Part 1: 1990s’ History of Internet Law

The Internet was developed in the 1960s at a group of research institutes in the United States and the United Kingdom.Footnote ¹³ The Internet is a network of approximately 50,000 autonomous systems, which are interconnected by the Internet Protocol. The Internet became an information network of critical mass in the 1990s with the rise of Bulletin Board Services (BBS),Footnote ¹⁴ still more so with the growth of commercial Internet service providers (ISPs) in the late 1980s, and eventually a mass market artefact with the development of the World Wide Web (‘WWW’) and release of commercial web browsers in 1993–1994. The Internet developed as a self-regulated academic network,Footnote ¹⁵ and its emergence as a commercial platform that would rapidly permeate through society was largely unpredicted.Footnote ¹⁶ Kahin and Nesson explained that the development of the Internet was bottom up and self-regulatory, and explored the emerging tensions as other nation-states began to assert a regulatory role.Footnote ¹⁷

Internet growth, together with its increasing commercial exploitation, was accompanied by an explosive growth in United States’ scholarship. In 1993, Reidenberg explained that information had become an international commodity, ill served by existing legal frameworks poorly adapted due to their focus on the tangible aspects of information-intensive products and insufficient attention to the intangible aspects of information content.Footnote ¹⁸ Reidenberg extended the argument that technology can create an environment in the absence of legal rules in his ground-breaking conception of lex informatica. In the absence of ex ante sovereign power and legal rules, technology can symbiotically create de facto commercial regulation in much the same way as the mediaeval lex mercatoria.Footnote ¹⁹ He extensively spelled out the use of technology as a parallel form of regulation.

Building on Reidenberg’s insights, Johnson and Post made the classic argument for the Internet as a borderless self-regulatory medium that should be permitted to develop with less of the state-imposed restrictions that impeded the growth and development of earlier media.Footnote ²⁰ The growth of the application of law to its emergence was also unpredictable, although Johnson and Post argued for an ‘exceptionalism’ to permit this globalized unregulated medium to grow unfettered by state censorship, which they saw as both normatively and substantively unjustified. They drew on United States’ constitutional law and history in the argument. They suggest a structured, principled, and internationally acceptable manner for national legislators to respond to the Internet. Lessig, while rejecting excessive state intervention, warned that self-regulation could lead to an Internet controlled by corporate interests.Footnote ²¹ Lessig argued that state forbearance was rapidly resulting in private regulation by new monopolies, to supplement the existing regulation by technical protocols.

Although cyber-exceptionalism became the dominant viewpoint among scholars, it was not without its opponents. Goldsmith made a legal positivist stand against the Post-Johnson Internet exceptionalism, seeing as both normatively and substantively flawed any ‘claim that cyberspace is so different from other communication media that it will, or should, resist all governmental regulation’.Footnote ²² He asserted that it can be regulated, including via conflict of laws rules, although this is not a normative position on whether law should utilize its tools to regulate the Internet. In an early trans-Atlanticist article arguing against Internet exceptionalism and reactive national Internet regulation, Mayer-Schönberger and Foster argued that the global information infrastructure limits both absolutists and regulators.Footnote ²³ The emerging internationalization of the Internet would lead to both jurisdictional conflicts as well as a clash of rights principles, as foreseen by Mayer-Schönberger and Foster. Samuelson argued persuasively that legislators must ensure that the impending rule making for the Internet is proportional in both economic and human rights terms to the needs and demands of users, as well as coordinated internationally.Footnote ²⁴ Samuelson accepted the rise of the state, the need for sovereign intervention, and the efficiency self-regulation had provided, in arguing for principles for legislating on the Internet.

There have been extensive discussions as to the provenance of a field termed ‘Internet’ or ‘cyber’ law since the mid-1990s. As the law was colonizing the metaphorical “cyberspace” – communications between computer users over the Internet – most of the most authoritative and pioneering legal scholarship with regard to the new medium dates to the 1990s. Several offline subjects have themselves incorporated large literatures from their digital form, including intellectual property, non-networked computer law, telecommunications, privacy, cybercrime, and media content regulation. As the Internet was ‘born global’ but first became widely deployed in the United States, much of the literature has a bias in that direction.

Many argue that the effects of digital information retrieval on the law applies across all areas with some relevance, especially for intellectual property, and that Internet law should be considered part of the law of contracts, competition, the Constitution, and so on, with narrow exceptions for such issues as legal informatics, and telecommunications law, which are being transformed by technology, and therefore cannot remain distinctFootnote ²⁵. Easterbrook famously argued along these lines that there is no field of ‘Internet law’, any more than there is the ‘law of the horse’.Footnote ²⁶ Lessig responded that the transformative effects of the Internet on law, in areas including free expression, privacy, and intellectual property, are such that it offers lawyers a radically new route to thinking about private regulation and globalization, the limits of state action, as well as a powerful metaphor for explaining these wider changes to law students.Footnote ²⁷ Sommer dismissed Lessig’s claims regarding the exceptionalism of cyberlaw, arguing that ‘a lust to define the law of the future’ is dangerous, and can create bad taxonomy and bad legal analysis.Footnote ²⁸

Academics have constantly argued that the lack of general academic expertise and the emergence of the field mean that Internet law is a necessary short-term distinct study area, which may eventually be reintegrated into its constituent parts, as an inevitable eventual assimilation. Kerr explained two divergent views of Internet law. The first is an internalized expert view of the law, the second a technophobic view. Kerr concluded that two perspectives will converge and evolve, as more people understand the underlying technologies involved, and the useful middle ground.Footnote ²⁹ In a survey essay into the origins of the Internet law debate, Guadamuz argued that several new fields are emerging from the study of computers and law, including legal informatics, artificial intelligence (AI) and law, and that Internet law can provide new insights into established fields that provide contemporary context for the theoretical study of several subjects, and the profession’s development as a whole.Footnote ³⁰ Guadamuz argued that the ‘Attack of the Killer Acronym’ was preventing accessibility to Internet law for the wider legal profession, clients (and faculty).

Larouche later argued that the object of information law has mutated, scope for public intervention has been rolled back, implementation of any form of public intervention has been made more difficult, and that information law has seen its main topics expropriated by more traditional topics. The law syllabus is being digitized, literally (e-books, e-syllabi, e-libraries). He predicted the end of Internet law as a subject and the abstraction of information law to move away from a specific technology (except telecoms, media law). As a result, he argued that a ‘future information law’ will be radically amended.Footnote ³¹ Goldman argued for an Internet law that can be taught using new pedagogical elements employed on a survey-type course, and argued against Easterbrook that the volume of Internet-specific legislation and case law means that common law cannot provide a sufficient grounding for students to understand the transformations wrought by Internet law.Footnote ³²

Specialization happened to some extent, with e-commerce part of standard contract law, platform dominance in competition law, digital copyright (and patent) law, cybercrime in criminal law, and so on, as Murray described.Footnote ³³ Some of the more interesting specialist Internet law academic literature from the 1990s (and early 2000s) has also stood the test of time,Footnote ³⁴ for instance, on network effects,Footnote ³⁵ cyberlaw, and control by code or lex informatica,Footnote ³⁶ free and open source software and control of the online environment,Footnote ³⁷ network neutrality and the regulation of intermediaries by their networked environment,Footnote ³⁸ and the creation of monopoly gatekeepers resisting yet also predicting the dominance of Google, Amazon, Facebook, Apple, and Microsoft (GAFAM).Footnote ³⁹ Internet law has been approached as a private and public law, with policy perspectives from law and economics as well as sociolegal studies. The overviews that best introduce the topic to general readers contain contributions that provide both a commercial and a public law perspective. Some important contributions have focused on US law and policy,Footnote ⁴⁰ and relatively few works provide a trans-Atlantic context.Footnote ⁴¹

The world has changed less than we think it has in the last generation, and the battle between tyranny and freedom is eternal and geographical.Footnote ⁴² Both the twenty-first-century Internet and the nineteenth-century telegraph are controlled by the Five Eyes (the Anglo-American powers and their former colonies in Singapore and Oceania). While the reach of international human rights law was severely limited in the nineteenth century, largely a matter of humanitarian aspects of the law of war and the extraterritorial application of domestic anti-slavery laws by the hyper-power Great Britain, we now live in what are claimed to be more enlightened times. The cabling of the planet for the Internet uses much the same undersea telegraph lanes and developments from those technologies. The first Internet link outside North America was to Norway (as part of the North Atlantic Treaty Alliance) in 1973. We have wired Africa and have an interplanetary Internet. Geography matters, and so does territorial sovereignty. Information flows through those cables, and whoever controls the cables controls the information. The tapping of telegraph lines and blocking of encrypted messages was de rigueur in the Victorian era but this policy has been challenged under international human rights law in the twenty-first century.

The likelihood that multistakeholder civil society is able to exercise useful scrutiny and control over hyper-power politicians and their obedient corporate clients or partners may appear remote, and the call for international norms for human rights law quixotic. It could mark what some might call a tectonic shift in governance of communications. Cables may girdle the Earth in only 66.8 light milliseconds, but we continue to observe covert Internet surveillance in the shadowy half-light of governance of the corporations and surveillance agencies that have for so long controlled our information.Footnote ⁴³

Part 2: A Very Short Internet Liability Legislative History

These foundational rules for the adaptation of liability online focused on absolving faultless (and low fault, the line is shifting) intermediaries of liability for end user-posted content. More than two decades after ACLU v. Reno and the ‘Information Superhighway’ metaphor of Al Gore and Bill Clinton’s first term is as useful a time as any to look back to the future. Settled policies were arrived at as a result of expert testimony and exhaustive hearings, on liability, privacy, trust, encryption, open Internet policies against filtering. Changing those policies now may result in potentially catastrophic untying of the Gordian knots of intermediary safe harbour, privacy, copyright enforcement, and open Internet European regulations.

