Select Committee on Communications
Corrected oral evidence: The Internet: to regulate or not to regulate?
Tuesday 10 July 2018
3.30 pm
Members present: Lord Gilbert of Panteg (Chairman); Lord Allen of Kensington; Baroness Benjamin; Baroness Bonham-Carter of Yarnbury; The Lord Bishop of Chelmsford; Baroness Chisholm of Owlpen; Viscount Colville of Culross; Lord Goodlad; Lord Gordon of Strathblane; Baroness Kidron; Baroness McIntosh of Hudnall; Baroness Quin.
Evidence Session No. 12 Heard in Public Questions 103 - 112
Witnesses
I: Daniel Butler, Head of Public Affairs and Policy, Virgin Media; Adam Kinsley, Director of Policy, Sky; Iain Wood, Director of Corporate Affairs and Regulation, TalkTalk Group.
USE OF THE TRANSCRIPT
This is a corrected transcript of evidence taken in public and webcast on www.parliamentlive.tv.
Daniel Butler, Adam Kinsley and Iain Wood.
Q103 The Chairman: I welcome our witnesses to this evidence session of the House of Lords inquiry into regulation of the internet. I will ask our witnesses to introduce themselves in a moment. Gentlemen, today’s session is being broadcast online. A transcript will be taken. Our witnesses are from the internet service providers Sky, the TalkTalk Group and Virgin Media. You are very welcome. Can you please each introduce yourselves and, in your introductory remarks before we take questions from the Committee, tell us your view about the modern structure of the internet and whether it is currently regulated in an appropriate form? It has developed rapidly. Has regulation kept up to date with the pace of development? In your view, is it appropriate to establish a new regulatory body or perhaps an overseer of regulation? If so, what kind of powers might such a body be given or require? Mr Wood, can we start with you?
Iain Wood: I am director of corporate affairs and regulation at TalkTalk, one of the UK’s major internet service providers to both consumers and businesses. We like to think of ourselves as having led a lot of the child safety debates. We were the first company to introduce parental filters and have been instrumental in some of the other industry developments since, in terms of the establishment of Internet Matters, which you might be familiar with.
To answer the question, yes, the regulatory system as it is today has been outgrown by the development of the sector. We were one of the most vocal proponents of self-regulation in the initial years of this debate. Self-regulation achieved pockets of brilliance. It achieved a lot in the early days. The development of parental filters by the ISPs and the MNOs is a good example. The way the industry, including the social media platforms, came together to support the Internet Watch Foundation is another good example. There are examples of where it worked. There are two limitations on self-regulation that have been exposed. The first is the unprecedented pace of change that you referred to. The way that platforms have gone from foundation to hundreds of millions of users, sometimes in just a couple of years, has meant that the diversity of services on offer has left consumers with a plurality of services, not necessarily understanding what policies are applied by each or what protections are in place.
The varying degrees to which companies have embraced their responsibilities is the second factor. Put simply, some companies have taken this very seriously; other companies have not and have been quite happy to hide behind the collective industry effort. Because of those two factors and given the very genuine public concern about this issue, now is the right time to look at the limitations of self-regulation and see if we can move towards a system that does not necessarily regulate away the innovation and the brilliance of the digital economy but at least puts in some ground rules that give consumers a clear understanding of what protections are in place.
Adam Kinsley: I am director of policy at Sky. I sit on the UKCCIS at as executive member and on the board of Internet Matters. Sky has had a long history of trying to keep consumers safe online as an ISP with our Sky Broadband Shield filtering tool, which is on by default, and often as a broadcaster in the online space. It is very clear to us that consumers who are using internet platforms that fall outside of the traditional regulatory spaces are not being protected. Iain talked about self-regulation—I would not even call it self-regulation. Self-regulation is usually ascribed to structures such as the ASA that come together and are independent of government. For example, for advertising, the ASA submits its decisions for judicial review. We do not have anything like that in the online space.
As Mark Zuckerberg put it, it is not about whether we regulate the internet now; it is about how we do it and probably, I would add, which companies should be in scope there. We looked at this question. We asked Mark Bunting, who is a former Ofcom regulator, at Communications Chambers. He gave evidence to this Committee at the beginning of this inquiry about whether it would be possible to create a framework. He has produced a report, which I hope you will have seen, and in which he articulates how there is quite a lot of regulation of the internet.
The social media companies—as he calls them, online content intermediaries—are taking a lot of decisions themselves. They are doing it in a very unstructured way with no oversight whatever. It is private regulation, less than self-regulation. He concludes that there is a big gap and that we urgently need an accountability framework. At the heart of it, you would have an oversight body that would have certain powers—which we can discuss—to ensure that the decisions being taken by online content intermediaries could be properly scrutinised and understood. There would be an expectation among consumers as to what was essentially happening.
The Chairman: What would be the relationship between that body and the existing regulators?
Adam Kinsley: It might well be it is an existing regulator. The report does not stipulate which institution should be responsible. The report describes the powers that the institution would have. It could be new; it could be existing.
Daniel Butler: I am head of public affairs and policy at Virgin Media. We are an ISP with around 5 million broadband subscribers in the UK. I am also on the board of directors at Internet Matters. Virgin Media also funds Internet Matters and is a funding member of the Internet Watch Foundation. I do not believe that the existing regulatory framework is inconsistent with many of the outcomes that we all want to see for internet regulation today. The founding concept that that regulatory framework was based on is the concept of safe harbour. That concept has given exemption from general liability and general monitoring for internet service providers, for hosting providers and for caching providers, but it has not excused them from liability to take action where they are aware of illegal content across their services and platforms. That framework has been sufficiently flexible to give rise to a wide variety of co-regulatory and self-regulatory initiatives that have increasing efficacy. We are now seeing models come forward in which a very proactive approach to the filtering out of harmful content is being undertaken right across the spectrum from ISPs and how we deal with copyright infringing material and child abuse material to search engines and social media platforms which are applying technological innovation to how they approach content moderation.
Iain points to a couple of limitations in the existing outcomes that we see from that framework. I would not disagree with his comments, but I would reframe them and say those limitations are, for me, not foundational. They do not prove that the existing framework acts as a constraint to these initiatives emerging. They are uneven in their outcomes, which is something we should solve for. Broadly speaking, the proposals that have come forward sponsored by Sky are addressable within the existing legal construct.
As a final point, there are good reasons why that legal framework was designed in the way it was. It was designed to give rise to competition and as an acknowledgment of the decentralised nature of the internet and the importance of free expression on the internet.
Lord Gordon of Strathblane: I have a supplementary point to ask Mr Butler. You said that the degree of self-regulation is uneven. How are we going to even it up? Does that not imply an external intervention?
Daniel Butler: Sir, there are merits in some of the ideas that are coming forward for a new regulator or a new body that can do a couple of things to support additional efforts in internet regulation. Transparency reporting can act as a soft incentive for smaller companies, in particular, to, colloquially, up their game in internet regulation. There are some incentives that you could envisage a new regulatory body having that would encourage the long tail, if you like, of smaller platforms to invest in new ways of content moderation. My broader point is I do not think you have to start again, in terms of the legal framework that exists within the e-commerce directive that has given rise to a thriving digital economy, in order to achieve those things. There is a middle ground in which a new set of standards codified in regulation could be helpful but perhaps not as transformative as politicians might expect.
Lord Gordon of Strathblane: It seems to me that we might need legislation of some kind to give whatever external regulator there might be the power to exercise this influence, however gently, on the various companies. Would you be opposed to that?
Daniel Butler: Opposed to new legislation?
Lord Gordon of Strathblane: To create a light touch regulator, but somebody has to drive the action.
Daniel Butler: No, I would not be opposed to a new statutory framework. I would see it as a partial response to the bigger societal question that I would love to explore during this session. The creation of a new regulator with specific powers inevitably takes you towards the process and technical end of interventions, which is important but partial. It is a partial response to our objective of creating a safer online environment.
Q104 Lord Goodlad: What assessment have you each made of the Government’s response to the consultation on the Internet Safety Strategy?
Adam Kinsley: It is interesting. It is typical of the policy responses in this space so far, which have been quite narrow in scope. There has been a lot of noise about certain activities, and there is a governmental response to that. For example, the code of conduct that the Government have put forward does a number of things. A mantra coming out of the department is, “What is illegal offline should be illegal online”, yet the code only deals with legal content.
