Regulating Facebook: A Proposal


Internet God-Emperor and Roman autocrat fanboy Marcus Octavian Zuckerberg says he welcomes regulation of Facebook, albeit the “right” regulation. His regulatory enthusiasm has evolved over the last year from a vague and obligatory platitude to a more earnest and even a little desperate plea for government salvation.

Zuckerberg’s increased comfort probably comes from both a deeper appreciation of how embracing and shaping regulation offers a deep competitive moat for dominant companies (AT&T wrote this playbook) and seemingly a complete lack of viable stratagems to deal with Facebook’s existential emergency.

A declaration earlier this year that they were going to “feature” their way out of their never-ending crisis was tin-eared even by Facebook standards (see Platform Rule : When the platform is on fire, first put out the fire). Trying to explain to wary governments that Facebook’s forthcoming stablecoin cryptocurrency project doesn’t infringe in any way on the cherished sovereign prerogative of seigniorage should make the lack of enthusiasm for “innovation” from Facebook abundantly clear to even the most brainwashed Facebook employee (and maybe executives). So we’ll focus on regulatory deus ex machina.

This post first bemoans the quality of the discussion around what to do about Facebook but eventually gets around to offering a specific solution. It gets increasingly serious and less trenchant as you progress (for which I apologize in advance).

Breaking Up Facebook

The most popular remedy is to “break them up”, with a Facebook co-founder and self-styled public policy expert most recently joining this chorus. Chanting “break them up” is fun if you’re six years old, President of the United States (maybe I am confusing this with the similarly nuanced “lock her up”), or an academic mesmerized by the sound of your own voice on television, but it makes for a flaccid policy prescription.

Breaking up Facebook may seem straightforward, punitive, and probably cathartic for podcast populists and hipster antitrust hobbyists, but it fails to answer very basic questions like along which seams you would chop the company up and how that slicing and dicing would actually alleviate the many sins swirling around Facebook. As some have pointed out (in some cases again and again), separating Instagram or WhatsApp from classic Facebook doesn’t fix any of the problems that plague those specific services (for the record, Mr. Zuckerberg concurs with this view, though his optimism that his company can resolve these issues by itself does not seem commensurate with the company’s track record to date). And in political hands, the case for a break-up gets downright incoherent.

We could dismember Facebook as a one-off à la AT&T or Standard Oil, but amidst all the whimpering that traditional antitrust doctrines don’t work for free digital products, it would be nice to have a policy approach that could be applied on a consistent basis in the future [As an aside: I find it interesting that while corporate amputation has been discussed as a remedy for Facebook, the corporate death penalty has not].

Nullifying acquisitions after the fact because we have a frustrating inability to regulate unrelated issues makes for poor public policy. Given most acquisitions fail, retroactively undoing ones that do work also seems somewhere between chilling and double jeopardy. We need a framework for prospectively approving digital acquisitions beyond perfect hindsight.

Look to Utility Regulation

As much as our populist era prefers to couple crystal-clear diagnoses of problems with superficial yet unworkable solutions, it turns out there is a well-developed domain we can look to for how to deal with Facebook: utility regulation. Specifically, how we have been dealing with electric, water, gas, and telecom monopolies for over a century. Utility regulation seeks to balance the needs of captive consumers while ensuring sufficient economics for ongoing provision of services. Moreover, utility regulation explicitly wrestles with both network effects and natural monopolies.

Wikipedia offers a definition of “utility” that suits Facebook well:

“A public utility (usually just utility) is an organization that maintains the infrastructure for a public service (often also providing a service using that infrastructure). Public utilities are subject to forms of public control and regulation ranging from local community-based groups to statewide government monopolies.”

Mr. Zuckerberg would seem to be on board, repeatedly describing Facebook as a utility.

Utility regulation provides a broad range of precedent and experience (both good and bad). It does require a more informed, nuanced, and surgical approach than just whipping out a cleaver and hacking off a few corporate divisions. And despite all the experience, utility regulation remains imperfect. It is at best inefficient, prone to unintended consequences, and often benefits the companies being regulated. But we have accepted those tradeoffs as a society.

Some observers are also looking at Facebook through the lens of utility regulation. One commentator disagreez with treating Facebook as a utility based on (unpersuasive to me) historical definitions and on the grounds that doing so would benefit even more loathsome utilities (though as much as I am dissatisfied with my wireless and cable providers, last time I checked they weren’t inadvertently “leaning in” on genocide or undermining democracy).

The Social Graph Utility

Instead of “breaking up” Facebook, retroactively undoing acquisitions, or other rage-based remedies, the proposal here is to turn the social graph underlying Facebook (and only the social graph), into a separate, regulated utility. The social graph is a fancy term to describe the basic profile and list of friends associated with every Facebook user.

Today, different parts of the sprawling Facebook application call a common application programming interface (API) to get this list of your friends whenever they need that information. They might use this list to know whose content to use when compiling your newsfeed or give you options to message or poke or whatever it is people actually do to each another on Facebook (admittedly I’m not much of a user myself).

Instead of whacking at them with a hatchet, we’d take a precision scalpel to Facebook and excise the social graph API and its underlying data (and to the degree Facebook is consolidating the social graphs of Facebook, Instagram and WhatsApp, that makes it easier for our new utility, but we can operate one time or three times as needed). The new regulated Social Graph Utility would control and operate the social graph. Facebook would naturally continue to access the social graph (and be required to do so under specific terms and conditions). But anyone else outside Facebook could also access the social graph through an API governed by a stringent license.

