A global digital rulebook?

(disclaimer: this article is a public-friendly version of a presentation delivered at the first edition of EUXGLOB, organized by the Faculty of European Studies at Babeș-Bolyai University, Cluj-Napoca). The academic version is available here.

“It was the best of times, it was the worst of times”. Charles Dickens’ opening line from “A Tale of Two Cities” certainly characterizes the times that we live in. It’s the best of times if we think of how much technology we have at our disposal and how this has made our lives easier, from ordering crazy stuff online to data science that can help in the fight against COVID-19. Speaking of COVID-19, it’s also the worst of times and suffice it to think about the ideas perpetrated online that 5G makes you sick or that the vaccine will implant a chip in you. That’s disinformation, pure conspiracy theories that travel six times faster than the truth that vaccines work.

We take technology for granted, but we also take it as it is, with its highs and lows without considering that there might be a different way of doing things. We are complacent and shrug at fake news, as it would be an inevitable side effect of online communication. We are trapped in the platform ecosystems because it is easier for us and because this is presented as the best convenience for us.

Is there another way of doing things? The European Union’s answer is “a set of rules based on our values: human rights and pluralism, inclusion and the protection of privacy“. A Global Digital Rulebook. By crystallizing these rules, the idea is to create a common foundation for today and tomorrow’s digital society and economy to be shared by a critical mass of actors – especially the EU and the US. What does this have to do with digital technology, social media, e-commerce or fake news or with the things that we experience online on a daily basis?

Although it might seem as a political discussion or at least a very abstract one, this conversation really regards you and me and should not be only left to the domain of high-politics. Why? Because you and I use social media on a daily basis, we organize our lives on the Internet and our lives are shaped by AI, data etc. Will we lose our jobs in the next couple of years? How will we communicate? These are just some of the questions that this rulebook might help with. Nevertheless, they can only find their answer in the domain of high politics.

So, first things first. This article will:

  • detail what the rulebook is
  • how the EU and US stand on policy fields where this digital rulebook would apply
  • assess whether it actually has a chance to function and to be applied
  • also talk about you and me 🙂

What is the global digital rulebook?

Basically, it’s an invitation that the EU has extended to the US to shape the digital space together, to work together, to make sure that human rights, privacy, transparency, freedom of speech… all these are respected online.

You see..the development of the digital space has seen its fair share of craziness – from tracking and mass surveillance of people to unethical use of technology and let’s not forget the influence in elections. The purely positive narrative about digital technology, i.e. that will help solve humanity’s problems, is long gone.

All this craziness has taken away the veil of naivety and has exposed the fact that the free space that we call cyberspace still needs to function by some rules, not technical ones, but more generally accepted principles. Those principles should be set not by private entities, but by ones whose purpose should be to protect the citizens. Aiming to secure a “pole position” in these issues, the EU has invited its American friends to join this initiative.

A set of general principles supported by the world’s technological leader, the US, and the world’s policy factory, the EU, would go a long way in protecting citizens. The EU made the first move for this rulebook, but did so internally, as it has spent years working on and developing its digital single market and consumer protection regimes. Despite having experience in regulating internally, things are not that easy when you aim for a global regime, because one must deal with different actors and different agendas.

Speaking of, where and how would this rulebook apply? Since digital technology is everywhere nowadays, it is difficult to pinpoint the exact domains where it might work. To be concise, I selected some policy domains that target the major layers of the digital space:

  • its foundations – security of infrastructures
  • rights – data protection and transparency of algorithms
  • economic layer – digital markets, taxation, competition
  • social layer – disinformation
  • future developments and research – AI

The simplest way to explain the need for a rulebook is to refer to AI. Its potential to replace human decision-making, but also its potential to influence people’s lives due to its decision-making, certainly require some generally accepted principles or, at least, some red lines that should not be crossed. Would you want a private company with an opaque AI algorithm to decide whether you would qualify for a job or a bank loan? Don’t think so. AI is a domain where the EU has just revealed its proposed rules, aimed at boosting innovation, but also at protecting citizens and giving them means to trust these new technologies. The US has not been particularly keen on doing the same, focusing rather on the competitive edge that AI can give it against China. While the US sees competition, the EU sees the need to build trust. These are different views, not necessarily resembling a strategic partnership. So what about the other areas?

How do the US and the EU stand? Is there room for a rulebook?

The answer for the second question is, declaratively, yes. From Ursula von der Leyen’s statement that “Europe stands ready” to Biden’s “We are back”, statements are promising. Let’s dig deeper.

