By: David R. Johnson
Co-Director, Cyberspace Law Institute
The US Government has called for the development of private-sector “self-regulation” for the Internet. Its July 1, 1997 Framework for Global Electronic Commerce postulates that decentralized “bottom up” governance will help the net to grow and prosper. The European Commission, in contrast, has called for a “consistent legal framework”, presumably imposed by more governmental, top down regulation, to counter online chaos. Press reports regularly imply that the net harbors -- and inflicts on innocent victims -- many evils traditionally requiring regulation. In the near future, we’ll face increasing questions about whether or not the internet industry has “risen to the challenge” of developing adequate and responsible self-regulatory mechanisms. It’s not too soon to take a close look at how the net regulates itself -- and whether it does a good job. The evidence to date suggests that self-regulation of online commerce and community is working as well as or better than the traditional, top down, “real world” regulation that netizens hope to keep at bay.
“Self-regulation” can have many different meanings and interpretations. Some are based on the obvious notion that harmful conduct can best be controlled if those involved in such activities constrain their own behavior. Some take “self-regulation” to imply “self-determination” -- the idea that the decision about what constitutes “harm”, requiring regulation, should come from those who participate voluntarily in the transactions in question. Some theories of self-regulation imply that the new filtering technology or decentralized rulemaking of the global net may better constrain anti-social online behavior than can traditional laws and law enforcement by local sovereigns. Still other calls for “self-regulation” are premised on the idea that it is cheaper and faster for governments to impose the rules they favor if powerful companies cooperate to impose such rules on their customers. The net is now subject to numerous forms of “self-regulation” fitting all these categories.
Basic Forms of Self-Regulation are Ubiquitous and Effective.
Netiquette Works. The most basic form of self-regulation on the net is user self-control, often taking the form of compliance with the norms of netiquette. Contrary to the suggestions of anecdotal news coverage, social expectations of reasonable behavior do effectively constrain most users’ actions.
Example: The net allows anyone at low cost to send huge volumes of unsolicited email, including annoying and offensive messages. There is too much “spam”. But, in perspective, as measured against the millions of people who use the net every day, it’s amazing how few engage in seriously harmful spamming activities. The same can be said about “flaming” or “stalking” or other forms of annoying conduct made easier by the absence of physical cues, lower costs, and global connectivity. Some bad actors act out on the net. But most people post polite, on-topic messages directed only to others who will be glad to get them. (I’ll say more, later, about how to the net can control those few who don’t comply with the net’s social norms.)
Navigation and Filters Give Power to the End User. A second major form of self-regulation derives from the inherent ability of every user of the net to decide where to go, what to read and with whom to interact. Unlike a broadcast or cable television set, which may well show an unwelcome image when first turned on, your web browser can be set to bring up only the same congenial starting “home page” every time you boot up. When you surf the web, you alone decide what search terms to enter and what links to follow. Unless you voluntarily subscribe to a “push” product, you need never see any web- based material you have not chosen to view. You can choose not to read -- or even to filter out entirely -- an email from an unknown (or known and disliked) source.
Example: You’ve read in the papers that there are many pornographic sites on the net. In fact, the number of such sites is quite modest as compared with all of the online sources of informative, educational and socially valuable materials. But, even though there are some pictures most people would agree are highly offensive or deservedly illegal, you’ve probably never seen them. You may need to use software filters (and, better yet, a good grounding in your ethical values) to help your children avoid inappropriate materials. But even the most restrictive view of what is appropriate can be implemented by any user’s unilateral actions -- by means of simple decision to go (and to allow the computer’s browser to go) only to areas of the net sponsored or vetted by organizations whose values and judgment you trust.
