New Digital Realities; New Oversight Solutions

Tom Wheeler, Phil Verveer, and Gene Kimmelman
A new report by authors Tom Wheeler, Phil Verveer, and Gene Kimmelman addresses the challenge of government oversight for digital platform companies. It suggests the creation of a new federal agency designed to deal with digital issues rather than industrial ones, and the development of a new approach that replaces industrial era regulation with a new, more agile regulatory model better suited for the dynamism of the digital era.

The views expressed in Shorenstein Center Discussion Papers are those of the author(s) and do not necessarily reflect those of Harvard Kennedy School or of Harvard University.

Discussion Papers have not undergone formal review and approval. Such papers are included in this series to elicit feedback and to encourage debate on important issues and challenges in media, politics and public policy. These papers are published under the Center’s Open Access Policy. Papers may be downloaded and shared for personal use.

You can read the full paper here.

Statutes and Regulatory Models Adopted for the Industrial Era are Insufficient for the Realities of the Internet Era


  • The digital marketplace is wide-reaching, complicated and self-reinforcing. The systems developed to oversee an earlier time are burdened by industrial era statutes and decades of precedent that render them insufficient for the digital present.
  • In the absence of federal oversight, the dominant digital companies have made their own rules and imposed them on consumers and the market. Just as industrial capitalism operated—and thrived—under public interest obligations, so should internet capitalism be grounded in public interest expectations.
  • Those expectations—and the new rules to implement them—should be the reinstatement of responsibilities long established in common law: the duty of care and the duty to deal.
  • To accomplish this a new Digital Platform Agency should be created with a new, agile approach to oversight built on risk management rather than micromanagement. This would include a cooperatively developed and enforceable code of conduct for specific digital activities. As both a fail-safe and an incentive, the agency would also retain its own independent right of action.


Today’s exploding digital marketplace has delivered great gains to consumers. Residing amidst the wonderous capabilities of digital technology, however, are decidedly anti-consumer results.

The digital market is characterized by a tendency to tip toward market dominance and an absence of competition that results in consumers, innovators, and the users of digital information being harmed. The lack of competition (a product at least in part of network effects and economies of scale), when connected to the enormous power of data control in the hands of a limited few tech platforms, is further harming innovation, creating barriers to the possibility of healthy competition, and enabling the exploitation of personal privacy. These forces have created an unsupervised culture where the consumer is the product and the companies make the rules.

These results occur in an environment in which there are inadequate public policy tools available to protect consumers and promote competition. Numerous reports and studies, referenced herein, have chronicled the adverse effects imposed on consumers and competition by the dominant digital platforms. The purpose of this paper is not to replicate those efforts, but to take them to their logical conclusion by addressing remedies.

We exist in a seemingly contradictory, but not historically unprecedented, period when new companies have harnessed new technologies to innovate and deliver remarkable new products. Too often, however, these advances come at the cost of harming consumers and denying others the opportunity to innovate. For the last two decades digital companies have successfully sold the notion that government oversight of their activity would stymie innovation. The success of this lobbying has allowed the companies to maximize benefits to investors through the denigration of personal privacy, consumer rights, and the supposedly all-American concept of competition and competitive markets. The failure to protect the public interest in such matters has added to the destruction of the public’s trust in government as Americans observe the inability of their representatives to do anything about obvious harms. Fifty-nine percent of Americans believe elected officials are paying “too little” attention to issues dealing with technology and technology companies, according to a Gallup survey.[1]

Make no mistake, the innovations and economic growth of the digital platform companies are very much in the public interest. This paper proposes a structure in which the public interest of strong and innovative companies and the public interest of consumer rights and competitive markets can both be preserved. To do so, however, requires the vision to first assert oversight and then to develop a new model for that oversight.

The existing agencies of government are based on statutes and structures that reflect the relatively stable markets and relatively stable technology of the late industrial era. As such, they are insufficient to deal with dynamic digital markets driven by rapidly changing technology.

In the absence of federal oversight, the dominant digital platforms have become governments unto themselves with the ability to impose their own set of rules on economic activities and consumer choices. The Silicon Valley mantra “move fast and break things” failed to take into consideration the consequences of such actions. As such, it has had the practical effect of “move fast and make our own rules before others catch on.”

The lack of legally mandated duties to protect consumers and competition in the new digital environment, and the practical limitations of antitrust jurisprudence, leaves society and the economy at enormous risk. In a time of national duress, the growth of a solid middle-class economy is threatened by the dominance of a handful of digital giants. Yet, the statutes and regulatory models adopted in the industrial era are insufficient to deal with the realities of the internet era.

The authors have each spent their professional lives at the intersection of new technology and public policy. From both inside government and inside industry, we have each wrestled with the application or absence of statutes to protect competition and consumers. It is from that experience that we have observed how the activities of digital technology companies have separated from the basic common law-derived principles that have historically governed marketplace behavior. 

It is therefore necessary to create a federal agency agile enough to handle the oversight of data abuses and gaps in competition policy, while being capable of establishing corporate duties that promote fair market practices. The operations of this agency—a Digital Platform Agency (DPA)—should be governed by a new congressionally established digital policy built around three concepts:

  1. Oversight of digital platform market activity on the basis of risk management rather than micromanagement; this means targeted remedies focused on market outcomes and thereby avoids rigid utility-style regulation,
  2. Restoration of common law principles of a duty of care and a duty to deal as the underpinning of DPA authority, and
  3. Delivery of these results via an agency that works with the platform companies to develop enforceable behavioral codes while retaining the authority to act independently should that become necessary.   


The federal government has become proficient at doing again what it did yesterday. These policies and procedures, however, have been ambushed by the future.

The 21st century has seen digital technology restructure economic activity and marketplace behavior. Fifty-two percent of the Fortune 500 at the turn of the 21st century no longer exist.[2] In 2000, GE, Cisco, ExxonMobil, and Pfizer, were four of the five most valuable companies in the world; by 2019 they had been replaced by Apple, Amazon, and Alphabet (Google) with Facebook charging hard at number six.[3]

We are not simply living through a variation on the industrial revolution (the “Fourth Industrial Revolution” as characterized by the World Economic Forum). We are living a wholesale change in economic activity driven by new forces. Continuing to rely on a handful of dominant digital companies to not only make the rules but also drive the economy can no longer work. The government, as the representative of the public interest, cannot be a spectator to this new economy. The nation needs the innovation of smaller companies for the creation of jobs, the delivery of ideas beyond those that meet the desires of the dominant corporations, and the ability to successfully compete with other digital innovators such as China.

As the new industrial capitalism replaced agricultural mercantilism in the 19th century, new rules became necessary to reflect the new operations of the market. In a similar manner, today’s internet capitalism requires new rules to reflect the new market it has created. These new rules can simply be the reinstatement of responsibilities long established in common law.

The engine of the industrial revolution was the scope and scale application of men and material enabled by new technologies such as the railroad and telegraph. The industrial revolution was built around the supply of hard assets, whether it was industrial raw material or the output of its fabrication. These assets were typically exhausted by one-time use, and rivalrous in that their possession and use by one entity denied the usage to others.

The information revolution is built around a soft asset: data. While this asset continues to enjoy scope and scale economies, it is different from industrial assets in that it is inexhaustible (i.e., it can be used repeatedly), iterative (i.e., its use creates new data), and non-rivalrous (i.e., it can be consumed by more than one party). Combining these characteristics with the low marginal cost of acquiring and exploiting the raw material and of the distribution network it utilizes means there is even greater mass production in the information economy than there was in the industrial economy. As a result, digital companies’ activities are not typically constrained by production, but by demand.

Harvard business professors Marco Iansiti and Karim Lakhani have illustrated the difference between the industrial operating model and the artificial intelligence-aided digital operating model:[4]

In the industrial model companies eventually confronted diminishing marginal returns. The supply of hard assets could only scale up to a point before costs began to increase and markets became saturated. The digital model, however, appears to know no such limits. By collecting and hoarding data that is both interchangeable and interoperable, digital operating models can continue to grow.

Add to this rudimentary artificial intelligence and you have a digital perpetual motion machine. Tech analyst Azeem Azhar has dubbed this the “AI Lock-in Loop” where data begets AI, which begets better products, which begets more data, which begets better AI, in a never-ending process in which the data asset is unleashed to produce, expand, and control.[5]

Digital technology has also sped up the pace of change, removing the time buffer that previously allowed society and its representatives in government to adapt to new technology. It took, for instance, 125 years for Alexander Bell’s telephone to connect one billion people across the world.[6] It took less than six years for mobile phones using Android to reach the same milestone.[7]

The existing regulatory approach reflects the pace of the industrial era, typically awaiting market failures reaching a certain scale and effect before stepping in. The current speed of technology and marketplace development sabotages such anapproach. The absence of ex ante behavioral rules allows dominant companies to quickly impose their will and dictate market behavior on their terms. Similarly, ex post quasi-judicial assessments of marketplace behavior allow companies to exploit digital technology’s fast pace and behave as they wish until the government catches up, risking only a monetary or behavioral slap on the wrist as a consequence.

In the face of rapid-paced technological change that has reprioritized both individual and corporate activities, the United States government has been mired in policies and structures created for the industrial era of the 19th and 20th centuries. In the absence of such public participation, it is the leaders of the digital companies who end up defining market practices. Such corporate-developed rules, of course, advantage the rule maker over consumers and competition.