On security of infrastructure, the two are seemingly on the same page, since they share the same foes – China and Russia. Speaking of China, Huawei started the whole debate on the security of 5G infrastructure since it has been suspected of espionage for the Chinese government. The Trump administration banned the company from doing business in the US and lobbied the EU and the Member States to basically do the same. With the launch of the EU Cybersecurity Toolbox, the Commission urged the Member States to exclude companies that might be suspected agents of foreign governments from 5G procurement. That’s basically a rule tailor-made for Huawei. So, it seems that, on this subject, the US and EU are in sync, but the US is the first violin.

On digital markets and competition, things are a bit more complicated. The EU is a “policy factory” and, of course, it’s in its DNA to regulate, since it needed to create a single market that would unify its national markets. The regulations in recent years have definitely crystallized the Digital Single Market – from roaming to portability of online content. Besides these building blocks, recent years have seen additional regulatory requirements for tech companies, everything from the copyright legislation to transparency requirements in the new Digital Services Act and Digital Markets Act. Additionally, competition is also something that gives the EU its edge. Since the Digital Single Market cannot properly function without proper enforcement of competition policy, various antitrust investigations have targeted and fined BigTech platforms.

The US has had a different approach, by providing a framework of self-regulation that has probably allowed tech giants the space to flourish, expand and buy their competitors. Why? Well, a powerful Google also translates into a powerful US overseas, of course. Nevertheless, things are apparently changing, since we have seen antitrust investigations against Facebook and parades of tech CEOs in front of Congress or even calls to break up BigTech.

On rights, the EU has the upper hand here as well. I think I just have to mention the GDPR and that would be enough, especially since the US does not have a federal data protection law. I do have to mention also the “Brussels effect” – the idea that the level of data protection is so high in Europe that companies have extended the application of this regime even worldwide.

Privacy is a whole other question in the US. The aftermath of 9/11 saw an emphasis on expanded surveillance and the Edward Snowden revelations have certainly showed this. The whole Privacy Shield debate shows that the US has a lower privacy regime, as well as other interests. Cooperation on a privacy regime or other enforced consumer protection rights would seem problematic, from this standpoint.

On social media and disinformation, times are definitely rough both for BigTech, but much more rough for democracies, which have started to hit back at them for the environment that they have helped foster on their platforms. Since the current legal context practically shields them from assuming responsibility for the content they help propagate, EU aims to change this and demands more accountability and transparency from these companies. No wonder that the von der Leyen has criticized the very business model of these companies.

What about the US, the land of BigTech? Well, since the propagation of alternative facts, the claims of fake elections, and the Capital riot, there is definitely groundwork for rethinking the responsibilities that social media companies have. Section 230, the law regulating the intermediary role of platforms or the 26 words that created the Internet, will probably be under review, even if social media companies have opposed this quite a lot. But, aside from parades in front of Congress, there are no official signals in the US about how BigTech might have more accountability.

Different fields, different interests, one rulebook?

Does this partnership have any chance to function?

The short answer is yes, because the main components of this proposed rulebook regard democratic values and, of course, the two share them (more or less). But others relate to cultural preferences and traditions, such as the choice between protecting privacy versus achieving security. This leads me to the long and probably complicated answer, which is maybe. Why? Well, first, when talking about norms and principles, we automatically know that they are non-binding and whenever the preferences or the conditions shift, they may be left aside for some period (of course, I’m talking about a pandemic here).

Nevertheless, the partnership may be boosted by China. Both the US and the EU have completely different views than China. They both want to deter its expansion on the global stage, since it offers another model for digital society and economy – a controlled digital society with an economy serving the interests of the Communist Party.

What else can bring the US and EU together? Definitely the need to reign in BigTech. Both actors have started internal discussions about updating the current system of rules so that BigTech can be more accountable. While the EU is more advanced, since it has already proposed a new set of rules for digital platforms, the US is a bit timid so far.

Finally, their “insides” may play a part in the organization of this digital rulebook. While partisanship will definitely shape the debates on how to handle digital platforms as well as AI in the US, EU member states have their own interests. For instance, Ireland has opposed the idea of this digital tax, since it’s the European headquarters of major tech companies.

Bottom line: the rulebook is declarative so far, but what matters are the varying interests and behaviors of both actors varying from one issue to another.

What about you and me?

I said in the beginning that the discussion is about you and me, since we interact with digital technology on a daily basis and digital tech, as it is now, has a massive impact on the way in which we lead our life. We get ourselves trapped in doom scrolling, we are targeted with massive amounts of information and we don’t have time to go through all of it, so we make snap decisions that may be true or false. And they might have serious consequences.