System Operator Access Controls Provide Virtual Police Power. A third major mechanism of “self-regulation” on the Internet stems from the ability of every web-site or discussion group owner to decide which files to delete and to whom to issue an ID allowing participation. Every web site corresponds to some physical space on a hard disk that is totally under the control of some owner -- and files uploaded to any online space can be deleted once problems are discovered. There are open sites that impose no constraints, of course -- but there are many closed sites that require authentication for uploading or access. (Even open areas, like usenet newsgroups, are subject to filtering or exclusion by local recipients.) In most cases, failure to abide by rules established by the local virtual proprietor is grounds for -- and may well result in -- banishment. There is no shortage of “cops” online -- it’s just that they implement a variety of different, local rules. If anything, their ability to enforce those rules leads to swifter, more effective “law enforcement” than any real world jurisdiction can dream about.
Example: There are very few system operators who would not immediately delete from their online sites any file shown clearly to be an infringement of the rights of an intellectual property holder. Contrary to the impression created by constant news reports on the subject, the amount of damage done to copyright industries by infringement via the net is actually very small, as compared with damage done by means of distribution of pirated and illegally branded physical copies. The reason is that, while it may be hard to identify or track down particular end users, it is not hard to find the owners of popular web sites. These prominent system operators must register their own top level domain names. They have easily findable physical addresses. They have billing relationships with their customers. Sure, some copies get sent to friends by private, untraceable email -- just as some tapes of records get traded in the real world. But large scale, damaging pirating is actually much harder to conduct on the web, which is inherently open to inspection, than it is in the real world. And, once detected, clearly illegal actions are much easier to suppress -- because the Sysop’s ability to delete files or even users is just one keystroke away. (Perhaps we should worry more about “due process” and protecting “fair use” online!) It is true that copies can move more quickly through the net than they can through physical space. But mainstream site owners have no reason to shelter criminals and these “local” online sheriffs can move very quickly once violations of law are detected.
Just these three most obvious mechanisms have already produced a net that rarely imposes unwanted content, that seriously limits the ability of bad actors to inflict harm, and that allows millions of users to interact in orderly, lawful and socially valuable ways.
The Self-Regulatory Mechanisms of the Net Help Quickly and Substantially to Answer the Novel Policy Questions the Net Creates.
You don’t need a permit to open an internet storefront -- and in consequence whole townfulls of virtual businesses are springing up overnight. But towns bring complex new “policy” issues -- as well as more sophisticated criminals. For example, new virtual stores will collect lots of personal data regarding their customers’ transactions. What reason is there to believe that mere “self-regulation” can find an appropriate balance between the competing interests of online trade, free speech and privacy -- much less be able to deter or detect and punish those engaged in intentionally harmful, unjustified “criminal” acts like electronic theft or fraud?
A Web of Contracts Creates the Online Social Order. Before we can decide whether self- regulation can “work” to prevent new vices created or facilitated by the net, we should review the many, varied and subtle ways in which online social order is created by contract and “trade practice”. First, every user enters into a contract with one or more access providers and with the various private online sites that require agreement to some stated terms as a condition of access. Second, various registries and system operators enter into agreements among themselves to issue or revoke particular identities, to interconnect in various ways (e.g., to exchange and/or filter certain traffic). Third, the internet industry as a whole adopts various standard operating procedures to enhance security or to enforce applicable contractual obligations. These many interlocking layers of contracts -- and widespread acceptance of standard operating procedures -- establish both (1) a major source for rules that constrain online behavior and (2) the most effective source of enforcement for such rules.
Example: From the perspective of an end user bent on seriously anti-social conduct, cyberspace is anything but an unregulated wilderness. Few people can establish an online presence without the agreement of an Internet Service Provider or Online Service Provider. ISPs and OSPs may vary in size, but they are generally profit-seeking businesses that, for selfish reasons, impose strict obligations on users to abide by applicable rules and laws. In self-defense, most ISPs and OSPs strictly enforce those obligations. Only a tiny fraction of ISPs or OSPs would for long remain knowing hosts to predatory or criminal activities. Most importantly, ISPs and OSPs can easily add new rules that address new online vices -- much more quickly and effectively than new local laws can be passed or enforced. As noted, even a reputation for engaging in a controversial practice like “spamming” can be enough to bar a would-be participant from most online systems. More liberal-minded sysops that host harmful activities can find themselves excluded from valuable interactions with other system operators or access providers. Thus, even novel forms of wrongdoing are quickly and substantially constrained by new agreements among, and new rules imposed by end users on, a self-interested industry.