DCMS and the Home Office have said, “We will look at this much more holistically”, but the code does not do that yet. It is perhaps too narrow in scope. It talks about social media companies, which has not been defined, and that may not be broad enough. It does not mention, for example, some of the techniques where the platforms are using algorithms and AI. It feels like it is relatively narrow and we will probably need another code to do other bits of the equation. That is why we think the right answer is that an independent body is created that can look at the harms, assess them based on evidence and come up with a proportionate framework that deals with this in a much more holistic, measured and consultative way with the companies involved, assessing the harm and working with civil society. It is a good example of a relatively narrow intervention that they have probably done quite well, but it is too narrow and it has probably been done, if I may be so bold, by the wrong people.
Daniel Butler: I thought the Government’s response was, in some ways, a fair reflection of the commitment and the effort and the incentives that exist for internet companies to undertake activity to make the internet a safer environment. I was grateful for the recognition that the impact of things such as Internet Matters got in that response. In general, I was left feeling that this was a missed opportunity for Government to set a longer term set of strategic goals for online safety. Some of the evidence gaps that were acknowledged in the literature review that UKCCIS did to support the Green Paper were ignored by government.
Those evidence gaps present more fundamental questions to government about online safety that are somewhat removed from the low-hanging fruit of a new round of technical interventions. Generally speaking, we have been on the merry-go-round of technical interventions for too long without giving due regard to the broader societal challenges and interventions that are required to equip young people to get more out of a safer online environment. In particular, that literature review acknowledged that we do not understand the causal relationship between a young person seeing online harm and what that does to them in terms of their motivation to act. If we are designing frameworks that are to enable young people to be more resilient and to navigate this world where we acknowledge we cannot sanitise it completely, then the Government, sooner or later, need to grip that challenge and think, “Well, how do we better equip young people to navigate this world”?
Iain Wood: We spent a lot of time talking to Ministers and the officials at DCMS about it and I welcomed their very genuine desire to get this right. The question is whether the Government’s response is sufficiently radical to deliver the improvements that Ministers and officials want to see. Things like the code of conduct and transparency reporting are welcome initiatives. I worry that if they are done on a voluntary basis, they simply will not deliver the improvement necessary. One of the biggest problems I see is the disparity between the ways different companies treat this. A voluntary code of practice and a voluntary transparency report, although well intentioned, risk exacerbating that problem. Some companies—probably the large ones—in the public eye will sign up to that. Other companies will not. Rather than removing the variants we see, we end up entrenching them. There are good ideas there, but I would be inclined to go much further and to do it on a statutory basis.
On the issue about the strategy versus a series of tactical options, one example where I would have liked to have seen more strategy in the document is around the role government can play in marshalling the sorts of initiatives that the private and charitable sector support. The problem is not necessarily a lack of will or a lack of money. In some cases we have it. What is lacking is sometimes a coherent plan. To take one concrete example, in terms of the support available for parents online—we know lots of parents feel confused by this and want access to good reliable advice—there are so many duplicating initiatives often done by individual charities or individual companies which are protecting their policy on their initiative at the expense of coming together and collaborating and saying, “What are one or two sensible scalable options here that can materially move the dial, and we will all collaborate to put our resources behind those?” There is a genuine role for Government in forcing that debate. I worry that left to their own devices, everybody will continue to run their own little programme, which, although well intentioned, collectively ends up being less than the sum of its parts.
Adam Kinsley: Can I add to what Iain said? First of all, I agree with that last point, which was well made. In terms of codes of conduct, I sit in various different fora, particularly in Brussels, where there are lots of different working groups and lots of different codes are established. They spend ages writing the code. It is agreed. Typically a commissioner will hold up a piece of paper. That is the end of it. There is no creation of a framework of what effective action will happen. There is no monitoring of what then subsequently happened. There is no reporting back on what happened, apart from one or two very rare deviations from that that I can think of. Generally speaking, the code is published and that is the end of it. That is what I fear is lacking here. There needs to be a way of measuring the impacts of any of those interventions. Another role we see for this oversight body is some aggregate reporting of progress.
Q105 Baroness Quin: I want to pick up on what you have just said. You are all saying, in slightly different ways, there should be strategic goals for online safety and an overall plan. Is there a consensus as to what those goals should be? Is the problem that they have not been organised or implemented in an effective way? What should the next step be in terms of the strategic goals and the plan?
Adam Kinsley: My sense is there is more of a consensus about the need to create an evidence-based organisation, or to empower a body to do exactly that job. I do not think we know the answer to that question as to what are the strategic goals that we are trying to solve here. We do it at a very high level, but I do not think the evidence base necessarily sits in one place to map out what the right policy goals are. That is why we think that that needs to be done. There is a consensus that it would be best done by a body that is empowered to do that and can think about these things in a very evidence-based way. I am not sure we necessarily do know the answer to that question.
Baroness Quin: Is it a British body, a European body or a world body even?
Adam Kinsley: At this stage, it is bite-sized chunks and what you can achieve. Certainly, there is scope to do this in the UK. I agree with what Dan was saying earlier. You do not have to rip up the e-commerce directive to do any of this stuff. It articulates back from 2000 the concept of a hosting provider. Case law has then been used regarding active hosts and passive hosts. This idea that there are active hosts that are curating information, selecting information, prioritising some and deprioritising others—that exists. The e-commerce directive recognises, with regards to illegal content, that member states can impose a duty of care here so that hosts meet their legal requirements. We do not have to rip up any European frameworks. We can do this—the Germans have done it. We can do it as well and we can show what best practice looks like.
Daniel Butler: We fell into the trap there, Baroness Quin, of fixating on one form of technical intervention and one model of regulation. For me, the missed opportunity is that the Green Paper failed to look beyond those technical interventions in the debate that this Committee has provoked. I think that from this point we will find it relatively easy to find consensus on some of the technical and regulatory design questions that the Committee is grappling with.
The bigger issue, which government have not shown any appetite to address, is that there is evidence to suggest that because the nature of harm has evolved on the internet from a relatively contained content risk to risk associated with conduct and contact, the holistic solution is to equip young people to recognise risk and to develop their strategies for navigating it. It is called digital resilience. It has become a somewhat vacuous and hackneyed phrase because there has been a lack of research and government willingness to really understand what digital resilience is, what it looks like at different developmental stages and how we build it. We have undertaken some research on that primary question. The initial results that have come back show that we do not have a good view of what builds digital resilience today, but we know that the thing that diminishes it is turning off the device, removing children from the internet and preventing them participating in that world.
Baroness Kidron: I will put on the record that I know all these gentlemen outside of the Committee. Dan, I agree with a lot of what you said about not blocking and not stopping, and so on, but I absolutely have to ask you this question. Is it the duty of children to adapt to the commercial needs of the digital environment? Is it not the duty of the digital environment to adapt its commercial needs to those of childhood and children? In asking the question, I would specifically ask you to point to any other industry that is allowed to have even causal effect or causal harm on children—forget about the evidence base—that we would allow. I suppose you could point to the food industry, maybe, if you eat badly. I have to ask you that question.
Daniel Butler: It is absolutely the case that private actors have responsibilities. Each of us, as private actors, has shown willingness and responsibility beyond any commercial incentives that we may have. That is clearly demonstrated. Ultimately, the relationship that matters here is between the parent and the child. Our primary research with the Oxford Internet Institute demonstrates that. The one condition that seems to generate more resilience is a digitally aware, digitally skilled parent who can have an active parental role in their children’s online life. That is the fundamental relationship. I am not suggesting that children should be out there without any rules of the road or without any support from either private actors or their parents. Those conditions are absolutely necessary to be present. We need a realistic view that because of the nature of online harm, there will be situations in which the child encounters harm completely on their own. I would not want to be advocating a policy that was not at least looking to address how we can better equip children when they are in that situation.
Iain Wood: There are three buckets to this question; there is the product bucket, the parent bucket and the child bucket. There is a moral obligation on providers to make sure that we are providing a service in a way that protects children. That means walled garden content; it means parental filters. We are trying to make sure that we are providing it in a way that minimises the child accidentally stumbling across anything they should not and coming into harm. That is point 1, and that is how we have designed the product.
