‘Worldwide GDPR’ part of Mark Zuckerberg’s manifesto for tech regulation

Mark Zuckerberg speaking
(Image credit: Shutterstock)

Governments have a more active role to play in devising regulations to govern internet companies and online platforms, according to Mark Zuckerberg.

Despite antagonising regulators for years, the Facebook CEO has outlined four areas in which he feels new regulations and standardised systems are needed, in an article with the Washington Post.

Beyond a standardised and universal set of data protection rules that model themselves off the EU's General Data Protection Regulation (GDPR), people should be able to shift their data from any platform to another.

Moreover, there should be clearer laws for the use of data in political advertising on social media platforms, and updated legislation to reflect the threats posed by malicious actors.

The question of 'harmful' content shared across social media, meanwhile, should demand a set of common standards across borders and enforceable rules to hold tech companies to account.

"Lawmakers often tell me we have too much power over speech, and frankly I agree," the Facebook CEO said. "I've come to believe that we shouldn't make so many important decisions about speech on our own.

"Internet companies should be accountable for enforcing standards on harmful content. It's impossible to remove all harmful content from the Internet, but when people use dozens of different sharing services - all with their own policies and processes - we need a more standardized approach."

One idea, Zuckerberg suggests is for third-party bodies to set standards that govern the spread of 'harmful' material, with regulations setting the baseline for what is and isn't allowed. Companies, meanwhile, will be required to build systems that preemptively minimise the potential for harmful content to spread.

This includes material such as footage broadcasted by the New Zealand shooter last month, which Facebook revealed had been online for 12 minutes before any users flagged the stream as inappropriate.

Privacy and data protection standards need a harmonised global framework, he continued, as he sang GDPR's praises, and echoed calls for any new laws in the US to reflect the tough European data protection rules.

Zuckerberg's new tune is an attempt to stay ahead of the curve

It seems Mark Zuckerberg has been on a journey. In his article, the Facebook CEO makes clear that he's come to change his mind on letting lawmakers in on spaces he previously wanted them nowhere near. He adds that Facebook has too much power and that companies like his cannot make important decisions about speech without the help of third-parties and governments.

Is this the same Mark Zuckerberg that, for months, refused to give evidence to the Department for Digital, Culture, Media and Sport (DCMS) select committee? Its chair Damian Collins MP acknowledged as much in a tweet, again suggesting the Facebook chief "should start by finally accepting the DCMS select committee invitation".

As for the substance, they strike an opportunistic chord. Privacy, data portability, election integrity, and harmful content; these four areas Zuckerberg has proposed legislation for also happen to be areas in which Facebook has encountered big problems in the last two years.

Indeed, the company's in hot water with regulators, catching the ire of not just the DCMS select committee but the Information Commissioner's Office (ICO), and the Irish Data Protection Commission (DPC). The DPC is, in fact, pursuing ten major GDPR investigations against Facebook and its subsidiaries.

There's certainly an element of surprise to Zuckerberg's proposals. But his timing gives the game away. From the Cambridge Analytica data misuse scandal to links between social media use and children's mental health, a tsunami of negative publicity has seen the momentum shift lately. The debate now no longer centres on the question of whether internet companies should be regulated (or not) but how.

The Department for Digital, Culture, Media and Sport (DCMS), for example, is on the cusp of releasing a set of regulations against tech companies in the UK, dubbed the 'Online Harms' white paper. But there is little indication so far as to how tough these rules will be, or whether the government will bow to pressure to establish an industry regulator. The chorus of voices in the UK demanding regulation in one shape or another, however, means tough rules are inevitable; if not now then in future.

For Facebook, a company for which managing negative press on a near-daily basis has become par for the course, it makes sense, at the very least, to be seen as co-operative in a new regulatory dynamic.

Keumars Afifi-Sabet
Features Editor

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.