No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

Where are the Victorians when you need them?

by David Rimmer
June 7, 2018
in Data Privacy, Featured
Where are the Victorians when you need them?

We need to update our laws, regulations and institutions for the digital age, just as the Victorians did for the industrial age

Tim Berners, in this year’s annual birthday letter to the World Wide Web Foundation, controversially raised the prospect of regulating the internet. “Companies are aware of the problems and are making efforts to fix them ……. The responsibility — and sometimes burden — of making these decisions falls on companies that have been built to maximize profit more than to maximize social good. A legal or regulatory framework that accounts for social objectives may help ease those tensions”. I agree in principle but would go further, arguing that the issue goes beyond the internet per se: it is about how we bring our regulatory and legal systems in line with the digital age in general and, just as importantly, how we evolve underpinning institutions.

During the 19th Century, when industrialization took hold, the Victorians passed a series of laws to regulate industry and to alleviate the side-effects of industrialization. Between 1830 and 1890 the Factory Acts regulated working hours for children, the Railway Act provided for passenger safety, the Food and Drug Act prohibited the adulteration of food and the Sanitary Act required local authorities to remove health hazards and made them responsible for sewers, water and street cleaning. These acts were contentious at the time, but nowadays we would find few proponents of child labour, trains without brakes, open sewers and bread filled with glass powder.

Today, we are experiencing comparable economic and social dislocation, this time brought on by digitization. Yet, there is no comparable stream of legislation – at best there is a trickle.

In his letter to the WWW Foundation Berners-Lee drew attention to how, “We’ve seen conspiracy theories trend on social media platforms, fake Twitter and Facebook accounts stoke social tensions, external actors interfere in elections, and criminals steal troves of personal data”. He could have added to the list: hate speech, trolling, breech of copyright, sexting, slander, grooming, online radicalisation, political advertising, electoral spending and social-media incitement of gang violence. If this seems like a ‘kitchen-sink’ list of issues then that’s because it is – because there are few aspects of our lives that do not have a digital dimension.

Since many of abuses of the internet are beginning to generate discussion, I want to explore a distinct area, the taxation of digital businesses, to demonstrate that we should look beyond the internet itself and consider instead the profound mismatch between our regulations and institutions, and the digital age in general.

Tudor Taxation in a Digital Age – Tax subsidies for the wealthiest companies in the world

The European Commission estimates that digital businesses pay an effective average tax rate of 9.5%, compared with 23.2% for ‘bricks-and-mortar’ firms. In order to “level the playing field”, the EU is looking to implement a tax on revenue of 2% – 6% for digital businesses with global turnover of more than €750m. The riposte from GAFA (Google, Apple, Facebook and Amazon) is that they are playing by the rules and are being unfairly singled out. This misses the point, however, which is that the rules were designed for a physical, not a digital world.

Under the today’s tax rules, digital businesses have a tax advantage in three areas.

  • Corporation tax – In 2016 Google paid £36m on UK revenue. But the latest accounts filed by Alphabet, Google’s parent company, show UK sales of more than £6bn. Apparently, sales of advertising to UK companies do not take place in the UK because Google’s legal entity that books the sale is registered in Ireland (which just happens to be a low tax location). After adverse publicity, negotiations with HMRC and appearances before parliamentary committees, Google has agreed a new approach with HMRC and will pay £130m, covering taxes since 2005. If a tax system depends on persuading companies ‘out of the goodness of their heart’ to pay more tax, then you know something is wrong, both with the tax rules and the ability of a government to exercise its jurisdiction.
  • Business rates (property taxes) – In the UK, business rates, assessed on property values, are the third biggest outgoing for many small businesses after rent and staff costs – that is unless you are an online retailer, in which you case you may pay no business rates at all. The irony here is that business rates were introduced in the 16th Century to address the side-effects of a still earlier economic revolution, the agricultural revolution. The aim of business rates was to raise money to care for the “aged, decayed and impotent” and “to place and settle to work the rogues and vagabonds”. So, 330 years later – after both an agricultural revolution and an industrial revolution – we rely on a tax designed to alleviate begging in Tudor towns.
  • State and local taxes – In the USA, for many years online retailers have been able to undercut ‘bricks-and-mortar’ retailers by not adding state and local sales tax (5% – 9% depending on the location). No in-state retailer presence, no sales tax. Recently, Amazon has had to add sales tax in many states since its Amazon Prime service depends on in-state distribution centres. Yet, even now retailers who sell via Amazon’s marketplace are not required to add sales tax.

Without doubt many consumers nowadays prefer to buy online, but surely digital businesses, some of the wealthiest companies in the world, should not receive such sizeable tax subsidies?