The second bucket is how we help parents understand and mitigate online risks. A lot of parents will say, “I don’t know what’s appropriate for them to be looking at. I’ve heard of these social media websites and platforms. I don’t know if they should be on them. What’s appropriate for a 13 year-old?” What is appropriate for one 13 year-old is not necessarily appropriate for another. There is an information element that we have an obligation to help with to make sure that parents are able to make informed choices about how to protect their children.
Having done those two steps, the remaining issue is how we equip children to deal with online harms. As Dan says, even though you try to avoid them coming into contact with harm, we cannot remove all risk, just as we cannot remove all risk from children in the physical world, in the same way that if you send a child to a park, you put in place precautions and try to minimise the risk but you cannot be 100% sure that they will not encounter any. As Dan says, there is a backstop that we have to think carefully about, which is digital resilience. Ideally, they never encounter the risk in the first place, but if they do, there is something there to help them.
Baroness McIntosh of Hudnall: I want to pick up on Baroness Kidron’s point. If I were going to be very disobliging, I would have to say these arguments sound remarkably self-serving. I do not want to be offensive, but that is how they appear, to me at least, because the point that all of you have made—and particularly, Mr Butler, you have made this point very reasonably—is that the speed at which these opportunities to participate are evolving is very hard to get ahead of. We all understand that. In a way, we must manage that reality, must we not? We cannot say, “Well, that’s the way it is, so everybody else will have to get up to speed”, and particularly not with children.
To take the park analogy, which I completely understand, we cannot protect children from harm but we do not expect the park to be different every time they go there. There must be some way in which there is some kind of intervention that is not just about saying to kids, “Watch out. There could be dangers”, and saying, “The dangers will be different the next time you go there”. How do you build that into a system that relies on the child and the child’s parent to be the mediators?
Iain Wood: Perhaps I have not expressed myself as clearly as I could. I am not suggesting at all that it is the responsibility of the child or the parent to protect themselves. If you take the core service that we provide, the internet, into someone’s home, I would argue the core responsibility and the moral obligation sits with us to try to provide that in a way that protects the child. In our case, it is the parental filter. You cannot sign up for a TalkTalk service without making an active choice about whether you apply the filter. The default is to apply it. If you apply it, there are nine categories. We have pre-ticked six that we think are inappropriate for any child. These are things such as dating, gambling and pornography. There are a further three categories that are not necessarily inappropriate for a child but some parents might want to restrict—things such gaming and social media. That provides the internet in a safe way.
It is a technology solution, and no technology solution is perfect. It works on key terms. Sometimes it might underblock; sometimes it might overblock. Therefore, the next stage is the parental stage, helping parents understand how to apply that and understand that. The final stage is helping children understand the risks online because no technology solution is perfect. It cannot be a completely safe area. You have to equip the child with that knowledge. It is about supporting the child; it is not about removing the obligation on the provider to provide the product in a safe way—absolutely not. That is the first part of the building block, but all three of those have to come together.
Adam Kinsley: In terms of this inquiry, which is to do with regulation of the internet, that is the first bucket—the companies. We would like to think we are all responsible—companies are all regulated in the UK, there is a structure and there is a framework. We are called in by Ministers. We turn up because that is what you have to do. We have a different situation with large global platforms that may have designed their products without necessarily thinking about the most vulnerable use case. That might be a different scenario to how we might think about a product where we are putting safety by design right in at the beginning. That is the nub of it. I agree that you need to have a way of ensuring that that first bucket, which is the companies, acts responsibly. All the evidence suggests that that has not been happening. It is because there is not a regulatory framework requiring them to do so.
Baroness Benjamin: You talked about parents and their responsibility. Who should be educating the parents? There are many parents out there who do not have a clue. All three of you have said it is the parents’ responsibility. There are some parents who do not know how to work the computer and do not care about what their children do, et cetera. How do we get parents to take up the responsibility? Who will teach them about what to look for when they navigate the internet?
Iain Wood: That was the exact problem we faced in 2014 when we established Internet Matters. At that stage, I think we had all launched—TalkTalk certainly had—our parental filters, which provided a safe gateway to the internet. When we heard back from parents, they were saying, “It’s great that you have this free tool. It’s great that you’re offering it, but we don’t necessarily understand how to use it”. As I was saying a moment ago, we do not necessarily understand what risks there are online or what is appropriate or how to use these tools. That is why the four major ISPs came together to launch Internet Matters. It is a dedicated not-for-profit directly targeting parents, not to tell them what to do or what not to do but to offer them a range of helpful information so that they can make an informed choice about what is right for their home. We felt we all had a moral obligation to support Internet Matters and to help offer that. It has been hugely successful. We are very proud of what it has been able to achieve. One of the things we would like to see come out of this whole debate is more companies supporting Internet Matters with financial contributions so it can reach more parents than it already does.
The Chairman: Baroness Benjamin referred to, in effect, some issues that came through from our previous inquiry on children and the internet. We found that there was very, very good practice across the industry with Internet Matters and a number of other bodies doing a lot of work with children and parents. However, there was a lack of co-ordination and, if not conflicting programmes, a lot of small programmes trying to achieve the same thing somewhat inefficiently. Is that being addressed? Is that improving?
Adam Kinsley: No.
Iain Wood: No.
The Chairman: No.
Iain Wood: The point of Internet matters was to address that. We were all running various different initiatives to support parents. When we spoke to each other, we realised that between the four major ISPs, we were in 90% of homes in the UK. We said, “If we co-ordinate our efforts, combine our efforts and pool our resources, we can reach so many more parents and be so much more effective”. We launched it as a four but the hope and aspiration was always that over time, a range of different companies across the sector, including social media platforms and device manufacturers, for instance, would join Internet Matters and it could become the industry body that combined those efforts and reached parents in a much more consistent way.
The Chairman: Is there anything the Government can do to nudge in that direction?
Daniel Butler: Government, in their response to the initial proposal of a social media levy in the Internet Safety Green Paper, acknowledged that the charitable sector’s response was lukewarm at best. To characterise their response to it, it seemed to be the concern that this would give rise to a more disparate advice-giving community and that was not in the strategic interests of any single advice-giving organisation today. There was a recognition that it was not conducive to better outcomes either. We know from Internet Matters that you need strong brand recognition and a one-stop shop if you want material numbers of parents to engage in your platform again and again. Through Internet Matters, we advocated that that was the right model. There was general concern that the levy would make for a more disparate environment.
Adam Kinsley: The features of something such as Internet Matters, which has a number of companies all contributing and dedicated staff who are pushing out information, making it current and live, are right. When we set it up, Sky had its own online safety advice centre that we tried to manage. It was probably okay but it was not the best because it was not current enough. It was always a little bit behind. These guys were doing the same thing. At some point, we had to put our corporate branding and just cut it and say, “We’re not going to do that. We’re going to hand it over to another organisation”. The Royal Foundation, another forum that Baroness Kidron is on, wants to create a sustainable model to deal with cyberbullying. If we could come together with the collective, we would be prepared to say from our perspective, “These are the features of the organisation. It needs to be done centrally. Someone needs to convene this and push industry together. We do not mind what the name is, but we think we can do more than the sum of the disparate parts”.
The Chairman: Is this a typical charity sector problem? You all talk about what industry can do to put resource and support into a single organisation, and pool your own expertise, talent and resources, but are there too many competing organisations, bodies, charities, all trying to do the right thing, that ought to be folding into it at the other end?
Iain Wood: I was trying to tiptoe around it diplomatically earlier. To answer your question, yes, that is precisely the problem.
Baroness Kidron: Or is the Government not doing enough?
The Chairman: Can the Government nudge?
Iain Wood: It is a difficult conversation for government to force, because invariably there will be winners and losers. The losers will be very noisy. I understand why Ministers might be reticent to force that conversation, but if we are genuine about this, then I think we have to.
Baroness Quin: My question, in a way, continues the theme of the responsibility of private actors. It is about the role that platforms and intermediaries can or should play in policing online content and behaviour. There has been debate about this in the context of the copyright bits of the digital single market directive, and so on. Is it reasonable for intermediaries to play a more active role in policing online content behaviour? If so, who should bear the costs of building and maintaining the systems and technologies required to do so?
