Table of contents
- 1. What is digital regulation? skip to link
- 2. ‘Regulating in a digital world’ report: Proposal for a new Digital Authority skip to link
- 3. Creation of the Digital Regulation Cooperation Forum skip to link
- 4. Should the DRCF be a statutory body? skip to link
- 5. Parliamentary oversight of digital regulation skip to link
- 6. What is the government doing? skip to link
The House of Lords is due to debate a report from the Communications and Digital Committee, ‘Digital regulation: Joined up and accountable’, on 21 July 2022.
1. What is digital regulation?
The government defines ‘digital regulation’ as the range of regulatory tools that government, regulators, businesses and other bodies use to manage the impact of digital technologies and activities on individuals, companies, the economy and society. These include norms, self-regulation, statutory codes of conduct and rules in primary legislation. The government says these tools are used to “promote outcomes that the market alone cannot achieve efficiently”. It argues that digital technologies and activities demand “a distinct regulatory approach” because of the distinctive features that make digital businesses and applications unique and innovative, but also potentially pose risks to consumers and wider society.
2. ‘Regulating in a digital world’ report: Proposal for a new Digital Authority
The House of Lords Communications and Digital Committee has been examining the issue of digital regulation over several years. It published its report on ‘Regulating in a digital world’ in March 2019, in which it argued that “the digital world does not merely require more regulation but a different approach to regulation”. The committee found that a range of regulators have a stake in the digital world. For instance, Ofcom has responsibility for ‘TV-like’ content and telecoms companies, which provide access to the internet, and the Information Commissioner’s Office (ICO) regulates the use of data. The committee identified thirteen statutory and non-statutory bodies with remits for online regulation in one way or another, and suggested that this list was not exhaustive.
Despite the existence of multiple regulators, the committee concluded that “gaps have appeared in regulation which do not clearly fall within any one regulator’s remit, or which would require a regulator’s remit to be expanded”. One of the committee’s key recommendations, therefore, was the creation of a new Digital Authority to coordinate regulators across different sectors and multiple government departments. It proposed the Digital Authority should have the following functions:
- to continually assess regulation in the digital world and make recommendations on where additional powers are necessary to fill gaps
- to establish an internal centre of expertise on digital trends which helps to scan the horizon for emerging risks and gaps in regulation
- to help regulators to implement the law effectively and in the public interest, in line with the 10 principles set out in [the committee’s] report
- to inform Parliament, the government and public bodies of technological developments
- to provide a pool of expert investigators to be consulted by regulators for specific investigations
- to survey the public to identify how their attitudes to technology change over time, and to ensure the concerns of the public are taken into account by regulators and policy-makers
- to raise awareness of issues connected to the digital world among the public
- to engage with the tech sector
- to ensure that human rights and children’s rights are upheld in the digital world
- to liaise with European and international bodies responsible for internet regulation
The committee also recommended a new joint committee of both Houses of Parliament should be established to consider matters related to the digital environment. It said the Digital Authority should report quarterly to Parliament and regularly give evidence to this new joint committee.
In response, the government said it was taking a wide range of measures to strengthen regulation of the internet and digital technology, including the online harms white paper, the Centre for Data Ethics and Innovation, the Furman review into competition in digital markets and the Cairncross review into the future of journalism. However, it said it recognised the need for further action in this “complex and fast-moving space”. It said it was “carefully considering potential overlaps between new regulatory functions, such as that proposed through the online harms white paper and the remits of existing regulators”. It said the creation of a new parliamentary committee was a question for Parliament rather than the government.
3. Creation of the Digital Regulation Cooperation Forum
Since the publication of the committee’s first report, some key regulators have started working together more closely on digital issues. In July 2020, the Competition and Markets Authority (CMA), Ofcom and the Information Commissioner’s Office formed a Digital Regulation Cooperation Forum (DRCF). In April 2021, the Financial Conduct Authority (FCA) also joined as a full member. In setting up the forum, the regulators aimed to support cooperation and coordination between themselves on online regulatory matters and to “achieve coherent, informed and responsive regulation of the UK digital economy which serves citizens and consumers and enhances the global impact and position of the UK”.
The six objectives of the DRCF are:
- collaborate to advance a coherent regulatory approach
- inform regulatory policy making
- enhance regulatory capabilities
- anticipate future developments
- promote innovation
- strengthen international engagement
In its first annual report, the DRCF set out how it had focused on: responding strategically to industry and technological developments, such as algorithmic processing and end-to-end encryption; developing joined-up regulatory approaches (for example between the CMA and ICO on applying data protection and competition regulation in online advertising); and building skills and capabilities. The DRCF set out its priorities for the current year in its workplan for 2022–23, based around three key headings:
- Coherence: protecting children online; promoting competition and privacy in online advertising; and undertaking further work to ensure a coherent approach across the member organisations’ regimes
- Collaboration: a joint focus on supporting improvements in algorithmic transparency and in enabling innovation in industries regulated by DRCF members
- Capability: improving knowledge sharing through expert networks; building on synergies and bridging gaps in the horizon-scanning DRCF members undertake; recruiting and retaining specialist talent across all four regulators
The DCRF said in April 2022 it would publish a memorandum of understanding later in the year to set out how the member regulators work together and reach collective decisions.