How would this rulebook improve OUR lives? We will continue to be able to speak freely online. Will we? We might be better informed about what happens with our data. But will we be able to truly control what happens to it? We might know more about how social media works, how it influences us and we might be able to signal bad and illegal behaviors faster and also change our behavior and quit the doom scrolling. But will we?


Big cities – London, Amsterdam, Barcelona, New York and Tokyo – are the stars of academic studies and the smart city industry. But what about small cities? Small cities cannot match the performance of financial, technological, touristic centers of the world, hence they do not possess the budget or the resources of even the human capital necessary for digital transformation. Or do they?!

The smart city industry is a cash cow and the pandemic will definitely accelerate this trend. But what about the people?

I found out about Darmstadt from a German university professor in the fall of 2018. “Germany’s first digital city”, he told me at a conference and aroused my interest about what exactly this meant. The initial impression after preliminary research was that of a futuristic city in the style of the Jetsons. So, the non-academic reaction was: wow, so cool! Then, I was lucky enough to have some initial conversations with people in charge of the project, but also to study within a research stay so that I could see for myself how a small and digital city looks like
Principles of the Digital City. Source:
Now, a few words about Darmstadt, a city the size of Oradea, an Art-Nouveau city, just like Oradea. It is a strong university city with a young and multicultural population, the headquarters of a European organization – EUMETSAT, as well as the headquarters of one of the oldest science and technology companies in Germany, Merck (established in 1668).

The differences are obvious, but both are small cities and are somehow in the shadow of other more developed, more tech-friendly cities. I felt this when talking to the people involved in the digital strategy of Darmstadt, as they could not dare compare themselves with Frankfurt or other big cities and asked me what I found so interesting about their small city.

This is what I wanted to find out in Darmstadt: how a local administration sensitive to the dangers of technology and to the needs of the people addresses digital transformation.

Cities are truly the closes political entities to the individuals, and this is even more obvious for smaller cities. Individuals can be put at the center of a smart city strategy by means of this closeness. There is one condition, though: the existence of a local administration focused on improving citizens’ lives. This is what I wanted to find out in Darmstadt: how a local administration sensitive to the dangers of technology and to the needs of the people addresses digital transformation
Coming back to Darmstadt. As I said, I managed to spend almost 4 months in the digital city. I didn’t live in a sci-fi town, I didn’t feel watched by millions of sensors and by Big Brother and nor did I have a digital identity. Each technological innovation put forward centered around the community with ideas of apps to encourage the circular economy by which people could lend their tools to one another or ride together to Frankfurt in one car. The Digital City strategy also entails free digital and media education courses for the elderly, but also free education modules for cybersecurity (Bleib wachsam, Darmstadt – stay alert, Darmstadt). Yes, there are sensors and a lot of data flying around, but they are generated with the LORAWAN protocol, a cheaper one that can be better controlled by the local administration. The interventions are targeted towards the community.

The biggest fear of people was to not be overcome and overwhelmed by technology.

Actually, the local administration organizes regular meetings with the citizens, where they can talk about the projects and where the local administration collects feedback. This is how the strategy began, by inviting people to an event where they could, among others, list their main fears related to digitization. The biggest fear of people was to not be overcome and overwhelmed by technology.

And by the way, the management of the Digital City has a series of committees that push forward and oversee the idea of tech for the people. According to them, they are among the few in Europe with an ethics committee, which has drawn up a series of ethical principles that should guide the local administration in the adoption of new technologies. As a matter of fact, this is the reason why they turned down a series of “black box” tech solutions offered to them, as they did not want to use technologies that could not be explained and opened up to the citizens,

Life in Germany’s first digital city is somehow the same even after they won this title, thus showing that digital transformation is a long-term effort and also an iterative exercise of governance. People ride their bikes, but they can also rent a bike from the bike sharing service administered by the local transport company. The administration functioned quite well during the lockdown. They are currently working on the city’s data platform, so that they can connect different sources of data in order to improve mobility, for instance. So, if pollution sensors report increases in values, this mostly likely means that traffic is high and several adjustments to the traffic management system can be made in order to lower pollution levels. And just to round the circle, the administration will open up the data platform partly to the citizens for so-called “citizen-science” project. Does this happen in a big city? Does this happen in Romania?
I deem these questions rhetorical, but I can offer certain ideas on how we can think differently about small and smart cities. The steps below are just one of the results of my research financed by the Deutscher Akademischer Austauchdienst (DAAD).


Digital Policy este o platformă de analize de politici publice digitale, axată pe nivelurile european, național și local.