Adam Kinsley: When you are talking about internet companies, you have to be careful about which ones you are talking about. In my mind, that question is about the active hosts, doing stuff with the content—arranging it, promoting it and demoting it. The company has terms and conditions that it tries to apply; it has its own private rules. The idea that the online content intermediaries are passive and are not doing anything is wrong. They are. Facebook described itself as a publisher in a lawsuit in the US last week. They have said they are not just platforms. They are somewhere in between. That is right. They are doing a lot in some areas. They are using lots of moderators—both Google and Facebook have talked about 20,000. They are using a lot of AI. They are taking down a lot of content.
If you have a platform where there is an editorial responsibility, because there are terms of use, you have a duty to police it. That cost goes on those companies, which is right and proper. The debate is often mischaracterised, very much so in the copyright directive, which has gone through a very bruising encounter, as my colleagues in Brussels tell me—I was there on Friday. There was a massive campaign and I am not sure who was paying for it all but I have my suspicions. At the heart of it, for copyright content, a company like Sky that owns a lot of rights finds its content appearing on online platforms. A company like YouTube has lots of content. YouTube has a very good tool called Content ID. What that means is if we notify them that some of our content is on their platform, it gets taken down. Because we have given them the metadata, it does not reappear.
All the copyright directive is saying is to have that obligation set out in the directive and require that of other platforms that do not do that. It is not going to break the internet—at least it was not the last time I checked YouTube. The campaign, just to illustrate, is that there are exceptions in that directive. One is to do with online encyclopaedias. Yet, in certain member states, Wikipedia blacked itself out as a protest. It is not even in scope. There is a lot of misinformation. We spend a lot of money trying to protect our content and investing in the systems to detect it on the platforms. They have a duty to police their terms and conditions. That is a fair compact.
The Chairman: Do you have less of an interest in content?
Daniel Butler: An increasing interest, but, historically, yes. Copyright is a germane area to focus this question on because industry’s response to copyright-infringing content has gone through quite an evolution within the existing constraints of the e-commerce directive. ISPs were the first actors required to take notice-and-takedown steps against copyright infringing websites under the 97A court order provisions of the Copyright, Designs and Patents Act.
We have taken action against The Pirate Bay, Newsbin and some of the prominent peer-to-peer copyright-infringing websites. That activity started in 2011 and continues to this day. It evolves on a monthly basis, when a new block list comes from the BPI, the Premier League and the MPA. In addition, in more recent years we have seen search engines required to undertake legal or takedown action against copyright-infringing websites, including deprioritising them in search results. The private sector, YouTube, evolved their Content ID system to respond to copyright-infringing materials. As a result of a dynamic court order our own approach has evolved and we now intercept live copyright-infringing broadcasts of Premier League and UEFA content. That framework emerged in 2017.
That all occurred within the general safe harbour exemptions described at the outset of the e-commerce directive. I am not as familiar with current machinations of the revised copyright directive, but when that was going through the European Parliament one of the early concerns was that in moving to a notice-and-staydown approach it was difficult to see how it would be compatible with our existing framework. In order to ensure that something stays down it implies a general monitoring obligation on the platform or internet service provider. In dealing with copyright-infringing material, the e-commerce directive has enabled a great deal of innovation and efficacious approaches from private sector companies.
The Chairman: Do you agree, Mr Wood?
Iain Wood: It is possibly helpful in this debate to consider the responsibility of a platform to separate copyright out, because it is quite a distinct issue compared to other issues such as harmful content. Those are separate things. Clearly the debate has moved on. It is not a question of whether the platforms have an obligation to monitor and police content they host. I would hope everybody is of the view that they do have an obligation. The question is merely, “How?”
The key question is whether we want to allow such flexibility that any platform can choose how they do that and it is accepted there is a diverse approach, in which consumers may be unsure as to whether they are protected or not, or whether we want to set some basic ground rules. I am firmly coming to the view that some basic ground rules should be set so consumers are confident of what protections are in place.
Lord Gordon of Strathblane: Is this a self-defining exercise? Does a platform itself decide it is passive or are there objective criteria that can be used? As a layman, even the most passive seems to be quite active when it comes to controlling advertising revenue
Adam Kinsley: You are either active or passive. When considering passive hosting providers I have in mind cyberlockers, or servers in data rooms that are hosting providers but are not profiting from the distribution of the content. There are no financial incentives for ordering content in a certain way. The ones that you have in mind are probably active, as defined by European case law and the case between L'Oréal and eBay, in which the concept was discussed. The platforms you have in mind are the new versions of hosting providers that emerged post-2000 that are arranging, suppressing, selecting and promoting content and profiting from that.
Q106 Viscount Colville of Culross: I declare an interest as a TV series producer. Do you all accept that liability is shifting, with online platforms increasingly accepting more liability? Mr Kinsley, you spoke in your submission about the need to refresh the definitions in the e-commerce directive, which sounds interesting. What does that mean? How does that turn into changing the liability? Mr Wood, you spoke of whether ground rules were needed. What would such ground rules be? Mr Butler, you appear more concerned about the role of strict liability and the difficulties for platforms in policing such a thing.
Adam Kinsley: There are emerging pieces of legislation and proposals from Brussels that recognise the bluntness of the e-commerce directive and the fact that hosting providers since 2000 have developed. In European case law there are now active hosts and passive hosts. In the long run, given some of the proposals in the copyright directive recognising that active hosts are doing monitoring and regulating their own platforms, the idea there should be no monitoring whatever is already outdated. There is another recommendation in Brussels for the treatment of illegal online activity where the Commission is very clear there should be active, pre-emptive activity by the platforms.
In the long run, perhaps in the next Commission, there ought to be a way of breaking out hosting providers into a more granular model. However, in the short term that is unnecessary. The ideas discussed here are perfectly commensurate with the existing directive. It is about recognising that the platforms already police content to differing extents, but there is no accountability as to what they are doing. For example, how are they doing it? What is the split between moderators and AI? How are they doing it across different content classes? What does it look like when they are considering reports from children?
None of that is transparent. Transparency is only available when the platforms decide to do it, on a global basis, at a time of their choosing. We need to move away from that. To answer the question about where online harms exist, regulators and policymakers need to understand what is happening. At the moment we do not have that insight.
Iain Wood: When discussing ground rules I am referring to what I consider the basics. It is not an attempt to have a catch-all piece of legislation that covers every aspect of the debate today. It is the basics, such as default privacy settings and what they are. For example, are there separate default privacy settings for children? How do platforms handle complaints about content? What is the SLA on any particular complaint? How often is the complaint upheld? All those basic things could form a basic set of ground rules. To be clear, it is a floor and not a ceiling. A platform is in no way prevented from going beyond those ground rules, either because the platform has higher standards or because there is commercial benefit in going above that. It would provide a floor and a consistency of approach so consumers can understand the protections that are in place and make informed choices about whether they use those platforms or not.
Daniel Butler: The liability question is somewhat removed from the discussion we have just had, which, as Adam characterises it, is an approach that exists within the current liability construct. In our submission we imagined a world in which we depart from the consensus position of today and envisage something much more strict in relation to the liability and obligations on platforms. We pointed to some potential negative unintended consequences and externalities that could flow from that, the primary one being false positives.
Looking at the German regulation, their companies are required to very quickly assess a very high volume of content on subjective grounds, not necessarily legal or illegal grounds. There is a grey area of harmful, leading to extremist material that they must quickly evaluate. If they get that wrong they face material fines. What behaviour does that institute? It institutes a conservative behaviour on the part of the platform and risk aversion to allowing content on the platform, which ultimately generates a high degree of false positives. It has consequences for free expression. Ultimately, taken to its extreme, it would alter the character of the internet.
Those are questions for parliamentarians to grapple with, because that is a trade-off. One does not want private companies making the judgment whether the potential negative harm to society of a piece of extremism material slipping through the net is worth that cost.
The Lord Bishop of Chelmsford: Why is that a problem? If there was some sort of appeal process, I do not see why that would be a problem.
Daniel Butler: That becomes a question of what period of time is acceptable to constrain someone’s free expression.
The Lord Bishop of Chelmsford: Yes, but why should the appeal always work the other way? The people who are affected by the harmful content have to appeal to take it down rather than the other way around.
