Tech Regulation and E-Commerce are Interrelated

Getting Regulation Right: E-commerce means that there is even more at stake for the consumer.

E-Commerce and the Digital Consumer

Having recently participated as a panellist at the Asia Pacific E-Commerce Policy Summit in New Delhi on March 14, 2024, I am sharing my thoughts on some of the issues that were either discussed or came to mind as I participated in this event. The first issue addressed to me as a former regulator, policymaker, public policy professional, and professor was how companies should view consumer protection and balance it with the objective of data sharing. I was asked how an e-commerce platform could implement measures to ensure a secure and transparent consumer experience. 

Striking a Balance between Useful and Exploitative

Getting the balance right requires appreciating the diverse objectives and the worth of each stakeholder business, including businesses, states, and city citizens or consumers. Let us pause and think about the business model that succeeded in providing us with personalised services. For example, If I go to a social media site, I tend to see what I like and have purchasing choices I appreciate. When consumers interact with the Internet, they derive many advantages from the free services provided by various digital service providers, including e-commerce entities and platforms. The model works because personal data is used to customise and improve the consumer experience and serve consumers with personalised advertisements. This personalised online experience is based upon detailed profiles built on millions of data points as individual consumers interact with various services across the Internet. I want to be shown products and services that match my requirements rather than sifting through thousands of links and websites. However, as a consumer, I would be very concerned if my data was being misused to, for example, offer me a discriminatory price based on my circumstances. Say a taxi app charging me more because my battery strength is low. I would worry about apps tracking children online and targeting them with ads.

As a policy professor, I tell my students that in the long run, a company can only succeed if it is trusted by consumers to do and provide what is useful, safe, sound, and beneficial. When Meta changed its privacy policy for WhatsApp, there was a massive spike in downloading other messaging Apps in India. Another example is the increase in spam and nuisance calls on the phone. I was reading an article about how Gen Z always keeps their phones on Do Not Disturb. The funniest comment I read and immediately shared with my daughter was from a girl who said that 99% of the calls she receives are spam and 1% are from her mother! The young people in the audience confirmed this resoundingly. Though I don’t go so far as to keep my phone silent, I never answer calls from unknown numbers. The lesson here is that if consumers get disenchanted by digital commerce, no one wins.  It is high time companies proactively respect consumers’ privacy and increase algorithmic transparency. If not, uninformed consumers will suffer gravely, and regulators will step in, which can sometimes harm business, innovation, and consumers. The savvy consumers will reject the technology, which is a lose-lose for all.

A World Without Borders

The other issue I dwelled upon was how cross-border cooperation among different stakeholders, including governments and the private sector, can be strengthened to address challenges related to consumer protection in the e-commerce space. By its very nature, e-commerce thrives on the Internet, and for most of the world, this means the flow of massive amounts of personal and other data and goods and services across borders.

While large digital platforms have global footprints, they often tailor their policies and practices to specific jurisdictions. Thus, for, e.g. we know that the GDPR is by far the most stringent privacy law and that the Digital Markets Act and Digital Services Act would curb certain practices, including B to B and B to C, in Europe, which are still not illegal in other regions and countries. In this scenario, corporates may modify their business practices to accommodate specific regimes, continue to harvest data, or engage in arguably dubious conduct not declared illegal. Hence, rather than being driven by inherently consumer-centric intrinsic value systems, they adapt and wait. This way of functioning is regrettable as it harms consumers and ultimately brings forth diverse multijurisdictional regulatory issues for them to handle. While this may benefit employment through the armies of regulatory professionals and lawyers that MNCs employ, it could also be more helpful for the companies concerned in the long run to be more agile in developing favourable consumer protective policies and business models they proactively apply across the globe. The time has come for digital service providers to move towards more than lip service to self-regulation; they should create a robust code of globally acceptable best practices that protect consumers and maintain consumer trust in e-commerce.

Global, Universal and Eternal

The UN and multilateral agencies have a crucial role in standard-setting global harmonisation of regulatory approaches and, last but not least, capacity building for governments and consumers. I have worked extensively with the International Telecoms Union, apart from other UN and multilateral bodies, and the capacity building and knowledge exchange we witness across the global North and South is tremendous. By the way, the world and India are still tackling spam calls that persist and adapt to regulatory responses, which we know now have become very realistic thanks to AI and deep fakes! Perhaps if the industry tried harder to help, we would finally tackle the issue. They have cutting-edge technology and inside information. Otherwise, as mentioned above, people will reject calls and texts outright.

Let’s not Influence Irresponsibly. 

Finally, a related issue is how social media has impacted consumers and in which areas regulatory interventions could help. Very recently, I read that in a sample survey, 85% of Gen Z say that social media affects their purchasing decisions, and 49% say that they shop or browse for shopping on social media at least once a week. Of course, this is true across generations, and social media and e-commerce are almost indistinguishable now. Even messaging apps can seamlessly enable purchases. Lately, influencers have become powerful marketing tools. I remember struggling with marketing my online course on digital regulation, and the advice I got was to hand it over to an influencer. Given my vintage, I was mystified as to how an influencer could market a course on technology regulation. It seems they can sell anything, a familiar concept when we consider how common it is to find film stars and celebrities endorsing products and services. Still, public personalities can be held accountable, and the advertising space is regulated. Influencers are not. However, an exciting development is the rise of de-influencers as a counter to misleading advertisements. Yet both these entities are entirely unregulated and are subject to capture by vested interests.

Given that their audience includes children, youth, and other vulnerable consumers, more attention needs to be paid to them. Perhaps greater regulatory oversight is necessary, or they could adhere to standards such as those prescriber by the ACSI, which can be mandated as part of an automatic authorisation regime to function as influencers.

Digital ID: Marked to Market your Data

Finally, the topic of social media brings me back to data. When different parts of consumers’ lives on the Internet, from messaging, emailing, mapping apps to social media to purchasing to search, etc., get merged into the online advertisement marketplaces, we have a frightening scenario where none of us is anonymous. We are only our digital IDs; like commercial property, our data is traded every minute. Hence, there is, in fact, no natural segregation of different branches of regulation, whether it is privacy and data protection content regulation or e-commerce. They must all be viewed holistically, collaboratively, globally, across sectors and regulators.