Kevin Bankston

As the internet has become an increasingly important tool for free expression around the world, major platforms and networks that carry that expression have assumed the role of speech gatekeepers, often removing or blocking users' content for various legal or policy reasons. Currently, some internet and telecommunications companies disclose some data on how much content they are removing and why in their transparency reports.

[Commentary] In the wake of ongoing concerns about online harassment and harmful content, continued terrorist threats, changing hate speech laws, and the ever-growing user bases of major social media platforms, tech companies are under more pressure than ever before with respect to how they treat content on their platforms—and often that pressure is coming from different directions. There is a clear need for hard data about specific company practices and policies on content moderation, but what does that look like?Part of the answer to these questions can be found by looking to the growing

[Commentary] New America’s Open Technology Institute has been working on answering this question: how do you get companies to do the right thing? We’ve studied three positive privacy and security practices that have been adopted by internet companies over the years—first by a few companies as an innovative new practice, then as a best practice by more companies, and finally as an established standard practice by most of the industry—so that we could chart the different events and influences that helped make that widespread adoption possible. Our hope was that by looking across several cases, we could identify what types of political, technical, and social interventions were most likely to help spur widespread change at the industry level, and could maybe even provide a roadmap for future advocates to follow.

Specifically, OTI’s new “Do The Right Thing” project has mapped the key milestones along the road to adoption for three major privacy and security practices that have now become standard in the internet industry: (1) publishing transparency reports that detail government demands for user data, (2) encrypting web traffic by default (as of the end of last year, over half of all web traffic is now encrypted!) and (3) offering two-factor authentication (2FA) to better guard your online accounts against unauthorized intruders.