The legislation that underpins intermediary liability was introduced in an extraordinary ‘dot-com’ boom in the period 1996–1999, frequently dated to start on 12 April 1996, when Yahoo! underwent an initial public offering, shares making 270 per cent profit for investors on a single day. The growth of Yahoo! reflects the heady valuations of Internet stocks in the period with its peak at $118.75 a share on 3 January 2000 crashing to $8.11 on 26 September 2001 – lower than the price of its IPO.Footnote ⁴⁴ The rise and fall of broader telecoms stocks (the Internet’s infrastructure plumbing) of about forty-two months was documented by Malik as amounting to an excessive valuation of about $750 billion.Footnote ⁴⁵ A regulatory outcome of the large-scale fraud, accounting irregularity, and generalized lack of regulation in that period is the lack of proper investigation to learn the lessons of that boom and bust beyond the Sarbanes-Oxley Act 2002.Footnote ⁴⁶ This may have contributed in small part to the failure of regulation, and far greater losses, of the ‘Great Recession’ of 2008–2009 and the ‘Age of Austerity’ that followed.Footnote ⁴⁷

Two myths need rebutting to understand the ‘self-regulatory settlement’ of Internet law. The first is that the United States settled on self-regulation and a hands-off approach. While this was the spirit of the Digital Tornado paper, it was very much unreflective of the 104th Congress that voted through the Communications Decency Act as part of the Telecommunications Act 1996.Footnote ⁴⁸ In the US, liability regimes have differed according to speech-based and copyright-based liabilities. Communications Decency Act 1996 s.230 provides that ‘No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.’Footnote ⁴⁹ This language might shield ISPs from liability for subscriber copyright infringement as well. However, Section 230(e)(2) specifically states: ‘Nothing in this section shall be construed to limit or expand any law pertaining to intellectual property.’ Section 230 established the concept of limited liability.Footnote ⁵⁰ The Digital Millennium Copyright Act 1998 s.512 laid out detailed rules for copyright infringement and the action required of intermediaries when notice of infringement, as paid out in DMCA, was sent. The introduction on 30 June 1995 of the Internet Freedom and Family Empowerment Act to amend the omnibus Telecommunications Act of 1934, was designed in part to mandate filters against adult pornography in all United States’ households, and the eventual law as amended was voted through 420–4 on 4 August 1995,Footnote ⁵¹ remaining the federal law until part struck down in the famous ACLU v. Reno Supreme Court case on 26 June 1997.Footnote ⁵²

This non-filtered Internet regime, which arrived by accident as a result of constitutional convention, has been developed over time, and maintains a significant degree of difference from the gradually less permissive intermediary regime now permitted in the European Union.Footnote ⁵³ Note that the 105th and 106th Congress were largely obsessed with attempting to impeach President Clinton for perjury, related to a sexual misconduct that was first publicized via that unrestricted Internet that Congress had attempted to control in 1995–7.Footnote ⁵⁴ Attempts to reform the law in the period 2000 onwards were partially successful in restricting government-funded Internet services in for instance libraries, e.g. Children’s Internet Protection Act 2001,Footnote ⁵⁵ although statutes such as Child Online Protection Act 1998 were struck down by the Supreme Court.Footnote ⁵⁶

There is thus a patchy history of US federal legislators attempting to restrict Internet harms and place restrictions on Internet access, struck down by the Supreme Court defending individual liberty against censorship.Footnote ⁵⁷ In the absence of an active Supreme Court, Europe’s lawmakers have faced fewer restrictions on controlling the Internet, although the liability regime is only modestly different. As Holznagel indicates, US courts have applied ‘safe harbour’ provisions to widely protect Internet service providers (ISPs), even where [a] it was aware of unlawful hosted content; [b] if it had been notified of this by a third party; [c] if it had paid for the data.Footnote ⁵⁸ According to Yen: ‘[T]he general philosophy motivating these decisions – namely, that the liability against ISPs for subscriber libel would result in undesirable censorship on the Internet – remains vitally important in assessing the desirability of ISP liability.’Footnote ⁵⁹ Despite multiple recent proposals to amend the limited liability safe harbour of s.230 Communications Decency Act to counter ‘revenge porn’, disinformation and terrorist content, the broad exemption from liability for ISPs has continued into 2020.Footnote ⁶⁰ Frydman and Rorive see courts as ‘in line with the legislative intent … applied the immunity provision in an extensive manner’.Footnote ⁶¹

The second myth that needs exposing is that Europe was entirely reactive to the US Internet liability regime. While it is true that European telecoms were only formally liberalized in 1998, moves to regulate liability for online services predate the public Internet. European consumer Internet use roughly dates to 1998, with the opening of the Telecoms Single Market, and broadband to 2000, with the Local Loop Unbundling Regulation. However, a high-level group of experts led by Professor Luc Soete was set up in May 1995 to advise the European Commission on ‘social and societal changes associated with the Information Society’, which set out over one hundred initial policy suggestions in January 1996, including the infamous ‘bit tax’ to prevent e-commerce eroding the local tax base.Footnote ⁶² Among these suggestions was a recommendation to investigate further ‘appropriate ways in which the benefits of the Information Society can be more equally distributed between those who benefit and those who lose’. Given the upheavals of the ‘zero hours’ precariat economy of the 2010s, and the scandals of Apple, Amazon, Alphabet, Facebook and other multinationals’ failure to pay tax on in-country activities, the bit tax may be returning in 2020.Footnote ⁶³

In the German Teleservices Act of 1997Footnote ⁶⁴ and Bavaria v. Felix Somm (Compuserve) case,Footnote ⁶⁵ Germany showed that it wished to see a similar limited liability regime to that in the US. This led with British support to adoption of the Electronic Commerce Directive of 2000, creating the Digital Single Market in e-commerce. 1999 seems very late in the dot-com boom – but the legislative history of the ECD is directly traceable to 16 April 1997, months before the Teleservices Act was finally ratified. The coordination of US and European lawmaking came in the International Ministerial Conference ‘Global Information Networks: Realizing the Potential’ in Bonn (then the German capital city) on 6–8 July 1997, which addressed ‘international policy-making amongst others for electronic commerce with a view to adopting a Ministerial Declaration’.Footnote ⁶⁶ As with the US Telecommunications Act 1996, it was an eighteenth-month legislative process.

‘Safe harbour’ protection of ISPs from liability was only implemented on 17 January 2002, when the ECD came into force. Article 12 protects the ISP where it provides ‘mere conduit’ with no knowledge of, or editorial control over, content or receiver (‘does not initiate [or] select the receiver’). Benoit and Frydman establish that it was based on the 1997 German Teleservices Act, albeit with ‘slightly more burden on the ISPs in comparison with the former German statute’.Footnote ⁶⁷ Where ISPs provide hosting services, under Article 14, they are protected from liability, in two ways:

1. 1. the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity is apparent; or

2. 2. the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disrupt access of the information.

Like the proverbial three blind monkeys, ISPs and web hosting services should ‘hear no evil, see no evil, speak no evil’.Footnote ⁶⁸ As mere ciphers for content, they are protected; should they engage in any filtering of content, they become liable. Thus masterly inactivity except when prompted by law enforcement is the economically most advantageous policy open to them. Frydman and Rorive state ‘undoubtedly the Directive seeks to stimulate coregulation’. It does this by formally permitting national courts to override the safe harbour in the case of actual or suspected breach, of national law, including copyright law.

Whereas in the US, the absolute speech protection of the First Amendment and procedural concerns mean that Notice and Take Down is counter-balanced by ‘put back’ procedures, in Europe, where no such protection of free speech exists, speech freedom is qualified by state rights. In both jurisdictions, Notice and Take Down regimes cause Frydman and Rorive to state that: ‘[T]his may lead to politically correct or even economically correct unofficial standards that may constitute an informal but quite efficient mechanism for content-based private censorship.’Footnote ⁶⁹ It is clear that the economic incentive for ISPs is simply to remove any content notified, otherwise do nothing to monitor content, and let end users, the police and courts, and ultimately the ethics of the content providers decide what is stored and sent over their access networks. Frydman and Rorive state that: ‘Business operators should never be entrusted with … guidelines defining the limits of the right to free speech and offering procedural guarantees against censorship … which belong to the very core of the human rights of a democratic people.’Footnote ⁷⁰ That is nevertheless the situation that ISP Codes of Conduct seek to self-regulate.