Many New Forms of “Tags” and “Labels” Will Empower End Users and Help Them Avoid Harm. The net transmits new forms of meta-information that help end users to determine the character of the online spaces they are about to enter or the reputation of the online person with whom they may choose to deal. The ease with which reference information can be linked to from a suspect site makes “consumer protection” less costly online. As the complexity of the net increases, we can expect the development of voluntary mutual-protection leagues that offer end users various kinds of protection against deception, vandalism or other wrongful practices. We might even see the emergence of “user unions” that pool resources to enforce user-originated adhesion contracts that condition access to user- supplied information on complaince with certain minimum privacy standards.
Examples: Your computer browser software can store a bookmark that takes you instantly to the Better Business Bureau. Reassuring labels on web sites can contain self-authenticating links to reliable third parties that audit compliance with the site’s stated rules and otherwise provide assurance that the label is a genuine one. As a customer of a virus-control firm, you may automatically receive continuous updates of the best technical protection. As an authenticated user of an online space, you may be alerted (or, if you have so requested, automatically protected) whenever anyone known to the system operator of that space as a spammer, or worse, tries to send you email. As a registrant in a particular online domain (like “.edu”), you may be able to provide the world with reassurance that you really are a qualified participant in that domain (e.g., part of a qualified educational institution). Your files may contain electronic watermarks that self-authenticate their lawfully licensed status, to avoid questions raised by copyright enforcers. In contrast, you might easily signal that your own writings may be distributed freely, by the very act of posting them into an online space that applies those distribution-friendly rules to all participants.
The Net Supports the Development and Implementation of Policy-Friendly Software Code. In the real world, antisocial behavior can only be countered by passing laws (hoping these will have a deterrent effect) or by encouraging widespread adoption of ethical principles. On the net, there is another tool available: software code. If you don’t want someone to invade the privacy of your online file, you can encrypt it. If you don’t want unwelcome visitors to your web site, you can set the server software to demand an ID and password prior to entry. Very few users can circumvent authentication barriers and firewalls. We can expect more and more sophisticated use of software code to embody and enforce new rules designed to make the net an orderly, socially valuable space.
More Examples: To prevent spamming, a new software product allows the recipient of a message from an unknown source to send back, automatically, a one-time request for assurance that the source is not sending bulk commercial email. Because most spam uses a fictitious reply address, these queries go unanswered and the spam can be stored in a separate file the user need never inspect. To prevent unwanted use of “cookies” (files a web site stores on your hard disk to keep track of who you are and what you have done on the site, often for purposes of creating valuable interactive features), your software browser can be set to require your permission before writing information to a file. To control viruses and other ill-intentioned interaction with your computer by remote sites, the operating software used for such interactivity can be forbidden from writing any local files. To prevent unauthorized “caching” of web sites, the HTML language and related web server technology can be set to respect directions not to cache, or to update regularly, or to pass back data on user “hits” of cached pages. To assure sales tax collection, software for payments systems, implemented by private parties, can calculate and impose such taxes -- likely producing a compliance rate far exceeding that achieved by “use taxes” theoretically but not often actually levied in the real world.
The Diversity of the Net is a Virtue, Not a Vice.
The online world does harbor sites that many would consider sinful or even criminal. There is gambling in our virtual River City. But controversial activities are found on the net precisely because substantial communities of users do not consider them harmful -- and want to participate voluntarily in online sites that tolerate them. There is no self-professed haven for fraud and theft on the net -- because no victim wants to enter a den of thieves. But there are, and inevitably will be, some hate sites and some sites hateful to many people -- just because the net is global and the world is a diverse place. As long as visiting an online site remains a voluntary matter, this diversity provides separation -- a result far better than any form of “governance” that would impose a single moral order on everyone, including substantial minority populations throughout the world who might disagree.
