Regulating ecosystems Part of the Business Trends series
As ecosystems enable more rapid, cross-cutting innovation, regulators are challenged to create policies and solutions that protect the public’s interests and are also dynamic enough to keep pace with innovation.
Ecosystems are dynamic and co-evolving communities of diverse actors who create new value through increasingly productive and sophisticated models of both collaboration and competition. Read more about our view of business ecosystems in the Introduction.
As ecosystems enable more rapid, cross-cutting innovation, regulators are challenged to create policies and solutions that protect the public’s interests and are also dynamic enough to keep pace with innovation.
Create and download a custom PDF of the Business Trends 2015 report.
In 2008, Travis Kalanick and Garrett Camp, the founders of Red Swoosh and StumbleUpon, respectively, were attending a European tech conference when inspiration for their next venture struck. Standing outside the venue, they couldn’t hail a cab. Why, they wondered, wasn’t it possible to serve the demand (of two millionaires) on a cold night with the excess supply they saw all around them—in the form of numerous, mostly empty cars going their way? The duo envisioned a solution, and soon after found themselves designing an algorithm to match ride-seekers with drivers willing to offer a lift. Uber, the ride-sharing service now available in over 200 cities across 50 countries, was born.1
The rise of the business was meteoric—a recent $1.2 billion round of financing valued Uber at over $40 billion,2 more than Avis and Hertz combined.3 And the pain was felt immediately by the medallion taxi companies and rental car services that were subject to the disruption. But Uber caused headaches for another group, as well: the regulators tasked with setting and enforcing the rules of business to protect the public’s interest. The new transportation solution wasn’t exactly a common carrier like a taxi service. Should it be treated as one under the law?
Similar confusion is spreading across the business landscape today, as once-clear industries dissolve into complex ecosystems full of unfamiliar entities and innovative offerings. Regulators, whose job has always been to protect the public from danger, exploitation, or insufficient competition in reasonably stable markets, now face another danger: that their own application of old rules to new realities might suppress innovations of tremendous potential value to the public. In a gathering trend, some are adopting new philosophies and tactics, and finding effective ways to strike the right balance.
What’s behind this trend?
Regulation of markets is always contentious to some degree, but in relatively slow-moving industries, the historical intent and enforcement of the rules can be understood well enough by all involved. Matters become less clear when the boundaries of traditional industries start to blur, when products blend with services to create customer-delighting solutions, and when knowledge assets take on as much importance as physical assets in the creation of value. Today, we are fast becoming an economy characterized by ecosystems—dynamic and co-evolving communities of diverse actors who create and capture new value through both collaboration and competition.
Take, for example, the health care industry. For many decades it connected familiar kinds of institutions, professionals, and patients. Today, it is being complicated by any number of innovations and newly connected nodes. Monitoring devices, for example, which were once present only in hospitals are now being made for consumer use. (A 15-year-old in New York just won a prestigious Scientific American Award for one designed to monitor Alzheimer's patients.)4 People who used to rely wholly on their physicians for information and guidance now rampantly access information online (like the 50 percent of all patients who google their symptoms before going to the doctor).5 A broad-based movement toward integrated “wellness” attracts resources and approaches associated with diet, exercise, and mental health into efforts to prevent and treat disease.
Constant, high-impact innovation is a prominent new feature in businesses that used to advance only incrementally—and it takes place at all levels. Some of today’s most popular products, like the smartphone and tablet, didn’t exist even eight years ago. Apple Inc. estimated in 2011 that over 60 percent of its revenue came from products that were less than three years old.6 Business models are being reinvented to take advantage of technological change, for example enabling peer-to-peer transactions, asset sharing, and social collaboration. And the nature of work itself is in flux. Sites like TaskRabbit allow anyone to outsource small jobs to people with extra time, and the “creative economy” continues to expand.7 By one reckoning, half of today’s jobs are in occupations that didn’t exist 25 years ago.8 Researchers at Oxford University estimate that up to 45 percent of American jobs are at a high risk of disappearing within the next two decades.9
In fast-changing environments like this, as the US Office of Management and Budget has observed, regulations “have enormous potential for both good and harm.” The challenge is to exercise due caution on behalf of the public while minimizing any “adverse effects on flexibility and innovation.”10 The case of Uber shows how tricky this balance is to achieve. As of January 2015, the company was engaged in no fewer than 40 concurrent regulatory conflicts around the world.11 Ordinary citizens may love having an alternative to taxis, but their governments aren’t giving the service a free ride.
We’ve been describing one major trend here—regulatory frameworks being challenged by a new world of ecosystems and constant innovation—but it’s useful to break that down into distinct components. There are at least four, beginning with the increasing pace of innovation.
Change comes faster
Effective regulation depends upon the regulators’ understanding of the solutions being offered by businesses, their efficacy, and their possible unintended consequences. But constant innovation makes that very hard. We often hear about the drag this lagging knowledge creates for innovators eager to bring new things to market. Take, for example, the Okanagan Specialty Fruits’ apples, which are genetically modified not to brown after being sliced. Regulatory approval by the USDA took nearly five years. The threat of such delays can scare off investors, even if inventors are willing to endure them. Morgan Reed, who heads a professional association for application developers, believes this problem is worst in the health care space. “It’s not as though there are no good ideas out there,” he says, “but health care is often where good ideas go to die.”12
While innovation has always challenged regulatory authorities, its influence on society has historically spread more gradually, giving regulators more time to learn and adapt.
Today, policymakers are also confronted with “big data,” the exponential expansion of digital information assets. The flood of data combined with ever-sharper analytics allow the discovery of previously unseen patterns and behaviors: Police agencies can predict when and where crime will happen, medical researchers can sift through health records to identify useful correlations, and businesses can personalize marketing to better engage consumers.13 But these advancements increasingly raise privacy concerns. When does personalization become too personal? When does routine data collection become surveillance? Traditional means of protecting privacy were not designed for an automated, digital world where much is seen and monitored without explicit consent. In the United States, there is no comprehensive set of laws regulating personal data.14 And at the same time, big data only gets bigger, and the observable patterns more detailed. The amount of data produced has grown such that 90 percent of the data that exists in the world today did not exist two years ago.15 Regulators are challenged to find the right balance between protecting individuals’ privacy while also releasing the transformative rewards big data offers.
While innovation has always challenged regulatory authorities, its influence on society has historically spread more gradually, giving regulators more time to learn and adapt. Today, startups are more quickly reaching significant scale and impact, in some cases serving millions of customers and employing thousands of people. Fortune’s February 2015 cover story “The age of unicorns” celebrates 83 startups whose pre-IPO valuations have reached $1 billion—formerly a rare if not “mythical” occurrence.16 The dilemma for regulators is clear: Find a way to strike a balance. Create policies and solutions that protect the public’s interests and are dynamic enough to keep pace with innovation.
Innovators find “back doors”
The word “hacking” once summoned up a vivid image of advancing through some dense jungle armed only with a machete. These days it usually refers to a computer programmer trying to break into a well-protected system. To Chris Dixon, a general partner at venture capital firm Andreessen Horowitz, it also applies to those entrepreneurs whose innovative ideas run smack into a thicket of dense regulations—and who then have to find especially clever ways to break through to their intended markets.17
As new players are not always well positioned to lobby policymakers, they sometimes instead look for legal “back doors” by which to let themselves in—at least long enough to prove the value of their innovation. For Dixon, Nextel in the late 1980s and early 1990s found smart, legal ways to succeed despite regulation that had forced a duopoly in every city. He also notes some more recent—and high-profile examples—including Uber. Positioning itself primarily as a technology business as opposed to a transportation provider, Uber has attempted to find legitimate ways around regulatory hurdles which have governed taxis and liveries for ages, including stringent controls over taxi medallions and the licensing fees dictating their ownership and transfer.18 Uber is a system that helps people access transportation, affordably, fast, and reliably. It is about making life easier for potentially millions of people, and regulation has to be rethought to ensure that it is consumer-safe and socially beneficial, rather than to preserve the status quo.
Once a successful backdoor innovation has been launched, pushback often begins when incumbents, sometimes powerful and entrenched, feel growing pressure on transaction volume, revenues, or both. Tax coffers have also sometimes felt the pinch; taxi licensing, for example, nets over $1 million per medallion in New York City alone.19
Similar dynamics are at play, for example, in the regulatory battles being waged over Airbnb—a highly-publicized, influential test case. New York State Attorney General Eric Schneiderman said of Airbnb: “We must ensure that, as online marketplaces revolutionize the way we live, laws designed to promote safety and quality of life are not forsaken under the pretext of innovation.”20
Ecosystems are full of unlike players
As ecosystems evolve and new and clever business models proliferate, the sheer diversity of competitors and competitive modes is yet another complicating factor for regulators. In a market-based economy, a major objective of regulation is preserving an even playing field for competitive businesses, and thus landmark pieces of regulation have included the Sherman Act of 1890, decisions like Standard Oil versus United States, and modern moves to limit the power of various tech giants.
Regulation has also traditionally attempted to prevent the “little guy” from being trampled by players of larger scale. But as industries consolidated over time, much of the competition they worked to preserve was the evenly matched tussle of titans, operating in essentially the same way at the same scale. In today’s business ecosystems, the players are not always so evenly matched—indeed, they are not always clearly competitors—and in some cases the traditional advantages of scale have been diminishing. Google executive Eric Schmidt has pointed out that the threat to technology giants is not just other giants—it is the next generation of innovators who will solve problems in fundamentally different ways, just as today’s giants did in their small beginnings. In a recent speech, he said that “. . .someone, somewhere in a garage is gunning for us. I know, because not long ago we were in that garage. Change comes from where you least expect it. . .The next Google won’t do what Google does.21
As in natural ecosystems, species of very different types and sizes compete for resources, and the question of who thrives comes down to complex interactions, not simple battles. Yet regulators must set the terms of engagement that will keep these non-comparable entities working in ways that benefit society.
Innovations cross lines of jurisdiction
In business ecosystems, the edges of things—including product definitions, market boundaries, the distinction between digital and physical goods—tend to blur. These blurring lines complicate one of the biggest questions that comes up in regulatory situations: Which agency or authority has jurisdiction? For example, who “owns” oversight of the new ecosystem created by an Uber or an Airbnb? Which federal agency owns the things of the Internet of Things? Are drones the domain of the FAA, local law enforcement, or neither? How should regulators address new mobility solutions like driverless cars or carsharing programs, and new currency paradigms like peer-to-peer lending or Bitcoin?
Broadly speaking, federal regulators were called into existence early on to protect the public from anti-competitive practices and poor working conditions within well-defined industries and markets; later agencies were created to ensure that resources were protected and products were safe. This led to discrete domains for each regulatory body. A factory’s worker safety was the domain of OSHA, its effluent the responsibility of the EPA, its trade practices overseen by the FTC, and so on.
As today’s innovators construct novel solutions, they often cross the boundaries of regulatory frameworks built for traditional domains, raising questions as to which framework has the capability or mandate to respond. Sometimes, in fact, the confusion arises because the lines of jurisdiction have been defined too tightly. The financial sector provides a vivid example. The 1930s saw a wave of new federal regulation of financial services. Separate rules and institutions were developed to deal with banks, saving and loan associations, and investment houses. At the time, that seemed to cover the sector admirably. But over the years, consumer financial products offered by entities outside these groups proliferated. The market for mobile payments, for example, is expected to be $142 billion by 2019, but is beyond the reach of any one federal regulator. According to the FDIC, “to date, no federal laws or regulations specifically govern mobile payments.”22
The chairman of the Federal Communications Commission, Tom Wheeler, had this to say in a 2014 speech to the American Enterprise Institute:
We cannot hope to keep up if we adopt a prescriptive regulatory approach. We must harness the dynamism and innovation of competitive markets to fulfill our policy and develop solutions. This new paradigm … needs to be more dynamic than rules, and—this is a key point—it needs to be more demonstrably effective than blindly trusting the market.23
Those few phrases capture a number of ways in which regulatory bodies might adjust their approaches to fit the new realities of business ecosystems. Those who serve their citizens best will take full advantage of an ecosystem’s self-regulating dynamics, increase their own agility, focus on ends rather than means, and emphasize regulatory interplay over primary jurisdiction.