Could a stronger case be made to make ISPs responsible for a class of their content, where it serves their commercial benefit? This is an idea that was suggested in the 1990s, before the CDA and ECD supplanted the idea. It has returned in the US with Balkin and Zittrain’s concept of information fiduciaries,Footnote ⁷¹ adapted to Europe in Perrin and Woods’ recent work on duty of care.Footnote ⁷²

Vicarious liability tests the ability to benefit and control [i] the right and ability to supervise and [ii] a financial direct interest. This tends to make ISPs choose not to monitor even for law enforcement. The financial direct benefit is interesting in view of the ‘killer application’ for broadband deployment in the 2000s: Did this include peer-to-peer if the access charges received by the ISP is based on traffic i.e. adverts on portal or bandwidth usage? ISPs arguably benefitted from the existence of copyright infringement on the Internet. Thousands of users desired Internet service precisely because it offers free access to copyrighted materials. As Yen argued, an ISP (like the Polygram trade show operatorFootnote ⁷³) could make copyright compliance part of its system rules and then monitor for violations.Footnote ⁷⁴ The Viacom v. YouTube case in 2010 failed to fully establish the burden in such cases.Footnote ⁷⁵

Similar controversies have arisen beyond content and intellectual property. The landmark 2000 French criminal case of Yahoo v. LICRA, confirmed that US multinationals must conform to national criminal law on hate speech.Footnote ⁷⁶ With regard to privacy, in 2000, the Europeans and US published the ‘safe harbour’ agreement. Negotiated from 1998, it was always legal nonsense if sound policy, and was struck down by the European Court of Justice in Schrems in 2015.Footnote ⁷⁷ Its replacement, the ‘privacy shield’, is equally a sticking plaster over trans-Atlantic differences, and may also be struck down. While this chapter will not describe any of the data protection law developments over the last 25 years, it is noteworthy that the Data Protection DirectiveFootnote ⁷⁸ was continually attacked as unsuitable for the Internet that it was not expressly designed to regulate,Footnote ⁷⁹ so the new General Data Protection Regulation is already subject to much attack for its failure to regulate artificial intelligence and robotics, yet again technologies for which it was not expressly designed … but may be adapted.Footnote ⁸⁰

Part 3: The Development of Co-Regulation

The early period of frenetic legislative activity in 1997–2001 matched the growth of the Internet sector in Europe, which was very small and not officially measured until 1998, when it grew from 9 per cent to over 42 per cent in 2002 in the United Kingdom, for example.Footnote ⁸¹ This unprecedented growth of a single electronic medium was driven by broadband, mobile and Wifi-enabled Internet access as well as the growth of social media: seven in ten Europeans were using the Internet by 2010.Footnote ⁸² By the end of 2017, 86 per cent of European Union citizens used the Internet, with 433 million users, and 252 million users of Facebook within that number and approximately 400 million Google users.Footnote ⁸³

The European Commission has conducted continuous monitoring of Internet self-regulation throughout the twenty-first century. A 2004 report for the European Commission concluded:

The development of Internet regulation has been scrutinized in real time as it developed. Self-regulation continues, and even in the absence of any new laws we would expect the development of the Internet not to be static.Footnote ⁸⁵ Legislative impact assessments of Internet law that ask, ‘What happens if we do nothing?’, do not involve stasis. The zero option is that the Internet continues to develop.Footnote ⁸⁶ Self-regulation is viewed as making standards and practices across industry that the European Commission, or a Member State, views agnostically in legislative terms (or pre-legislative, given the focus on areas that are emerging and which are not yet regulated), but which intends to monitor to analyse the extent to which the self-regulation approaches the standards of ‘representativeness’ that co-regulation is meant to demonstrate as a best practice. The Commission’s insistence that this is not an inevitable journey is backed by its actions in such areas as technical standard setting.

The largest European Internet companies are United States based. Half of the world’s ten largest public companies by capitalization are computer technology, Internet-based advertising, media and e-commerce conglomerates: Google (trading as Alphabet Inc.), Apple, Facebook, Amazon, and Microsoft (GAFAM). Apple is in the global top twenty corporations by revenues, with two Internet access providers in the top thirty (AT&T and Verizon). Large Internet companies have very high profit margins driven in part by their avoidance of high sales taxes, corporate taxes and transfer pricing, as well as merger activity. The European Commission explained that: ‘Google’s search engine has held very high market shares in all EEA countries, exceeding 90% in most. It has done so consistently since at least 2008.’Footnote ⁸⁷ Regulation by states of the failings of those private actors is in general much slower, with the Google competition breach investigated from November 2010 until a record fine was finally issued in June 2017. The actors that enforce regulation on the Internet are thus young but globally successful multinationals, an unprecedented group of private actors regulating speech and commerce on a communications medium. In 2017, the European Commission found all these companies guilty of anticompetitive conduct:

• Apple in Ireland, and Amazon in Luxembourg, had received illegal state aid of respectively €13 billion and €1.5 billion.

• Google abused its dominance through its search business, EC imposing a €2.4 billion fine.

• Facebook had flagrantly breached the terms of its merger with WhatsApp in 2014, with an EC fine of €110 million imposed in May 2017.

• Previously dominant software and Internet company Microsoft had been found guilty of abusing its dominance three times since 2007; fined a total of €2.2 billion.

This total of fines is a record for any sector, as are the individual instances of fines. To give a sense of the scale of mergers by the companies in that period, they made 436 acquisitions worth a total $131 billion in the decade to June 2017.Footnote ⁸⁸ These private actors operate with enormous scale and scope, yet they are legally regulated exactly as small commercial websites. The size and scale of their operations make their regulation more difficult than the equivalents in other industries – for instance, the infamous ‘Seven Sisters’ energy companies whose regulation inspired both energy and, to some extent, environmental law.Footnote ⁸⁹ Such regulation between states and firms has been termed ‘para-diplomacy’,Footnote ⁹⁰ and it is constantly engaged in by the GAFAM group.

Major platforms (now including Google, Yahoo!, Facebook, Microsoft) and access providers formed a self-regulatory group, the Global Network Initiative (GNI), in 2008 to respond to government demands for better enforcement. GNI members publish transparency reports which can be audited by the board of GNI, an example of self-regulation by a group.Footnote ⁹¹ Google first published a report in 2010, and reported in 2018 almost 4 billion annual copyright removal requests as compared to 495,000 annual “right to be forgotten” delisting requests and only 16,000 annual government content requests (affecting 221,000 websites), demonstrating that its most substantial enforcement actions are carried out on behalf of copyright owners.Footnote ⁹² Facebook, Twitter (since 2012), Amazon (since 2015) and others also produce annual transparency reports.Footnote ⁹³

Co-regulation was noted by United States Congress in 2002 to describe certain aspects of European regulation: ‘government enforcement of private regulations’.Footnote ⁹⁴ It actually came from Australia.Footnote ⁹⁵ The European adventure in co-regulation in wider consumer protection legislation, as well as standards setting, was made detailed in 2002,Footnote ⁹⁶ and became official policy in December 2003, with the Inter-Institutional Agreement on Better Law-Making (IIA), which defines co-regulation.Footnote ⁹⁷ Although a non-legislative act, the IIA is virtually a constitutional document in European law, and its importance cannot be over-estimated, as it agrees the rules of engagement of the European Parliament, Council of Ministers and Commission.Footnote ⁹⁸ The Commission confirms that forms of regulation short of state regulation ‘will not be applicable where fundamental rights or important political options are at stake or in situations where the rules must be applied in a uniform fashion in all Member States’.

De jure co-regulation involves legislation that tells the industry ‘regulate or else’. The UK Digital Economy Act 2010 included two specific elements of co-regulation, for the domain name authority (Nominet) and audiovisual media services online (the Authority for Television on Demand). De facto co-regulation exists where the regulators have used their powers of extreme persuasion. It is an area in which the industry players are very aware that the regulator has power. There can be de facto co-regulation taking place alongside de jure co-regulation.

The Commission in 2005 analysed co-regulation in terms of ‘better regulation’.Footnote ⁹⁹ This was immediately made part of internal EC practice in the Impact Assessment Guidelines,Footnote ¹⁰⁰ which the Commission must follow before bringing forward a new legislative or policy proposal.Footnote ¹⁰¹ Price and Verhulst (2005) contained significant focus on AOL and internal self-organization.Footnote ¹⁰² They identified even then increasing realism in recognizing competition problems, emerging monopolies, and dominance. Verhulst and Latzer provided excellent analysis of the types of co-regulation beginning to develop and their institutional path dependency.Footnote ¹⁰³ They identify five types of regulation, short of statutory agency-led regulation:

• Co-regulation,

• State-supported self-regulation,

• Collective industry self-regulation,

• Single company self-organization,

• Self-help/restriction by users including rankings to impose restrictions on access to content.

Note the direction of travel: both bottom-up transformations from self- into co-regulatory bodies, and top-down delegation from regulation into co- but not self-regulation. Also note examples of ‘zombie’ self-regulation – where no one will declare the patient dead or switch off the life support machine. I described these as ‘Potemkin’ self-regulators, where there was a website and the appearance of a regulator but few resources, no physical address containing offices and little or no apparent adjudication and enforcement.Footnote ¹⁰⁴ We should note the gains and losses in the lifecycle of regulation – will self-regulation ossify if it stays true to its principles of self-regulation? If ossification were to result, would it matter other than to self-regulatory purists if a mature self-regulator were then to be made into a co-regulator? UK converged communications regulator Ofcom’s own managerial and regulatory analysis of co- and self-regulation arrives at similar conclusions.Footnote ¹⁰⁵

The EC has made it pragmatic to fund standards and ex ante support self-regulation in cases where the US would simply ex post regulate via competition law. This leads to substantial US–European differences of approach, which may create ‘transatlantic competition of standardization philosophies … [in] consumer protection systems’.Footnote ¹⁰⁶ Examples of co-regulation have become frequent in this field in the 2000s, notably in data privacy, domain name governance, content filtering, Internet security, and network neutrality, as well as standard setting and social network privacy regulation.Footnote ¹⁰⁷ Both soft law and soft enforcement play a vital regulatory role which legal positivists would be in danger of overlooking by a failure to consider the law in its co-regulatory context.

A Beaufort scale of co-regulation was developed for the European Commission based on the Beaufort scale of wind speed (from calm to hurricane).Footnote ¹⁰⁸ The wind in this case is the degree to which the government was breathing on the forms of self-regulation that were taking place. Zero was a state of calm, which would be an entirely technical standards body whose standards were formed totally within the technical community, such as the Internet Engineering Task Force, up to a state of storm, which could be the forms of co-regulation that were formalized in the Digital Economy Act. Between zero and eleven, there is a lot of room for us to see different elements of influence that have been exerted. That wind is blowing a lot more strongly from European governments and from parliaments towards trying to achieve something much closer to co-regulation than to self-regulation. There are three alternatives:

1. 1. not to regulate, but the world develops without regulation

2. 2. to regulate all the platforms that legislators are concerned about

3. 3. to regulate only the dominant platforms.

