Contents

Regulation

Policy actions sorted A-Z.

Allow digital signatures

Digital signatures are recognised with legal equivalence to “wet signatures” so that people can transact digitally.

Examples

Related policy actions: Legislation, Regulation, User experience

Link to this policy action

Allow organisations representing consumers to make ‘super complaints’

Recognised organisations are able to raise fast-tracked complaints to digital regulators, so consumer organisations can act quickly on behalf of consumers in important cases.

Examples

Commentary

Definitions

Related policy actions: Consumer rights organisations, Redress, Regulation

Link to this policy action

Allow organisations representing consumers to take class actions

Recognised organisations can represent groups of consumers and take action against companies that sell defective goods or services. This enables legal action by people who may not be able to do so on their own, and increases the weight of an action.

Examples

Commentary

Definitions

Related policy actions: Consumer rights organisations, Redress, Regulation

Link to this policy action

Clearer communication of terms and conditions

Organisations should set standards, or regulators should enforce standards, on the communication of terms and conditions to users. This would improve users understanding the contract they enter with a digital service.

Examples

Risks

Related policy actions: Design, Education and awareness, Regulation, Standards, Transparency, User experience

Link to this policy action

Create a regulatory framework for code

Suitably capable regulators are able to inspect, audit and test the code/algorithms of high impact products and services to ensure fairness and safety.

Examples

Commentary

Definitions

Related policy actions: Algorithms, Regulation, Transparency

Link to this policy action

Create a strong data protection organisation

A data protection organisation, which understands current risks and capabilities, exists to protect people’s information rights.

Examples

Commentary

Related policy actions: Data protection, Personal data, Regulation

Link to this policy action

Create building regulations that support installation of broadband infrastructure

Enforce conditions to building planning permissions that require builders to integrate broadband-capable wiring into buildings.

Examples

Commentary

Related policy actions: Broadband, Infrastructure, Regulation

Link to this policy action

Create safeguards for automated decision making

Laws should allow consumers to understand, review and prevent automated decisions made about them, in order to improve the accountability of these processes.

Examples

Commentary

Definitions

Related policy actions: Algorithms, Regulation, Transparency

Link to this policy action

Enable people to move their data between services

People have the right to port their data between service providers so that they have genuine choice of providers. This is distinct from “enable people to access data held about them in an agreed format” as the particular data about a consumer isn’t readily accessible to them, but a transfer between services can be made.

Examples

Commentary

Definitions

Related policy actions: Choice and competition, Markets, Personal data, Redress, Regulation, User experience

Link to this policy action

Enable people to request and correct data held about them

People have the right to find and request access to data held about them by data controllers so that they can understand what is held about them, by whom and correct errors.

Examples

Commentary

Related policy actions: Data protection, Personal data, Regulation, Transparency

Link to this policy action

Enable people to view access history of data held about them

People can access a history of who has viewed data held about them, so they can understand what is happening to their data and spot fraud and misuse.

Examples

Commentary

Related policy actions: Data protection, Fraud, Personal data, Redress, Regulation, Security, Transparency

Link to this policy action

Establish a competition framework that can address digital monopolies

Competition authorities can act to address the issues created by digital monopolies. This prevents services from having a stronghold on a certain sector, for example Uber in public transportation, and allows emerging services an ability to compete in the market.

Examples

Commentary

Related policy actions: Choice and competition, Markets, New business models, Regulation

Link to this policy action

Establish digital personhood

Establish the legal concept of “digital personhood” so that rights afforded to people in the physical world are made applicable on digital platforms.

Examples

Commentary

Related policy actions: Fair and clear ownership, Legislation, Personal data, Regulation

Link to this policy action

Fair use of digital content

Create or update legislation around the fair use of copyrighted material. This should extend the personal use rights of consumers to apply to digital content. A lot of current copyright law around content is based on physical media; someone who purchases a DVD can lend it to another person. This concept of ownership is less clear with digital content.

Examples

Commentary

Definitions

Related policy actions: Access, Choice and competition, Copyright, Fair and clear ownership, Regulation, Reuse

Link to this policy action

Give people the right to opt out of communications

People are able to permanently opt-out of communications.

Examples

Related policy actions: Communications, Redress, Regulation

Link to this policy action

Give people the right to opt out of tracking

People are able to opt-out permanently of tracking, both digitally and physically, to prevent their activity being monitored by invasive service providers, such as advertisers.

Examples

Commentary

Related policy actions: Communications, Privacy, Redress, Regulation

Link to this policy action

Grant a right to return, repair or replacement of digital products and services

People have a right to return, repair or replace faulty digital products.

Examples

Commentary

Related policy actions: Fair and clear ownership, Regulation

Link to this policy action

Guarantee net neutrality

Internet service providers are legally forbidden from prioritising data transfer by a certain digital service to ensure consumers have equal access to all services on any connection plan.

Examples

Commentary

Definitions

Related policy actions: Access, Choice and competition, Infrastructure, Markets, Regulation

Link to this policy action

Guarantee the right to internet access

People have access to the internet as a basic right to enable them access to the wider consumer market.

Examples

Commentary

Related policy actions: Access, Markets, Regulation

Link to this policy action

Introduce an agile regulatory framework

Regulatory bodies must review, improve and test their rules and practices on an extremely regular basis, identifying and evaluating approaches in short cycles.

Examples

Commentary

Definitions

Related policy actions: Regulation

Link to this policy action

Maintain a register of data controllers

The national data regulator maintains a searchable database of data controllers so consumers can find their point of contact and easily retrieve their data policies.

Examples

Commentary

Related policy actions: Infrastructure, Open data, Personal data, Regulation

Link to this policy action

Provide a legal framework for online dispute resolution

Create a means for a consumer to easily resolve a consumer dispute without having to resort to court action. This ensures the consumer is treated fairly in online transactions and avoids the resource intensive process of going to court.

Examples

Commentary

Related policy actions: Education and awareness, Legislation, Markets, Redress, Regulation

Link to this policy action

Provide for the right to be forgotten

Legislation that allows private individuals to request a data controller removes outdated or inaccurate information that might cause personal distress.

Examples

Commentary

Related policy actions: Personal data, Privacy, Regulation

Link to this policy action

Regulate Internet of Things devices

Regulators should be able to compel manufacturers to follow standards for privacy and security when designing Internet of Things (IoT) devices, in a similar way that regulators mandate that electrical safety standards are followed. This is important for consumers, because IoT devices collect so much data about a person and their surroundings and privacy considerations are poor at present.

Examples

Commentary

Definitions

Related policy actions: Infrastructure, Privacy, Regulation, Security

Link to this policy action

Require the reporting of data breaches

Data controllers are compelled to publicly report data breaches so that the public know it has occurred and can take action where possible and to incentivise data controllers to maintain secure data handling practices.

Examples

Commentary

Definitions

Related policy actions: Data protection, Disclosure, Personal data, Privacy, Regulation, Security, Transparency

Link to this policy action

Require the use of multi-factor authentication

The law requires the use of strong customer authentication for certain kinds of service.

Examples

Commentary

Definitions

Related policy actions: Data protection, Personal data, Regulation, Security

Link to this policy action

Right to consumer privacy

Data controllers handle and protect personal data that is generated through consumer transactions to protect the privacy of consumers.

Examples

Commentary

Related policy actions: Access, Data protection, Education and awareness, Personal data, Privacy, Redress, Regulation

Link to this policy action

Set a minimum broadband speed

People expect a minimum broadband speed and may request compensation if the speed is not met. Countries may do this in several ways; including creating a minimum service obligation for a certain speed, or creating a legal definition of what services may be sold as broadband.

Examples

Commentary

Definitions

Related policy actions: Access, Broadband, Infrastructure, Regulation

Link to this policy action

Set accessibility requirements for digital services

Providers of digital services are legally bound to comply with design standards that allow people with accessibility needs to access digital services.

Examples

Commentary

Definitions

Related policy actions: Access, Regulation, User experience

Link to this policy action

Set punitive measures for data breaches

Laws and processes exist to prosecute data controllers in the event of a data breach. Punitive measures are intended to incentivise data controllers to better protect consumers data to avoid punishment.

Examples

Commentary

Related policy actions: Data protection, Personal data, Privacy, Regulation

Link to this policy action