American policymakers’ reluctance to impose regulatory oversight has, in large part, been the result of the digital companies’ successful campaign to portray government regulation as stifling their “permissionless innovation” and the wonderous products that have resulted. Yet no one has proposed policies that require the granting of permission to innovate. The companies also point to competition with China to claim regulation would put the nation at a competitive disadvantage against the unregulated Chinese. Yet, what America needs to confront China is the kind of domestic innovation that is driven by competition and pro-competitive policies.[8]

At the federal level there has been no meaningful legislation addressing new technology since the Telecommunications Act of 1996, which principally dealt with networks, not platforms. Regulators are stuck with statutes that not only are from a pre-platform era but also are based on industrial era assumptions rather than policies that reflect internet era realities. At the same time, the digital companies have successfully promoted the message “we are different,” accompanied by the assertion that establishing behavioral expectations would somehow break the magic of the digital businesses.

It is time to assert that there must be governmental oversight of the digital platforms. It is no longer acceptable for the companies to make their own rules. The imposition of public oversight of digital platforms, however, cannot simply be a replay of what worked in the industrial era.

When the digital companies claim regulation harms innovation, they are hiding behind the implementation of industrial era statutes by agencies designed for earlier times. This paper specifically advises against the industrial era approach behind which the digital companies have sheltered. In its place should be a return to basic principles overseen by a new regulatory process.

The regulatory oversight proposed herein eschews the old-style regulation in favor of the simple restoration of long-understood common law standards to the new economy.

In order to move forward protecting consumers and promoting competition while not harming innovation, it is necessary to look backward to common law principles first applied centuries ago. The implementation of the common law concepts of duty of care and duty to deal enables protections that address the “what” of marketplace effects rather than the “how” of traditional regulatory micromanagement. In so doing, they are responsive to the companies’ complaints about “utility style micromanagement” while at the same time establishing proven consumer protection and competition promoting policies to be obeyed by the companies.

The DPA is thus responsive to the need for public interest oversight of digital platforms, while also being responsive to the companies’ argument that application of existing regulatory policies would result in innovation-destroying micromanagement. Implementing this, the DPA should be empowered to act on its own but with a preference for such action through the cooperative development with industry stakeholders of enforceable behavioral codes subject to agency approval. Such a process would have the added benefit of imposing enforceable policies that, because of the cooperative process, are more agile and dynamic than traditional regulation.

The adoption of such risk management policies would also fill the vacuum created by the inaction of the federal government that has encouraged the nations of the European Union and the United Kingdom—as well as state governments within the United States—to intervene on their own. The international policy leadership role once held by the United States has been abrogated by America’s failure to lead. 

In the absence of national oversight and leadership of the borderless digital marketplace, American companies are forced to conform to rules made by other governments. Internationally, it is probably too much to expect that rules established for the protection of foreign marketplaces would not also happen to advantage foreign firms. Domestically, the homefield efficiency advantage of a uniform market of 325 million consumers is Balkanized by different rules in different states. The policies of the DPA would allow the United States government to reassume the mantle it has traditionally asserted regarding the oversight of new technologies.

Conclusion: The time has come for leadership, both domestically and internationally. It has always been true that markets work best when capitalism operates within guardrails established to protect consumers and competition – and in the process protect capitalism itself.

It is also time to recognize that policy inaction in the digital era has trammeled the basic concepts embedded in common law—a duty of care and a duty to deal—that have served society and economic activity well for centuries and warrant revival. 

As the industrial era of the 19th and 20th centuries evolved, the American government did as well, adding new authorities and agencies to oversee industrial expansion. Since the Second World War, however, government has been content to continue such regulatory structures and concepts, even as they became outdated. As 21st century economic activity evolves to leave behind the practices of the industrial era, so must the American government also evolve to reflect the realities of the digital era.

This begins with the establishment of a new Digital Platform Agency with the responsibility to protect consumers and competition in the digital marketplace. Effectively accomplishing this in the new fast-paced digital environment means revising the cumbersome, top-down rule-making process that has been in place since the industrial era. In its place should be a new, agile structure built on risk management, market outcomes and common law principles that blends DPA-initiated actions with the creation of enforceable, cooperatively developed behavioral codes. 


Ultimately, one must ask why in a time of national upheaval it makes sense to invest political capital in the regulation of digital platforms. The answer is that digital technology has become critical to address many of the challenges our nation faces.

A solid and expanding middle-class economy requires opportunity to be spread out rather than concentrated in the hands of a few. The innovation required to create such an expanding economy requires competition. For the dominant digital companies, however, such competition is an anathema. Only the government can open up the marketplace to embrace competition.

The dominant digital platforms have and will continue to oppose the imposition of competition in the digital market. Such opposition must be seen for what it is: opposition to the creative dynamism that produces economic growth and good jobs. Today, those benefits principally flow to those that dominate the digital market, their investors, and their executives. The dominant companies that grew out of dorm rooms and garages today choke off the ability of new innovators to do the same thing.