The DRCF is a non-statutory body. The three original members (Ofcom, ICO, CMA) recognised in a policy paper in April 2021 that there might be “potential limitations of a voluntary approach”. They said that in the long-term, they saw “potential barriers to our cooperation and joint working that need to be addressed, and possibly the need to develop a legislative framework that embeds cooperation in the digital regulatory landscape”. They suggested the government adopt measures to incorporate regulatory coherence and cooperation in the duties of digital regulators, such as: aligned supplementary duties like promoting benefits for consumers, data subjects and citizens; duties to consult and duties to cooperate.
4. Should the DRCF be a statutory body?
The House of Lords Communications and Digital Committee returned to the subject in a follow-up report, ‘Digital regulation: Joined up and accountable’, in December 2021. The committee welcomed the creation of the DRCF as a “small step in the right direction” but found that “there are persistent challenges which the regulatory system remains insufficiently equipped to confront”. The committee noted that, in contrast to its own earlier proposal for a Digital Authority, the DRCF is a non-statutory body, has no power to direct its members, and is not directly accountable to Parliament.
The committee highlighted two key areas where it believed regulatory cooperation is insufficient. Firstly, it believed that an overarching regulatory body would be best placed to scan the horizon for emerging risks and gaps in regulation. It recommended that the DRCF’s current approach to cooperation between members should be formalised, with the introduction of statutory measures, such as new duties to consult, and the creation of statutory information-sharing mechanisms between regulators. It also recommended that full DRCF membership should be extended to other statutory regulators with “significant interests and expertise in the digital sphere”. Partial membership should be extended to non-statutory regulators and relevant advisory bodies to participate on issues within their remits. The committee also recommended the DRCF should strengthen and formalise links with industry and academia and explore further ways of sharing information with international partners.
Secondly, the committee repeated its concerns about fragmentation and gaps in the regulatory objectives of different regulators, although it acknowledged there had been progress since its first report. To enhance the DRCF’s effectiveness and accountability in the long term, the committee recommended it should be placed on a statutory footing, with the power to resolve conflicts between its members. The committee proposed it should be renamed as the Digital Regulation Board, to “underscore the status and permanence of this body”. The committee said regulators within the DRCF should have statutory duties to cooperate and consult with each other, allowing them to share their powers and jointly regulate. It recommended independent non-executive members should be appointed to the board, including an independent chair.
In its response, published in March 2022, the government said it would not be taking forward the recommendation for a Digital Regulation Board, although it agreed with many of the report’s wider recommendations. The government argued that the creation of a statutory coordination body with powers to direct regulators might “confuse issues of regulator independence and accountability, and would inappropriately delegate power to manage trade-offs between regulators and conflicts in remit that should properly be addressed by the government working with the legislature”. The government said it was committed to working with the DRCF to “maximise its efficiency”.
The government argued that non-statutory forms of coordination have “an important role to play” in delivering more joined-up and effective regulatory interventions. However, it recognised that there were some situations where statutory coordination measures may be needed to tackle legal barriers to cooperation and to clarify the “deep interactions” between new regulatory regimes. As an example of where it was taking legislative action in such areas, the government pointed to its plans to introduce provisions in the Online Safety Bill to support Ofcom and the ICO to work together to ensure that services have appropriate privacy safeguards in place.
5. Parliamentary oversight of digital regulation
In its follow-up report, the Communications and Digital Committee also repeated its previous recommendation that a joint parliamentary committee should be established to oversee digital regulation. It said this committee should be responsible for scrutiny of the proposed Digital Regulation Board.
The government said it agreed with the committee that “parliamentary oversight has an important role to play in scrutinising the development of digital regulation”. However, it argued there would be “real risks of duplication” of the work of existing committees in both Houses if a new joint committee were launched, and for this reason it did not support that recommendation.
Other parliamentary committees have taken differing views about the need for a new joint committee. The Joint Committee on the Online Safety Bill agreed with the Lords committee that there should be a joint committee to oversee digital regulation and that its remit should include scrutiny of the DRCF. However, the House of Commons Digital, Culture, Media and Sport Committee argued that parliamentary scrutiny of digital regulation would be “best serviced by the existing, independent, cross-party select committees”.