More generally, the example of taxation shows just how ill-fitted our regulations are for the digital age: taxes levied on property, a physical asset, when so many of today’s assets, especially software, are intangible; taxes based on demarcating the notional physical location of a transaction when in reality it happened in cyberspace; and taxes applied by national and local governments that are circumscribed by physical boundaries when digital businesses are global. Perhaps, most disturbing of all, is the way that such a fundamental aspect of how our society operates, as how we fund our public services and redistribute wealth, can be undermined with so little public challenge.

The principle which we have applied until now that what is illegal offline is also illegal online is shown to be naively inadequate. This principle would suffice if regulations had been designed for a digital world but patently they were not. The Elizabethans did not have online retailers in mind when they introduced property taxes, nor Madison the internet when he drafted the First Amendment. Likewise, our rules around electoral spending and advertising were devised for an age of mass media and our procedures governing the access of law enforcement agencies to evidence have developed over centuries under the assumption that evidence is physical as opposed to sitting on a server, a mobile phone or a hard disk.

However, new regulations alone will not be sufficient since regulations are only effective if there are institutions capable of defining and enforcing them.

New institutions to underpin new regulations

In the Victorian era, alongside legislation for industrialisation and its side-effects, came new institutions to monitor and enforce regulations. So the Factory Acts brought a Factory Inspectorate. The Health and Sanitary Acts required a uniform system of municipal boroughs which was introduced by the Municipal Corporations Act. Town councils were held to account through election by ratepayers, with transparency brought by open audit and the publication of financial accounts.

In contrast when it comes to the digital age, we have yet to evolve our institutions; neither their powers nor their composition.

The feebleness of today’s institutions in the face of digitisation is illustrated by the appearance of Mark Zuckerberg in front of various Congressional Committees. The four-minute limit for each questioner, compounded by committee members’ ignorance about Facebook, allowed Zuckerberg to obfuscate and filibuster, thereby preventing any meaningful probing. Perhaps the rigour of questioning was also impacted by the $600,000 that Facebook lobbyists had donated to 82 out of 91 committee members and their campaigns since 2013?

In the UK, the Parliamentary Home Affairs Committee has fared no better, proving itself unable in over a year to force social media companies to remove content propagating ‘neo-nazi’ ‘hate speech’. Indeed, a House of Commons review of the powers of select committees, notes that 1666 was the last time that a fine was imposed for Contempt of Parliament; while no-one has had to endure the punishment of being committed to the Prison Room of the Clock Tower, aka Big Ben, since Charles Bradlaugh refused to take an oath on the bible in 1880.

There is a mismatch not just in powers, but also in the nature of institutions themselves. Returning to the case of taxation, it is hard to see how our current institutions, based on physical jurisdiction, can easily adapt. It is a fundamental tenet that a government’s powers are limited to its own boundaries and its citizens or residents, whereas digital businesses are global, their transactions virtual and they may lack any local physical presence. Furthermore, in a virtual world the whole idea of an event happening in a specific place is a touch spurious. What counts: the location of the end customer at a particular point in time, their place of residence, their nationality, where data is stored or processed, the location of the agency that negotiated the contract for digital ads, etc.?

The General Data Protection Regulation (GDPR) is an example of how our concept of jurisdiction is straining at the seams. True, GDPR puts in place valuable protections over how EU citizens’ data is stored and used, but GDPR applies to any organisation handling EU citizen data anywhere. In practice, the EU has legislated for the rest of the world – is this right? And it is not just the EU that is trying to overcome the limits of a jurisdiction based on physical bounds.

Therefore, when it comes to devising a regulatory solution for a digital world that is global and virtual, a global aspect seems inevitable,. The challenge here is that what we need is not just new regulations or even new institutions, but a new institutional model.

Most of our current global organisations are composed of nation states. Even the Paris Climate Accord, operates under the umbrella of the United Nations. In the case of the internet, national governments will need to play a central role, not least because resilience of the internet is becoming a prime national security concern. However, so many actors within the internet ecosystem suspect the motives of government that a mere coming together of nation states is a non-starter, especially as trust and transparency are the very concerns that are driving some of the demands for regulation: why replace one untrusted party with another?. The answer would seem to be some kind of open institutional model that involves multiple stakeholders: governments, technical bodies and citizens’ representatives. Moreover, institutions would have to act in an open transparent manner that inspires trust. Again, this aligns with the nature of the internet itself which is in its essence an open network.

New institutions and even new institutional models may sound like a tall order, yet institutional innovation is nothing new. Douglass North, the Nobel prize-winning economist, and his school of New Institutional Economists have shown how the progress of humanity is above all a story of the evolution of institutions. It would seem odd – a unique exception even – if a wholly new technology were invented that transforms almost every aspect of our society but calls for no institutional evolution.

The third piece of the puzzle, beliefs. Whose freedom?

If regulations and institutions are to change, then the third piece of the puzzle is beliefs: people have to believe that new regulation and institutions are both necessary and right. Education will play an important part in shaping beliefs, as people become more aware of the impact of digitization and the ramifications for our society. But values will play a crucial part too.

