The last few years have exposed faultlines in what was once considered an integrated and seamless digital realm. These cracks have origins beyond the usual suspects. The “walls” dividing cyberspace have sprung up from within liberal democracies, throwing in question their commitment to — as the cliché goes — a “free and open” internet. The United States withdrew in 2017 from the Trans-Pacific Partnership, and in the absence of its most powerful votary, the TPP’s promises on interoperability and uninterrupted flows of digital information ring hollow. The European Union has enacted one of the most far-reaching regulatory impositions on the flow of data to and from the continent in the form of the General Data Protection Regulations and the murmurings around control of the flow of technology have gained traction in the past weeks.

The GDPR, some have argued, will have the consequence of “exporting” strong privacy laws to emerging economies, which are yet to craft data protection legislations. A more likely outcome is that these economies will wean themselves away from, or script exceptional standards to manage digital commerce with the EU. Of course, opposition to the further integration of digital networks has also emerged from cybersecurity regulations in China and Russia. India’s own experiment with the data protection bill is promising to upend some old assumptions around doing business with the largest digital democracy.

This year’s Digital Debates picks up the pervasive distrust with Big Tech and the reactive regimes that have sprung up. It also discusses the often-negative spillover effects of digital communities on the real at an unprecedented velocity, emphasising the need to extend solutions beyond the virtual. Stephanie MacLellan explores this confluence of offline and digital tools to mitigate the effect of disinformation on social order across national boundaries.

Rajeev Mantri’s “Reassessing Received Wisdom”, as promised, calls for thinking through ownership, portability and control of data more carefully – not against the background of extant theories of regulation. Specifically, he recommends reimagining competition law for the digital economy. Fittingly, KS Park, author of “Data Socialism”, moves the needle and warns against over-regulating the data market or granting ownership of data to subjects if the effect is to the detriment of realising societal benefits from data sharing.

India’s recent data protection framework is the country’s first attempt to balance some of these competing priorities – protecting a nascent but fast-growing digital economy and the rights of a billion users. Laura Sallstrom et al. argue that the Indian iteration is “GDPR-lite” – mimicking their EU counterpart but not sucessfully. Data localisation, according to the authors, was considered and discarded by Europe since it poses economic risks. An approach they advocate India must follow—being an economic beneficiary to the incidence of cross-border data flows.

Instead of localisation, India can consider an alternative mechanism such as a data sharing agreement under the rubric of the US Cloud Act in accessing electronic information held in the US – Justin Hemmings et al. have elaborated on this workaround in “Foundations of a Potential Executive Agreement between India and the US”. Finally, Sidhant Kumar writes on the day-old judgement delivered by the Indian Supreme Court holding the world’s largest unique digital identity project to be constitutional. Conscious of performing a balancing act, the Supreme Court, according to the author, favoured dogged pragmatism and not ideological dogma. All of this indicates that property rights, sovereignty and virtual territoriality continue to vex the global stakehokders and are de jeure creating a splinternet.

The world is witnessing, therefore, comprehensive attempts by states to govern data, the infrastructure that it is hosted on, the platforms that harvest it, and even the people who use it. The recent sight of Silicon Valley CEOs making a beeline to testify and placate US Senate Committees underlines the reality that governments, whether good or bad, autocratic or democratic, are fundamentally skeptical about the social, political and economic consequences of new technologies, and will always seek to manage them.

Given this climate, it should not surprise anyone that the Indian state too has pushed – not without opposition or controversy – for data localisation. The main trigger for this proposal has been the ceaseless troubles of Indian law enforcement agencies in securing data from abroad for criminal investigation or prosecution. But the idea has easily found takers from within India’s digital companies, which are keen to insulate themselves from foreign competition and create institutional architecture that can help leverage their data analytics capabilities with locally available data. Here too, the Indian state (and established players in the private sector) are pushing for certain favourable political and economic outcomes by altering the basic DNA of the internet. Time will tell whether those outcomes materialise, but the regulatory impulse is here to stay.

If regulatory decrees are to be implemented, home-grown legal and technical standards that can function as reliable and predictable metrics for businesses and digital platforms are necessary. Amber Sinha et al. drive this point home in “Reading ‘Necessity’ in India’s New Data Protection Bill”. The principle of necessity, for instance, is critical to determine if the information sought by the data fiduciary or collector is necessary for the purpose it seeks to achieve. The authors argue that while the term “necessity” is copiously used in the draft law and would be critical to its enforcement, the same principle is not well-defined in Indian jurisprudence. Anushka Kaushik reasons that technical yardsticks, specifically encryption, in the face of competing objectives of stakeholders must be the product of mutual trust and responsibility.

