strategy+business is published by PwC Strategy& LLC.
or, sign in with:
strategy and business
 / Spring 2009 / Issue 54(originally published by Booz & Company)


Watching over the Web

Piracy and theft. E-commerce transactions must be protected for all parties. For business and content providers, including video producers, being able to distribute their work safely without fear of copyright violation or theft is a pre­condition for doing business online. E-commerce services also need pro­tection against consumers’ failure to pay or failure to provide agreed-upon goods or services. Users must be sure they are not exposed to criminal prosecution for using legitimate protocols and applications, such as peer-to-peer file-sharing systems.

Piracy and theft can carry immense costs and are difficult to avoid completely. From one country to the next, there is much disagreement about acceptable practices, and great disparity in legislation. At the same time, many individual problems, like phishing (identity theft through online fraud), involve cross-border crimes that require in­ternational cooperation to prosecute. Moreover, many of the riskiest aspects of the Internet — such as the anonymity of digital environments and the ability to easily create false identities — are the same elements that enrich digital life and attract participants.

Few regulators can keep up with the speed and scope of challenges in this market. For instance, in the U.K. in May 2008, new laws were announced to close a legal loophole that had unintentionally overlooked drawings and computer-generated images of child sex abuse. Most legal remedies also carry costs; the “three strikes and you’re out” rule advocated by content owners to punish copyright violators would require network providers to invest in monitoring and policing activity going through their “pipes.” This could lead to a direct overall cost of about $190 million (£130 million) per year in the U.K. alone — in addition to its implications for consumer data privacy. Similarly, just about every “filtering” solution, whether for e-mailed spam or offensive content, also runs the risk of blocking desired content or slowing down the system.

That is why regulators and government agencies are so challenged, and why they often oscillate between heavy-handed, unenforceable rules and a passive philosophy of self-regulation. Commercial firms are thus left to struggle with the same ambiguities. Should a network provider block illegal and undesired Web content, which may mean facing the risk of legal liabilities? If so, who determines what “illegal and undesired” means? Where should the line be drawn? If child sexual abuse content is blocked, what about racist content? And so on.

Four Roles for a Provider
What, then, can a network provider do to lead the way out of this impending crisis? The answer lies not only in meeting legal requirements, but in staying ahead of the curve by adopting proactive policies and practices to drive digital confidence. Case studies around the world show that a “can do” vision is realistic; the answer lies less in technological solutions and more in providers’ taking a stand on the role they intend to play. For example, is a network provider merely a conduit, operating the digital highways with no control over content or activity on them? Or can the provider help set the rules for how to travel on these highways — and then help police them?

In reality, network providers have played four different roles on the Internet. They have acted as teachers, with no corrective power, educating users about threats and ways to counter them. For example, they may refer patrons to Internet safety information sites like “Web Wise Kids” that produce material to help children protect themselves. Network providers have also been substitute parents, taking proactive measures to protect users. YouTube thus filters out copyright-protected content. Referees, in subsystems where there is self-imposed mutual agreement, help enforce those rules on a case-by-case basis, and often have re­course to real punishment (like removing people from networks). The Dutch cable company UPC NL blocks access to domains that have content with child sexual abuse, using a list provided by the Netherlands police authorities. And sometimes providers play the role of police, enforcing mandates with strict rules and some aspect of due process, such as “three strikes and you’re out.”

Follow Us 
Facebook Twitter LinkedIn Google Plus YouTube RSS strategy+business Digital and Mobile products App Store


Sign up to receive s+b newsletters and get a FREE Strategy eBook

You will initially receive up to two newsletters/week. You can unsubscribe from any newsletter by using the link found in each newsletter.