Lord Gordon of Strathblane: The same thing happens with newspapers, which make a decision whether publishing something is in the public interest or not.
Viscount Colville of Culross: Yes.
Daniel Butler: I do not have any particular response to that. It is a fair challenge. I am not saying that—
The Lord Bishop of Chelmsford: What do you think?
Daniel Butler: There is an extreme version that does not look very attractive for a liberal society. There is then a model with appeals processes, with perhaps some lower constraints on the platform that involves less of a trade-off with free expression. Ultimately there is a trade-off and it is a debate for Parliament to have.
The Chairman: What does the extreme version look like?
Daniel Butler: The extreme version is the one I described at the outset: private companies effectively making risk-averse decisions that alter the average citizen’s ability to upload content.
Baroness Kidron: Is that not an argument for oversight of societal issues?
Daniel Butler: That is right.
Baroness Kidron: I agree with you that it is not the job of private companies to determine what constitutes hate speech. That is something we have to come to together and we all may be unhappy with where we come to. Is it not an argument for having some societal answer to the liability question, rather than a very narrow piece of legislation that pushes it back into the private arena?
The Chairman: You all hinted at that in your opening remarks.
Adam Kinsley: I want to add to that. I agree that, because of the problem you defined, that is exactly why oversight is needed. It is not fair on the companies, to be honest. The risk that Dan highlights does not only arise because of the German law. Platforms are taking down hundreds of thousands and millions of accounts. Twitter announced yesterday that it is approximately a million per day.
Baroness Kidron: Yes.
Adam Kinsley: They are doing this anyway, even without a NetzDG law. It is not because of the law that they are doing it. They are doing it anyway, but they are doing it with no accountability. I absolutely agree with you, Baroness Kidron.
Iain Wood: Adding to that, there is a debate about filtering versus blocking and how we try to bridge that divide at the moment. It is not appropriate, given that the four major providers cover 90% of homes in the UK, that between us we could get together with our counterpart from BT and essentially decide to shut down a bit of the internet because we do not think it is appropriate. It is not our place to make that judgment call. We can offer tools to customers so that they can choose to filter things they do not want to see in their home, be it pornography, gambling or violence. What we block at a network level, with the customer having no choice whatsoever, should be decided by Parliament. Anything that is illegal, we will of course block. That distinction is an important one, because in trying to protect children, which we all want to do, we have to remember that while there are some niche parts of the internet that not everybody in this Committee room would like to visit, a consenting adult does have a right to access it if it is legal content. We are trying to strike that right balance.
Adam Kinsley: I disagree. I fundamentally disagree with that. If you are a private company such as Facebook and you decide that you do not want nudity on your platform—which is perfectly legal—it is within your right to do that. I often discuss the Matt Hancock app and his rules of engagement, but perhaps that is irrelevant now. I frequent a bulletin board site for supporters of Tottenham Hotspur.
Baroness Kidron: Sad.
Adam Kinsley: It has a filter for swearing and completely censors what I write. I will not say the phrase I might want to say, but what it would turn it into is, “I naffing love Harry Kane”. It might not be what I put in, but that is how it comes out. It has a swear filter. It completely censors what I am saying and it makes for a really nice environment. It is up to companies to decide whether they want to do that.
The Chairman: What is wrong with that, Mr Wood?
Iain Wood: We are comparing apples and pears. One is about a service such as Facebook or Snapchat that a customer has decided to access and in that instance it is absolutely correct that the provider sets the rules, just as something in the physical world, such as Tesco, can decide what is allowed in its shops. As an internet service provider, what we are providing is not something that the customer has opted into, which is just access to the internet. We have to be very careful not to shut down things, due to our net neutrality obligations. Customers must be able to access legal content. We are comparing two very different things.
Adam Kinsley: Now I agree with you.
The Chairman: Right. You accept that distinction.
Viscount Colville of Culross: Mr Kinsley, you discussed the need for transparency and, Mr Wood, you talked about setting very basic ground rules. We have discussed the difficulties, or the benefits, of private companies doing that, but should we set up some sort of regulator to oversee it, that will bring in all these societal obligations and set these ground rules and the transparency?
Adam Kinsley: I think so. To examine some analogies, we are all regulated by Ofcom. We must all submit to information requests from Ofcom. If we do not, Ofcom fines us. With that information, it then undertakes an assessment of harms and risks in the market. On a quarterly basis it publishes information about complaints that we receive. We compete very, very vigorously to ensure we are not at the wrong end of that list and improve our performance as a result of it. I see that analogy being taken into this space. I have no doubt whatever that their performance would improve if you shone a light on it.
Iain Wood: I agree. Start from the premise of what problem are we trying to solve and then work back to what the regulator looks like. But we will probably get to the end point that there needs to be regulation of this. It can either be a new regulator or it could be extending the remit and probably the resources of an existing one like Ofcom. I do think it is necessary, precisely to underpin those ground rules that we talked about earlier. The telecoms analogy is apt here because, although TalkTalk is a UK company, most of our rivals we compete against are big international companies. They exist in Europe, where there is pan-European legislation in parts. They compete in countries around the world that European legislation does not extend to. They also operate under UK-specific legislation and regulation that Ofcom applies.
There are clear instances of the large companies that I am sat next to operating with country-specific regulation. I do not buy the argument that simply because you operate globally there somehow cannot be UK-specific standards. It is of course easier to operate where there is regulatory alignment across different jurisdictions, but it does not mean it is impossible if there is not.
Viscount Colville of Culross: What is your objection to that, Mr Butler?
Daniel Butler: I do not think I have an objection. I would say that one should be clear about what additionality one expects from a new regulatory construct. As the Internet Safety Strategy acknowledges, the big boys are doing what government would expect them to be doing and ISPs have long since satisfied Government’s requirements for site blocking. We have just been handed a new set of obligations under the Digital Economy Act for non-age verified pornography websites as well. What is an additional regulatory framework there to achieve? From the proposals that have come forward, I get the sense that it is to address inconsistencies and the long tail of smaller operators. You then need to think specifically about what incentives work for smaller operators and the balance as regards disincentivising them from entering the UK market. These are typically going to be San Francisco-based emerging companies that look at the UK market and think “take or leave”. Let us get that balance right. More fundamentally, to return to my earlier point, let us not stop the debate at whether a new regulator has some requirement or powers to require information and set some transparency standards for content moderation. That is a partial response to our objective of creating a safer online environment. If we do not think more holistically about better equipping young people in that world, we will have failed them.
Lord Gordon of Strathblane: In the TalkTalk evidence, you say that only 14% of British voters think that social media is ultimately good for society. That is an alarmingly low figure. What would you recommend them to do to dramatically increase performance?
Iain Wood: I should stress it is not TalkTalk. That was a YouGov statistic that we quoted. I hesitate to lecture somebody else about their business model. One thing we have tried to do, as an ISP, is get ahead of the debate. Rather than be dragged grudgingly on to this territory and addressing the very genuine concerns of parents and children, we have tried to think it is completely understandable that people have these concerns, and we need to get ahead in terms of modifying the product and making sure we offer the product in a safe way.
If it is our TV product, you could have a walled garden where only children-appropriate content is available. If it is the internet, then we offer the filter—the wrap-around. We work through how we help parents apply that, as I talked about earlier. We then actively promote that to parents. We say, “You cannot become a customer unless you make these choices. Here is a whole host of information to help you understand it and here is some information you can have about broader risks that you might want to learn about regarding the online world”. That does not solve every problem, but it does allow parents to see that we are taking this really seriously. We are imbedding safety by design into our core product rather than viewing it as an unnecessary evil.
I am sure if the big social media platforms were sat here today, they would say they are already doing that. I do not necessarily think that is being heard and understood by consumers. If you are passionate about technology and the benefit it brings to society, like we all are, you have to be equally passionate about understanding and mitigating the risks that undermine public confidence in that technology as well.
Adam Kinsley: I would point to the evidence that Doteveryone and Rachel Coldicutt gave to this Committee. There were some other statistics that I cannot remember off the top of my head. The public’s trust is relatively low given what an amazing thing the internet is and what it does for us. Their conclusion is that there does need to be accountability. That is the only way that you can bring legitimacy back into the equation and put public confidence back into the system.
