The document summarizes the historical parallels between AI self-regulation efforts in the 2020s and internet self-regulation in the late 1990s. Many of the same large tech companies, like IBM, Apple, Amazon, and Microsoft, are now promoting AI self-regulation through initiatives like the Partnership on AI, as they did for the internet. However, internet self-regulation eventually gave way to co-regulation by the EU in the 2000s due to concerns over fundamental rights and lack of oversight. The document argues the same outcome may occur for AI if self-regulation fails to properly address issues like bias, privacy and transparency. International organizations like the UN, OECD and Council of Europe are also increasingly involved in discussions around

1. Global AI Self-Regulation
old whine in new bottles
Chris Marsden
8 September 2023
Party Like It’s 1999!
#Gikii23

2. Associate Director,
Monash Data Futures Institute
Director, Monash Digital Law Group
Professor of AI,
Technology and the Law
Visiting Professor UKRI TAS Regulation & Governance Hub

3. 1999 – when the Internet was (new-ish) cool
• Y2K ‘Millenium Bug’ (ta, Jordan!)
• Just before the bubble burst – boo.com,
WorldCom, Enron
“I was dreaming' when I wrote this
So sue me if I go too fast
Life is just a party
And parties weren't meant to last”

4. THE INTERNET TECHBROS PARTYING OF 1999 IN
GENEVA WAS REPLACED BY REGULATION
• the 2023 party for self-regulation may soon be
over for AI techbros
• Why, Floridi has a ‘winter is coming’ paper out…
• This ‘paper’ considers the historical parallels in
• technology policy making,
• soft law instruments and
• proposals for legislation between
• the late 1990s and early 2020s.

5. AI SELF-REGULATION CLAIMS ARE BEING MADE
BY THE SAME COMPANIES THAT PROMOTED
INTERNET SELF-REGULATION IN THE LATE 1990S
• IBM, Apple, Amazon and Microsoft/OpenAI
• now joined by Alphabet, Meta and SpaceX/X/Musk
• In the mid 1990s, this approach was led by
• the Bertelsmann Foundation and Carnegie Endowment,
• which co-opted research from Oxford University (CSLS) and
the Hans Bredow Foundation, and
• used hosting and stewardship institution building of the OECD.

6. PARTNERSHIP ON AI FOUNDED IN 2016
• Taken the place formerly occupied by the (non-deceased) Global
Information Infrastructure Commission (1995-date),
• to impose a corporate self-regulation agenda dressed up in
multistakeholder clothing
• In 2016, academic capture and multistakeholder-washing had become
more sophisticated, academic ‘partners’ included
• the Harvard Berkman Centre (founded 1999 after the GIIC moment), MIT,
Berkeley, Princeton, Santa Clara, University of Washington, Cornell, Tufts,
Brown, Duke, USC, Carnegie,
• as well as Turing Institute (and constituents Oxford, Cambridge, UCL), UK
Digital Catapult (sic), Netherlands Innovation Center for Artificial
Intelligence, Fraunhofer Institute, and even Tokyo University and ANU.
Again, OECD provided the Forum and a ‘soft law’ Recommendation of the
Council on AI principles.

7. 1990S SELF-REGULATION EFFORT EVENTUALLY
GAVE WAY TO EU CO-REGULATION
• in the E-Commerce Directive of March 2000 (implemented from 2003ish),
• but succeeded in its greatest triumph, Data Protection ‘Safe Harbor’
• (sic and sick: see Reidenberg 1998 Lex Informatica)
• EC sacrificed Data Protection Directive 1995 to US self-regulation,
• whose emperor’s new clothes were only declared transparent in the
Schrems I decision,
• following which regal tailors invented even more transparently flimsy self-
regulatory schemes which continue to be the subject of Schrems litigation.