6. What is the government doing?
6.1 Digital regulation plan
The government published its plan for digital regulation in July 2021, in which it set out its overall vision for governing digital technologies. The plan set out three key objectives:
- promoting competition and innovation
- keeping the UK safe and secure online
- promoting a flourishing, democratic society
It said that the regulation the government designs to achieve these objectives would be underpinned by three principles: actively promoting innovation; achieving forward-looking and coherent outcomes; and exploiting opportunities and addressing challenges in the international arena.
The plan said the government would work closely with the regulators in the DRCF, and would explore ways to ensure regulators were better able to share resources and expertise and coordinate more closely. The government said it was assessing proposals put forward by the DRCF, including exploring whether to establish additional duties for regulators to consult and cooperate with each other.
Alongside the plan, the government issued a ‘call for views’ on digital regulation. It published a summary of the responses in March 2022. It said that many of the responses on the roles and remits of digital regulators echoed the evidence heard by the Lords Communications and Digital Committee when it was working on its follow-up report. Respondents “largely welcomed” the DRCF as a “positive starting point” but raised points for further consideration, including: wanting more clarity on how regulators work together in practice in the DRCF; how the forum will evolve over time; how the DRCF would manage potentially conflicting objectives in overlapping legal frameworks; and how other regulators could engage with the DRCF. The government said it would set out how it intended to respond to the themes raised in the call for views in its digital strategy.
6.2 Digital strategy
The government published its digital strategy in June 2022. It presented the ability to implement a “light-touch, pro-growth regulatory regime” as a benefit of Brexit that would give the UK competitive advantage in areas such as artificial intelligence, data and digital competition, while protecting citizens. The government set out a number of actions it was taking or planned to take:
- publishing an initial outcomes monitoring framework for digital regulation and inviting views from stakeholders to help refine the approach to measuring regulatory outcomes
- working with key stakeholders, including Tech UK (the UK’s technology trade association) and the Confederation of British Industry to invite “practical recommendations for further opportunities to lighten our regulatory approach to unleash the power of the digital economy”
- further research into regulatory innovation for digital technologies, with the ambition of trialling “innovative regulatory approaches in real-world cases”
The government said the DRCF had a unique role to play in developing a “pro-innovation approach to regulation”. It said the DRCF “set a new standard for regulatory coordination that has inspired international equivalents”, such as the Digital Platform Regulators Forum in Australia and the Digital Regulation Cooperation Platform in the Netherlands.
The government described the DRCF as an “important step in creating a more coordinated regulatory landscape”, but it said it recognised that in some instances voluntary arrangements would not be sufficient. It said it had consulted on further statutory measures to support coordination across specific regulatory regimes.
This ties in with legislation announced in the Queen’s speech in May 2022. The government plans to introduce a Data Reform Bill to create a “clearer regulatory environment for personal data use” post-Brexit and to modernise the ICO. The government published the outcome of its consultation on a new direction for data in June 2022. It is proposing a “clearer set of statutory objectives and duties for the ICO”, including a requirement on the ICO to consult with relevant regulators and any other relevant bodies when exercising its new duty to “have regard to growth, innovation and competition”.
The Queen’s speech also set out plans for a draft Digital Markets, Competition and Consumer Bill to reform the UK’s competition regime. This would include introducing powers to “address the far-reaching market power of a small number of very powerful tech firms”. The government published the outcome of its consultation on a new pro-competition regime for digital markets in May 2022. It plans to place the CMA’s Digital Markets Unit on a statutory footing, with a core objective to “promote competition in digital markets within and outside the UK for the benefit of consumers”. The legislation would also place a statutory duty on the Digital Markets Unit to “consult with other regulators where proportionate and relevant”, to ensure coordination with other regulatory systems.
The government is also legislating in the Online Safety Bill to give Ofcom new regulatory responsibilities for online safety. The bill was introduced in March 2022 and is currently awaiting its final day of report stage in the House of Commons (postponed from the previously scheduled date of 20 July 2022). It would give Ofcom a new statutory duty to secure “the adequate protection of citizens from harm presented by content on regulated services, through the appropriate use by providers of such services of systems and processes designed to reduce risk of such harm”. The bill would enable Ofcom to cooperate with an overseas regulator to help that regulator exercise their online safety functions, or to cooperate with related criminal investigations or proceedings. The Carnegie UK Trust has described it as “curious” that the bill does not make express provision about cooperation with other UK regulators. However, Ofcom has been considering how its online safety responsibilities interact with other digital regulatory regimes. Through the DCRF, Ofcom and the CMA published a joint statement in July 2022 setting out the interactions between safety online and competition. The statement said their aim was to “ensure that the CMA and Ofcom take a coherent approach when dealing with these concerns using their existing powers and under new duties”.
Further information about the Online Safety Bill is available in the House of Commons Library briefing, ‘Analysis of the Online Safety Bill’, 8 April 2022.