Chapter 38: Exercises — Regulatory Approaches

Reflection Exercises

Exercise 1: Your Regulatory Prior Before diving deeper into the research, honestly assess your prior beliefs about government regulation of technology. Do you lean toward more regulation or less? What values underlie this preference? This self-assessment is important for identifying where your evaluation of regulatory arguments may be biased in either direction.

Exercise 2: The Externality Identification Identify three specific harms documented in this textbook (Parts II-V) that represent "externalities" — costs imposed by platform behavior on people who are not party to the platform-user relationship. For each harm, explain: who bears the cost, why the platform has no financial incentive to reduce it, and what regulatory mechanism might internalize the cost.

Exercise 3: Section 230 in Your Own Words Without looking at the chapter, explain in your own words what Section 230 says, what problem it was designed to solve, and what problem its critics say it now creates. Then compare your explanation to the chapter text. Where did you get it right? Where were you wrong or incomplete?

Exercise 4: GDPR Experience Audit For one week, whenever you encounter a cookie consent banner or privacy settings interface on a website or app, evaluate: Is this interface designed to make privacy-protective choices easy or difficult? Does it comply with GDPR's consent requirements (freely given, specific, informed, unambiguous)? Does it use dark patterns to steer you toward less private options? Keep a log.

Exercise 5: Regulatory Philosophy Self-Assessment The chapter describes three regulatory philosophies: EU precautionary principle, US speech-protective tradition, and Chinese state control. Which most closely aligns with your values? Write a 300-word justification of your position that takes the strongest version of the competing positions seriously.

Analysis Exercises

Exercise 6: Read Section 230 Find and read the actual text of Section 230 of the Communications Decency Act (it's short — about 400 words). Identify: the publisher immunity, the Good Samaritan immunity, what conduct each provision protects, and what conduct each provision does not protect. How does the actual text compare to how Section 230 is typically described in political debate?

Exercise 7: GDPR Compliance Analysis Choose one major social media platform (Facebook/Meta, TikTok, YouTube, Twitter/X, or Instagram). Research: Has this platform been fined under GDPR? What were the violations? What changes did the platform make in response? Did those changes meaningfully improve user privacy or primarily changed the form of consent collection?

Exercise 8: DSA Requirements Deep Dive Read the EU Digital Services Act's Article 25 (prohibition of dark patterns) and Article 26 (transparency of recommender systems). Write a 500-word analysis: What specific practices do these articles prohibit or require? What is left ambiguous? How might a platform technically comply while substantively maintaining harmful practices?

Exercise 9: COPPA Effectiveness Assessment Research the history of COPPA enforcement. Find at least three significant COPPA enforcement actions and their outcomes. Based on the enforcement record, write a 400-word assessment: Has COPPA achieved its goal of protecting children's privacy online? Why or why not? What specific design features make COPPA easily circumvented?

Exercise 10: KOSA Analysis Find the most recent version of the Kids Online Safety Act bill text or a detailed summary. Identify: What specific harms is it designed to prevent? What mechanisms does it use? What criticisms have civil liberties organizations raised? Write a balanced 500-word analysis of its likely effects if enacted.

Comparative Exercises

Exercise 11: The Regulatory Comparison Matrix Create a table comparing GDPR, the DSA, the OSA, and COPPA across the following dimensions: geographic scope, regulated parties, primary mechanism (consent, transparency, harm prohibition, duty of care), enforcement authority, penalties, and primary limitation. What patterns do you observe?

Exercise 12: Gaps Analysis Based on the regulatory frameworks described in this chapter, identify what you consider the three most significant regulatory gaps — harmful platform practices that no existing or proposed regulation adequately addresses. For each gap: describe the harm, explain why current regulation misses it, and propose a regulatory mechanism that would address it.

Exercise 13: The Brussels Effect The "Brussels Effect" describes how EU regulation often becomes de facto global regulation because multinational companies find it simpler to comply globally than to maintain geographic variants of practices. Research three specific examples of EU regulations or enforcement actions that produced changes in platform practices globally. What does this suggest about the relative power of EU vs. US regulation?

Exercise 14: First Amendment Limits The US First Amendment places different constraints on platform regulation than European legal frameworks. Research: What specific regulatory approaches (content requirements, algorithmic mandates, speech-related liability) have been found unconstitutional or likely unconstitutional by US courts? How do these constitutional limits affect what kinds of platform regulation are feasible in the US?

Exercise 15: Algorithmic Accountability Frameworks Research at least two academic or policy proposals for algorithmic accountability (examples: Algorithmic Accountability Act, AIAAIC, EU AI Act's provisions on high-risk AI). Compare: What transparency requirements do they propose? What auditing mechanisms? What liability for harm? What definition of "algorithm" or "automated system"? Evaluate the feasibility of each.