There are Relatively Few Victims of Serious Online Wrongdoing.
Before we can judge the success of self-regulation on the net, we must assess the true extent of harm caused to innocent third parties by the wrongful activities that do find a virtual “haven”. How many people have been seriously victimized by online crime? The numbers can’t be known with precision. But any reasonable survey would conclude that the extent of crime online is tiny compared with the incidence of real world crime among similarly sized populations.
Even if we count as “cyberspace crime” any of the real world violence that might be said to have been facilitated by the use of the net (an artificial and questionable inclusion in those cases in which online messages merely substitute for targeted communications that might just as easily have taken place over the phone), the real story is the absence of a story. The novelty of cyberspace causes journalists to write extensively, and politicians to comment, about every anecdote that comes to their attention. Yet, despite this disproportionate attention, the stories of real harm are few and far between -- especially as compared with the incidence of real world violence that only makes the local news.
Examples: You can’t have your head bonked or your purse snatched online (even your credit card number, which might be stolen, is relatively just as secure online as in the real world -- and the customer’s liability for losses is limited to $50 in the U.S.). You might in theory be “psychologically raped” online, but it just doesn’t happen very often in practice, because it’s a lot easier to leave a threatening or unwelcome virtual situation than a real one. It’s a lot easier to recover from a disk crash than from a car crash. You can get defamed or “spammed” or have the copyright in a manuscript infringed. But the actual costs and losses imposed by the need to repair reputations, or filter out junk mail or protect intellectual property rights online are still quite small relative to the volumes of messages exchanged every day. Most online slander falls on few ears or is, at the least, more easily responded to and corrected by means of the same low-cost communications channel that gave rise to the problem. Much online infringement serves as valuable marketing for the owners of the supposedly harmed rights -- the optimal “leakage” rate for intellectual property is decidedly not zero. Much spam -- albeit creating substantial annoyance and strong emotions -- is filterable at low cost and imposes less environmental damage than unwanted paper mail.
The Net Facilitates Decentralized, Voluntary Private-Sector Paternalism.
But what about truly innocent and relatively defenseless victims? The impressionable child who gets and reads a pornographic email or the clueless newbie induced to send real dollars to a stranger by means of some virtual Ponzi scheme? Can we claim that self-regulation is now working or ever could provide adequate protection in these cases?
The first answer, aside from the observation that there are in fact relatively few such cases found in nature (other than in the prose of a sensationalist press), is that the net allows any private (or, indeed, governmental) actor who wants to create a “safe haven”, for children or for unsophisticated consumers, to do so. There will be many Disney Worlds on the net, and many will be as orderly and crime free, and as child friendly, as any real world Fantasy Land.
A second answer is that, while the emerging social order of the net will of course fail in some cases to prevent harms or to deter or catch criminals, so will the law of the real world fail to prevent all real world crimes. Certain types of crimes, and certain minimum levels of wrongdoing, simply cannot be entirely prevented, short of adoption of repressive forms of order that would constitute a cure worse than the disease. Certain forms of consumer stupidity simply prevent protective measures. Children need real parents. We don’t generally allow the existence of some serious crime or some especially vulnerable victims, to justify the elimination of our core freedoms. We shouldn’t allow the presence of some unpreventable net-based crime to justify a repressive and counter-productive application of new laws and regulations to a generally crime-free and easily avoided Internet.
A third answer, known to every parent, is that paternalism, whether in the form of regulation or in the form of law, cannot substitute for self-control. Every vulnerable population would be better off if given the means to protect itself. Our children are best protected by sound values. Consumers are best protected by an educated ability to avoid scams. Those who assume centralized, governmental protections against non-violent wrongdoing may be much more vulnerable than those who are taught to think for themselves. We should consider the debilitating nature of paternalistic protections before we implement any regulatory scheme.
Increased Local Regulation of the Net Would Make Things Worse.