It is this regulatory dilemma that I consider in the final part of the chapter.

Part 4: Back to The Future of Cyberlaw in the Ubiquitous Networked Computing Era

Internet lawyers are widening their horizons and returning to the broader notion of being information lawyers whose interests extend beyond a public IP network. The end of the special place for Internet law, and its absorption into media law, has been prematurely announced. It is not only the European institutions that are becoming excited about more Internet regulation, driven in part by self-preservation and the rise of disinformation (‘fake news’ – sic). Reed and others question how we regulate AIFootnote ¹⁰⁹ and dominance of the ‘surveillance-industrial’ state in these post-Snowden/Schrems/GDPR times, pushing digital law into even constitutional studies.Footnote ¹¹⁰ These are exciting times to be an information lawyer.

To put a damp squib on too much recurrent techno-optimism or cynicism, I argue that most arguments for regulating the Internet and cyber-technologies today remain old wine in new bottles.Footnote ¹¹¹ The United Kingdom regulator Ofcom has called for more regulation, and potentially a new regulator, of the Internet.Footnote ¹¹² Most developed legal systems have lots of legal regulators of information, even if none of those is entirely shiny, new, and ‘cyber’. There is the UK Information Commissioner, Electoral Commission, Ofcom itself, the Advertising Standards Authority, and others. There are technical support institutions such as National Cyber Security Centre,Footnote ¹¹³ and a variety of non-governmental organizations such as the Nuffield Foundation-supported Ada Lovelace Foundation, the Turing Institute, and venerable Foundation for Information Policy Research.Footnote ¹¹⁴ In constructing what I call ‘OffData’, a regulator of electronic communications and content,Footnote ¹¹⁵ we need to learn the lessons of previous regulatory mergers both inside (OfCom) and outside (OfGem) communications. We need to recall what is known about sectoral regulation. UK Ofcom was set up almost twenty years ago as a result of technological convergence between broadcasting and telephony,Footnote ¹¹⁶ but deliberately constructed not to regulate Internet content. It is now required to so do. This is not a moment for unique solution peddling or an ahistorical view of the need to extend competences beyond a privacy, a security, a sectoral competition, and a communications regulator.

While information law is maturing, and the old Internet law/cyberlaw nomenclature may be fading, what we do as lawyers dealing with computers and their impact on society is growing more important. Some of the new ideas about regulating the Internet and artificial intelligence (AI) betray a naive faith in technology companies’ intentions towards law enforcement. It is now the job of grizzled, veteran information lawyers to help policy makers understand how to make better laws for cyberspace.Footnote ¹¹⁷ Hildebrandt explains the scale and scope that can create disinformation problems in social media platforms:

Some of the claims that AI can ‘solve’ the problem of disinformation (‘fake news’) do just that. Limiting the automated execution of decisions (e.g. account suspension) on AI-discovered problems is essential in ensuring human agency and natural justice: the right to appeal. That does not prevent Internet platform operators’ suspension of ‘bot’ accounts at scale, but ensures the correct auditing of the system processes deployed.Footnote ¹¹⁹

Technological solutions to detect and remove illegal/undesirable content have become more effective, but they also raise questions about who is ‘judge’ in determining what is legal/illegal, desirable/undesirable in society. Underlying AI use is a difficult choice between different elements of law and technology, public and private solutions, with trade-offs between judicial decision making, scalability, and impact on users’ freedom of expression. Public and private actors have suggested that AI could play a larger role in future identification of problematic content – but these systems have their own prejudices and biases. It is worth restating that neither law nor technology is neutral: they both embody the values and priorities of those who have designed them (‘garbage in, garbage out’).

Does the use of AI that employs algorithmic processes to identify ‘undesirable’ content and nudge it out of consumers’ view, provide a means for effective self-regulation by platforms? The UK Parliament Artificial Intelligence Committee reported on some of these issues in 2017.Footnote ¹²⁰ There are an enormous number of false positives in taking material down. It is very difficult for AI to tell the difference between a picture of fried chicken and a Labradoodle, simply because of the nature of the attempts by algorithms to match these things.Footnote ¹²¹ It will need human intervention to analyse these false positives. AI can be deployed, but Google and Facebook are employing 50,000 more people because they recognize that there will have to be a mixture in order to achieve any kind of aim.Footnote ¹²² Artificial intelligence and algorithms cannot be the only way to regulate content in future.Footnote ¹²³

‘Mechanical Turks’ are people employed – subcontracted, typically – to carry out these activities,Footnote ¹²⁴ in parts of the world where their own cultural understanding of the content they are dealing with may not be ideal.Footnote ¹²⁵ One of the problems is that they are responding to a perceived need to remove more content, rather than addressing fair process and due process. Subcontracting to people on very low wages in locations other than Europe is a great deal cheaper than employing a lawyer to work out whether there should be an appeal to put content back online. The incentive structure will be for platforms to demonstrate how much content they have removed.

Transparency and explanation are necessary, but remain a small first step towards greater co-regulation.Footnote ¹²⁶ Veale et al. have explained how to move beyond transparency and explicability to replicability: to be able to run the result and produce the answer that matches the answer they have.Footnote ¹²⁷ The greater the transparency, the greater the amount of information you give to those users who do not read the terms of service online: the degree to which that helps is limited. Prosumers are told: ‘If you do not agree to the effectively unilateral terms of service you may no longer use Facebook.’ A better approach would be the ability to replicate the result achieved by the company producing the algorithm. Algorithms change all the time, and the algorithm for Google search, for instance, is changed constantly. There are good reasons to keep that as a trade secret. Replicability would be the ability to look at the algorithm in use at the time and, as an audit function, run it back through the data to produce the same result. It is used in medical trials as a basic principle of scientific inquiry. It would help to have more faith in what is otherwise a black box that prosumers and regulators have to trust. The European Commission has used the overarching phrase ‘a fair deal for consumers’.Footnote ¹²⁸

Platform regulation is a new version of an existing regulated problem, with potentially dramatic negative effects on democracy and media pluralism.Footnote ¹²⁹ In tackling disinformation (and other undesirable uses of online communication, as the history of electoral and defamation reform shows), not only the effectiveness of the technological measures needs to be considered, but also raising awareness of the individual and social responsibility for the provision and appreciation of verifiable truthful content, by independent platforms rather than a single central authority. Media pluralism and literacy go hand in hand with any technological intervention.

I predict that 2020 will see the implementation of hard law requiring ‘notice and action’ within one hour of complaints about illegal content online.Footnote ¹³⁰ The vigorous action on social network regulation has not happened, in spite of urging from national and European politicians in view of terrorist content, sexual abuse, fake news, and the other vile elements of human society manifested on the Internet. European regulators continue to rely more on corporate social (ir)responsibility than hard law. The European Commission record fine for Google is being appealed, but it will have to accept some kind of co-regulation of its vertically integrated advertising in time.

I explained in the Introduction to this chapter that Werbach’s Digital Tornado, along with Reidenberg’s conception of lex informatica, heralded a model of limited state but very substantial responsible collective self-regulation. Hard law, in the shape of the proposed European Digital Services Act to be introduced in 2020, will continue in the 2020s to be accompanied by Codes of Conduct and other self- or co-regulatory measures. At the time of writing, the world was plunging into a deep economic and social depression due to the pandemic, with broadband connectivity and Internet platforms ever more vital. Even as legislatures introduce hard law to combat their particular favourite online harm, continued emphasis will focus on giant platforms’ self-regulatory practices. Cyberlaw has become mainstream in the most dramatic manner imaginable.

Introduction

This chapter, adapted from a forthcoming book on the evolution of legal institutions in the networked information society, situates the disruptive effects of networked digital technologies within a longer process of institutional change catalyzed by the gradual emergence of an informationalized global political economy. Over the last half century, institutions for transnational economic governance have multiplied. The landscape of world trade agreements and enforcement processes has grown increasingly complex. New structures for transnational regulation of economic activity have emerged that seem to operate according to their own rules in ways influenced by states but not controlled by them. Other new institutions, created to govern the Internet and its constituent protocols and processes, do not operate based on state representation at all. This chapter juxtaposes the various governance processes and treats them explicitly as iterations of a new – or, more precisely, emergent – networked legal-institutional form.Footnote ¹ It also considers the relationship(s) between that institutional form and new platform entities that wield enormous de facto power – though not (yet) formally acknowledged sovereign authority – based on their control of infrastructures and protocols for networked, social communication.

Although networked governance institutions differ from one another in many ways, they share a common structure: They are organized as networks constituted around standards. Each of the scholarly literatures that has grown up around the various institutions described in this chapter has grasped some essential aspects of the network-and-standard dynamic but not that of others. Legal scholars who study transnational business regulation have interrogated the political legitimacy of networked governance processes, and they also have explored the political issues surrounding the development of international technical standards. Even so, they have paid less attention to the ways that standards bind networks together, and so the two conversations do not fully join up.Footnote ²

Legal scholars who study “code as law” have explored how technical standards structure the markets organized around them, and they also have raised persistent, serious concerns about the relationships between and among automated enforcement, lock-step conformity, and authoritarian modes of governance. They have tended, however, to situate standards processes within market-based governance frameworks and to understand code’s mandatory nature as illustrating how code differs from law. Consequently, they have not taken network-and-standard-based governance seriously as a new legal-institutional type.Footnote ³ And, for the most part, the different scholarly communities have not engaged in much dialogue with one another.