Thus far in the digital era, the dominant companies have been able to build their position free of government oversight. In the process they have ignored the basic common law-derived principles that have worked for centuries and that allowed industrial capitalism to flourish. What is proposed herein is conceptually nothing new: the application of common law-derived duties to the digital market. What is new is the fresh approach to oversight of such responsibilities.

In their opposition to such responsibilities, the dominant companies argue that only they have the intellectual heft and economic resources to drive American innovation forward. Such assertions overlook not only their history as former startups but also their ongoing fiduciary responsibility to investors to focus their innovative activities for corporate benefit.

Opposition to government oversight is also often cloaked in the economic competition with China. “China doesn’t regulate their companies” becomes a rationale to justify market dominance over innovative dynamism. If the United States is to out-innovate China, it will be necessary for a thousand competitive flowers to bloom rather than relying on the output of a handful of walled-garden companies.

The recommendations of this paper, therefore, are timely and relevant, even in a period of national upheaval. At their core, these proposals are not new; they are the continued embrace of the all-American concept of competition through the time-tested application of basic common law-derived duties.


Our first national competition law, the Sherman Act, was written in 1890 in the era of “trusts,” financial constructions that gave control over multiple state-chartered companies to a common entity. Twenty-four years later it was updated with the Clayton Act to establish a national policy to protect against a broader definition of restricted competition.

The antitrust laws were created to protect competition in an industrial environment. The application of these statutes to the digital environment has been impeded not only by the challenge of applying industrial concepts to a digital reality but also by the evolution in jurisprudence over the last forty years.

Today’s implementation of competition policy began in the 1970s with the broad adoption by courts and prosecutors of the so-called Chicago School’s assertion that most competition-related government interventions in the economy were counterproductive.[9] The only true measure of a company’s market power, according to the strong version of the theory, is the effect on consumers as measured principally by prices. In the intervening decades this version of the “consumer welfare test” has become a conservative litmus test for judicial appointments and a guiding light of antitrust policy. It appears to have a majority of the United States Supreme Court as adherents.

The 2018 decision in Ohio v. American Express Co. is both the first time the Supreme Court has addressed an antitrust claim involving a two-sided platform and an instance of the Court majority’s non-interventionist priors. The decision has, at least, increased the complexity of antitrust enforcement involving digital platforms. But without regard to its intrinsic merits, it illustrates one thing beyond any serious dispute: A process that began with a government complaint in October 2010 and not ultimately resolved until June 2018 is insufficient to deal with today’s digital platforms. Something more will be required.

Such a “something” begins with the recognition of certain digital platforms (or certain components of them) as essential facilities. As common experience and multiple studies have illustrated, however, these essential services do not confront effective competition and are unlikely to do so in the future. The consequences are significant.[10] The introduction of competition in the case of targeted advertising, for instance, would have as predictable consequences that advertisers would pay less, publishers would receive more, and consumers would see an improvement in the quality and quantity of services available online.

While an important tool in the toolbox, it must be realized that antitrust remedies are blunt instruments. They are, for instance, an ex post response to a problem rather than an ex ante policy that would discourage such difficulties in the first place. Furthermore, antitrust enforcement is inherently uncertain and reliably lengthy, a period in which the targets continue their anticompetitive behavior. By the time of even successful conclusions, rapid tech changes often have redefined the relevance of the initial complaint (See US v. Microsoft).

There is also a substantial question of whether courts rather than specialized regulatory agencies are best equipped to deal with the issues raised by the digital platforms. Professor Weiser cites Judge Easterbrook for the proposition that“courts are inherently ill-suitedfor such a role both because they lack the ability to gather, and the expertise to process, the necessary information.”[11]

Conclusion: Antitrust is an important tool but cannot be relied upon as the only tool. There must be realistic expectations as to what the tool can accomplish. There also must be a regulatory partner to the judicial remedy of antitrust.

For a discussion of the evolution of antitrust law and its applicability to the current situation see Appendix One


Competitive goals—as well as consumer well-being—can be protected and promoted via regulation. In contrast to antitrust, regulatory policy can be broad-based and ex ante as opposed to case-specific and awaiting harm. As the U.K.’s expert antitrust agency, the Competition & Markets Authority (CMA) recently concluded in its “Online platforms and digital advertising” Market Study final report:

  • “The evidence set out in this market study shows there is an urgent need to develop a new pro-competition regulatory regime for online platforms. The CMA’s existing powers are not sufficient to protect competition given the fast-moving, complex nature of the markets we have reviewed, and the wide-ranging, self-reinforcing problems we have identified within them.
  • “We are calling on government to create a new pro-competition regulatory regime with strong ex ante rules which can be enforced rapidly and updated as required.”[12]

Such reasoning applies equally to the U.S. policy environment.