Q107 Baroness Kidron: My question is about design. When I asked about making the digital environment fit for childhood, you all went to safety. My question is about design. Can you stay away from safety and think about design. For example, in the written evidence from Sky it says, “The minimum standards should require that the strictest privacy settings should be ‘on’ by default, geolocation should be switched off until activated and privacy and geolocation settings must not change during either manual or automatic system upgrades”. You have all talked about terms and conditions. What if your published conditions were on a statutory basis, so that if you continually fail your own published conditions, whatever they are, there would be some recourse? Forget about who regulates. If we reimagine design as being for societal reasons, a bigger picture, like Dan was talking about, is there something about the way that we are approaching this problem that is simply wrong? We are not looking at it from the ground up. I am afraid that is the first part of my question. Is anyone brave enough to answer?
Adam Kinsley: I can in a small way. You highlighted a detailed listed. I am not sure I quite like all of that long detailed list, because it is more of a state of mind. It is quite hard to do one-size-fits-all approaches as well. By way of an example, we built a kids app. I will say some of the things that I really like about it. When we developed it, we tested it every week or two. The developers went back and they got the young kids in to prod and push. By using the same icons that are used on the modern internet, for example, the triangular play button, but making it very kid-friendly, we ended up with really good product. I cannot remember who I was talking to—it might have been you—with experience with BT and their engineers. When they got children and young people involved, it was a very different story. It is a lot easier for us to bring a new product to market with that philosophy in the front of our mind versus a large platform that was built quickly to get bought by another Silicon Valley giant, and before you know it, it is all a bit too late. That is the problem.
Iain Wood: That is why I have a slight concern about exempting SMEs from some of these debates, because that does two things. First, you risk creating such vanilla, big platforms that you force the problem somewhere else, which creates competitive distortions in the market. Secondly, and probably the more relevant point, is you say, “Fine, you do not have to worry about safety by design until you reach a certain scale”. Then you are trying to retrofit. We all know retrofitting on to something is invariably more expensive, more difficult and ultimately probably less effective than embedding it from the outset. The end point has to be less around what have you managed to retrofit on to a product once you reach a certain scale and you find yourself on the front page of a newspaper, and how did you say to your product designers from the outset, “This has to be at the core of your mission”? If safety is not embedded in the product, it is not ready to launch.
Daniel Butler: The way you have framed the question is fascinating. We are starting to think about safety by design in our product development. Our kids’ app is an example of that. There are different ways to characterise that too, such as accessibility by design and sustainability by design. This is clunky, but taking into consideration vulnerability in our design products. In relation to vulnerability, we have designed a Talk Protected line rental proposition that addresses the fact that older people primarily take only landline from us and are less engaged in the market, so we freeze their line rental for the lifetime of their being a customer with us. We add some vulnerability services if they have vulnerability challenges.
As a group of both pay TV platforms and ISPs, we are pretty mature in our suite of accessibility by design solutions, not least on the TV platform. That is a continually evolving challenge too. Why do we do that? Well, I would pinpoint a couple of conditions that that is a response to. One is an increasingly socially aware customer base that we are all trying to attract as customers. I do not have particular evidence to support that being the case, but I think there is a general feeling in corporates that there is a need to be more socially responsive. That has all kinds of positive externalities in terms of corporate behaviour. The second is some regulatory pressure. These topics are continually assessed by a regulator. Not all are subject to regulation or even ideas in the mind of the regulator. Sometimes regulators and politicians can shift corporate behaviour through self-pressure.
Adam Kinsley: Accessibility is a good example. Ofcom publishes a scorecard of how we do on our channels. It focuses minds.
Baroness Kidron: Funnily enough, that was the second part of my question. I was trying to get to the purpose of good design before we get to the regulation of it. Is there some value in thinking about things as universal standards or sets of criteria, or in rating privacy accessibility and vulnerability—whatever the schools of concern are—so that instead of terms and conditions that are hugely long and no one reads, you come to something and you think, “It is a green light, it is a red light”, a bit like emissions and a bit like food? Is that a better soup for regulation—you know, pressure—to say, “We expect you to announce where you are in the system”, for example?
Daniel Butler: What is great about that is that it maintains competitive dynamics in the development of those products. When you started with universal standards, I thought that removes any incentive on the operator, but where you ended up with a traffic-light system on the basis of which consumers could make competitive decisions about which operator fits with their values, not just their service requirements.
Baroness Kidron: But you need to have universal standards to understand what you are looking at. That was what I meant by that.
Iain Wood: I completely agree. When I talked about the ground rules before being a floor not a ceiling, the bare basics could be one out of five. That absolutely does not stop a provider aiming to be four or five out of five and using that for commercial advantage. When we launched our filters, and we were the first ISP to do it, we did it because we thought it was the right thing to do. But I would be lying if we said we did not also market it. We went out to parents and said, “If you are worried about inappropriate content on the internet, we have a product that can help you”. There is no reason why something that is morally good cannot also be in the commercial interests of the organisation.
The Chairman: Mr Kinsley, do you have anything to add?
Adam Kinsley: No, I do not think so.
The Chairman: Sadly, I went slightly out of order. We have not made as much progress as I had hoped. Apologies to the Lord Bishop. Perhaps our witnesses can be reasonably concise in their answers, and if there are some elaborate issues, perhaps they could write to us. Lord Bishop.
Q108 The Lord Bishop of Chelmsford: I want to ask a question about the TV-like content, just to sharpen the focus on that for a few minutes. How should the video on demand services and the TV-like content be regulated? Should there be more of a level playing field in this regulation as compared with broadcast television?
Adam Kinsley: That is a good question; I think I should have that one.
The Lord Bishop of Chelmsford: It is one that probably affects you.
Adam Kinsley: Yes. TV-like and video on demand was a feature of the AVMSD Directive the first time around and has just been revised. The problem with it is that the definitions of “video on demand” and “TV-like” exclude some of the content we have been talking about today. Because of the narrow definitions of editorial control, Facebook is not in scope, for example. YouTube generally is not in scope either. While there was a model for broadcast which is heavily regulated and VoD a lot less so, it did not capture a whole swathe of online content, which is where people are viewing.
In the latest negotiations in Brussels for the revisions to the Audiovisual Media Services Directive, they included a new category of video-sharing platform. The problem with it is that it is so light touch, and there does not seem to be a mechanism for measuring any of the features of it, that it is a bit of problem. Historically, content protection has been where consumers expect it the most and where they are viewing the most, which has been the television screen. That is absolutely fine and right. As people are migrating and watching content online and on these platforms, it feels like the regulation has not caught up; that is, the detailed content regulation. Whether we ever get to implement the directive we have had in Brussels remains to be seen. It does not level the playing field at all, which is the nature of the slow-moving negotiations in Brussels.
The Chairman: Before others come in, what do you think should be done?
Adam Kinsley: The detailed content rules are not necessarily the problem we have to deal with here. I prefer to think about the much more holistic framework we have been talking about before, which looks at the concept of procedural accountability, which a number of witnesses to this Committee have referred to. It is a much better way of thinking of it than detailed rules every time, because you are always legislating for the last problem. That directive probably missed a trick, but the solution probably is not another detailed directive tomorrow.
Daniel Butler: My starting point on assessing what, if any, regulatory framework should apply to different types of VoD services is to think about the consumer expectation when they engage with those VoD services. We operate a VoD service which is heavily integrated as part of our pay TV proposition, as do the others. We integrate over the top applications like Netflix, Twitter and YouTube into our ecosystem. Our view is that customers have pretty sophisticated and different expectations when they engage with those different content platforms. When it comes to Netflix, Amazon Prime or our own VoD library, broadly speaking, the expectations that consumers have in terms of standards—and a reflection of the fact that some adult content should not be observable without some protections—are pretty equivalent in the linear world to the VoD world. Equally, we take steps to ensure prominence of public service broadcasting in our VoD library as well. The PSB apps have the most prominent content.
When you think about YouTube as a service or another user-generated content site, the user’s expectation is different. The content that they are accessing is different. About 10% of the content that children watch on YouTube is what we would consider long-form content. The rest is music videos, funny videos and short-form content. Those are Ofcom statistics. There is a difference in user expectation, which necessitates a different regulatory solution. The final point I would make about VoD is the PSBs now have—and have had for while—propriety apps that increasingly compete with Netflix and pay TV platforms. There is a long-term policy question for Government and Ofcom about how you ensure universality of public service broadcasting content when they have an incentive to lock customers into their proprietary ecosystems.