Opponents of “self-regulation” may counter that there is no harm in supplementing net-based rules with local laws and law enforcement by territorial sovereigns. But there are real costs and problems created by application of traditional legal regimes to the net -- especially in cases in which local law attempts to override rules that are selected by participants in online commerce and that primarily impact on those who voluntarily enter into such virtual trade. Because local laws stem from territorially-based sovereigns, they are hard to enforce globally. Because they are inconsistent from one country (or state) to the next, they create a maze of conflicting rules -- imposing large new compliance costs that could seriously slow the growth of online trade. A globally “harmonized” treaty might eliminate inconsistency, but any such agreements would be very slow to develop or adapt and would eliminate valuable diversity.
Example: Where we do have uniform global agreement that a particular practice is so pernicious that it ought not be tolerated in any virtual haven, the ability of mainstream system operators to exclude such a haven from the main connectivity mechanisms of the net (e.g., by deleting that “outlaw” domain from the root server tables) renders further local laws or police mechanisms unnecessary. Where we do not have such agreement, there is no legitimate basis for one community (or country) to impose it’s views on another -- and no need to do so, in light of the ability of every citizen of every country to filter out unwelcome messages, to avoid or leave uncongenial online spaces, and to choose to deal only with trusted electronic intermediaries.
The Need for New Governmental Protections Has Not Yet Been Established.
Still, a stubborn doubter of decentralized self-regulatory order might protest, the labels and tags and icons that identify trusted intermediaries might be stolen or forged. Or, worse still, the previously trustworthy supplier of some vital layer of the protocol stack (a popular browser or search engine) might begin to exploit new found market power in ways that inflict substantial harm on individuals or a whole marketplace. Is there reason to believe that the decentralized decision-making of unregulated participants in net commerce can prevent these most serious scenarios? Surely we need traditional governments to keep a watchful eye on the really bad guys who might employ new forms of electronic fraud, or new forms of economic power, to oppress us?
The answer may well be: “No”, we don’t need and can’t readily use the powers of traditional sovereigns even to prohibit fraud and antitrust violations -- for two reasons. First, the means of “force” most effective in preventing and punishing online crime are predominantly in the hands of private actors - - system operators, not the government. Spoofing cannot, by definition, be controlled effectively by police forces based in particular physical locations -- it can be conducted from an undisclosed (and hard to find) location, it can originate from anyplace and can move its source quickly from jurisdiction to jurisdiction. It is best prevented by technical means (such as authentication and encryption systems) that must be developed and voluntarily deployed by multiple private parties.
Second, even the abuse of economic power over some layer of the protocol stack -- such as a “vital” web resource -- can most effectively be countered by the development and adoption of alternatives -- again a task for the private sector. Efforts to use traditional, uniform top-down laws to set standards for authentication, or to control the pace at which alternative online products are developed, would produce laughable (or tragic) results. Governments can be bought; markets cannot. Our very best protection against the very worst “public policy” problems found online may thus be the preservation of a dynamic, open system that is not subject to capturable, governmental regulatory controls.
In any event, the case for governmental regulatory protection with respect to the conduct of electronic commerce and community has just not been made. There is, as noted, a relatively low incidence of serious crime. There is a robust and rapid process for development of private sector solutions to serious policy problems. No company has yet shown that it can and will actually use any economic power over the application layer of the net to the detriment of consumers. Governments need not relinquish their authority to keep a watchful eye on the development of the net. Perhaps there will be occasions when important technical standards will have to be made “open” by fiat. Those cases will, ironically, be premised on government’s recognition that decentralized, emergent self-governance is the best form of regulation and needs to be preserved and protected against private-sector power allowing “top down” contro. At this time, however, a compelling case for new interventions to regulate application layer actors just hasn’t been made.
Decentralized, Emergent, Self-Governance is Enabling Rapid Growth of Net Commerce and Community.
