Why Checks and Balances Must Come First

In my last post, I posed a question to readers: Do we need a global digital bill of rights? It was also the topic of a fascinating panel discussion I moderated at the CBA’s CLC in St. John’s last week. Perhaps predictably, there were no definitive conclusions, but there appeared to be agreement that as the World Wide Web celebrates its 25th anniversary, internet users of all stripes are struggling with a dilemma: If private internet companies are watching us, shouldn’t someone be watching them? Presumably the “someone” in question would be the government. But that’s an idea that doesn’t necessarily sit well with those who, with reason, feel they cannot trust the state to look after our best interests online.

What’s interesting about the idea of an online Magna Carta is that it would impose a “constitutional framework” on both public and private actors, unlike our Canadian Charter of Rights and Freedoms. In a recent post over at National, Léonid Sirota reminds us that there are in Canada precedents for a “bill of rights” that imposes constraints on both private actors and public entities. Among them are Québec’s Charter of Human Rights and Freedoms, Ontario’s Human Rights Code and the Canadian Human Rights Act, all of which apply to both public and private institutions (at least in some listed areas).

Even so, Sirota remains skeptical that a global digital bill of rights would be effective. He argues that attempts to codify our digital rights are doomed to fail – at least in the short term. Technology and the laws and regulations that govern our lives online evolve far too quickly, he writes. Imposing a “rigid” constitutional framework to protect our privacy rights would likely produce unintended (and presumably undesirable) consequences:

There is a limit to the ability of any designer to anticipate future needs and to frame a constitution that will suit them.

The applicability of this point to attempts to transplant the idea of constitutionalism generally, or of a bill of rights specifically, into the online world should be obvious. This world― the technology that defines its possibilities and their limits, and the social norms which emerge around these innovations―changes too fast for any designer to come up with a ready-made normative framework for regulating it. An attempt to impose a rigid framework on that world, which is the whole point of a bill of rights, is not likely to succeed. At best, it will be ineffectual. At worst, it will shackle innovation in the service of ideas unknown yesterday, controversial today, and perhaps bound to be obsolete tomorrow.

Fair point. I’m also prepared to recognize that our lawmakers – composed primarily of very middle-aged men with law or economics degrees – are probably not the ones best suited to anticipate the long-term advances of technology. On the other hand, is it really a prerequisite that they be able to peer with certainty into that future?

Sirota reminds us that the Framers of the U.S. Constitution got a few things wrong at first, before incorporating a bill of rights through multiple amendments. Only after a civil war and a century of Jim Crow laws did America manage to “resolve” some of those initial oversights.

But the Framers also got a few things right. It’s hard to argue against the fact that the U.S. Constitution took hold and has survived – albeit not in its original form – for well over 200 years.

Indeed, durable constitutions, imperfect as they may be, are generally built on sound first principles. Chief among them in the U.S. Constitution is the rule of law, but also the dispersion of federal power among the executive, the legislative and judicial branches. Central to the Framers’ belief in this separation of powers was their conviction that the Union needed a system of checks and balances.

I raise this point because among the questions Tim Berners-Lee poses in his call to action to develop a digital bill of rights for internet users worldwide is the following: “How can we build systems of checks and balances to hold the groups that can spy on the Net accountable to the public?”

And that really is the rub in this whole debate. Countries may or may not agree on what should go into a digital bill of rights – net neutrality, the right to be forgotten, the right to online privacy, transparency in data collection… There are several lists of rights out there being contemplated. But many of those rights – or some variation of them – already exist in some form or another under our current laws. Canada already has a Charter of Rights and Freedoms. Our provinces have human rights codes that are binding on private companies. We have privacy laws. Can we not simply enforce them online? And even if we must add to them, Sirota is probably right to suggest that each jurisdiction experiment first on its own, and borrow whatever has been properly tried and tested from others. Trial and error will win the day.

Brazil and Europe deserve some credit for taking the lead on that front, if only for having fueled discussion about the topic. But it’s also worth noting that to guarantee passage of its bill, Brazil’s government made an important concession by removing a provision requiring global internet companies to locally store data on their Brazilian users. There are many good reasons why Google lobbied hard against the stipulation (not least of which were security concerns), but one wonders how Brazilian authorities are going to effectively enforce the Marco Civil without exercising some level of control over the localization of data? Similarly, critics of the recent ECJ ruling on the right to be forgotten have a point when they say it will be difficult to implement globally.

Ultimately, any discussion surrounding a digital bill of rights always ends up being less about the rights themselves than how to strike the right balance of power among the internet’s various stakeholders – governments, private businesses and the users (who if left to their own devices in their push for an open internet, can also wreak havoc in matters of security and privacy). It all boils down to implementing a governance model in the public interest that ensures that no institution can become too powerful and is kept in check by the others. The rest will follow from there.


  1. David Collier-Brown

    I quite disagree with Mr Sirota: our problems are no more difficult than the ones faced by the Hanseatic League, who were a huge success in creating a set of norms, treaties and laws that were adopted by almost everyone between Londinium and the predecessor to St Petersburg.

    Good ides are recognized as good, and become principles. Bad ones get mentioned in history books, and then forgotten (;-)) As long as we don’t enshrine the bad ones, or amend them, we’re golden.

    And yes, I see checks and balances as being one of the really *good* ideas our American cousins codified.

  2. David Collier-Brown

    A caveat: I used to be in the business of doing formal specifications for things that were often safety-critical systems, although we didn’t always realize that.

    Some parts of the process always worked, and they had to do with universals and norms. Some parts really really didn’t, and they had to do with us trying to predict the future and failing miserably at it.

    In that era, I might have agreed with Mr Sirota, at least much of the time.

    I don’t do that any more: my current company does have universal principle, norms and “patterns”, but we reserve the right to amend everything else, and we strongly try to do the minimum, a bit like a court ruling narrowly in dangerous waters. (We’re “agile”)

    These days, I predict the future much less, and my life is much happier. If something is wrong, a (business) case will appear that guides me toward what the behavior should be, and I write that up, check it for safety and sanity against the universals, and then implement it.

    These days I almost always disagree with Mr Sirota. “The good will out”, and/or, “time wounds all heels”.


  3. David Collier-Brown

    And finally, to the question of balances, the more policy-oriented in the nerd world like multi-stakeholder models, in which identifiable groups with a stake in the outcome debate each other, aiming for loose agreement and working code.