mark nottingham

How we Build Platforms

Sunday, 19 February 2023

Law Internet

I’m fascinated by the Metaverse. Not because I want to use that steaming pile of legless avatars, but because it’s the latest prominent attempt to establish a new platform. As Mark Zuckerberg said in internal emails about it:

The strategic goal is clearest. We are vulnerable on mobile to Google and Apple because they make major mobile platforms. We would like a stronger strategic position in the next wave of computing. We can achieve this only by building both a major platform as well as key apps.

The interesting implication here is that he’s not worried about being vulnerable to platforms like the Internet and the Web, presumably because they’re ‘open’, and commodities – it isn’t easy to get into a dominant position on them (huge asterisks). That cuts both ways, of course; you’re not as vulnerable when you depend on an open platform, but it’s not as attractive for the platform owner either, as Zuckerberg hints later:

The platform vision is around key services that many apps use: identity, content and avatar marketplace, app distribution store, ads, payments and other social functionality. These services share the common properties of network effects, scarcity and therefore monetization potential.

The competition law student in me is super interested in these statements, but I’ll put that aside for now to point out how Zuckerberg is being a fairly sophisticated consumer of platforms at the exact same time he’s counting on his potential customers to lack such sophistication. He doesn’t want to get locked into other folks’ platforms, while he’s counting on normal people to get locked into his (‘network effects, scarcity, and therefore monetization’).

This attitude isn’t unique to Zuckerberg and Meta, of course. In all of the discussions of the ‘metaverse’, the common theme seems to be various companies trying to corner some aspect of the market so they can see the same benefits that he talks about, without getting locked into someone else’s platform. As I put it to Pew Research over a year ago:

The ‘metaverse’ is a marketing confection with no basis in reality as of yet. Its proponents are focused on capturing a future market, not building new shared space without any single owner. There are no current efforts at interoperability, common standards, open governance or any other sign of creating what is being marketed – a peer of the web as a public, open space. As a result, what little that is emerging is lacks novelty; we’ve seen it before (e.g., Second Life). If it plays any role in future online life, based on what we see today the metaverse is likely to be 3D Facebook, more or less – a platform that a big tech company uses to monetise attention, in a winner-take-all marketplace.

However, I think it’s a key factor in why these platforms should be regulated – their consumers aren’t sophisticated and need to be protected.

Platform User Sophistication

The importance of consumer sophistication can be illustrated by considering a platform where the users don’t need to be protected to the same degree – for example, cloud infrastructure-as-as-service.

There are definitely dominant players in the IaaS market, but as a consumer, I still have choices. If I don’t like AWS for compute,1 I can go to a fairly large number of competing services, with a reasonable selection of quality and pricing. IaaS offerings, in other words, are reasonably substitutable, and therefore form a competitive market; it’s harder for Amazon (for example) to abuse their power there.2

A large contributor to this state of affairs is the nature of the market’s consumers. Businesses are notoriously wary of being locked into a particular service provider; while they might dabble with a proprietary platform for a while, when things get serious, they want an exit plan. That is usually based upon Open Source or Open Standards.3

Let’s call IaaS a ‘business platform’ – a sizeable portion of its consumers are highly sophisticated (or at least highly wary), and that creates a force against abuses of that platform, and one, dare I say it, against centralization.

At the other end of the spectrum, then, would be a ‘consumer platform’ whose customers are not sophisticated – like the metaverse. Its users don’t think about the systemic effects of their actions, they just want the fun, new, shiny thing. The fact that a company packages it up and makes it easy to use is a bonus.

At the scale that consumer platforms operate at, it’s not reasonable to think that your actions could have any impact. If I don’t use Facebook, they don’t notice; I just lose out on some connectivity with my friends. Collective action is in theory possible, but the barriers to it are significant – especially when the most obvious coordinating function is the platform itself.

These problems don’t surface as often in business platforms. A large customer can demand that a platform be opened (in some fashion), and they’ll be listened to; I’ve seen it. Customers usually have some form of ‘relationship manager’ that listens to their concerns; try getting hold of support for a modern consumer platform.

Of course, this is not a binary; some consumer platforms have business users, and vice versa. Enough business users on a consumer platform might allow unsophisticated users to free ride on the influence that the sophisticated users exert; that probably happens on ‘pure’ business platforms too.

Consumer Platform Regulation

The environment for launching new platforms has changed dramatically in the last few years, and should continue to be… dynamic… for the foreseeable future. It’s gratifying to see that regulatory energy being focused on consumer platforms for all of the reasons above. Competition regulators often have an additional mission of protecting consumers, so this is entirely appropriate.

However, bad regulation can cause considerable harm. As I’ve mentioned before, I have concerns about ill-considered regulation fragmenting the Internet, thereby reducing its intrinsic value, and I have concerns about ossification, where big tech players are ‘locked into’ their current roles, even though evolution is one of the most important properties of the Internet.

That’s one reason I’m so interested in interoperability standards. I continue to believe that platforms that are developed, maintained and governed in the open, with a focus on the public good and broad stakeholder participation – e.g., through open standards – are most likely to benefit their users, and an important part of the regulatory mix in Internet governance. There is a lot more ground to cover in this area, and I’m hoping to write more about it soon.

My draft submission to the Australian Senate’s Inquiry on the Influence of International Digital Platforms touches on another aspect that’s important, but often ignored by regulators:

[T]he current metaverse proposals do not have the concept of a ‘user agent’ — a component charged with representing the interests of the end user when they interact with others. In the Web architecture, the browser fills this role, and while there are still significant problems on the Web, this separation of concerns has prevented many abuses.

Funnelling a platform through this kind of barrier function where the users’ interests are protected can prevent many - but not all - harms. However, that can’t be provided by a single company; the power differential between a well-resourced big tech company and individual, unsophisticated and poorly coordinated users is just too great.

As a result, my current thinking is that regulators should explicitly state a presumption that a consumer platform which is controlled by a single undertaking is prone to abuse of market power and consumer harm, and therefore a target for monitoring (and potential enforcement), especially when that market becomes sizeable. Creating platforms which are open and which have separable user agent components are evidence that the platform is not controlled by a single undertaking, avoiding this presumption.

Doing so would send a clear signal: if your platform takes off, don’t assume you can keep all of the benefit to yourself without oversight, or that you’re in sole control of how it works.

Some will argue that this style of regulation will ‘hurt innovation’, of course. I disagree; openness has fostered an astounding amount of innovation on the Internet, and in many cases, the opposite has been seen: big tech has taken what was open and created proprietary replacements that have sucked the energy out of the community efforts (e.g., web feeds). Simply put, while competition has a place in improving the Internet, cooperation has an even larger role, and it’s too often ignored.

And, frankly, I don’t want to live in a society where pouring countless billions into a platform gives you automatic rule over people’s interactions, solely because no one else spent as much and you had the first mover / network effect advantage.

Of course, this isn’t a complete solution. Open platforms aren’t automatically equitable and user-focused; creating and maintaining them takes considerable resources. Regulators would need to follow up and put appropriate pressure on selected private consumer platforms, which implies they need to be well-resourced too.

Those are problems that can be solved. At the end, what I really want is for statements like Zuckerberg’s above to be considered anachronistic and unworkable by future innovators – I want breathing room for the next big open platform to emerge.

  1. It’s true that if I adopt more value-added and specific services, I’m more likely to get locked in. That’s a different discussion. 

  2. Of course there are all sorts of specific billing and other tricks they can play to make it harder to switch; I’m discussing the market features, not their specific behaviour. 

  3. Tim Bray talks about this more in ‘Lock-in and Multi-Cloud’