Piret Pernik, RKK/ICDS, June 21, 2016
Europe should align with other democratic countries across the globe to promote a rule of law-based approach to internet governance and to establish common standards in cyber security.

The European digital frontrunners should launch an organisation based on a multi-stakeholder model without geographic limitations to promote Europe’s agenda and project digital power outside Europe.

The recent proposals of the European Commission on stimulating e-commerce, getting rid of geo-blocking and high delivery charges in cross-border parcel delivery are first steps in building the Digital Single Market (DSM), launched last year. Policymakers worry about European digital underperformance: there is only one EU company among the 20 largest Internet companies and 10 largest software companies. The 14 largest IT companies are US- or Asia-based. About one hundred start-ups valued over billion $ reside in the US, and only 18 in the EU. European start-ups are frequently acquired by US corporations. Hence, the US reaps the most of the economic advantage of digitisation by its ability to innovate and accumulate venture capital, as well as by abundant R&D funding and focus on digital education and training. Without taking further action, including the review of telecoms law and copyright framework, the EU risks being permanently left behind by the US and Asian countries.

Digitisation provides access to bigger markets, increases competition and productivity, facilitates the development of new services and products, and creates new jobs. While most people believe that Internet is good for society, many worry about the “dark side” of digitisation that increases unemployment and inequality, as well as contributes to job insecurity. “Sharing economy” platforms (Uber, Airbnb and other firms) provide services across national jurisdictions, but privacy, data protection, digital security, consumers’ rights, taxation, and social benefits are regulated at national levels. This poses regulative and socio-economic challenges to governments and business as new forms of doing business need to be regulated, and old industries, sometimes less competitive, need to adapt.

European policymakers agree that policies and regulations must be rethought in a way that enables technological change, innovation, and greater competition. At the same time, some wish to boost European competitiveness by enacting discriminatory policies and regulations to curb foreign companies’ competitive advantages. In some member states protectionism prevails: data localisation requirements have been introduced, and – despite the warning of the European Commission – some member states have abandoned services of digital platforms or posed fines upon them. Starting from 2018 companies based outside of Europe need to apply to European rules when offering services.

However, Europe’s digital deficiency does not result from superior performance of foreign firms nor from its digital policies, but from diverse national regulations in traditional industry sectors, and by cross-border barriers. For example, SMEs lack the resources to establish operations in other countries without undertaking the cumbersome and costly process of adapting to domestic laws and regulations. Likewise, the fragmentation of the European defence and cyber security markets impedes participation in cross-border defence contracts for SMEs.

In addition to developing the digital marketplace, the EU should address the failure of some of its members to catch up in digitisation and innovation. There are significant divides between the more highly digitalised and more able to innovate member states (e.g. Finland, Sweden, Norway, Denmark, the Netherlands, Estonia, Ireland, Belgium and Luxembourg) and digital laggards such as Romania, Bulgaria, Greece, and others. National and regional arrangements that are in place to promote digitisation in the leading countries should be studied and their best practices replicated in the member states lagging behind. Case studies on bilateral or multilateral cooperation initiatives should be conducted in order to identify best practices. In the areas digitisation of government, industry and business, the digital frontrunners should push less digitalised member states to move forward. In the area of economic growth and job creation, they can provide best practices and foster the development of policies and regulations on how to enable innovation, provide cross-border digital public services, stimulate entrepreneurship, improve access to venture capital, increase R&D, and ensure effective digital skills development. For example, in e-government Estonia is the most advanced country in the EU. It has digitised most of government services, established public-private partnerships to improve digital education, launched public-private funds to facilitate the access of start-ups and SMEs to venture capita, launched an e-residency programme that encourages economic growth, and so forth. To develop cross-border services with Finland the two countries will improve interoperability of national information systems in key areas: business registration and licensing, taxation, e-prescriptions, e-health, and social welfare.

Cyber diplomacy, internet governance and cyber security

In regards with external relations, Europe needs a strategy on how to employ its traditional foreign policy tools in and through digital domain. Recent geopolitical struggles and military conflicts show that adversary countries apply digital power in the cyberspace in order to pursue their national interests, foreign policy and military objectives. While authoritarian states employ information and cyber means in support of their geopolitical ambitions, they have also increased state control over internet content, access, and use within their jurisdictions. These activities pose a challenge to the transatlantic objective of an open and free internet. Even worse, the potential use of offensive cyber capabilities against critical infrastructure presents a direct threat to Western interests. The role of EU in countering the use of internet for disinformation, trolling, cyber espionage and cyberattacks should be increased. It should play a key role in projecting its vision of the internet and cyber resilience outside Europe by advocating shared norms, common standards and sharing best practices.

The EU should take advantage of its elaborate soft power tools and mechanisms to promote its vision of open and free internet, democratic values and human rights online. Europe should align with other democratic countries across the globe to promote a rule of law-based approach to internet governance and to establish common standards in cyber security. The digital frontrunners should launch an organisation based on a multi-stakeholder model without geographic limitations to promote Europe’s agenda and project digital power outside Europe. High-tech member states should take a lead to define a vision and set of strategic priorities to achieve greater digitisation of economies, promote democratic values and freedoms online outside Europe, and cooperate with the US and other key partners on digitisation and cyber security issues.

Similar organisations already exist, but their membership should be extended. For example, the aim of Digital-5 (D5) network of digitally advanced governments (consisting of the UK, Estonia, Israel, the Republic of Korea, and New Zealand), established in December 2014, is to share their experience with building a digital government and economy. Another example is the Northern Future Forum that brings together the five Nordic and three Baltic countries and the UK to discuss technology development and innovative business issues at high political level.

There are areas where Europe should foster cooperation with the US, such as internet governance, cyber security, the development of norms and international law relating to cyberspace. But at the same time, to reap the full dividends of the internet, internally Europe most ensure competition in the European market, facilitate access to global market for SMEs, and adapt skills and foster talents to match the demands of the digital economy.

With regards to building a digital transatlantic partnership, progress has been hindered by dissimilar perspectives to privacy and surveillance in Europe and in North America, as well as distrust related to the NSA surveillance scandal of 2013. The implementation of data transfer agreement, the EU-U.S. Privacy Shield, is supposed to restore trust in transatlantic data flow and improve the overall strategic relationship with the US.

To cope with both digital and cyber security challenges, Europe must avoid viewing the US’ technological might as a threat. It must build a truly strategic partnership with the US, learn from American initiatives and good practices to incentivise innovation and entrepreneurship, albeit tailored to the European context.

Finally, academic writing on the use of digital power is still embryonic and needs refinement before it can be effectively used by states and international organisations. Clearer conceptions of what constitutes digital power and a set of case studies on how it has been used should be undertaken. Likewise, we need more evidence and statistical data on the impact of digitisation on productivity, employment, labour relations, and other policy areas. The misconceptions and fears about the negative impact of digitisation are fuelled in part by a lack of comparative and quantitative data on the financial benefits of digitisation.

To become a digital power Europe urgently needs to build truly free internal market by removing cross-border barriers for e-commerce, harmonising member states’ different regulations and ensuring that new regulations enable innovation and fair competition also with foreign companies. First and foremost it should digitise traditional industry, and invest more in R&D and digital education. In addition, it should adopt a pivotal role in protecting democratic values and human rights online, safeguarding an open and free internet, and promoting the development of norms and international law relating to cyberspace. Europe should develop common standards and best practices in cyber security and data protection, and project them outside its borders. For doing so, not only ought it learn from its own high performers but it should also study the American example. Finally, it should build a stronger digital partnership with the US based on shared values and interests.

Märkmed: