Ah, the Internet. Give me worldwide access or give me death! Might want to put a flak jacket on because the future of the web may well be a violent one – virtually at least. Governments spend vast amounts of money and effort to control their turf in the real world but have been mostly baffled when considering how best to exert control online. No longer. The empires are ready to strike back and the Internet as we know it faces a perilous future, particularly for businesses operating online. The threat is known as “Splinternet.”
As the name suggests, Splinternet is a scenario where a once unified web is broken into spheres of information and commerce established by governments. Governments will pass laws that make it nigh impossible for businesses to operate in all parts of the world. Instead of facing enormous compliance burdens, many companies will just decide to geo-block particular spheres robbing individuals in those spheres of goods, services, and information. All online businesses except behemoths such as Google will no longer be operating on a worldwide basis. I encourage you to read the following two excellent articles to get a glimpse of the future.
- Internet Law Is Threatening To Break Up The Internet
- The Internet Is Fracturing Into Separate Country-Specific Networks
The splintering of the Internet is no longer a theoretical concern. The first significant blow occurs on May 25, 2018, when the General Data Protection Regulation [“GDPR”] goes into effect in Europe. The GDPR represents a radical change. The regulation consists of 99 articles on various topics, but the core theme is online businesses will be required to undertake new and expensive measures in the areas of privacy and data protection. Such a concept may sound positive at first glance, but the GDPR goes well beyond the noble idea of protecting the privacy of citizens online. The EU is attempting to extend the GDPR requirements into non-EU countries by arguing that any business who “envisages” offering goods or services to people in the EU must comply. To fully understand the implications of this effort, consider the following scenario.
You run an online business offering free guidance on how to build an e-commerce store. You are based in Nevada, and sell courses every so often. The last course you created sold 1,000 units or which ten went to people residing in the EU. The question is, do you have to comply with the GDPR and spend tens of thousands of dollars doing so even if only one percent of your sales went to the EU? A lawyer will need to analyze your site, but the likely outcome is “maybe,” which isn’t particularly helpful from a business planning perspective. Fail to comply, however, and the EU can try to hit you with fines equal to four percent of your global gross revenues or fines up to $24 million.
How far does the GDPR overreach? The regulation is changing the foundations of the web so radically that basic concepts such as the viability of a WhoIs domain database is in question. Under the GDPR, one must have a legal basis for collecting information. That legal basis is usually obtaining consent from the subject of the information data collection. ICANN and domain registrars it has contracted with never asked people purchasing domains for consent to collect or release their information on the web. Given this, enforcement agencies in the EU are balking at registrars returning results for WhoIs searches that show any personal information regarding the party who purchased the domain. [Read Article]
Compliance with the GDPR is tricky and expensive. Companies bringing in millions in revenues can take the steps necessary to comply with the law. However, most small businesses bringing in $100,000 will find it exceedingly difficult to rally the finances necessary for compliance. There are no WordPress plugins or free compliance tools to relieve the financial burden. What choice do these businesses have other than to forgo doing business in the EU and geo-block it? None.
The EU is not alone in issuing splintering rules and regulations. Russia, China, and even countries in South America are considering whether an open and free Internet is necessary. One can easily foresee a future where the web is split into economic spheres along the lines of the EU, North America, Asia, and so on.
So, what do you do? Prepare. Start considering the ideal market for your products and services. Learn the laws of the target market and then design your product or service with compliance in mind from the start. Those who do not take this step will suffer the same fate as AOL did when it failed to plan for the end of the dial-up modem era and went from the dominant online company to a minnow.
The end of the Internet is not upon us. However, online businesses face significant, restrictive changes over the next two decades. Smart business owners will plan accordingly. Others will not. Guess which group will have the better chance of future success?
Richard A. Chapo, Esq.