To posit networked governance institutions as an emergent category of legal institutions is, of course, to beg some basic questions about what makes an institution distinctively legal. One traditional set of answers has to do with the ways that the outcomes produced by such institutions are linked to rulemaking and enforcement authority. Another traditional set of answers is more explicitly normative: what makes an institution distinctively legal is its adherence to regular procedural rules and associated rule-of-law values. Communities are accountable only to themselves and markets may mete out consequences that seem arbitrary. According to a thick conception of what makes a legal institution, law’s authoritarian bite is (or should be) mitigated by procedural fairness and conformance with principles of public reason.Footnote ⁴

As we are about to see, network-and-standard-based governance institutions satisfy each of these definitions in some respects while challenging them in others. For some, that means they are not law at all, but I think that answer is too pat. The shift to a networked and standard-based governance structure poses important challenges both to the realizability of rule-of-law values and to traditional conceptions of the institutional forms that those values require, but the rule-of-law constructs that legal theorists traditionally have articulated are themselves artefactual – outgrowths of the era of text-based communication and of accompanying assumptions about the feasible mechanisms for formulation, justification, and transmission of claims of authority that are now rapidly being outpaced by sociotechnical change.Footnote ⁵ If the new governance institutions are to serve the overarching values that traditionally have informed thicker versions of rule-of-law thinking, both institutions and constructs will need to adapt. Here, I lay some groundwork for that project.

The first part of the chapter provides an overview of the rich and varied assortment of transnational, networked governance arrangements. The next part identifies five important features of the network-and-standard-based legal-institutional form that challenge traditional understandings of how legal institutions – institutions constrained by the rule of law – ought to operate. The final part of the chapter provides a brief introduction to information platforms and the functions they perform and considers whether platforms are best understood as stakeholders or as emergent information-era sovereigns.

Networks and Standards in Transnational Governance

The processes of world trade regulation, transnational business regulation, and Internet governance span many different subject areas and involve many different participants and interests. The institutions through which those forms of regulation are conducted also vary considerably from one another in terms of their rules for membership and participation. Some assign membership and participation rights to nation states while others operate differently, and some are more highly formalized than others. Even so, juxtaposing the various institutions and processes also reveals equally important ways in which they resemble one another: They are organized as networks, the networks are constituted around standards designed to facilitate and structure flows of economic and communicative activity, and the formulation and administration of those standards reflect the increasing influence of private economic power.

The global logics of production and extraction that have become characteristic of informational capitalism rely heavily on governance arrangements for facilitating crossborder flows of trade. Norms of liberalization do not simply relate to manufactured goods or even to crossborder flows of raw materials and intermediate inputs to more complex products. Following the important Uruguay Round of negotiations, which produced the World Trade Organization (WTO), the General Agreement on Trade in Services (GATS) and the protocol on Trade-Related Aspects of Intellectual Property Rights (TRIPS), liberalization imperatives relating to services, information, and intellectual goods have emerged as separate, powerful logics driving the articulation and expansion of trade obligations.Footnote ⁶ The Uruguay Round also produced two important agreements on international technical standardization that have generated increasing momentum toward scientific (and quasi-scientific) rationalization of liberalization rules.Footnote ⁷

For many decades, the multilateral regime organized around the framework established under the General Agreement on Tariffs and Trade was the principal source of trade liberalization standards, but a series of rapid and pronounced shifts in the institutional structure of world trade governance began to occur in the mid-1990s. As noted earlier, the Uruguay Round produced several new multilateral instruments and a powerful new enforcement body, the WTO, which began operations in 1995. Following the Uruguay Round, however, the process of reaching new agreements under the established multilateral framework has ground to a halt, and trade negotiators have shifted their efforts toward framing and securing new bilateral free trade agreements. The thickening network of bilateral agreements has in turn shaped proposals for new multilateral and regional instruments.Footnote ⁸ Although the initial impetus for the turn toward bilateral and multilateral agreements negotiated outside the WTO framework came from the United States and other developed economies, the so-called Washington Consensus on trade liberalization has begun to fragment and other significant initiatives have emerged. For example, the Regional Coalition for Economic Participation (RCEP) has launched an effort to negotiate a new, pan-Asian trade protocol.

In parallel with the changes in institutional structure, the landscape of world trade governance and world trade activism also has broadened to include a more heterogeneous assortment of actors and interests. In particular, transnational corporations and business associations wield increasing de facto power in setting trade policy priorities. In part, that power flows through traditional channels of influence; powerful economic actors have long enjoyed privileged access to national policymakers and have learned to exploit that access to demand stronger and more effective protection for their global supply chains.Footnote ⁹ But global logics of production and extraction also translate into new networked models of influence that flow outside state-sanctioned channels, and assertions of corporate interest also have prompted experimentation with new forms of dispute resolution that allow corporations to assert claims directly against states.Footnote ¹⁰ Meanwhile, exploiting the same networked connectivity that has facilitated global concentrations of economic power, civil society groups have worked to challenge asserted failures of transparency and accountability, building alliances with one another and coordinating their efforts for maximum effect.Footnote ¹¹

The landscape of transnational economic governance also includes a large and varied group of regulatory arrangements, some well-established and others more emergent, that extend through and around the boundaries of nation states. Some arrangements originate with the United Nations (UN) or its member agencies. Others are cooperative ventures among national regulators or among other entities that play well-established quasi-regulatory roles. For example, financial regulators and central bankers engage in extensive, cooperative crossborder governance of financial market activities, and data protection regulators work collaboratively on various policy issues.Footnote ¹² Other regulatory arrangements involve UN officials or national regulators in collaboration with private industry oversight bodies and trade associations.

As in the case of world trade, pervasive and crosscutting themes in both the theory and the practice of transnational regulation are the increasing importance of standard-setting activities and the growing power of private “stakeholders.”Footnote ¹³ The universe of standard-making activities is large and diverse and comprises a thickening network of “soft law” that structures and coordinates economic conduct. Many of the UN’s standard-making initiatives are structured as public–private collaborations.Footnote ¹⁴ Additionally, in 1996, the UN adopted a consultative process intended to give civil society organizations and other nongovernmental organizations (NGOs) a formal avenue for providing input into its policymaking processes. Business NGOs have been especially active users of that process.Footnote ¹⁵ Transnational corporations engage in standard making to facilitate their own operations and those of their global supply chains, and industry associations may work to coordinate those activities.Footnote ¹⁶ In the domain of financial governance, private transnational associations spanning fields from securities to insurance to accounting perform a wide variety of governance functions.Footnote ¹⁷

Also notably, the outputs of both private and public–private standard-making processes have begun to migrate into the domain of world trade. In particular, new bilateral and multilateral trade agreements covering labor, environmental regulation, and corporate social responsibility often refer to such standards.Footnote ¹⁸ As a result, standard-making activities constitute a new and fruitful avenue for private economic actors wanting to shape the formulation of trade provisions intended to delineate the appropriate reach of domestic protective mandates.

A final important site of transnational legal-institutional entrepreneurship is the Internet and its constituent protocols and processes. The most prominent governance arrangements for the Internet are formally non-state-based and multistakeholder-oriented. The Internet Engineering Task Force (IETF), a voluntary membership organization of computer technologists, oversees the continuing evolution of the Internet’s foundational standards for information transmission, and the Internet Corporation for Assigned Names and Numbers (ICANN), a not-for-profit transnational governance corporation chartered under California law, oversees governance of the domain name system. An assortment of other organizations – some formally multilateral and some private – also play important roles, however. For example, the International Telecommunications Union, a UN-affiliated body, superintends standards for wireless telephony, and the Institute of Electrical and Electronic Engineers, a technical professional organization, coordinates the evolution of standards for wireless interconnection. The databases that map human-readable domain names to network addresses are maintained by a small group of entities – including universities, research consortia, government entities, and a few private corporations – pursuant to contracts with the Internet Assigned Numbers Authority, an entity for many years overseen by the US Department of Commerce and now administered by an affiliate of ICANN.Footnote ¹⁹

Technical standard making is front and center in Internet governance, but Internet governance arrangements also play more substantive and comprehensive roles in the governance of global networked communications, and do so via increasingly elaborate institutional structures.Footnote ²⁰ Under pressure from a diverse mix of global stakeholders, ICANN has developed regularized pathways for participation, including formal consultative procedures for national governments and civil society organizations.Footnote ²¹ At its inception, the IETF was a self-selected community of volunteers that rejected “kings, presidents, and voting” in favor of “rough consensus and running code.”Footnote ²² Today, although membership remains voluntary and policy-making consensus-based, it comprises two principal divisions made up of over one hundred working groups, overseen by two steering groups and advised by two different boards. Working groups follow elaborate protocols for documenting their activities, communicating with other groups, and reporting to the steering groups and advisory boards. There is a process (so far, never used) for administrative appeals. At the same time, as in the cases of trade and transnational economic regulation, private economic power also plays a highly visible role in Internet governance. Private technology firms are well-represented in myriad working groups and steering committees, and as the Internet’s constitutive liberalization norms have been filtered through the lens of multistakeholder-based institutional design, they have produced institutional responses optimized to the needs of the most active and well-resourced stakeholders.Footnote ²³

Networks, Standards, and the Rule of Law: Five Problematics

A network is a mode of organization in which hubs and nodes structure the flows of transactions and interactions. Some commentators have characterized structures for networked participation and governance as radically democratizing, while others have worried that the absence of definite chains of command undermines democratic accountability.Footnote ²⁴ Important recent books about power and global political economy by David Singh Grewal and Manuel Castells explore the importance of networked organization for political economy generally, articulating new theoretical models of networked social, political, and communication power.Footnote ²⁵ Network-and-standard-based governance arrangements, however, are not simply networks; they are also institutions.Footnote ²⁶ This section seeks to identify with greater precision the various points of mismatch between the rule-of-law tradition in legal theory and the operation of the network-and-standard-based legal-institutional form. It begins by reconsidering two points of conventional wisdom about network organization and its relationship to legal power.

First, the assertion that network organization is inherently more democratic than other forms of organization because it facilitates the expression and circulation of dissenting views is open to serious question. It is true that, because network organization is nonhierarchical, even an enormously powerful hub cannot prevent information from flowing around it through other nodes.Footnote ²⁷ Within networked governance arrangements, however, the ability to navigate interruptions works most reliably to the benefit of the powerful. The same networked affordances that enable the dissident to evade the censor also enable economically or politically dominant parties to circumvent inconvenient negotiating stalemates and avoid inconvenient but localized regulatory burdens. Within networked governance arrangements, power interprets regulatory resistance as damage and routes around it.

Second, the observation that network organization is nonhierarchical can be somewhat misleading. From an internal perspective, network organization around a standard imposes a form of hierarchical ordering that inheres in the standard itself. If other networks organized around other standards are available that may not matter much. But a standard invested with legal significance is not just a standard because participants lack the authority to depart from it. So too with a standard, such as the basic Internet protocol, that exacts universal adherence as a practical matter. Network organization under conditions of legally or practically mandated standardization may be quite exacting as to the forms of compliance, and it also may afford new opportunities for the exercise of economic and political power. From the perspective of traditional legal theory, this point is easy to miss because legal theory traditionally has drawn a distinction between rules and standards that drives in the opposite direction. Within that scholarly tradition, “rules” are granular and demand precise compliance, while “standards” are more flexible and are fleshed out via norms and interpretative conventions.Footnote ²⁸ Network organization under conditions of legally or practically mandated standardization is a different creature entirely.

The powerful critiques of transnational governance arrangements that have emerged within legal scholarship still have not fully assimilated the hybridity of the network-and-standard-based legal-institutional form. Both the ability of power to route around inconvenient regulatory resistance and the relocation of authority into the standard strain traditional accounts of law, reliably eliciting institutional features that seem very different from those that a system of the rule of law would require. The same developments also strain conventional understandings of standards and standardization, reliably foreclosing the kinds of pathway that facilitate competition, correction, and stabilization in the contexts where standards are more usually studied. It has become vitally important to understand the ways that the intersecting vectors of governance, law, and standardization are transforming one another. This section identifies five important directions for inquiry, which relate to the nature of standard-making authority, the available pathways for contesting and changing the reigning standard, the available pathways for coopting governance mechanisms to advance authoritarian political and geopolitical interests, the mechanisms for political accountability, and the vernaculars in which mandatory standards are articulated, applied, and contested.

Platforms as Emergent Transnational Sovereigns?

So far, the discussion has presumed that, within networked governance arrangements, nonstate entities act as stakeholders but only sovereign states function as policy hubs. But that implicit division of roles ignores both the leveling effects of network logics and the amenability of standards to disintermediation. Commentators have long puzzled over the undeniable fact that, although they are nominally stakeholders in transnational networked governance processes, transnational corporations speak with increasingly independent voices in their relationships with sovereign states and also wield considerable governance authority of their own over globally distributed labor and supply chains.Footnote ⁶³ Dominant global platform firms – firms that have attained positions as dominant intermediaries within the emerging global, networked information and communications infrastructure – push both tendencies to new extremes.

Over the last several decades, the platform has emerged as the core organizational logic of the political economy of informationalism. In other work, I have explored the intertwined functions that platforms provide – intermediation between would-be counterparties and techniques for rendering users legible – and explained how those functions afford unprecedented control of commercial and social interaction.Footnote ⁶⁴ From an economic perspective, platforms represent infrastructure-based strategies for introducing friction into networks. Platforms provide services that participants view as desirable and empowering, thereby generating and enabling participants to leverage network externalities. At the same time, they use a combination of legal boilerplate and technical protections to assert ownership and control of user data, to police access by app developers and potential competitors, and to maintain their algorithms for search, user profiling, and ad targeting as valuable trade secrets. Those strategies work to pull users closer and keep would-be competitors further away, generating the rich-get-richer dynamics that have produced dominant platforms and continually reinforce their preeminence.

As a result of their enormous and growing power over the conditions of information exchange, platforms are unmatched by other transnational corporations in the extent of the authority they wield over the day-to-day experiences and activities of their users. Here again, the distinctions developed by Manuel Castells in his exploration of communication power in the networked digital era are useful for explicating the various kinds of power that platforms possess. By virtue of their privileged and infrastructural access to flows of information, platforms wield both network power – which, as we have seen, inheres in the self-reinforcing power of a dominant network and by extension in its standards – and network-making power – or the power to constitute the network and perhaps to reconstitute it along different lines by altering the conditions for interconnection.Footnote ⁶⁵

From the traditional international relations perspective, it makes no sense to speak of platforms or any other private corporations as sovereigns. Within the Westphalian international legal order, a sovereign state is, most minimally, an entity with a defined territory and a permanent population, the authority to govern its territory, and the capacity to enter into relations with other states.Footnote ⁶⁶ Platform firms own premises within the territories of nation states and provide services to citizens of those states. Unlike state sovereigns, they lack authority to use physical force to assert the primacy of their laws or defend the sanctity of their borders.

Yet the growing practical sovereignty of platforms over many aspects of their users’ everyday lives blurs the boundaries that the traditional criteria impose. The network power and the network-making power of platforms are rooted in the very considerations of territory, population, and enforcement authority that platforms supposedly lack. Both technically and experientially, platform territories are clearly demarcated spaces.Footnote ⁶⁷ Google and Facebook also operate substantial privatized Internet “backbone” infrastructures – the interconnection facilities that link different pieces of the Internet together.Footnote ⁶⁸ Dominant platforms such as Facebook, Google, and Apple have user populations that number in the billions, vastly eclipsing the populations of all but the largest nation states.Footnote ⁶⁹ The logic of platform membership is a network logic that relies on lock-in, and it persistently undercuts the strategies of exit and voice through which users police more ordinary commercial relationships. The benefits of membership accrue most visibly and predictably to users who maintain permanent and consistent membership. In part for that reason and in part because of the way that platform protocols mediate access to platform territories, the enforcement authority of platforms is real and immediate. Platform protocols structure the forms and flows of permitted conduct – e.g., sponsored search results, Facebook “likes” and “tags,” Twitter retweets – and enable swift imposition of internal sanctions that may range from content removal to account suspension or cancellation.Footnote ⁷⁰

Sovereign authority also must be recognized as such by other sovereigns, and here the picture is muddier. On one hand, the dominant US platform firms actively and theatrically resist both incursions by nation states on their governance authority and various kinds of national and local regulation. On the other, platform firms have at times pursued more collaborative relationships with governments on both matters of national security and law enforcement and matters of technology policy more generally.Footnote ⁷¹ As noted earlier, Chinese platform firms have more systematically collaborated with government authorities both at home and abroad. On the global stage, platforms firms increasingly practice both diplomacy and transnational networked policymaking in the manner of sovereign actors. Facebook’s privacy team travels the world meeting with government officials to determine how best to satisfy their concerns while continuing to advance Facebook’s own interests, much as a secretary of state and his or her staff might do.Footnote ⁷² Speaking at a recent network security conference, Microsoft’s president sketched a vision of a future in which platform firms function as “a trusted and neutral digital Switzerland,” safeguarding private communications against all types of sovereign incursion.Footnote ⁷³

In short, networked legal-institutional form allows for the possibility of nonstate but functionally sovereign power, and platforms represent an (arguable and emergent) example of such power. Concentrated stakeholder control of the networked communications infrastructure can produce and perhaps is beginning to produce an inversion of law- and policymaking authority, through which certain very powerful platform stakeholders become policy hubs in their own right. Theories of international relations that deny the possibility of private sovereignty are ill-equipped to respond to that possibility. Reconceptualizing transnational governance in a way that accounts for the network-making power of dominant platforms has become an increasingly important project.

Conclusion

Taking networks and standards seriously as organizing principles for a new legal-institutional form provides a helpful framework for understanding various features of transnational governance arrangements that have perplexed scholars across a number of disciplines. If what such institutions do is not “just” governance – if they represent an emergent form of law for the informational economy, and an increasingly important one – the disconnects between network-and-standard-based governance and rule-of-law ideals point to the beginning of an important institutional design project directed toward rendering them more accountable to global networked publics. That project also must contend with the growing practical sovereignty of platforms and with the challenges such sovereignty poses for the practical realization of rule-of-law aspirations within networked information environments.

Introduction

What drives the “digital tornado,” to use the evocative phrase coined by Kevin Werbach to describe the fierce, concentrated winds of technological change? One school of thought, neo-libertarian at its core, sees it as an entirely private process, driven by brave scientists, risk-taking entrepreneurs, and the capital markets. If government is relevant, it is merely through the guarantee of property rights and contract; otherwise it does best by staying out of the way.

But what if powerful firms seek to slow down, modulate, or co-opt the winds of change? The view just described takes this as an inherently hopeless task, for it is axiomatic that the rate of technological change is always accelerating, so that any firm or institution dependent on a given technology is therefore automatically doomed to a rapid obsolescence. Even well-meaning laws designed to catalyze innovation, at best, merely risk interfering with a natural progression toward a better technological future, hindering “the march of civilization.” As the general counsel of Standard Oil once put it, government cannot control the aggregation of private power: “You might as well endeavor to stay the formation of the clouds, the falling of the rains, or the flowing of the streams.”Footnote ¹

This view, which was widely held in the early 2000s through the 2010s, has great relevance for the antitrust law, the subject of this chapter, and particularly, the parts of the law concerned with monopolization. For if we can indeed assume that the rate of technological innovation is always accelerating, it follows that there can be no such thing as lasting market power, the concern of the law. The dominant firm, necessarily dependent on an older technology, will be quickly surpassed and replaced by a new firm. In its strongest version, it suggests that the antimonopoly portions of the antitrust law are obsolete.

Over the 1980s through 2010s, a series of powerful anecdotes supported this narrative, so much so that it became a broadly accepted wisdom. After all, IBM, in the 1970s and 1980s, once thought lord of everything, was bested by a college dropout named Bill Gates and a few of his buddies. Microsoft, in turn, was ravaged by a series of garage startups with goofy names like Yahoo!, Google, and Facebook. AOL rose and then fell like a rocket that fails to achieve orbit, as did other firms, such as MySpace, Netscape, and so on. The chaos and rapid change made it obvious to many that there could be no such thing as a lasting monopoly. A three-year old firm was middle-aged already; a five-year old firm almost certainly near death, for “barriers to entry” were a twentieth-century concept. The best, indeed the only thing the antitrust law should do is to stand well back and watch.

But what if the supposed new order itself were itself just a phase? What if the assumption of constant accelerating technological change is wrong – or a function of market structure? As these questions may suggest, this chapter joins the challenge to the narrative described. I say join because it is a larger conversation, not to be settled with one single chapter. The contribution of this chapter is to examine a foundational part of the narrative – the erosion of IBM’s dominance in the 1970s and the case of United States v. IBM.

Why focus on IBM? The decline of IBM’s dominance over the 1980s has long been a foundational part of the story that we described in the introduction, one that casts the “new economy” as an exception to the usual rules of industrial organization. As the story goes, IBM, bested by Microsoft, Compaq, Dell, Intel, and other competitors, serves as strong proof that lasting monopoly in unachievable in high-tech industries. Even the mighty IBM could not hold out, given the inevitable challenge from new inventions and innovators.

Unfortunately, that account tends to overlook the fact that IBM was not subject only to the forces of technological change, but also faced significant legal challenges, targeted directly at the exercise of monopoly power. This chapter suggests, with the benefit of decades of hindsight, that subjecting IBM to an antitrust lawsuit and trial actually catalyzed numerous transformational developments key to the growth and innovation in the computing industries. The undeniable fact is that the “policeman at the elbow” can and does change conduct. The IBM case put a policeman at the elbow of the world’s dominant computer firm during a crucial period of change and development in the technology industries. This, I suggest, aided an ongoing process of transformational or Schumpeterian innovation.Footnote ² Contrary to conventional wisdom, I also think that United States v. IBM is a valuable guide to enforcement policy in the technology-centered industries. This chapter, in short, is a revisionist history of the IBM case, one that casts serious doubt on the narrative of law’s irrelevance in aiding technological change.

The goal is not just to give the IBM case its due among those who study law and technology, but also to rehabilitate its reputation within antitrust law, where, it is given, conventional wisdom has not been kind. United States v. IBM has been cast as among antitrust’s lowest moments, and among the Justice Department’s greatest mistakes. Robert Bork memorably dubbed the litigation “Antitrust’s Vietnam”; Joseph Lopatka termed it a “monument to arrogance”; while an appellate judge quipped that it “went on longer than World War II and probably cost as much.”Footnote ³ Lasting from 1969 through 1982, the case included a six-year trial; the government’s presentation took 104,000 pages of transcript, while for its part, IBM called 856 witnesses and cited 12,280 exhibits. Yet after years of trial, the Justice Department withdrew the case in 1982, without settlement or judicial remedy. The failure of the case to reach a verdict added ammunition to a Reagan-era movement against antitrust’s “big case” tradition.Footnote ⁴ This has yielded, for many, one lasting “lesson” from IBM: that “big antitrust” – the industry-clearing Section 2 cases – should be used sparingly, at best, given the costs and potential for failure.

This chapter challenges the conventional wisdom and suggests that the IBM lawsuit and trial, despite never reaching a verdict, actually catalyzed numerous transformational developments key to the growth and innovation of the computing industries.

I do not seek to defend everything about the IBM trial. It is admittedly difficult, if not impossible, to defend the manner in which the Justice Department and court managed the litigation and allowed it to last so long. It is also true, as the critics have charged, that the government could have had a clearer theory from the outset. However, in spite of the lack of a remedy, the historic materials made available since the litigation have made it clear that the antitrust case did substantially change IBM’s behavior in specific ways. Perhaps the most important was the case’s role in pushing IBM to unbundle its software offerings from its hardware, and therefore to leave room for the birth of an independent software industry. While the effects are less direct, the case seems to have also influenced the manner of IBM’s PC launch and its conduct thereafter. These developments appear to have at least contributed to the thriving of an independent computer software industry, and later, to a new market for competing, IBM-compatible personal computers, as well as a slew of related, independent industries in storage, processing, printing, modems, and otherwise. During this period, IBM’s avoidance of exclusive contracts and its failure to acquire or seek control of obvious targets (like Microsoft itself) all suggest a firm with “antitrust phobia,” and thereby one that allowed competition to flourish.

Of course, there were a great number of other factors in the late 1970s affecting the software and hardware industries, and there is no claim here that the IBM antitrust litigation drove everything that happened during this era. However, many of the existing narratives are too quick to assume that the developments were “inevitable,” or, alternatively, all the byproduct of the particular genius of Bill Gates, a favorite thesis of the Microsoft-centered books. As discussed earlier, it is well understood by legal scholars that both firms and individuals may behave differently when enforcement is more likely, especially “with a policeman at the elbow.”Footnote ⁵ The operating theory of this chapter is that a pending monopolization case, which focuses on exclusionary and anticompetitive acts and scrutinizes efforts to dominate new industries, may affect firm conduct in recognizable ways. And the thesis is that the policeman standing at the elbow of the dominant computing firms during the 1970s and early 1980s had an important impact on the development of the software and personal computing industries.

This reexamination of IBM also has important implications for antitrust enforcement policy, for an enforcer interested in “big cases” in the tech industries filed under Section 2 of the Sherman Act. To say that antitrust has, in the late 2010s, regained relevance is to state the obvious. For since the turn of the millennium, when it seemed that market power was indeed always going to be fleeting, the tech industries have consolidated into a much smaller number of “big tech” firms. The question, therefore, of when to bring a big tech case and against whom has returned to first-order importance.

This chapter suggests three things. First, that government lawyers should look for situations where it appears that a single firm is sitting as gatekeeper on what might, plausibly, be several innovative industries, and where breakups or lesser remedies might therefore unleash substantial growth. Specifically, beyond the usual search for monopoly power and anticompetitive practices, enforcers should be looking for “bundled” or “tied” markets that have the potential to be those nascent industries. The presence of stunted cottage industries might suggest an underlying potential. Second, the IBM case suggests the importance of a credible threat – that is, an investigation that seeks dissolution or other important remedies – so as to induce actual changes in conduct and deter anticompetitive behavior. Finally, the IBM case cautions enforcers to be concerned, but not overly concerned with the costs of investigation and trial, which are multimillion dollars questions, when there are billions and possibly trillions at stake.

Background: The Company and the Market

The predecessor firm to International Business Machines was founded in 1911, as a manufacturer of machines for tabulating and data processing. By the 1960s, IBM had become a dominant manufacturer of general purpose, or “mainframe” computers designed to be used by corporations, government agencies, and other large institutions. “Big Blue” was, by then, the largest computer manufacturer in the world. By 1971, IBM had grown to 258,662 employees and $7.2 billion in annual revenues, and its IBM System/360 was the nation’s, indeed the world’s, most successful computer line.Footnote ⁶ It was a proud company, and its anthem went as follows:

During the 1960s, the “mainframe” was the dominant computer design – one large computer, covered with blinking lights, designed to handle the most challenging tasks, or to serve many users at once. There was no such thing as a personal computer: At that point the cheapest computers sold by IBM cost over $100,000, and the more expensive units were priced in the millions.

IBM’s design philosophy was characteristic of the era of its greatest success – it embodied the system design thinking of the 1950s and 1960s, which favored centralized, fully integrated designs, of which AT&T “Bell System” was the exemplar.Footnote ⁷ Hence, IBM’s mainframe computers integrated, or bundled, all hardware, software and peripherals in one package. Of particular interest to us, software was not made available for sale or lease as an independent product: It was a service provided to buyers of IBM hardware.

IBM was not without competitors. The mainframe market was lucrative, and by the mid-1960s, IBM faced competition from seven smaller firms (the “seven dwarfs”), with their own mainframes, such as Burroughs, Univac, NCR, CDC, GE, RCA, and Honeywell. Firms like Univac typically targeted the lower end of the mainframe market, and attempted to win consumers with lower prices. In the early parts of mainframe history, all of the computers offered for sale were incompatible: That is, a firm usually bought all of its computers and peripheries from either IBM or Univac, for the computers were incapable of working together. Later, some firms began to offer peripheral hardware, like disk drives, designed to be “plug-compatible” with IBM’s System/360 mainframes, which meant one could plug the peripherals into IBM’s machines. Finally, other firms, like Control Data, focused on superior performance, and in particular, the supercomputer market, crafting computers faster (and even more expensive) than IBM’s offerings.