The ultimate measure of whether or not “self-regulation is working” for the net might be the extent to which the current, admittedly somewhat chaotic, regime is spurring growth. Some pundits like to suggest that the development of electronic commerce is being held back by the absence of standardized laws or adequately clear and enforceable regulations. But the net is the fastest growing organism on the planet! There is simply no evidence that anyone -- end user or access provider or even content owners -- are being (or will for long be) significantly deterred from participation in online commerce by the lack of some new centralized, harmonized “top down” regulatory scheme.
Example: Even in technically vital areas such as the issuance and revocation of net identifiers, decentralized, voluntary, contract-based schemes have created breathtaking growth while producing astonishingly few disputes or problems. Do you know someone who, having tried the net, vows never to return because of some seriously harmful and unavoidable online experience? Can you identify a new form of valuable social interaction or commercial transaction that could take place online but that won’t occur because it is too hard to find or interpret or apply or enforce applicable rules? I didn’t think so. Contracts between private parties can fill any such gaps -- provided that local governments wisely agree to defer to the “trade practice” created by voluntary agreements among net participants. If there is a serious barrier to online trade, it is the absence of strong encryption to lock and protect private doors. That barrier stems from US based regulation, not from the absence of an industry ability to provide adequate security if allowed to do so.
There are Sound Scientific Bases for Expecting That the Net Will Self-Organize in a Socially Valuable Way
We shouldn’t be surprised that the net has already developed a quite satisfactory level of social order -- nor should we doubt that it will continue to do so. The new science of complex adaptive systems tells us that any large network of nodes connected in sufficiently complex ways becomes orderly sua sponte. Scientific studies of such “autocatalytic” systems make clear that large sets of semi-autonomous agents, which emit and read “tags” and other meaningful messages distributed by means of interconnecting “flows”, tend to create complex structures. Such structures, in aggregate, tend to find the right mix of randomness and order and, perhaps literally, come alive. The details of the development of such systems may be unpredictable. But the overall tendency towards a state of mixed chaos and order -- and a tendency of such complex systems to take on a life of their own -- seems very likely to apply to the net. We are not dealing with a clock that can be engineered from the top down by some sufficiently skilled sovereign. We are dealing with an organic phenomenon that must grow its own order, naturally, and that could only be stunted or killed by artificial regulatory intervention, no matter how well-meaning that intervention might be.
It is not customary to argue for or against public policies by reference to science developed from biological phenomena. But the net poses unusual challenges for those engaged in making public policy. Because it is global in scope, it simply cannot be governed by traditional, local governmental structures. Because it evolves so rapidly, many needed responses to public policy challenges may not be able to be developed by slow, democratic deliberation. Because it allows diversity and empowers private action to join or leave new communities and to create new sets of rules and new, intangible but effective software barriers, it creates new tools for “collective action” aimed at creating and serving multiple “public goods”. We ignore the truly novel character of this new online space at our peril.
Deference to Decentralized, Self-Ordering Governance of the Net Does Not Render Territorial Sovereignty Obsolete.
Sometimes the case for net self-regulation is weakened by being overstated. There will always be a role for local sovereigns who, after all, generally possess a legitimate monopoly over the use of physical force. As one wag has put it, territorial boundaries still tell us where the people are who have guns. And we still need those guns, in extreme cases, to fight off targeted threats of violence (including those rare threats of virtual violence that can be located geographically and cannot be filtered out electronically) -- and, sometimes, to enforce contracts entered into online. So there is no need to fear that the emergence of a new online order will put traditional governments out of business. To the contrary, some forms of online trade may be enhanced by voluntary agreements, as part of contracts between participants and system operators, to comply with particular local regulatory schemes that might not otherwise be applicable. The net may, in this way, render the art of government more competitive, rewarding those jurisdictions that provide empowering regulatory schemes that truly enhance consumer/constituent welfare.
