Light touch regulation has largely been the mantra of the global tech industry from the start and many rightfully credit it for the pace of growth and innovation the industry has seen. Technology symbolises innovation, growth and markets while regulation places limits on growth and symbolises bureaucracy. Technology and regulation are often posed as adversaries. However, regulation itself is a technology.

This technology now needs a refresh in order to deal with developments in information technology. Regulation must be technology agnostic — meaning it must be effective, irrespective of the underlying technology. The billion dollar question before us is: What “technology of governance” is needed to regulate the emerging business activities that were practically unthinkable a few years ago?

Woefully inadequate

The existing technology of governance is woefully inadequate. The pace of change is rapid and new possibilities will continue to present themselves as cost of data transfer, storage and computing crash and the speed of data transfer and computing continue to grow — rapidly. Often, when balancing the twin challenges of legroom required for innovation and appropriate governance, grey areas emerge, primarily because we are still trying to understand the full potential of new technologies. And, it helps to remember that there is no precedence.

Transformative change due to advanced technologies, brings in its wake opportunities and threats alike.

Our regulatory technology needs to be equipped to understand the evolving risks and guide firms to place appropriate safeguards. The increasing pace and scope of innovation and other emerging dynamics like globalisation compels a hard re-look at some of the modern-day paradoxes. “Free” services, almost the sine qua non of the digital world, aren’t really so. Firms earn money by using the personal data collected to ensure targeted advertising, cross selling other products/services. Personalisation is based on data. Notwithstanding the compelling advantages, unless suitably regulated, the consumer will be severely disadvantaged. And, we aren’t just referring to privacy.

Granular information helps the former gain complete control over pricing, availability and the digital marketplace — increasing the potential of harm from information asymmetry. Thus, the profit-maximisation motive may override consumers’ needs unless suitable guardrails are in place. The earlier matrix of seller-dealer-buyer has new actors — tech platforms/marketplaces, digital assistants, design evangelists, data scientists, etc.

If a product bought on a platform malfunctions and causes harm, then to what extent is it liable? Consider these anomalies. A self-driven car crashes. On who do we pin primary responsibility? Manufacturer? Software developer? The owner or, the occupant?

A 3-D printed furniture collapses! Who’s to take responsibility — the store, the designer, or the printer manufacturer? Again, Ola/ Uber/Lyfts of the world are forever fighting cases where their drivers have caused harm. Apportioning liability appropriately is increasingly becoming grey.

Fostering a competitive environment poses unprecedented challenges. The maddening rush to capture network effects (attracting buyers and sellers to a platform) is unmistakable. The value derived of a platform is proportional to the ever increasing traffic flow which has to be sustained.

While addressing price elasticity and curbing ill-effects of monopolies, regulators will have to ensure that they don’t re-invent the wheel. At any cost, the government/regulatory body must resist getting into the business themselves. Their role should be to create a competitive environment and also not be apprehensive of incumbents failing.

Innovation requires leg room

The proverbial “think global act local” adage, finds resonance from a regulatory standpoint as well. The internet is fragmented, which has resulted in a differentiated approach to policy-making. The Indian draft law on data localisation is a glaring example. Instead of focussing on strengthening the mechanisms to improve data access for law enforcement, it has suggested that all data should have a copy in India.

In addition, any “critical” data is to be stored only in India. Curiously, the RBI has mandated that all payments data should be stored only here. The unparalleled success of the IT BPM industry in India is fashioned on the global delivery model. With emerging technologies, an unimaginable future beckons. At this juncture, do we burn bridges and look inwards?

While there is increasing consensus that there is a real need for more regulation, there is also increasing concern about the ‘how’. In order to be effective, the regulatory technology will itself need to be disrupted. What we need is a consultative process that brings together the best minds from government and technology to work together, to create a framework that allows for experimentation, failure, learning and continuous evolution. In short, what we need is co-creation and co-ownership of a digital world where innovation and security co-exist.

It’s no more about us versus them but being co-creators of value while primarily concerning “ourselves” (on both sides) with driving innovation and economic growth. This would require not just industry and regulators/government to meaningfully co-operate but also the regulators and government bodies to harmonise their regulatory approaches so that they see the “big picture” together.

Secondly, can we have “true” democratisation of data where data is actually owned by the citizens and can be leveraged by citizens to drive innovation? Today, even data from government that is publicly available sits in silos and is not in a readily usable format. The existing initiatives like open data platform need to be placed on the front burner and require latest data sets to be relevant. Government and industry, both sit on large tract of citizen data. We should work on how that can be accessed and used by the citizens without compromising on data security.

Thirdly, it should be about minimising power-led inefficiencies such as monopolistic practices and combating other ills like fake news which do unimaginable damage.

Finally, the process of regulation-making must generate trust as we might still get some regulations completely wrong or face situations where the regulations affect certain segments of industry negatively while benefiting others. The temptation to take short-cuts and populist measures while jeopardising the future must be curbed though checks and balances in the regulation-making process. In order to truly harness the opportunities from the digital economy, we must invest in building the right technology of governance.

The writer is President, Nasscom.