Citation: Kristin Eichensehr (2018) Digital Switzerlands. University of Pennsylvania Law Review (RSS)
Internet Archive Scholar (search for fulltext): Digital Switzerlands
Download: https://ssrn.com/abstract=3205368
Tagged:

Summary

Traces evolution of governments and technology company power in cyberspace.

Beginning in 1990s academic theorizing progressed through three stages: 1) governments could not and should not regulate cyberspace 2) governments could and should 3) shift focus to Internet governance and lawful state behavior in cyberspace.

Technology company response to government has also gone through several phases 0) cooperation, e.g., to gain access to China market 1) countering foreign government compromises 2) countering all governments, sometimes 3) emerging affirmative platform, styled "Digital Switzerland": neutral, all defense, no offense.

Internet companies might be distinguished from past powerful private entities such as the British East India Company and ExxonMobil in a number of ways: 1) aspiration to be global, not national (e.g., no national origin brand, no government ownership) 2) they have global users, not only customers or investors 3) they are attractive rather than extractive, fundamentally needing broad appeal, and exercising soft rather than hard power.

Argues the "Digital Switzerland" concept implies parity with governments, at least in some dimensions, and neutrality among governments, analogous to international law obligations for neutral states.

Proposes a triangular model involving governments, users, and tech companies (rather than only considering each pair independently). Model predicts when tech companies will resist governments (when protecting users from governments), when tech companies will fold (when some users are on government side, particularly case when government is democratic), and a dangerous combination (governments and tech companies working together against users, particularly case when government is autocratic). Further complications come when users want different things (e.g., right to be forgotten and searchers) and when attribution of attacks to governments is uncertain.

Notes in some cases tech companies may be only parties to realistically and effectively challenge government demands, eg due to standing and resources. Users are regulated by governments and tech companies, but it has long been realized (notes Federalist papers) that multiple regulators can produce more freedom.

With tech companies relative to governments, users lack franchised but have exit. Tech companies however are not merely "merchant sovereigns", but are coming to occupy a middle ground between that and "citizen sovereigns".

Notes public law values including accountability, transparency, fairness or due process, and protection of privacy and security, are one way toward the entities holding government-like power also being held to government-like responsibility.

Tech company aims to be "Digital Switzerlands" could be derailed by exogenous shocks, such as terrorists attacks, shifting public concern to favor the security of governments rather than security from governments. "Digital Switzerlands" can also be reinforced and entrenched through pressure by civil society groups for companies to adhere to public law values, consumer and investor pressure for security, and from governments themselves, e.g., who want tech companies to protect citizens from other governments.

Theoretical and Practical Relevance

Quote in paper: "When one country attacks another country, . . . for us, that’s one customer attacking another customer . . . [W]e will not aid in attacking customers anywhere, regardless of the government that may ask us to do so."

Quote by authors: "Madison’s basic insight remains applicable: having two powerful regulators, rather than only one, can benefit individuals’ freedom, liberty, and security because sometimes it takes a powerful regulator to challenge and check another powerful regulator."