Iain Wood: While those debates play out—and Adam alluded to the fact they are not going to move very quickly—there are things that we think we can do in the intervening period to better protect customers from inappropriate content. I referenced it earlier. One example would be our kids’ TV service where, with the flick of a button, you go into a walled garden and the only content accessible in that is content that a parent has chosen to put in there. They can vary it. They can put in more educational programmes and take out cartoons. They can make sure that nothing that is adult content is accessible. There are ways that we can put a protective wrap-around layer around the child so the varying standards that exist do not necessarily have to harm the child.
Q109 Lord Gordon of Strathblane: How has age verification been implemented? Is it a good model for the future?
Daniel Butler: It has not been implemented yet, so it is hard to say whether it is a good or bad regulatory construct. We can say that it is a world first. It is a very new framework and model. All of us, as companies, have participated heavily in the development of that model and we want to see something emerge that is proportionate but effective. If we were to come back in six months’ time, we would have a fuller view.
Adam Kinsley: I can give you one good and one bad. The good is that on the face of the legislation, age verification is left at a high level principle. It does not get into how it is done. That is a good model, setting out the idea that the website publishers will develop a model working with the regulator. That is not necessarily the right thing to prescribe on the face of the Bill. I think that is good. What I like less is that where there is noncompliance, the only named part of the value chain that is subject to any fines is the bit that is already regulated, which is the ISPs. That is symptomatic of this issue, that the regulatory framework is too narrow and does not extend beyond traditional players. Policymakers are always likely to come back to the bit that is already regulated.
Lord Gordon of Strathblane: Would it not be better to move away from age verification, as such, on to the equivalent of the BBFC system for films and have a series of walled gardens, leaving it up to parents to decide which walled garden their child is equipped to enter?
Iain Wood: In a way, that is what parental filters already provide. They provide a mechanism for parents to put a walled garden around any content that is accessed in the home. Success for age verification is not that you have a large block of websites that are blocked, because this will only ever apply to a minority of the internet. It will not block all porn. Success is that the major porn providers—it is a very concentrated market, with a handful of companies owning the most popular websites—change their policies and put age verification in place. We do not yet know whether they will do that or whether we will be using the backstop power to try to block them. If we come back in 12 or 18 months’ time, I would like to think that the 100 most popular porn websites in the UK have age verification in place, not that the 100 previously most popular websites in the UK are now blocked and there are 100 more that have taken their place. Then it will have failed.
Q110 Lord Allen of Kensington: I would like to declare a historic interest. I served on the board of Virgin Media for a number of years. My question is around platform dominance and competition law. There has been a great deal of debate and discussion from a policy perspective in terms of the size and scale of these arguably dominant platforms. What are your concerns regarding what you flagged? What can we do about it? Maybe you could elaborate on some of your submissions. TalkTalk, you talked about the need for the CMA to review digital advertising. Sky, you talked about transparency, particularly around Ts and Cs and, in particular, business practices and ranking, et cetera. I would welcome Virgin’s view in terms of areas of concern and practically what you think we can do about it. As you answer that, think about the fact that as we exit Europe, most of the competition legislations have been European-focused. What risks do we face there? How will we tackle that?
Iain Wood: I would start by saying their size reflects the fact they are offering very popular products. We should not be churlish and should congratulate them on that. They have been very successful. You know from your knowledge of the sector that TalkTalk has probably always been the strongest proponent of a competitive market. It will not surprise you to know that we think competition is also a good thing in other markets. In our view, it leads to better consumer outcomes. There probably are questions about whether the scale of the data advantage they have over new entrants, particularly digital advertising, is consistent with the principles of a competitive market. I know the consumer Green Paper is looking at these issues. It is probably right that we explore that. I am not prejudging the outcome, but it is the right debate to be having.
As I said earlier, I do not subscribe to the view that because they are global companies, we cannot regulate them. We compete against lots of global companies that have UK-specific regulation applied to them. Clearly, it will be easier and will probably lead to better regulation if there is regulatory consistency with Europe. The same would be true about aligning with the US. I do not think it is necessarily a Brexit question or a non-Brexit question. Irrespective of what happens with our future relationship with the European Union, it will be in our interest to work closely with the European Union to try to ensure that the regulation that is almost inevitable is effective and gives consumers the protection they deserve.
Adam Kinsley: It seems us to that the framework in the UK works and is fit for purpose. We note that the Government are looking to give more of a strategic steer to the CMA to take bolder decisions. Some of the issues that have been raised by this Committee on online advertising may be looked at. Most of the Brussels interest is typically in the mergers and acquisitions, which is obviously a big part of this. In terms of the CMA’s competence for competition behaviour, I had a look, and they are looking at 29 live non-merger cases at the moment. When you look at what they are doing with their consumer enforcement hat on, they are already looking at online hotel bookings, secondary ticketing websites and online gambling. I am not sure that it is necessarily a Brexit issue.
Lord Allen of Kensington: You raised some specific concerns. How would you look to address those? You talked about transparency, business practices, ranking, et cetera, et cetera.
Adam Kinsley: We are interested in the current work that the EU is doing on platform to businesses. I am not sure we necessarily have a significant stake in that. It is one of the things that we are following.
Daniel Butler: I cannot let Iain’s assertion that TalkTalk is the primary advocate for competitive outcomes in telecommunications remain on the record. We built our own network, and that has been the single biggest driver of competitive outcomes in the UK market. There is a tendency to characterise big as bad in digital markets, which we do not subscribe to. Competition law orthodoxy does not just require dominance but the abuse of dominance. I would not necessarily comment on what the motivations of the European Commission are in a lot of the investigations. There has been commentary out there about some threadbare theories of harm that have emerged around some of the platforms.
Our starting point is to think about things from the consumer’s standpoint and to think about how the consumer is served by digital markets as they have emerged. There is evidence of a substantial and underreported consumer surplus from the emergence of these digital platforms. In the main, consumers are getting higher quality products than they were prior to the emergence of the internet. In the main, those are free, compared with what they were paying prior to the emergence of the internet. That generates a substantial consumer surplus. Many of these services are substitutable, in terms of social media platforms, and yet consumers are willing to forgo significant value or income to retain those services.
I read a study last week that said that an average American citizen would forgo $50 of income per month to retain Facebook even though that is a substitutable service for another social media platform. That value increases where there is less substitutability, such as in Search, where it is substantially higher. The one Brexit-shaped question is that if you are in a market where you have very big content providers, in order to ensure that consumer outcomes are sustained and that there is good balance in the transmission of that content, you need to think about becoming a bit more comfortable with scale in the communications market. That might be consolidation of mobile with fixed or fewer operators in those two markets.
Baroness Kidron: I have noticed you have all talked about consumers. I am very aware that in Australia, consumer law and competition law sit together. Might part of the regulatory gap be better served by us looking at a similar system here?
Iain Wood: We have to be open to new models. The challenge with all this is that we are trying to apply physical world regulatory structures that imperfectly fit the new and emerging digital technologies. We have to be open to new ideas.
Daniel Butler: It feels very much like those two worlds have collided already, Baroness Kidron.
Baroness Quin: You feel that we will probably stay fairly close to Europe’s regulatory system, but do you fear that we will lose influence in the shaping of that legislation in future? Or is it not a problem?
Iain Wood: After the last 24 hours, I think anybody trying to make predictions of what happens with the future relationship with Europe is destined to fail. I genuinely think it is too early to tell. We have much more experience of Ofcom, for instance. If you look at Ofcom’s relationship with Europe, Ofcom has traditionally been probably the lead regulator in Europe. It has arguably been the most influential body in shaping telecoms regulation across Europe. That is a telecoms point rather than a platform regulation point, but it is clearly an example of where we previously had influence across pan-European regulation, which you have to assume will be less in a post-Brexit world.