8. Marsden and Tambini
“There is a danger that some aspects
of internet self-regulation fail to
conform to accepted standards.
We recommend co-regulatory audit
as the best balance of fundamental
rights and responsive regulation.”
Directorate-General for Communications Networks, Content and Technology (European Commission) , Programme
in Comparative Law and Policy (2004) Self-Regulation of Digital Media Converging on the Internet: Industry Codes of
Conduct in Sectoral Analysis, Final Report of IAPCODE Project for European Commission DG Information Society
Safer Internet Action Plan, 30 April, Section 12.7 at https://publications.europa.eu/en/publication-detail/-
/publication/b7c998d9-75d6-464d-9d91-d59aa90a543c/language-en
2001-4 EC selfregulation.info
We still collaborate – see Regulating Big Tech (OUP, 2021)

9. WHERE STRATEGIC LAW ENFORCEMENT INTEREST
DEMANDED, THE COUNCIL OF EUROPE
PROVIDED THE 2001 BUDAPEST CONVENTION
• , to which even the US, Australia and Japan acceded
• In 2023, the EU AI Act is stuck in trilogue horse-trading,
• the Council of Europe is offering a Framework Convention on
AI that has suspiciously see-through gauze covering, and
• Schrems is back in court over the mis-enforcement of the
General Data Protection Regulation 2016.

10. TELECOM ’99 SUMMIT OF OCTOBER
• The denouement of the ethics washing and self-regulation
washing of the corporate Internet giants,
• and their academic lackeys,
• where the dot-com boom was held to be too important to let
self-aggrandizing Internet companies self-regulate.

11. UNITED NATIONS AI SUMMIT JULY 2023
• equivalent for the corporate AI giants, and their academic lackeys,
• after LLM/chatGPT frenzy of investment and hype in early 2023 .

12. IT IS THE ‘AI REGULATION MOMENT’
• intoned the Secretaries General of both
• the International Telecommunications Union (ITU) and
• the United Nations itself

13. POLICYMAKING DRAFT AT IGF
KYOTO, JAPAN: OCTOBER 9
• G7 digital ministers will meet in November, to approve whatever has been decided
• G7 pledged to create an international (but voluntary) code of conduct around the most advanced uses of AI.
• That included commitments for companies around the safe development of the technology; robust security measures to stop harmful
use cases; and the creation of risk management plans to convince officials that firms wouldn’t do anything that hurts society.
• United States, Japan, U.K. prefer solely voluntary commitments around security, risks and innovation.
• The White House pitched this approach in July when it signed up Microsoft, Meta and Google to a series of non-binding pledges.
• Japan, too, is eager to give companies significant leeway in how they develop AI systems, within reason, including potentially
allowing firms to train their large language models on copyrighted material.
• Europeans and Canada.
• AI Act, Ottawa draft legislation, published short-term code of practice included transparency requirements/ non biased data sets.
• G7 creating a patchwork of international cooperation. aim: allowing these systems to be used, wherever rolled out.
• voluntary code of practice (European Commission pitched during the most recent EU-U.S. Trade and Technology Council meeting) is
the best step forward. efforts to focus these commitments on solely the largest AI companies were recently scrapped.
• Global Partnership on Artificial Intelligence (GPAI) —New Delhi from December 12-14. wider set of non-Western
countries under India’s current chair of the G20. group bringing together 29 countries from Argentina to South Korea.
• United Kingdom trying to gatecrash with its own meeting — slated for November 1-2 and focused on “AI safety” —
• no one — including those within the British government — has a clue to what will come from this event.
• U.K. is also eager to invite China, which hasn’t gone down well with some G7 countries.

14. MY VIEW WITH GEORGE CHRISTOU

15. Council of Europe
Strasbourg effect?
As with data protection – Convention 108+
‘
• CAI - Committee on Artificial Intelligence - Artificial
Intelligence (coe.int)
• Convention on Regulation of Artificial Intelligence
• Agreed November 2023?
• Treats human rights as integral to regulation – unlike EU
• EU negotiating as a party:
• https://futurium.ec.europa.eu/en/european-ai-
alliance/blog/eu-participates-actively-council-europe-
negotiations-development-new-convention-artificial
‘