Securing cyberspace or safeguarding rights online is not the only prerogative of the regulator or the state in the digital economy. Governments hold the mandate of ensuring that those at the bottom of the pyramid can exercise their agency online, perhaps in ways more impactful than in the real world. As low-cost smartphones and data bring about an entire generation of first-time internet users, policymakers must strive to grant access and security in addition to rights. Lina Sonne evaluates this trend through the increasing democratisation of content production, distribution and viewership online – mobile phones have doubled up as TV screens providing entertainment on the move, bringing “primetime” to an end. Even as local language content online increases in volume, Ashwin Rangan notes that the internet is still predominantly “English”. In his contribution titled, “Breaking the Linguistic Barriers to Accessing the Internet”, he identifies the challenges to achieving a truly global internet.

Motivated by increasing inclusion, governments’ digitisation drives are determined to push digital payments. Sidharth Deb proposes that any such policy approach to increase adoption must be combined with promoting ecosystem integrity and building trust with end-users.

Just as we witness the internet being “weaponised” to serve different ends, we must be humble about the transformative potential of technology. The same tool of freedom can quickly turn into a tool of oppression, manifesting socio-economic inequalities found offline. Vidisha Mishra argues that while the flexibility of the gig economy may bring more women into the workforce, these platforms may not be empowering. Withoutaddressing structural inequalities, such as the wage gap, women stand to be disproportionately affected even after transitions in the labour market. Mihir Sharma in his contribution, “A 21-Century Social Contract”, believes that a new form of social protection must be designed to adequately address these labour transitions. He points out that the increasing individualisation of labour must be met with a 21st-century economy that can work for everybody. Amina Khairy further argues that education and skilling in STEM must increase offline to truly reap the benefits that the internet offers.

Crystal-gazing is seldom an advisable pursuit, especially to discern trends in technology policy, but two issues on the horizon bear mention. Efforts to craft technology restriction regimes have recently (re)gained momentum, although export controls are unlikely to have any meaningful effect in keeping “bad” technologies from “bad” actors. In most of the developing world, export controls are perceived as technology “denial” regimes, and only facilitate the creation of networks and communities that have a vested interest in suppressing democratic aspirations or destabilise digital and physical infrastructure. Creative and agile arrangements are required to tackle the problem of proliferation of malicious ICT tools: such an arrangement has to involve the concerns of the private sector, both from developing and advanced economies. While responses that will work are hard to fathom, it may be safe to suggest that they would be technological in essence and unlikely to work if they are premised on treaties or legislation.

And finally, developments in “intelligent” platforms and services throw up — with apologies to Donald Rumsfeld — two “known unknowns” and two “unknown unknowns”. The first “known unknown” is the effect of AI on bias. Pundits and technocrats both acknowledge that intelligent algorithms could perpetuate bias along the lines of race, gender and class. But we do not know what causal pathways of bias will look like and whether AI will simply mirror or exacerbate existing problems.

The second “known unknown” is the geopolitical consequences of differential access to AI. It is one thing to say some states will have lethal autonomous weapons and others won’t, but access to AI translates to more than just military superiority. It is also crucial to governance platforms and services. The North-South divide in technology is already grave, but will the effect of sentient machines, with their ability to disrupt supply chains, labour markets and livelihoods compound it?

The first “unknown unknown” is whether the current conversation on “ethics” in AI will eclipse a rights-based approach to developing intelligent machines. Just as the international community appears to be close to a consensus on the promotion of human rights online, the ethical “front-loading” of AI governance could well derail that conversation. Do we share universal ethics? If not, whose “ethic” does the machine represent? The developer, business or region in which it is developed?

The second “unknown unknown” is the interweaving of identity between human and machine. Reports have recently surfaced of men trying to pursue sexually laden conversations with smart assistants and even of brutalised treatment of synthetic lifelike toys. If we engage machines in any activity that involves “human” emotion, what does that make machines? More importantly, what does our engagement with them tell us about ourselves? The digital debates of today focus on how humans should govern machines — their data, infrastructure and stability. Those of tomorrow may well focus on the new identity discourse framed around our conversations with a new intelligent being albeit shaped in our image.

Digital Debates, the journal that chronicles contemporary thinking and dialogues and along with “CyFy: The India Conference on Technology, Security and Society” will continue to seek new voices, ideas, solutions and concerns.

• Cyber Security
• India
• USA and Canada

The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.