Adam Kinsley: I want to quickly add to that. We would have less influence if we were not round the table and still taking the rules, but I see it as a big opportunity anyway. The DCMS has already set out the idea of a White Paper for online harms and is not waiting for the European Commission, which works in an entirely different way. It works with very prescriptive rules that go through the co-decision process, which is not really consistent with the much more proportionate evidence-based framework that we are talking about and, certainly, as in this report. I think it gives us the flexibility to create something that is far more pragmatic and fit for our market. I do not really see a concern. I think we can develop something that, once it is working and in practice, might be taken up by the Europeans.
The Chairman: I would like to move on. We promised our witnesses 90 minutes. Would you indulge us for a further 10 and two more questions? Then we will wrap the session up. You have given us very comprehensive and useful evidence.
Q111 Baroness Chisholm of Owlpen: I want to move on to neutrality. I have three short questions I want to ask you. How important is net neutrality? The EU Open Internet Regulation seeks to enforce it. Does it work? Is it sufficient? Post Brexit, ought we to have our own net neutrality law?
Iain Wood: It is very important. I hope there is consensus across the industry on that. Clearly, in all these debates we talked about earlier about protecting consumers, we are very conscious of the need to strike the right balance with net neutrality. We look at it very carefully. When we are looking at what tools we give to parents to block inappropriate content, we have to be very careful that we do not breach our obligations. Scams would be another example. Unfortunately, online scams are becoming a fact of life. We would like to be able to block certain platforms and tools that we know are predominantly used by scammers. We have tried to do that, but we have to be very cognisant of our net neutrality obligations.
In certain circumstances, we can default filter something but offer the customer the option to remove the filter if they so wish. In doing so, we can give them some advice about why we had applied it in the first place, which we hope protects them. That is an example of where it is quite tricky to strike the right balance. There is a tension between our obligations not to censor the internet—certainly not for commercial gain—with what we feel are moral obligations to try to protect customers. The regulations work in the UK as they stand. I do not think they need changing radically post Brexit.
Adam Kinsley: From my perspective, the debate about net neutrality was very live several years ago. In Europe, we followed the lead from the US. The European and particularly the UK market are very different. There is lots of competition at the retail end, which narrows the scope for abuse. In the UK, one ISP could not dominate and decide to be the gatekeeper because it would be punished. It is probably less of an issue in the UK than it was in the US. The European law might not be the best, but it sort of works. It does not feel like reforming it is the biggest priority right now.
Daniel Butler: I tend to agree with Adam. In principle, net neutrality is very, very important. In practice, it has not been a particular feature or consideration in the UK market. There is an economic argument about net neutrality as we look to the incentives for network operators to increase the capacity of their network in successive generations going forward. The question is whether consumers are willing to pay the premium in order for investors to receive a reasonable return on gigabit-capable networks or tens of gigabit-capable networks. Those are the kinds of networks that Government find superficially attractive and that would send us up the league tables. There is a version of the future in which, if consumers do not show a willingness to pay a premium for those higher-quality services, then the monetisation of those networks needs to come from somewhere, and the primary beneficiaries would be those distributing higher-quality content over those networks. The ability to recover from that end of the ecosystem would be necessary and potentially would have implications for the existing net neutrality framework.
Baroness Chisholm of Owlpen: Do you think we need to do anything here in the UK post Brexit? Do all three of you feel the same?
Daniel Butler: It is probably premature to start asking those questions.
Q112 Baroness Bonham-Carter of Yarnbury: Picking up on Adam’s go-it-alone enthusiasm, I want to ask you all whether you think there are potential risks if the UK introduces regulation without the co-operation of international partners, particularly the European Union? How is this future divergence best managed? And then I have one other short question, but perhaps you can answer that first.
Adam Kinsley: It depends how it is done. The model which is described in some detail in this report is quite long—it is 35-odd pages. If it would be useful, on another occasion we could do a private briefing on the detail of it and get Mark back in to talk to you. But I think it can be done. Under recital 48, I think, the e-commerce directive already talks about duties of care for hosts to work with illegal content. We have not availed ourselves of that in the UK. Member states are allowed to do that. In article 16 it talks about codes of conduct being developed by member states; I think they are encouraged to do that, but we have not done it. It is wrong to think that member states are not allowed to act in this space. They are, but we have not done it, because the internet is just too difficult and different to regulate and that time has ended. There is now quite a strong consensus that we do need to do something. I think that we can act. The Germans have demonstrated that it can be done, but I am not sure that is the best way to do it. I understand they are going to be reporting on the efficacy of that next month, so we will see. Clearly, the more that you can do this at an international arena, the better, but that should not stop us from being bold ourselves.
Daniel Butler: I would just stress the importance of appropriate oversight in design. Baroness Kidron probed this earlier. The optimal framework is to have judicial oversight of the content that you are blocking. Some of the precedents that I have described are court order mandated, with a judge scrutinising the URL list. If we move beyond Germany just to the right and think about the political situation in Poland or Hungary, it is fair to be very nervous about precedents that we would be setting for content moderation on the internet, because some of the checks and balances in those nation states are being eroded by their Governments. Certainly if you went sub-judicial, you would have a very real prospect of those nation states engaging in censorship behaviour. Even at a judicial level, there is a question mark over judicial independence in those two nations.
Adam Kinsley: All of the global platforms are operating in those countries, and they are all taking decisions, as I described earlier, which you could argue are censorship, but they are doing it in a vacuum without any oversight. It is not the regulation that is offering the censorship. The censorship is already happening. I gave you the Wikipedia example where it was blacked out in Poland, I think. Should they be able to do that? Is Wikipedia a public utility that should be available? It is not the regulation that is offering the censorship. The regulation is offering the transparency and the oversight of the private companies that are taking decisions, maybe because of political pressure, but they are taking those decisions today. We are not requiring them to do that going forward, because they are already doing it.
Iain Wood: The important thing to stress is that in every stage of this policy debate there have been siren voices that said, “It is all too difficult. It will lead to censorship of the internet and the world as we know it will end”. I remember sitting around tables five years ago when parental filters were being debated, and some of the internet service providers at the time accused us of censoring the internet, saying we were going to end the internet as we know it and we had no right to offer parents the option to filter porn in their homes. We did provide that, parents quite liked it, the world has continued turning and the debate has moved on. We cannot be afraid to tackle these things just because they are difficult. There is genuine public concern. It is appropriate for Parliament to say, “We have certain values, and we think they should exist online in the same way they do off it, and just because it is a difficult debate, we should not shy away from it”.
Baroness Bonham-Carter of Yarnbury: Are there other international bodies that we should be looking to work with? We had evidence from Professor Wood that the UN’s ITU, for instance, would prove to be a very difficult place for us to get agreement. You mentioned countries such as Poland and Hungary and how they are behaving. Are there other international organisations that you think we could usefully work with?
Adam Kinsley: There are a number of organisations that are worth talking to and sharing experiences with, but I am not sure that the right answer is to come up with an internationally agreed one, because we will be here in another 10 years waiting for that to happen.
Iain Wood: I think the answer almost is to get on and do it and find a model that works. I suspect we will find that other countries will then adopt that model.
Baroness Benjamin: Going back to age verification, I was surprised to hear that you had a few issues about whether it will work or not, because I was under the impression that most of the porn sites in the porn industry want you to have age verification to protect their business. Why do you feel it will be difficult for you to put it in place, and what are the barriers that will cause you not to be able to implement it?
Iain Wood: There are certain aspects of the regime that are still not decided, and that is a matter of concern for us. We would like to have those issues clarified very quickly so we know exactly what we are being asked to build. The actual block itself is quite straightforward for us to apply. I have very little concern that we can apply it, but there is a proportionality issue with the system whereby the BBFC simply will not have the resources to take enforcement action against every porn site on the internet, and therefore, initially, there will be a small list of companies that it is seeking to persuade. I do not want expectation to run ahead of reality in thinking that, on day one, every pornography website will be subject to enforcement action from the BBFC, because they will not. It will be the list of the most prominent and popular websites. It will be a tool and we will find out how effective it is. Hopefully, the major providers and platforms will change their business models and be a success, but we have to be cautious in thinking that it will be a catch-all that solves every website on the internet.
The Chairman: I thank our witnesses for the evidence that they have given us today. It has been a very interesting session and we have raised lots of issues. I also thank you for the courtesy you have shown in referring to our previous reports and the evidence we have received, and for the obvious preparation with which you have come here to answer our questions. The evidence has been very useful and we welcome it very much.