Federal Trade Commissioner Maureen Ohlhausen has defined self-regulation simply as “any attempt by an industry to moderate its conduct with the intent of improving marketplace behavior for the ultimate benefit of consumers.”24 Examples include the Public Company Accounting Oversight Board, a private-sector, non-profit corporation created by the Sarbanes-Oxley Act of 2002 to oversee the auditors of public companies; the American Medical Association, a national organization of doctors which publishes the Code of Medical Ethics dictating professional conduct for practicing physicians; and the National Association of Realtors, one of the world’s largest trade associations, which sets the rules for multiple listing services and how brokers use them.
As business leaders think and act more with an ecosystems perspective, such self-policing may become more common—and more readily encouraged. There is a greater sense within ecosystems of the interdependence of entities and of the fact that any weak link threatens the success of them all. New levels of transparency and new tools for establishing and checking reputations are also helping to keep behavior in line. For example, the mutual buyer-seller rating system that many consumers have come to know through eBay transactions has its analogs at all levels of the economy. In a world where social media spreads the news of any corporate misbehavior in minutes, businesses and their ecosystem partners are less likely to do anything that could be construed as bad for the public. In Deloitte’s 2014 survey on reputational risk, 87 percent of responding executives rated reputation risk as more important or much more important than other strategic risks they face.25 Regulators might consider how to activate and support these self-regulating tendencies instead of or as well as applying more coercive external rules.
To respond to innovation—and also to enable it—regulatory bodies must find ways to act with greater agility, historically a difficult feat for bureaucracies. Finding the answer has never been more important because the world isn’t getting faster, it is faster. But regulation and regulators can indeed move decisively and in careful consultation with a wide range of interested parties, as the FCC has recently shown in adjudicating net neutrality. After opening their preliminary opinion on the issue to the public on February 19, 2014, the FCC received almost 4 million comments in a matter of months.26 This exchange across interested parties illustrates perhaps the leading principle of agility: Stay agile by staying open. By February 2015, the FCC had picked its way through that enormous array of opinions, testimonials, and evidence to announce a broad and historic decision, even as the cross-stakeholder discussion and ongoing interpretation of net neutrality principles are sure to continue in perpetuity.
Another recent illustration of success through agility and openness can be seen in the just-completed auction of broadband spectrum which the FCC closed in January of this year. In a boon to taxpayers, the sale of increasingly scarce mid-range bandwidth licenses attracted a record $44.9 billion in expected fees, far exceeding even the most optimistic analyst’s estimates. Multiple bidders—over 70 were pre-qualified by the FCC to participate—competed aggressively for the coveted licenses in markets as large as New York and as small as American Samoa.27 The breadth of bidder participation and the structure of the auctions have been praised for inclusiveness, with the applause coming in almost equal parts from regulators, the public, and industry leadership alike.
Focus on ends versus means
Innovation is best preserved when regulators focus on outcomes (Has this novel solution resulted in any harm, or any greater benefit?) rather than on process (Did this business strictly comply with the steps specified for operating in this business area?). This has been well established since at least the 1990s.28 The EPA’s “cap and trade” regulations, for example, were designed to “deliver results with a mandatory cap on emissions while providing sources flexibility in how they comply.”29 In a new era of businesses collaborating in changing ecosystems, the advantage of this approach, perhaps even the necessity of this approach, becomes clear. Regulations that stipulate both ends and means are simply not capable of accounting for the mushrooming variety of “means” that ecosystems enable and that diverse ecosystem participants generate.
Perform as a regulatory ecosystem
The rise of business ecosystems also suggests that regulators must move past their traditional fixation on the question of primary jurisdiction. By seeing regulatory bodies as residing within an ecosystem of their own, with all the dynamism and dependency characterizing market ecosystems, they can acknowledge the inevitability of overlaps and find ways to achieve their goals more surely. Steven Liew of the Asia Internet Coalition (see his accompanying “My take” commentary) refers to this as “regulatory harmonization through co-creation.” Shared and co-owned, multistakeholder jurisdiction is increasingly the norm.
If you have any doubt of the need for such cross-regulator collaboration, consider the regulatory matrix surrounding something as mundane as a checking account. Consumer Financial Protection Bureau director Richard Condray recently pointed to the specialty consumer reporting agencies, individual financial institutions practices, heavily regulated protocols around data sharing and account management, individual bank policies related to risk tolerance, and the types of accounts and account features that banking institutions offer, as all being subject to different levels and kinds of regulatory scrutiny.30 FCC chairman Tom Wheeler calls for this new regulatory ecosystem when he proclaims, “We cannot address these threats in one-sector or one-agency silos. Particularly among regulatory agencies, we must coordinate our activities and our engagement with our sector stakeholders.”31
Statesman Edmund Burke wrote at the end of the 18th century: “The public interest requires doing today those things that men of intelligent goodwill would wish, five or ten years hence, had been done.”32 As regulators go about their work today, they recognize that future citizens will wish for a past decade of important innovation as well as scrupulous policing.
As industries blur into ecosystems, regulators are seeking new ways to strike this balance. The regulatory challenges described here will continue and new challenges will follow. For example, how should a regulatory regime handle intellectual property rights in a world driven as much by passion as paid work, and where innovation often occurs in open, distributed forums? As ecosystems promote collaboration and co-creation, when does collaboration become collusion? As ecosystems build broad bridges across national and regional boundaries, how do we account for and honor the local preferences which are themselves a major contributor to ecosystem diversity and health?
Surely the regulatory mindset—the basic rules of thumb followed by policy makers—will need to evolve as innovation, dynamism, and flexibility come to matter to our society just as much as, if not more than, its desires for stability, control, and compliance. What new skills and capabilities will become more common on regulatory teams? How will cross-border regulation evolve as productive regulatory pollination flows across economic ecosystems that have no natural awareness of the state and national borders they traverse? Finally: What will it take to reshape the regulatory environment into a smart, dynamic, and highly integrated ecosystem of its own?
By Steven Liew
Steven Liew has helped shape regulation in China, Japan, Korea, India, Singapore, and in the United States at eBay, where he was associate general counsel and head of government relations for Asia-Pacific. He is also a co-founder and past chairman of the Asia Internet Coalition, which improves Internet regulation by finding common ground between members including eBay, LinkedIn, Facebook, Google, Salesforce.com, Apple, and Yahoo!.
It’s almost too obvious to suggest that the business world is fundamentally different than it was even 20 years ago—which poses the question: Has the world of regulation kept up with these seismic shifts? Or, in other words, are regulations and the regulated well paired and in harmony with the business ecosystems evolving below their feet?
While my answer to the question is definitely mixed—in some instances they are and in others less so—it’s easy to cite noteworthy cases where regulators were caught out by insufficient or outdated laws. In 2007, for example, the truck-sized holes in the rubric of global financial standards remained largely unknown or, at least, rarely acknowledged. By 2009, the global financial crisis had revealed in stark detail how big some of those gaps were.
Other regulatory mismatches have been revealed not by system shocks, but by individual entrepreneurs promoting “irreverent” innovations. Most of these folks—including eBay, Uber, Bitcoin, and mobile payments companies—don’t set out to prove that regulation is flawed. They set out to solve a problem or to build a market or to serve unmet customer needs. But those services can inadvertently ignite extensive regulator review as incumbents cry foul and push for scrutiny of the regulatory seams which have proven such fertile ground for new businesses.
Amidst the challenges, I also see terrific examples of progress and collaboration. One that stands out is the growing adoption of “co-creative regulatory processes,” approaches that convene stakeholders from across jurisdictions, perspectives, and interests to find common ground. I’ve been especially surprised to see these collaborative models taking off in China, Taiwan, and Singapore, places that traditionally prefer more top-down controls.
In my time at eBay, I also saw how close collaboration with regulators just had a way of productively tuning the regulatory web overall. In our meetings with government officials across Asia-Pacific, we were often hardly out the door with one regulatory body when they would pick up the phone to share insights with other members of their regulatory network, perhaps down the hall, across town, or halfway around the world.
In the end, regulations will change because they must. The biggest question may be whether those changes are proactive or reactive. If proactive, regulators could find themselves in unusually good times where many political and economic guidelines can be fruitfully recast. If reactive, regulators may be stuck playing catch up, and acting more like referees than co-creative enablers.