It was touted as “the most important election you’ve never heard of” and a vote that could “change the course of Internet history.”
The recent high-profile election of the Secretary-General of the International Telecommunication Union (ITU) pitted American candidate Doreen Bogdan-Martin against her Russian counterpart, Rashid Ismailov, in a race reminiscent of the Cold War era’s ideological battles over freedom and control.
Ultimately, the White House strategy of ramping up engagement with the international community on Internet governance paid off. When coupled with the growing isolation faced by Russia due to its invasion of Ukraine, it led Bogdan-Martin to win a sweeping majority (139 out of 193 votes).
The key issue underpinning the election was whether the Internet should be regulated by an intergovernmental body like the ITU, which typically sets technical standards and allocations for telecoms (think radio, phones, TV, etc.).
There was deep concern that regulators, emboldened by an expanded ITU mandate, could draw lines on the map of the Internet, leading it to become a more fragmented, domestically-controlled group of networks, colloquially termed the “splinternet.”
Indeed, China has tried to garner international support within the ITU for proposals that could yield such an outcome without success. With the election result putting such fears at bay, we may be tempted to breathe a sigh of relief. But there’s another often-overlooked threat that doesn’t need intergovernmental support—and comes from the regulatory playbook of many democratic countries: extraterritoriality.
Extraterritoriality—the ability of domestic rules to apply outside a country’s borders—is a natural consequence of two things. First, where governments cannot control the infrastructural layer of the Internet (for example, through forums like the ITU), they turn to the application layer and instead regulate Internet content and services that have some degree of local impact.
Second, because of growing consolidation within the tech industry and its inherently global reach, regulators have a clearer target to impose such rules on the platforms we increasingly depend on.
Giving such unbridled power solely to governments threatens the Internet’s very founding principles of universality and interoperability, currently driven by multi-stakeholder governance. Enabling authoritarian states to unilaterally eschew those principles in favor of other objectives, such as information control and national security, can also massively undermine our collective digital rights—even for users not directly bound by them.
This legal tool has already been used, albeit in a more positive light. For example, the European Union (EU)’s General Data Protection Regulation applies to any company that processes the personal data of EU residents, regardless of where they’re based, which could be seen as having the secondary effect of raising the standard of privacy for all Internet users. Courts have also approved global content takedown orders in Canada (for intellectual property violations) and the EU (for defamation cases).
The unintended consequence of nations haphazardly introducing rules is that we may see a growing trend of “reverse regulatory arbitrage,” where companies begin adopting the strictest local rules. Given the worrying introduction of “hostage-taking” laws and online safety rules by numerous governments on social media platforms, the risk of these controls stifling free expression and content availability on the Internet is greater than ever.
To prevent this, we need a concerted international effort to address extraterritoriality through an agreed game plan for when this tool may be proportionate and necessary (for example, on child exploitation content). Without it, the Internet’s legislative cartographers will continue coloring outside the lines.