E N D
Slide 1 The State of the State in CyberspaceThe Hybrid Regulation of Global Data ProtectionRalf BendrathUniversity of BremenCollaborative Research Center “Transformations of the State”ralf.bendrath@sfb597.uni-bremen.dehttp://bendrath.blogspot.comECPR Workshop “Privacy and Information: Modes of Regulation”Helsinki, 7th – 12th May 2007
Slide 2 Globalization and the Internet: A prototypical case? • Globalization: • internationalization and privatization of governance • both trends suggest a loss of legitimacy • The Internet is the most globalized space • most likely case to check assumptions on global governance • new forms of legitimacy on the Internet? • Case study: Privacy Governance • Timeline: 1970s to today
organizational dimension spatial dimension state private national national state regulation national private governance international multilateral regime transnational self-governance Slide 3 Governance models and state transformation
Three approaches to Internet Governance Slide 4 • Cyber-Separatists (Communitarians) • Traditionalists (Realists) • Internationalists (Liberals) (Mayer-Schönberger 2002)
Cyber-Separatists Slide 5
Slide 6 „Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.“ (John Perry Barlow: A Declaration of the Independence of Cyberspace, 1996)
Slide 7 „We reject: kings, presidents, and voting. We believe in: rough consensus and running code“ (Dave Clark, Internet Architecture Board, 1992)
Cyber-Separatists Slide 8 • Self-Governance of the Internet • Comparable to Lex Mercatoria • Sovereign: The Netizens • Less formalized, open process, emphasis on collaboration • Technical solutions
Traditionalists Slide 9
Traditionalists Slide 10 • Netizens are physical humans • Servers, routers and cables exist in the real world • Democratic legitimacy of the state • Conflicts of law are nothing new • Implementation difficult, but feasable to a satisfying degree
Internationalists Slide 11
Internationalists Slide 12 • Cyberspace is a global space • Adequate medium of regulation therefore is international law • Goal: global agreements • But also regional ones • Council of Europe Privacy Convention • OECD Privacy Guidelines • …
specific aspects governance model role of the state regulation model basis of legitimacy national state regulation (traditionalist) regulator public intervention democratic representation national private governance (cyber-separatist) limited oversight through general law national self-regulation effectiveness, legality multilateral regime (internationalist) interdependent, constrained regulator multilateralism national compliance international consensus, congruence transnational self-governance (cyber-separatist) none transborder private self-regulation effectiveness, participation Slide 13 Internet Governance Models and the State
Slide 14 Internet Privacy: Any role for the nation-state? • Internationalized Law • From national data protection laws to transnational data flow regulation • EU Directive as the core of a global privacy regime • Privatized Enforcement • PC and Internet make hard enforcement impossible • user self-help through technical means • „trust“ through private self-certification schemes
Slide 16 Global governance of privacy reaching its limits • Input legitimacy: • low transparency and accountability of international norms development • congruence missing • lack of accountability of private regulation • Output legitimacy: • low compliance • „elephants and mice“ • lack of user trust
Slide 17 The Return of the State • Adequacy rating of privacy standards • Data protection authorities as certification agencies • Technical regulation through intermediaries
Slide 18 Multilevel Privacy Regulation(a small selection) Binding Corporate Rules MSFT Software Guidelines GBDe recommendations TRUSTe Web Seal Safe Harbor Agreement EU Directive OECD Guidelines Council of Europe Convention National law National law National law National law
Slide 19 Hybrid Privacy Regulation(the „Safe Harbor“ example) Technical Standards Technical Enforcement TRUSTe Web Seal US DOT Company Safe Harbor Agreement Safe Harbor List FTC EU Commission & DP Commissioners EU Directive National law National law National law National law
specific aspects governance model period & region of relevance role of the state in the internet regulation model basis of legitimacy national state regulation (traditionalist) 1970s (Europe) regulator public intervention democratic representation national private governance (cyber-separatist) 1970s-1990s (US) limited oversight through general law national self-regulation effectiveness, legality multilateral regime (internationalist) 1980s-1990s (Europe) interdependent, constrained regulator multilateralism, national compliance International consensus, congruence transnational self-governance (cyber-separatist) 1990s (US, partly Europe) none transborder private self-regulation effectiveness, participation hybrid and layered global governance (new model) 2000ff (OECD and beyond) control of intermediaries, certification indirect state regulation, corporate compliance consensus on principles, effectiveness, transparency Slide 20 Governance models over time & space