There is a parallel here in the way phone numbers are managed. At least in North America, the underlying database of numbers, the North American Numbering Plan (NANP), by which all phone companies interconnect, is operated by the North American Numbering Plan Administrator (NANPA). The NANP was originally developed in 1947 within AT&T, but was subsequently extracted from the AT&T monopoly. Since 1997 the FCC has chosen the company that operates the NANP through competitive bids with winners including Neustar and Lockheed Martin. Currently, the NANP is operated by a soporific government contractor with a Brave New World-esque name of Somos.

NANPA gets its direction from its regulator and its industry customers:

“NANPA is not a policy-making entity. In making assignment decisions, NANPA follows regulatory directives and industry-developed guidelines. NANPA’s responsibilities are defined in Federal Communication Commission (FCC) rules and in comprehensive technical requirements drafted by the telecommunications industry and approved by the FCC.”

Following the NANP model (with ICANN as another role model), we would contract out operation of the Social Graph Utility extracted from Facebook to a Social Graph Administrator. Any of the real public cloud companies – Amazon, Google, Microsoft – would have no difficulty managing it. We might also see organizations like Akamai, the Chinese Communist Party (or one of their many fronts), Cloudflare, the Electronic Frontier Foundation, the Linux Foundation (whose quest to administer everything would seem to put them on their own antitrust collision course), Somos, or Verisign have interest in operating the service.

We’ll need to select the regulator for the Social Graph Utility. Perhaps the FCC or FTC, or a newly constituted Internet Commerce Commission (the acronym is available). Some of the more colorful analogies about blight caused by Facebook might bring the Bureau of Alcohol, Tobacco, Firearms and Explosives or the Drug Enforcement Agency into consideration. Or maybe things are so far gone we need the National Transportation Safety Board to try to figure out what went so horribly awry? The chosen regulator will select the Social Graph Administrator and oversee its operation. This would be a de facto worldwide regulator (ex-China and other totalitarian regimes), so there are benefits to being the first mover (and beating the EU the punch so we don’t find our entire screen blotted out by ‘Accept’ buttons…).

Access to the API would require acceptance and compliance with a stringent license dictating how you can use social graph information, both internally and downstream. The license may require compliance tests, audits, and material penalties for breaches of license terms. The Administrator could be paid by the regulator or be a regulated business that charges a tiny fee (approved by regulator) for every API call accessing the social graph.

Separating the social graph from Facebook has two fundamental benefits:

  1. Protecting personal information: it creates a clear boundary between our core personal user information and Facebook. The new utility is structured such that it has incentives to protect that information and control how it is used in a way that Facebook never has and likely never will.
  2. Competition: a utility that allows any entity complying with the license access to the social graph facilitates competition by mitigating the immense network effects associated with Facebook’s control of the social graph.

The Social Graph Utility could evolve over time to give users more explicit control over their profile information and friends list. They could edit and delete their information and those changes could flow downstream to any API consumers of their information. They could deny access at any time (through an interface even if designed through the most Kafkaesque government software requirements process that is guaranteed to be simpler than Facebook’s ever morphing and byzantine privacy controls). The utility could facilitate users getting compensated for use of their personal information.

From a competitive standpoint, access to the same social graph that Facebook uses removes an enormous barrier to entry for new social networks and applications. The Social Graph Utility is a mechanism to achieve “friend portability”. Let Facebook compete on the merit of their applications, not just their network effects. New entrants can experiment with experiences, business models, and privacy policies. But if you use the social graph data, you will be subject to the associated license terms. And Facebook can’t complain too much about new competitors being built off their service, as Instagram bootstrapped itself in similar fashion from Twitter. Unlike the breakup scenario which is predicated on the uncertain assumption that Facebook, Instagram and WhatsApp would compete directly with one another, an open API lets a thousand flowers bloom. In addition to a myriad of startups, we could also see other large companies compete more directly (Google++ anyone?) or more exotic if uncertain competitors like the French government or decentralized blockchains.

Separating the social graph from Facebook is narrowly focused, puts proper incentives in place for protecting core personal information, and fosters competition. It relies on a specific technical implementation as opposed to nebulous regulation like the 260 pages of blurry bureaucratese that is GDPR. But we should have no allusions this will be perfect regulation. It may slow innovation around social networks (which might be good for global economic productivity, human self-esteem, and the digital minimalism movement). It will almost certainly suffer from loopholes and introduce new problems. Nor does it come close to solving all the issues plaguing Facebook’s networks or the cesspool that is online advertising (Facebook will still get their advertising dollars and rubles).

But don’t worry too much about Facebook or its shareholders. Despite their new-found concerns about Chinese competitors as they awkwardly tangle themselves up in the flag, they will be fine. None of their users will even notice the change. They can go build the new experiences they are so excited to show off. And Facebook still has all that other user information (e.g. likes, photos, and posts) beyond the social graph that is very sticky. To the degree that the Social Graph Utility removes some of the lightning rods currently adorning their roof, Facebook might even embrace the idea.

There would be lots of technical and regulatory details to figure out. Migrating the social graph out of Facebook without downtime is an interesting challenge (though any downtime might qualify as a global economic stimulus, and could be timed for optimal counter-cyclical impact). But it would require the political and chattering classes to talk less grandiloquently and get to the specifics. Don’t hold your breath…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get Updates By Email