Hitherto, the debate about regulation of the internet has been framed as a matter of making trade-offs between freedom and privacy. However, this is to define ‘freedom’ in a particular way and thereby to tilt the argument, “So you are against freedom?”. In reality, there are two sets of freedoms here, pitted against each other in a classic philosophical debate between “freedom to” and “freedom from”. Everyone’s ‘freedom to’ is at the expense of someone else’s ‘freedom from’. On the one hand, there is the freedom to say or post what you like online; against this stands freedom from being trolled, groomed, bullied, exploited by monopolies, or shot in a drive-by-shooting by a gang provoked by video posts on social media.

This is no different to the debates of the 19th Century when the factory owner’s freedom to run his factory however he chose was weighed against children’s freedom from having to work more than ten hours a day in a factory with unguarded machinery. At present, society seems to give more weight to a particular set of freedoms. Is this owing to how the debate has been framed? Is it because our ideas of liberty have shifted to a more libertarian basis, or because Internet and IT companies are regarded as ‘cool’, or is it simply that the issues are not sufficiently well understood, that the pace of technology change is out-running not only our ability to regulate, but also our ability as a society to comprehend the problem?

In the Victorian era, the golden age of free trade, there was an ingrained disposition towards economic laissez faire, no less than today there is a marked inclination for laissez faire in the digital realm. Nevertheless, attitudes shifted. Perhaps in 50 years we will look back aghast at the extent to which our society has provided a very limp response to online radicalization, cyber-bullying, electoral interference, hate speech and wide-scale misuse of personal data.


Tags: GDPR
Previous Post

TRACE Podcast: Problems with Campaign Finance

Next Post

In the “Wild West” of Virtual Currencies, Anti-Money Laundering and Sanctions Enforcement is Anything but Virtual

David Rimmer

David Rimmer

David is a contributor to Leading Edge Forum research and Industry Advisor for Banking and Capital Markets in DXC’s Digital Transformation team. As such, his role is to understand client business problems and develop digital solutions that can be delivered rapidly to achieve their goals, often through rapid POCs and pilots. David has a particular interest in Open APIs, especially the potential for open innovation that they enable. David was a member of the UK’s Open Banking Customer Working Group and has spoken at conferences and written extensively on PSD2 and Open Banking. In addition, David is the product owner for DXC’s Open Banking Accelerator – an out-of-the-box solution to enable banks to meet PSD2 and harness the API economy. Prior to this at Hewlett Packard Enterprise Services, David was responsible for the Mid-Tier UK Financial Services sector. He built a go-to-market team to address what was a new market area for HPE and helped clients implement solutions such as new account opening, digitised lending and the move of core banking systems to the cloud. David also took the lead on Innovation in FS and Retail, working with clients to understand the potential of emerging technologies, such as APIs, blockchain, robotics and AI. Previously, David managed HPE’s (and EDS’s) Global Government Industry, a team of senior consultants who provided public sector expertise on major deals and managed investment in industry solutions. David’s individual specialisation was in Government Finance: tax, revenue, benefits, payments, etc. David developed thought-leadership on numerous topics, for example, how governments can use IT to increase national productivity. David engaged at the most senior levels of government in Australia, Canada, China, Mexico, New Zealand, South Africa, USA and throughout Europe. David’s experience includes setting up and managing three businesses: a stock-lending exchange in the City; an early-stage AI company in Paris; and Daunt Books in London. David started his career as a consultant with E&Y and A.T. Kearney.

Related Posts

gdpr

UK Resurrects Data Protection Reforms, EU Court Rules on GDPR in Civil Cases

by Jonathan Armstrong and André Bywater
March 15, 2023

Recent courtroom and legislative action in Europe will likely have ripple effects around the world for companies subject to regulations...

eu flag

Preparing Your Company for the Latest GDPR Data Transfer Developments & Upcoming Deadlines

by Kevin L. Coy
November 30, 2022

An EU court decision and legislative moves in the U.S. and UK make compliance with privacy regulations increasingly difficult. Arnall...

minidata_b

Honey, I Shrunk the Data: How to Keep Customer Info on a Need-to-Know Basis

by Parker Poe
November 30, 2022

It may be tempting to hoard the data you have gathered on your customers, but an increasing number of regulations...

uk ico data access

UK’s Data Protection Regulator Signals Crackdown on Access Request Violations

by Jonathan Armstrong and André Bywater
October 5, 2022

Data privacy laws in the EU and UK established the right of individuals to find out what personal information organizations...

Next Post
In the “Wild West” of Virtual Currencies, Anti-Money Laundering and Sanctions Enforcement is Anything but Virtual

In the “Wild West” of Virtual Currencies, Anti-Money Laundering and Sanctions Enforcement is Anything but Virtual

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT