this can be achieved by increasing transparency for cloud computing service providers. Customers should know how their data is being handled and what control government authorities have over the information. Working in cooperation with NGOs, such as the Global Network Initiative (NGI), can help clarify and standardize practices in this area. In addition, it is necessary to maintain sufficient limitation on the liability of intermediaries that host user-generated content so that cloud computing service providers do not face unnecessary legal burdens for the actions of users.

Free trade agreements can be also used to obtain commitments from U.S. trade partners to not impose non-tariff barriers, such as discriminatory regulations, to limit e-commerce like cloud computing services. In addition, these agreements can ensure the duty-free treatment of U.S. digital goods and services creating a more competitive marketplace.

On the domestic front, we should be encouraging strong leadership on cloud computing. The U.S. government should avoid creating at the local, state or federal level requirements, in legislation or government procurement, that restrict cloud computing services to domestic providers. Such restrictions are unnecessary at a technical level and can be better mitigated with sufficient data controls, such as strong encryption. Moreover, such actions diminish our ability to advocate for non-discriminatory cloud computing policies at the international level.

Online Copyright

The impact of online piracy has a tremendous impact on the U.S. economy and our content industries. Enforcing intellectual property rights for digital goods should be a priority for all nations, but this enforcement must be led by those countries with the most at stake. The “free flow of information” does not mean the “flow of information for free.” Nations can and should protect intellectual property rights, and this does not need to come at the expense of free speech or the free flow of information. Indeed, establishing digital “rules of the road” that protect intellectual property rights is what encourages producers to sell digital content online. Moreover this foundation is necessary for the creation of a robust marketplace made up of competing business models.

Protection of intellectual property has been a priority in past trade agreements and should continue to be in the future as well. It is important that countries find a balance between appropriate protections for copyright-protected content that achieve effective enforcement while not imposing unnecessary burdens on intermediaries.

Protection of IP rights also entails eliminating tariff and non-tariff barriers that restrict market access and encourage piracy. Not only can content producers “not compete with free”, the often face substantial competitive barriers because of taxes, quotas and other government restrictions on foreign content.

Digital Identities

The global free flow of information also depends on trust, including trust between organizations, users, and machines. When operating online, creating trust is difficult because of the at-time anonymous and distributed nature of the Internet. But overcoming this challenge is important to realize many of the benefits of having a global economy. Improving trust can be achieved principally through two mechanisms: through a trusted system for authentication of identities online and through a trusted system to sign digital transactions.

For example, when appropriate, an online service should be able to securely authenticate the identity of an individual accessing a government service remotely or a user should be able to confirm that she is visiting the website of a business and not an imposter. And an individual in one country should be able to easily sign a legally binding document in another country online. We currently rely on webs of trust however the security of different certificate authorities is fairly opaque to most users. Moreover, most individuals do not have an electronic identity credential that they can use, and if they do have one, it generally has limited use to a specific organization, industry sector or country.

Achieving this goal of better online trust requires robust electronic identity systems that provide the legal, organizational and technological foundations for these types of transactions.

In particular, this requires countries working together to create common frameworks and agreements for the acceptance of an electronic identity issued in one country but used in another.

***

While government should avoid imposing barriers to the flow of information, this does not mean that the free flow of information should be free from government control. Legitimate government interests in protecting society should be upheld. For example, the WTO General Agreement on Trade in Services (GATS) Article XIV “General Exceptions” gives countries discretion to address legitimate national concerns, so long as these are not used as disguised attempts to impose barriers to trade.

In conclusion, we need to remember that ensuring the free flow of information will involve not just breaking down barriers, but also protecting content and creating trust online.

The above is a summary of remarks I made at a recent event hosted by the U.S. Chamber of Commerce on the Global Free Flow of Information with Commerce Secretary Gary Locke.

 

Print Friendly

About the author

Daniel Castro is a Senior Analyst with ITIF specializing in information technology (IT) policy. His research interests include health IT, data privacy, e-commerce, e-government, electronic voting, information security and accessibility. Before joining ITIF, Mr. Castro worked as an IT analyst at the Government Accountability Office (GAO) where he audited IT security and management controls at various government agencies. He contributed to GAO reports on the state of information security at a variety of federal agencies. He has a B.S. in Foreign Service from Georgetown University and an M.S. in Information Security Technology and Management from Carnegie Mellon University.