The creation of a new independent federal regulatory agency—the Digital Platform Agency (DPA)—would recognize the inherent limitations of trying to shoehorn digital realities into an agency created for the oversight of industrial activities. The existing regulatory agencies are populated by good and responsible individuals, but these institutions bring with them decades of operational and jurisprudential precedent that inhibits the ability to address the dynamics of the new digital marketplace. Congress must establish a new set of expectations for behavior in the digital marketplace and those expectations should be overseen by a new digital agency.

Common Law Principles: The challenge in the digital era is how to protect consumers and promote competition without micromanaging a fast-paced and dynamic process of innovation. The solution is to focus on managing an unwanted outcome of an activity rather than dictating how that activity should be performed.

The demands of digital dynamism should be overseen with a new and more flexible regulatory approach. That approach can be found in the wisdom of common law concepts that have evolved since the Middle Ages. Congress should adopt these long-standing principles—particularly the duty of care and the duty to deal—in legislation establishing the DPA.

The duty of care establishes the expectation that the provider of goods or services has the responsibility to attempt to identify and mitigate the adverse consequences of that activity. The evolving concepts of negligence and tort—encompassing more activity over time—for instance, find their roots in the duty of care. Who is responsible for minimizing losses and who is responsible for compensating for them when they occur?

The duty of care is applied in other activities of the federal government. For instance, auto safety regulation assumes a duty of care that goes back to the early 20th century and the birth of the automobile. A duty of care for automobiles can trace its roots to a time when the wheels on the car were wooden at the dawn of the automobile age. In the 1916 case MacPherson v. Buick Motor Co., Court of Appeals Judge Benjamin Cardozo applied the duty of care to the auto manufacturer even though the faulty part (here a wooden wheel) was made by a third party. “[T[he manufacturer. . . is under a duty to make it carefully. . . If he is negligent, where danger is to be foreseen, a liability will follow.”[13]

The duty to deal establishes that the provider of an essential service has a duty to provide impartial access to that activity. As a consequence of the Black Death in some analyses and continuing thereafter, common law developments reflected economic circumstances in determining that commercial activities enjoying a “virtual monopoly” have special responsibilities. This meant that the operator of a ferry across a river had a duty to deal with all those who wanted to use his service, or the owner of a tavern had a duty to deal with hungry travelers.[14] 

The duty to deal also finds modern enforcement in the federal government. As far back as the Pacific Telegraph Act of 1860, the law provided, “That messages received from any individual, company, or corporation, or from any telegraph lines connecting. . . shall be impartially transmitted in the order of their reception.”[15] The provision “received from any” recognizes the inherent duty to deal, while the remainder of the provision codifies that it is a non-discriminatory right of access. Such concepts were subsequently extended to the telegraph’s successor: the telephone.

Light-Touch Practices: In the industrial era regulatory oversight was not only through the application of duty of care expectations, but also through top-down, bureaucratic, and rules-based policies that often relied on prior-approval mechanisms and the ability to prescribe technical and quality standards. While the duty of care’s responsibility to proactively identify and mitigate potential harms is as valid today as it ever was, its implementation through so-called “utility regulation,” which relied in part on prior approval mechanisms, is inappropriate for the application of fast-moving digital technology. In its place, a new agile regulatory model should be adopted. This new light-touch oversight would be built around government-industry cooperation in the development of mechanisms to efficiently pursue pro-competition and pro-consumer goals.

Non-Duplication: The DPA should not duplicate the activities of sector-specific federal agencies and the authority granted them by Congress. The Federal Trade Commission (FTC), for instance, would retain its traditional antitrust and deceptive practices enforcement responsibility. The authority of the DPA would fill the void created by encumbrances on the FTC’s authority.[16] As Thomas McCraw explained in Prophets of Regulation, “the most important single consideration is the appropriateness of the regulatory strategy to the industry involved.”[17] The “industry involved” with the DPA will be the consumer-facing digital activities of companies with significant strategic market status.

Protecting Competition: To protect competition, the new agency’s activities should embrace the common law duty to deal. For centuries, that duty has stipulated that dominant firms controlling essential assets or services should make them available on a non-discriminatory basis. The ability of dominant digital companies to exploit bottlenecks to competition and to control the pace and scope of innovation through their control of data assets is an invitation to monopolization and other abusive practices.

Supporting Antitrust Authorities: To support existing antitrust review the DPA should be designated as the expert agency in digital market activities. As such, the DPA’s expertise should become an intrinsic part of investigations, merger reviews, and enforcement of remedies of digital companies undertaken by the Department of Justice (DOJ) and Federal Trade Commission (FTC).

Not Burdening Small Companies: The DPA should exercise its authority in a targeted manner. It is frequently argued (especially by the big companies) that “regulation hurts small companies.” The activities of the DPA, thus, should pay principal attention to market-dominant companies with power, not only over markets, but also with the power to rewrite norms with practices that benefit themselves to the detriment of smaller companies.

One of the purposes of such regulatory oversight is to enjoy the benefits of competition-driven innovation. As such, the DPA’s focus should be upon companies that are systematically important by virtue of their economic or societal significance. The DPA should, as a matter of overarching policy, avoid imposing burdensome regulation where competitive alternatives are available or on small companies without significant market impact.

Consumer Privacy: At the root of the digital platform economy is the corporate appropriation and usage of consumers’ personal information for profit. Privacy protection through consumer “consent” places the burden on the backs of the exploited; in its place should be “conduct” practices built around the common law concept of the duty of care. It is recognized that Congress is currently considering privacy legislation which may impact the final resolution of the scope of the DPA’s authority.

Conclusion: The behavioral differences between traditional industries with relatively stable technology and new digital businesses with rapidly evolving capabilities demand a new approach to public oversight. Attempts to repurpose existing federal agencies perpetuates old procedures, practices and precedents developed for the realities of a different era. The solution must be more than attempting to clone industrial era regulatory tools to meet digital era needs.

For a discussion of the scope of responsibility for the DPA, see Appendix Two


As industrial factories replaced the small-scale production that previously defined economic activity it brought with it the need to develop management practices to oversee production at scope and scale. Industrial corporations turned to the only other large-scale enterprise, the U.S. Army, and hired West Point trained managers to run operations. The result was that 19th-century corporate management became a rules-based hierarchy.

The regulatory agencies developed during the industrial era adopted the management techniques of the companies they were built to oversee. Rule-based bureaucracies today remain the primary structure of the American government’s approach to regulation.

Digital companies, in contrast, have abandoned rules-based management hierarchies in favor of agile management that utilizes the distributed capabilities of the network. Industrial production is a linear process—think: factory assembly line—where incremental activities are added in series to ultimately produce a finished product. Digital activity, in contrast, produces “never complete” products that evolve as technology and the market evolve. We only have to look at the software updates to our smartphones and computers to see such agile activity in action.

The challenge for 21st-century policymakers is to embrace agile regulation practices just as the companies have embraced agile management practices.

Why Not Bolt On Authority to an Existing Agency?: Every institution has its cultural commitments. Old agencies (even if their statutes are updated) are saddled with legacy precedents as “muscle memory.” Thoughts, procedures and judicial decisions developed in a different time with different demands control thinking from the halls of the agency, to the halls of Congress, and to the corridors of corporate headquarters and law firms.

The DPA should have a “digital DNA.” Existing agencies, as a result of their statute, staff, tradition and jurisprudence are infused with an inherently analog DNA. This is not a criticism of the dedicated individuals involved, but the simple reality is that their professional lives – let alone their personal lives – have been shaped by assumptions and practices that digital technology has pushed aside. 

Such “digital DNA” includes commissioners and staff with specialized technological experience and capabilities. Creation of such specialized agencies has rich historical precedent. In the early life of the oversight of communications networks, for instance, Congress initially appended authority to the Interstate Commerce Commission. However, it was only a short time before Congress recognized that the technology required unique skills, and thus the Federal Communications Commission was borne. Similar circumstances have resulted in the creation of specialized skill agencies as diverse as the Nuclear Regulatory Commission and the Commodity and Futures Trading Commission.

“Digital DNA” also means that in establishing oversight of the internet platforms it is insufficient to repurpose statutory expectations established in the industrial era, Digital market activities require marketplace expectations built around digital technology and its capabilities. Congress should, therefore, establish common law-derived digital market expectations rather than attempt to repurpose statutory expectations established long before the arrival of digital technology. 

In the ongoing exercise of their existing responsibilities, current federal agencies are already stretched thin. To expect an agency such as the FTC—already enforcing antitrust, deceptive practices and other statutes—to add oversight of digital platform activities to its portfolio would defocus the agency from its essential tasks. The importance of the FTC’s antitrust activities cannot be underestimated, especially in the post-COVID era where competition will be fighting not to become a COVID casualty.[18] The responsibilities of FTC, for instance, over both antitrust enforcement (including digital company mergers) along with oversight of traditional industrial activities as diverse as product labeling, advertising representations, funeral home practices, and robocalls should not be further diluted.

Rather than bolt on to and dilute an existing agency’s responsibilities, it is preferable to start with a clean regulatory slate and specifically established congressional expectations.

Regulatory Agility: The concept of agile regulatory responsibility is contrary to the bureaucratic culture that has developed over decades of industrial regulation. In the digital era, Congress should establish the broad parameters of acceptable behavior and empower the DPA to apply those concepts in the ever-evolving digital environment.  

Companies often complain the current regulatory model is too rigid for the rapid-paced change of digital technology and thus thwarts innovation and investment. This is the basis of the “permissionless innovation” mantra that has held government involvement at bay for so long. Although it is debatable whether regulation imposes “permission” to innovate, the argument that the existing industrial era hierarchical rules-based regulation is inflexible has validity.

Yet attempts at agile regulation built on the application of general conduct concepts have also been opposed by the digital companies. Despite its successful use in corporate management, such circumstances-based agility suddenly becomes “regulatory uncertainty” when adopted by government.

The arguments against rules-based regulation as “too rigid” and agile regulation as “uncertain” deliver a common result: no regulation. The era of “we make our own rules” must come to a close through the application of agile government oversight.

A New Cooperative Industry-Government Regulatory Model: The new agency must eschew the old top-down and rigid regulatory model in favor of a new, more flexible structure that involves the digital companies in the cooperative development of policies.

At the heart of this new regulatory model is a Code Council composed of industry and public representatives possessing demonstrated expertise. The role of the Code Council is to implement the behavioral principles of the statute through codes of conduct. The role of the DPA thus becomes that of a supervisor of code development and enforcer of the results of a joint public-private effort to establish behavioral codes that carry out the purposes of the statute.

While not an exact analog, the Code Council concept finds precedent in industry-developed, yet governmentally enforced practices for fire codes and building codes. Similarly, the DPA has attributes such as those found in the government-authorized, but non-governmental Financial Industry Regulatory Agency (FINRA) that oversees the operation of brokerage firms and exchange markets. The decisions of FINRA are supervised by the Securities and Exchange Commission (SEC) which acts as the ultimate regulator. Similarly, the decisions of the Code Council would be supervised by the DPA.

The Code Council of the Digital Platform Agency would, on its own motion, public petition, or at the request of the DPA, act through a multi-step process to develop and recommend a code of specific practices to the DPA.

The Makeup of the DPA: The new agency will be composed of three presidentially appointed, Senate-confirmed commissioners, one of whom will be Chairman with the powers of the chief executive officer of the agency. The Commissioners should have staggered five-year terms and no more than two commissioners may be members of the same political party.

It is essential that the commissioners and staff of the DPA have digital DNA. Not only does this mean hiring computer scientists but also appointing commissioners with demonstrated expertise in the management of the digital environment. The prevailing practice of appointing former congressional staffers to commissioner posts should be avoided absent the appointee having digital experience beyond Congress.

Use of Machine Intelligence: The DPA cannot be expected to oversee the tsunami of data-driven activity of the digital platforms only through human inspection. The digital economy is algorithm-driven and increasingly reliant on artificial intelligence. To try and keep pace with this algorithmic activity without utilizing similar tools would be to condemn the new agency to viewing the digital marketplace through a straw.

Conclusion: A new agile approach to regulatory oversight is required to deal with the fast-paced nature of digital technology and its marketplace impact. In broad terms, such an approach should be built around the common law-derived principles of duty of care and duty to deal and oriented towards risk management rather than micromanagement. To accomplish this, the Digital Platform Agency should identify risks to consumers and competition and respond through the initiation and approval of cooperatively developed and enforceable behavioral codes, accompanied by enforcement authority. Where such cooperative activity does not produce results acceptable to the DPA, the agency will act on its own.

For a discussion of the workings of the DPA, including the Code Council, see Appendix Three

As the authors have emphasized, the digital economy is one of rapid and constant change. This paper proposes a form of agile regulatory oversight to protect consumers and competition that reflects such rapid change.

In the digital world products are released and then modified/improved based on technical and market developments. This report should be no different. The authors have intentionally discussed concepts as opposed to specific statutory language. Not only do we anticipate new technology, but also new studies and analyses, as well as new governmental actions. Such events may add to the knowledge and/or change the politics of this discussion. Undoubtedly, this paper, as an agile document itself, will be informed by these developments

About the Authors

Tom Wheeler is a businessman, author, and was the 31st Chairman of the Federal Communications Commission (FCC) from 2013 to 2017. He is presently a Senior Fellow at the Shorenstein Center at Harvard Kennedy School and a Visiting Fellow at the Brookings Institution.

Phil Verveer’s legal career included government service and private practice. He is the former Deputy Assistant Secretary of State for International Communications and Information Policy and Senior Counsellor to the Chairman of the FCC and was the Justice Department’s the first lead counsel on United States v. AT&T which resulted in the breakup of AT&T. He is presently a Senior Fellow at the Shorenstein Center at Harvard Kennedy School.

Gene Kimmelman is one of the nation’s leading consumer protection advocates. With a career that has extends from the Antitrust Subcommittee of the United States Senate to the Antitrust Division of the Department of Justice, and public advocacy groups such as Consumers Union and Public Knowledge. He is presently a Senior Fellow at the Shorenstein Center at Harvard Kennedy School.