The Case

Over the 1960s, there were long-standing complaints that IBM was maintaining its mainframe monopoly and scaring people away from supercomputers using anticompetitive, predatory, and unethical practices. IBM and its management had faced antitrust complaints before: Tom Watson Sr., IBM’s longtime CEO, was convicted of criminal violations of antitrust back in 1913 (when he worked for NCR), and actually sentenced to prison.Footnote ⁸ What’s more, in 1956, IBM entered into a consent decree with the Justice Department surrounding its leasing practices.Footnote ⁹

Matters came to a head when, in 1968, rival Control Data sued IBM in a private antitrust action, focusing on its predatory conduct in the supercomputer and mainframe markets.Footnote ¹⁰ In 1969, after a long investigation, the Justice Department filed its own suit, also charging IBM with monopoly maintenance in violation of Section 2 of the Sherman Act.Footnote ¹¹ According to the Justice Department, IBM had undertaken “exclusionary and predatory conduct” to maintain its dominant position in “general purpose digital computers.”Footnote ¹² That was a market, according to the government’s estimates, in which IBM took some 70 percent of annual revenue.

Most important for our purposes were the government’s allegations surrounding software.Footnote ¹³ IBM was accused of tying software to “related computer hardware equipment” for a single price in a manner that the Justice Department alleged to be anticompetitive. IBM, it was alleged, also gave away software for free for “the purpose or with the effect of . . . enabling IBM to maintain or increase its market share.”Footnote ¹⁴

Beyond the software practices, the government also accused IBM of predatory practices. In particular, it accused IBM of developing specific “fighting machines” designed not to make a profit but rather to intimidate would-be competitors. It also accused IBM of vaporware practices, that is, announcing “future production and marketing [of certain products] when it believed or had reason to believe that it was unlikely to be able to produce and market such products within the announced time frame.”

For these violations, the government sought divestiture – that is, a full breakup of IBM into constituent parts. In that sense, the case was a classic example of the “big case” tradition in antitrust, in the model of the Northern Securities or Standard Oil litigation, whose goal was to restructure the industry entirely.Footnote ¹⁵

After some six years of discovery, the case finally went to trial in 1975. The early stages of the trial were somewhat complicated by the fact that IBM was also defending the private antitrust lawsuit brought by Control Data, the manufacturer of supercomputers. At the beginning, Control Data actively cooperated with the Justice Department, and had accumulated a massive database of alleged predatory acts perpetrated by IBM and its salesmen over the 1960s. It was information from this file that the Justice Department hoped to deploy in its lawsuit. However, in 1973, Control Data settled with IBM, and agreed to hand over its file.Footnote ¹⁶ IBM immediately destroyed (in some accounts burned) the files, thereby setting back the Justice Department’s discovery.

During the trial, IBM put on a vigorous defense, and spent untold millions of 1970s’ dollars defending the case.Footnote ¹⁷ The judge, David Edelstein, permitted the calling of a seemingly unlimited number of witnesses, for indefinite periods of time. One government witness testified for more than six months. Other trial days consisted of reading of depositions into the record.Footnote ¹⁸ Many of these details were chronicled by legal writer Steven Brill, in a scathing piece that portrayed the entire trial as a complete fiasco, or, in his words, “a farce of such mindboggling proportions that any lawyer who now tries to find out about it … will be risking the same quicksand that devoured the lawyers involved in the case.”Footnote ¹⁹ The trial continued for an astonishing six years, until the Justice Department finally rested in 1981.Footnote ²⁰

But here we are interested less in the trial itself, and more in the effects of the litigation on IBM’s conduct and decision making. For during the lengthy trial and its aftermath, there is little dispute among business historians and journalists that IBM’s management was influenced by the very fact of being under investigation and being on trial. As Don Waldman writes, “the filing and prosecution of the antitrust case affected IBM’s business behavior for the next twenty years.”Footnote ²¹ Furthermore, as he writes, “lawyers gained control over even the most technical elements of IBM’s business.”Footnote ²² William Kovacic concurs: “DOJ’s law-suit exacted a high price from IBM. Along with the private lawsuits, the DOJ case caused IBM to elevate the role of lawyers in shaping commercial strategy and seems to have led the firm to pull its competitive punches.”Footnote ²³ Reporter Paul Carroll, in his insider account Big Blues, gave a detailed portrayal of the effects of efforts to avoid strengthening the antitrust case by producing evidence of market share or anticompetitive conduct: “Lawyers, who were developing a stranglehold on the business, decided what could be said at meetings. No one could talk about IBM’s market share, or if they did, they’d talk in meaningless terms, describing the market for word processors as though it included everything from the supercomputer on down to paper and pencils. Executives couldn’t do any competitive analysis. Developers weren’t allowed to buy a competitor’s machine; they were just supposed to know what was in it.”Footnote ²⁴

Critics have emphasized the sheer size of the case, which did last an astonishing thirteen years, at the end of which, the Reagan Administration simply dropped the case.Footnote ²⁵ Was it, then, all just a waste of resources? That’s no trip to the county courthouse, and no one can defend how the Justice Department managed the litigation, which became as bloated as a 1970s’ muscle car. On the other hand, consider the stakes: The computer and software industries were already bringing in billions in revenue and today are collectively worth trillions of dollars, encompassing many of the most valuable companies on earth. Small effects on this industry would and did have major long-term effects. Neither was the IBM case, as G. David Garson writes, “without its effects” for the early computing industry.Footnote ²⁶

Effects and Impact

It is one thing to suggest that the IBM trial may have caused IBM to behave more cautiously, evade obvious anticompetitive conduct, and generally avoid strengthening Justice’s case. Among other things, that may simply have weakened IBM as a competitor. But it seems more important to point out specific decisions and outcomes that seem to have been strongly influenced by the “antitrust phobia” resulting from being the subject of a Sherman Act case designed to break up the company. In this section I focus on three key moments: (1) IBM’s unbundling of software from hardware, (2) its entry into the microcomputer market, IBM PC, in partnership with Microsoft and others, and (3) its pattern of non-acquisitions in the aftermath of the PC’s success.

Lessons for Enforcers

Today, the concentration of the high-tech industries has become, one again, a matter of major public concern. That’s why the IBM case merits careful study by enforcers, for it was the first major tech antitrust case of the computing era, and a neglected member of the big three cases of the late twentieth century (IBM, AT&T, and Microsoft). Close study of the case offers guidance and insight into what might be the dynamic justifications for bringing a major antitrust lawsuit in the 2020s.

IBM was just one company. Yet, in retrospect, it was sitting atop what turned out to be an enormous number of important industries, from software through storage, processing and operating systems. The subsequent flourishing of the industries that were once in areas controlled, or potentially controlled, by IBM has unquestionably transformed the modern economy.

Given the complexity of any historical period, it is almost always impossible to claim that one factor – one leader, one case, one invention, or one critical decision – changed everything. However, it is not impossible to claim a contribution or a catalyst. And even if we don’t know what would have happened in the absence of antitrust – if, in fact, software might have been unbundled anyhow, or the PC might have developed more or less the same – there is good reason to believe that the pervasive evidence of antitrust phobia hastened the outcome.

If an enforcer wanted to duplicate the catalytic effects of the IBM case, what would he or she do? A close look at the history recommends that antitrust enforcers, particularly when thinking about big Section 2 cases, should spend time thinking about what industries or potential future markets and industries the dominant firm sits on top of or can potentially control the development of. The intuition is that there is a difference, say, between a shoe monopoly and monopoly on sidewalks, given that the latter might be an input into and entwined in so many other businesses. This suggests that antitrust enforcers should, when considering cases, begin by thinking about how many markets are influenced or dependent on the product or service.

A similar logic suggests prioritizing Sherman 2 cases where the problem isn’t just competition in the primary market, but where competition in adjacent markets looks to be compromised or threatened. The long cycles of industrial history suggest that what are at one point seen as adjacent or side industries can sometimes emerge to become of primary importance, as in the example of software and hardware. Hence, the manner of how something is sold can make a big difference. In particular, “bundling” or “tying” one product to another can stunt the development of an underlying industry. Even a tie that seems like “one product” at the time the case is litigated, as, for example, software and hardware were in the 1960s, or physical telephones and telephone lines, might contribute to such stunting. If successful, an antitrust prosecution that breaks the tie and opens a long-dominated market to competition may serve to have very significant long-term effects.

While all things are clearer in retrospect, the existence of a cottage or nascent industry might serve as a clue that, in fact, a vibrant industry might emerge from breaking the tie. If some firms manage to survive even in the presence of a tie, that suggests the possibility that there is far more potential there. In the example of the software industry, as we’ve suggested, the concept of prepackaged software existed, and a scattering of firms sold it and made a profit thereby. That pattern suggested plenty of room to grow, even if it would take many years for premade software to develop into the thriving industry it became.

A last lesson that might be gleaned from the IBM litigation is this: If the government wants to spur a change in conduct, it should seek maximum remedies in the cases it brings. In IBM, the Justice Department brought a complaint seeking dissolution – a full structural remedy. IBM’s concern about such a remedy had a major effect on its thinking and decision making, and seemed to yield the antitrust phobia that proved important over the 1970s. That suggests that the Justice Department cannot induce improved behavior without making credible threats of punishment at the outset of the case. In particular, there is a risk that a case that begins seeking a mere consent decree might not have any real effect on firm conduct.

A full discussion of what should go into case selection is beyond the scope of this or perhaps any article. But the final caveat or warning is this: While I think it is correct to suggest that the costs of litigation should not be fetishized – although the millions matter less when there are billions at stake – one thing that does matter are the effects on the company itself. IBM was, arguably, a reduced entity during the antitrust case (although it remained extremely profitable, and actually quadrupled its stock price). Knowing that the effect of litigation is to damage the firm, the enforcer needs to have some confidence that the damage will be salutary – that is, it will yield room for competitors to take the ball and run with it. While “do not harm” cannot be the mantra of antitrust enforcement, no one should seek outcomes that make things worse. And this is what makes timing all important, and suggests that enforcement policy will always be a matter requiring, above all, good judgment and a clear eye toward what one hopes to achieve.