Examples: No one wants to gamble at a totally unregulated casino -- you would be sure to lose your shirt to a dishonest house. So some local territorial sovereigns will probably compete to provide adequately trustworthy regulatory rules -- which will bring in more willing, and better protected, customers. The same can now be said, in effect, for those securities firms that voluntarily comply with U.S. regulations governing the sale of securities, even though they might choose instead to operate under foreign laws. Insofar as participants in online commerce value a particular level of privacy, and insofar as this is not provided with sufficient assurance by mere contractual undertakings or promises made online, it seems likely that web sites who want those participants’ business will voluntarily submit themselves (and, by contract, all who access them) to the control of local jurisdictions that reliably enforce the desired privacy terms. Indeed, insofar as particular local authorities want to prevent their local citizens from straying into certain kinds of online transactions or information, the technical filtering tools of the net, combined with local, physical law enforcement powers and local control over all physical connections to the outside world, would let them do so. (This might not be a desirable result, in terms of the free flow of information and protection of the human right to communicate. But it does disprove any argument that local authorities must have the power to regulate remote web sites in order to protect their local populations.)
No form of net self-regulation appears likely to replace the traditional role of governments in creating courts that can award damages for the infliction of tortious or otherwise wrongful conduct of others. (Indemnification agreements, bonds and private sector insurance may provide some meaningful remedies, but they probably can’t protect against intentional harms to third parties.) Yet the growth of online commerce could be seriously deterred if anyone who claims to have been harmed by an online transaction could go to a local court to seek damages in excess of those contemplated in a contractual agreement pursuant to which access to the online transaction in question was allowed. If we don’t allow web site owners to insist that end users accept the risks of certain online activities, and if we allow every local court to create new “rights” and impose unpredictable damage remedies on remote site owners, we will be imposing a serious and unjustified cost on the net. Thus, one fundamental form of support that is needed from all local governments, if the net is to prosper, is deference to and enforcement of the terms and conditions of online trade -- at least those terms and conditions that are widely accepted and generally understood by the net community to be binding on those who click past them to enter into an online space. Similarly, local governments need to limit tort liability of all types so as not to allow large awards of damages to third parties, based on local law, to penalize the conduct of online trade on terms and conditions that are molded and deemed reasonable by those who are also most directly impacted by such conduct -- the participants in online commerce, themselves. If any local jurisdiction did seek to impose inappropriate or disproportionate liability (or tax) burdens on the net, however, a most likely response would be the creation of a means to exclude citizens of that local sovereign from participation on the mainstream net. Let’s hope it won’t be necessary for the net, in self-defense, to act like an immune system, recognizing and rejecting hostile foreign intruders, using this ultimate form of self-determination.
Conclusion
The net is already growing robust mechanisms that control wrongdoing and provide a sufficiently stable base of rules to allow online commerce and community to develop at a rapid pace. Sure, everyone can identify some online activities that seem to them to be unjustified, harmful or even criminal and that will likely persist. But that’s true of the real world, too. We shouldn’t judge the success of net self- regulation by means of an unattainable ideal of perfection. And we can’t ignore the fact that the world contains diverse populations that hold differing, often inconsistent, values. It’s true that the net reduces distance and lowers transaction costs, thereby bringing everyone closer to some online activity of which they or their territorial neighbors may strongly disapprove. But the most significant effect of such elimination of distance, along with the ease which we can create and navigate new electronic barriers, is to make the net an empowering mechanism for individual choice and community self-determination.
Over time, the net will only remain as chaotic as we collectively want it to be. Already, the social order it is producing has a greater claim to legitimacy, more effective means of enforcement, less repressive uniformity, and more responsive flexibility than any “real world” governance mechanisms. Local courts and legislatures should not let desires for job security interfere with their judgment regarding the best source of rules and rule enforcement for the net. That best source is the participants in online commerce themselves who will be most familiar with the needs of online commerce and most directly and extensively impacted by those rules. They only need modest cooperation from territorial jurisdictions in the form of enforcement of the many contracts that weave together to form the new online social order -- an electronic “law merchant”. What the net most needs from the traditional law making powers is not more regulation but more protection against misguided efforts to interfere with its inherently self-ordering properties.