EU legislation is coming that could greatly improve the web

The eradication of surveillance capitalism across Europe would be a great leap forward

Softly, softly, a set of proposed European Acts have crept on to the winter horizon with little fanfare – until recent weeks, when the pending draft publication of the Digital Services Act and Digital Markets Act began to focus minds on their far-reaching impact.

Make no mistake, the dully titled Acts have every possibility of being as groundbreaking and globally change-making as the General Data Protection Regulation (GDPR), once similarly ignored as it trundled along in draft in the legislative policy background.

But this time around, US observers are a lot less likely to dismiss the Acts as some annoying little toothless thing the Europeans are developing, with their quaint but tiresome focus on data rights being fundamental human rights. GDPR ended much of that type of snarking, which I’d heard routinely at US events for years prior to the regulation’s enactment in 2018.

This time (and rightly so), there’s widespread acknowledgement that what is coming down the pike for big technology companies and platforms, has every possibility of rewriting how they conduct their business, even right down to threatening – at last – their privacy-destroying, democracy-threatening core business model of monetising user data via targeted advertising.

The proposed Act “package” is intended to update EU legislation on digital services and markets, which haven’t been comprehensively addressed since the ecommerce directive 20 years ago.

Back then internet penetration was still modest across Europe, and bulky, beige desktop computers were the mainstream devices for going online. "Tweets" remained avian, and "viral" meant ... well, who could have imagined 2020? No one watched videos, because dial-up connections were too slow. Things have changed.

Illegal content

Among the many proposals in the legislation are new controls and punishments around illegal online content and activities, including a redress mechanism for consumers; a bar on the use of content upload filters by platforms; and a firm “what is illegal offline is also illegal online” approach.

Content removal should be “diligent, proportionate and non-discriminatory” and protect speech freedoms, privacy and data protection while being cognisant of harmful speech and disinformation.

But the proposals that could totally rewrite how the online business world – and the platforms – operate are moves to change what giant companies can do (disallow them from competing with their own clients on their platforms, as Amazon does, for example), restricting their reach while opening up competition to smaller companies.

The Acts propose algorithm transparency (no more corporate “secret sauce” algorithms taking, using and analysing personal data in invisible ways); and a phasing-out of targeted advertising.

Initial proposals focus on political ads, but MEPs this week told journalists there was “strong support” in the European Parliament for a ban on all targeted advertising.

Hallelujah. This would directly address so much that is damaging, dangerous, grey-area illicit and deeply problematical about the modern internet. Largely invisible to users, the process of gathering and selling user data is the primary business model of the web.

It involves thousands of data brokers in micro-second transactions that take place between when you click on a link and a webpage opens (and voilà: targeted ads appear for your eyes only, based on reams of your personal data, just now shared and auctioned off in real time).

If the government kept such vast files filled with telling details of all your cumulative lifetime web activity and purchases, the public would be in man-the-barricades mode.

But lack of operational transparency means the online private sector has this as its modus operandi, yet we don’t see any of it, even as it happens every time you view a webpage, launch a video or buy something online.

Surveillance capitalism

When I testified last November in the Dáil before the International Grand Committee on Disinformation, I and fellow panellists, including Roger McNamee, a major Facebook investor and former adviser to founder Mark Zuckerberg, and former Brave chief technology officer Johnny Ryan (now at the Irish Council for Civil Liberties) noted that the widespread targeted advertising business model of the web – a key piece of what Harvard academic Shoshana Zuboff terms "surveillance capitalism" – was toxic, unacceptable and at the root of many of the web's worst anti-democratic, disinformation-pushing, discriminatory and threatening norms.

Its eradication by the EU across its 500 million consumer market would, without doubt, be world-changing, a badly needed leap forward in addressing the worst problems of the web. As with GDPR, Europe would lead change for the better internationally.

Many hard policy battles lie ahead once the initial draft legislation, to be published on December 15th, is offered for discussion and consultation. As with GDPR, it may take years for the final Acts to come to fruition – although MEPs at the briefing made a point of noting that they recognise time is of the essence, and said they hoped to enact the legislation within a one- to two-year timeline.

These proposed Acts are audacious and promising, offering a compelling vision of what a completely different online world – a more competitive, safer, open and data-protective one – would look like. Time to reclaim the web, and make it work for us.