How We Can Better Regulate Platforms: A Concrete Approach to Pushing Responsibility to the Edges of the Platform Network

In the article “How To Solve Fake News With Digital Identity” , I had outlined how increased accountability can drive the reduction of fake news, fake accounts, and deep fakes. Following one of my most recent articles on the Telegram debate , following the arrest of the CEO, I will dive into how we can practically implement some of the practices I had mentioned on a platform.

Platforms Often Overstep Their Role as Middlemen

At first glance, platforms seem to have a purely facilitating role. While this may be the intent in the initial phase of a platform, we repeatedly see growth strategies pushing platforms beyond the role of middlemen.

[Platform lifecycle: cut out intermediaries & insert themselves as intermediary > dominate marketplace facilitation of the sector (often through VC funding) > make the sector dependent on your supply & demand facilitation & gain a unique insight into market behavior > outcompete your own suppliers by expanding to service the sector.]

Today’s platforms have become trusted intermediaries between supply and demand. This gives them an unfair advantage and makes it too tempting to jump in and serve demand themselves.

Examples of Platforms Exploiting Their Position as a Trusted Intermediary:

• Google Play Store is notorious for increasing commissions on revenues generated by third-party apps and often releases its own apps to meet demand.
• Google Search increasingly manipulates results to prioritise those from which it can earn more revenue.
• Amazon develops algorithms to dynamically place its products higher on its marketplace and offer them at cheaper prices based on demand.
• Uber Eats is earlier in the platform lifecycle. It has now inserted itself as an intermediary for restaurants (without yet being profitable) and is slowly developing its own 'Dark Kitchens'—delivery kitchens in industrial areas that can respond more quickly and cheaply to customer demand.
• Facebook initially gave businesses pages to gather fans (likes) and reach them with updates. In 2018, Facebook reduced the organic reach of business pages by 98% to make more space for paid advertisements.

It's the same pattern over and over: platforms start as a helpful tool for consumers, reducing friction and costs through better user experience and economies of scale. Then they use their market position and data insights to jump in and meet demand, making it impossible for other businesses to compete.

Control the Data, Control the Market:

It’s not so much about market position or the platform itself—it’s about who controls the data. If you control your users’ data, you make it incredibly difficult for competitors to enter the market.

This monopolistic position also means that platforms bear far more responsibility than they should. For example, Facebook controls a medium that can influence political elections, as does Twitter. Instagram, for instance, influences societal beauty standards over time.

Companies Want to Avoid Responsibility

Naturally, companies don’t want to take on this responsibility, as they foresee lawsuits on the horizon. They see themselves as tools, like mail carriers with a duty of confidentiality, and they invoke Section 230 of the U.S. Constitution. Today’s platforms want to maintain control over the data because it protects their monopolistic position, but they don’t want to be responsible for managing that data.

Data is the New Oil

The most valuable companies in the world are data and oil companies. While oil is relatively regulated, governments are at a loss when it comes to handling data. In the U.S., there’s a consensus that platforms should regulate themselves, while the EU is imposing increasingly strict guidelines for data handling.

A New Architecture for Data Management

We propose a new architecture for managing data on the internet—pushing responsibility away from the center and towards the edges: the users. End users and specialised service providers would control and take responsibility for the data.

We create a standard taxonomy for storing, for example, social media data and publish this standard on a shared, immutable, publicly accessible database. Companies can now publish and read their data within this standard.

The platforms we use today will still play a valuable role—they will index the information published on this public database and ensure a good user experience. Users and specialised identity services will control the keys needed to unlock the encrypted data.

We put this vision into practice earlier this year with the Dutch Chamber of Commerce, which provides identity services to users of the accounting platform VISMA | Yuki, who store their financial information on the blockchain.

This simple adjustment could give the internet and its services the drivers needed for a healthy digital society:

1. Absolute Data Control: The end user can give keys to third parties to share specific information.

2. Traceability: There is always an immutable proof log of what has occurred. The public database cannot preventively regulate activities, but it can record them as evidence in case of a dispute.

3. GDPR Compliance: The user becomes their own data controller, fulfilling the role described by GDPR for data processors and controllers.

Who Hosts the Data?

Commercial data centers are free to join the public database by installing software that follows a specific protocol—a contract that dictates how they must follow rules to get paid. The protocol compensates them as long as they act honestly. Read more about this in The Metanet: How To Own Your Data.

Although the public database is publicly verifiable, the actual content remains private at all times. This is achieved by storing the information in numerous transactions (UTXOs) that only the owner can piece back together.

For instance, your diploma is invisible to unauthorised users in a vast storage of small files. Only the person with the key can reassemble the files into a whole. The information on the public storage is pseudonymous; the public doesn’t know the owner, but each file has a verifiable owner.

A Solution to Digital Identity

Digital identity is one of the biggest challenges of our time. It’s clear that ‘Log In With Google, Apple, Facebook’ is an attempt, but since all you need is an email address to create such an identity, it’s insufficient for more official information.

We don’t want to entrust digital identity to a single entity like Google, nor to the government. We want to decentralise identity providers (notaries, banks, governments, etc.) to avoid a single point of failure. The problem, however, is that these service providers all operate in data silos. How can we prove that our identity is authentic without constantly having to verify it?

The public storage layer can link these data silos, allowing us to authenticate ourselves without handing over our information. This way, your bank can vouch for your identity to Google or Facebook, while creating a standard for what constitutes a 'real' user on these platforms.

The Tool to Efficiently Regulate the Internet

In the 1990s, it wasn’t clear whether the same rules applied in 'cyberspace.' With each new innovation, enthusiasts would claim that their invention was beyond the law.

It’s now clear that the internet is an integral part of our society and must be regulated accordingly. Data centers that facilitate the internet are subject to the laws of the country where they are incorporated.

With the aforementioned implementation of digital identity, we can hold users and platforms accountable without resorting to a CIA-like ‘track-everything’ scenario. Identity providers are decentralised across different countries and jurisdictions, and the keys used for user identification online are cryptographically derived, meaning they are only used once.

In the case of a dispute, a user can extract the relevant log from the public ledger and take it to the authorities. It is then up to the authorities to conduct traditional investigative work to find out which identity provider can link that key to an identity. The authorities will need a court order for this.

Although the internet and the services offered on it are integral parts of our society, they are not yet effectively regulated. We face problems such as fake news, fake accounts, data breaches, and a lack of accountability.

Public shared storage seems to be the final piece of the puzzle, enabling sensitive services to be offered and regulated, services that are as enriching and international as the internet itself: digital identity, payments, and important personal information.