The CMA, Ofcom, ICO and the FCA have agreed to work more closely together in respect of digital regulation through the Digital Regulation Cooperation Forum (“DRCF”). It is certainly true that the real-world problems and challenges presented by regulating the internet do not fall neatly into boxes labelled for each sector. Having said that, as the old saying goes, too many cooks spoil the broth. So how do they plan to work together and what does that mean for business?
On Wednesday (14 July), Global Counsel hosted a panel event chaired by Lord Mandelson at which Andrea Coscelli (Chief Executive, CMA), Melanie Dawes (Chief Executive, Ofcom), Elizabeth Denham (Information Commissioner) and Nikhil Rathi (Chief Executive, FCA) sought to answer some of these questions.
Many of the decisions that must be made in the digital regulation space involve trade-offs – end to end encryption has significant privacy advantages, but those same features can make it difficult or impossible to monitor users – and each of the regulators has different powers and priorities. The Information Commissioner said that in her view the DRCF’s role will be to unpack these types of overlapping issues and articulate the trade-offs that must be made so that the regulators can better advise policymakers.
For businesses operating in this space, dealing with these types of tensions is a day to day reality. If the DRCF can provide the regulators with a more coherent view of all of the issues faced by businesses and they can carry that understanding through into the regulatory relationship and decision-making process, there may well be better communication, understanding and outcomes.
However, as Melanie Dawes pointed out, the DRCF members ultimately remain four separate regulators, each with their own duties, and the DRCF does not change that. Tech firms will still have to balance the regulatory interests and priorities of each regulator and, if those overlap or conflict, may still be left in tricky positions. It is thus unclear exactly what the impact of the DRCF will be.
Another recurring theme from the panellists was the need for each of the regulators to have appropriate skills and knowledge in-house to understand the technology underpinning the businesses of those they regulate. Ultimately, the regulators can’t grapple with complex issues relating to algorithms, encryption, age assurance and verification, etc., if they don’t understand the technology. Melanie Dawes emphasised that as well as bringing expertise in-house, Ofcom will be looking to work with tech firms to leverage their expertise and knowledge of their own products.
Ultimately, the technology is complex and developing at pace and the regulatory challenges cross sectoral and jurisdictional boundaries. Tech firms are grappling with multiple new and complex regulatory regimes. In that context, it is important that digital regulation policy and practice is coherent within the UK and that will only happen if the regulators invest in understanding the businesses and if they work cooperatively.