This project began under the leadership of Nicco Mele at the Harvard Kennedy School Shorenstein Center. When he left, it was been pushed forward and strongly supported by the new Director of the Shorenstein Center, Nancy Gibbs. Setti Warren provided invaluable support and guidance.

The John S. and James L. Knight Foundation provided financial support to the Shorenstein Center in behalf of this project.

The collaboration of our colleague Dipayan Ghosh was critical from the start of this project. His excellent book, Terms of Disservice” (Brookings, 2020) is an effective predicate to the conclusions of this paper.

The authors benefitted greatly from the comments and insights of Jason Furman, Tim Massad, Philip Marsden, Amelia Fletcher, Imran Gulamhuseinwala, Andrea Coscelli, Alex Petros, Will Jennings, and Kathleen Burke. Thank you also to Eva Weber for preparing this document for publication.

[1] Techlash? America’s Growing Concern with Major Technology Companies, John S. and James L. Knight Foundation and Gallup, Inc. (2020),

[2] Digital Transformation Is Racing Ahead and No Industry Is Immune, Harv. Bus. Rev. (Jul. 19, 2017),

[3] List of public corporations by market capitalization, Wikipedia (n.d.),

[4] Marco Iansiti and Karim R. Lakhani, Competing in the Age of AI, Harv. Bus. Rev.(Jan–Feb. 2020),

[5] Azeem Ahzar, The real reason tech companies want regulation, Exponential View (Jan. 26, 2020),

[6] Dr Hamadoun I. Touré, Pathway to a Connected World, (speech, Geneva, Switzerland, Oct. 25, 2011), ITU Telecom World 2011,

[7] Jeff Desjardins, Timeline: The March to a Billion Users [Chart], Visual Capitalist (Feb. 26, 2016),

[8] See Tom Wheeler, Digital competition with China starts with competition at home, Brookings Institution (Apr. 2020),

[9] See Robert H. Bork, The Antitrust Paradox, Basic Books, (1st ed. 1978)

[10]  George J. Stigler Center for the Study of the Economy and the State, The University of Chicago Booth School of Business Committee for the Study of Digital Platforms, Market Structure and Antitrust Subcommittee Report 21 (Jul. 1, 2019) (“Stigler Antitrust Report”):

The United Kingdom, the European Commission, Australia, and Germany have all published reports concluding that digital platforms’ market power has indeed become entrenched. Surmounting the existing barriers to entry created by consumer behavior, cost structure, public policy, and any past anticompetitive conduct is extremely difficult. This fact has direct effects on consumers: without entry or the credible threat of entry, digital platforms need not work hard to serve consumers because they do not risk losing their consumers to a rival. (footnote omitted, emphasis in original).

[11]   Philip Weiser, The Relationship of Antitrust and Regulation in a Deregulatory Era, 50 Antitrust Bull. 549, 559-60 (2005), citing Frank H. Easterbrook, Cyberspace Versus Property Law?, 4 Tex. Rev. L. & Pol. 103, 108–10 (1999).

[12] United Kingdom Competition and Markets Authority, Online Platforms and Digital Advertising, (2020) (“CMA Final Report”), at 322.

[13] MacPherson v. Buick Motor Co., 217 N.Y. 382, 111 N.E. 1050 (1916).

[14] Bruce Wyman, The Law of the Public Callings as a Solution of the Trust Problem, 17 Harv. L. Rev. 156 (1904); Norman F. Arterburn, The Origin and First Test of Public Callings, 75 U. Penn. L. Rev. 411 (1927). This, of course, is not a unanimous view among those who have studied the development of the duty to serve. See, e. g., Charles M. Burdick, The Origin of the Peculiar Duties of Public Service Companies, 11 Colum. L. Rev. 514 (1911).

[15] Pacific Telegraph Act of 1860, An Act to Facilitate Communication between the Atlantic and Pacific States by Electric Telegraph, Ch. 137, U.S. Stat., 36th Cong., 1st Sess. (Jun. 16, 1860),

[16] See Federal Trade Commission Improvements Act of 1980, Pub. L. 96- 252, 94 Stat. 374, codified in part at 15 USC 57a(h); Federal Trade Commission, Commission Statement of Policy on the Scope of the Consumer Unfairness Jurisdiction (Dec. 17, 1980), reprinted in Int’l Harvester Co., 104 FTC 949, 1070 (1984); Terrell McSweeny, Psychographics, Predictive Analytics, Artificial Intelligence, & Bots: Is the FTC Keeping Pace?, 2 Geo. L. Tech. Rev. 514 (2018).

[17] Thomas K. McCraw, Prophets of Regulation, 306, Harvard University Press (1984).

[18] Nancy L. Rose, Will Competition Be Another COVID-19 Casualty?,The Hamilton Project (Jul. 16, 2020),