Policy Design Exercises

Exercise 16: Design a Section 230 Reform Draft a specific Section 230 reform proposal that: preserves the publisher immunity that enables user-generated content platforms, creates liability for algorithmic amplification of content that platforms know or should know is harmful, includes First Amendment-consistent limits, and specifies the standard of liability. Be specific enough that a lawyer could draft legislation from your proposal.

Exercise 17: An Age Verification System Design an age verification system for social media platforms that: actually prevents minors from accessing platforms, preserves adult users' privacy (doesn't create government databases of who accessed what), is resistant to evasion, and is technically feasible. Consult the privacy-preserving age verification literature (zero-knowledge proofs). Evaluate the tradeoffs in your design.

Exercise 18: Children's Online Safety Regulation Drawing on the research in Chapters 17-20 on harms to minors, design a comprehensive children's online safety regulation that: identifies specific platform features associated with documented harms, prohibits or conditions those features for verified minors, specifies how minors' accounts should be distinguished from adults', and addresses the age verification problem. Ground each provision in the evidence.

Exercise 19: An Algorithmic Impact Assessment Requirement Draft the core requirements for an algorithmic impact assessment (AIA) regulation. Your AIA requirement should specify: what systems must be assessed, what testing must be conducted, who conducts the assessment, how results are disclosed, what standards must be met, and what happens when systems fail the assessment. Include enforcement mechanisms.

Exercise 20: Interoperability Requirements The EU Digital Markets Act requires interoperability for certain messaging services. Design an interoperability requirement for social networking (not just messaging) that: enables users to follow and interact with accounts on different platforms, preserves safety features (blocking, reporting) across platforms, addresses spam and abuse challenges of open systems, and creates competitive conditions that reduce lock-in. What are the technical and business model challenges?

Critical Thinking Exercises

Exercise 21: The Industry Capture Problem "Regulatory capture" — the tendency of regulatory agencies to be influenced by the industries they regulate — is a persistent concern in platform regulation. Analyze: What specific mechanisms might allow platform companies to influence the development and enforcement of DSA or COPPA requirements? What structural features of regulation reduce capture risk? Design one structural safeguard against regulatory capture for a platform regulation context.

Exercise 22: The Political Economy of Inaction The US has lagged behind the EU in comprehensive platform regulation despite bipartisan political rhetoric about the harms of social media. Write a 600-word political economy analysis: Why has comprehensive US platform regulation failed to materialize? Who benefits from regulatory inaction? What political coalitions would be necessary for comprehensive regulation to pass?

Exercise 23: Regulation vs. Liability Compare two approaches to platform accountability: mandatory regulation (rules requiring specific practices or prohibiting specific harms) and tort liability (allowing victims to sue platforms for documented harms). What are the advantages and disadvantages of each approach? Under what conditions is each more effective? Can they work together?

Exercise 24: The Speed Problem Platform features change faster than regulatory processes. A regulation designed for today's TikTok may be obsolete before it's enforced. Write a 500-word analysis of how to design "future-proof" platform regulation — regulation that addresses harmful practices without becoming obsolete as specific features change. What principles would guide future-proof regulation?

Exercise 25: Global Coordination Platform harms are global; regulatory responses are primarily national or regional. Write a 500-word analysis of what international coordination on platform governance would require: What existing international bodies could host such coordination? What minimum standards would need to be agreed on? What obstacles to coordination are most significant? What models from other domains (financial regulation, aviation safety, pharmaceutical approval) might be adapted?

Research and Writing Exercises

Exercise 26: DSA Implementation Update Research the current state of DSA implementation (as of your writing). What enforcement actions has the European Commission taken? What changes have platforms made in response to DSA requirements? What has the researcher data access provision enabled? Write a 600-word update on how DSA implementation has proceeded.

Exercise 27: Section 230 Case Law Research the following Section 230 cases: Zeran v. America Online (1997), Fair Housing Council v. Roommates.com (2008), and Gonzalez v. Google (2023). For each case, summarize the legal question, the court's holding, and the implications for platform liability. How have courts interpreted Section 230's scope over time?

Exercise 28: State-Level Privacy Law California's Consumer Privacy Act (CCPA, 2020) and California Privacy Rights Act (CPRA, 2023) have become de facto national standards for several privacy protections. Research: What are CCPA/CPRA's key requirements? How have platforms responded? What has California Privacy Protection Agency enforcement looked like? What does California's experience suggest about state-level regulation as a substitute for federal law?

Exercise 29: The FTC Amazon Dark Patterns Case Research the FTC and DOJ lawsuit against Amazon over Prime subscription dark patterns (filed 2023). Summarize: What specific dark patterns were alleged? What legal theory was the basis for the complaint? What relief did the FTC seek? What does this case reveal about the FTC's approach to dark pattern enforcement and its limits?

Exercise 30: International Regulatory Scan Research platform-specific regulation in three non-EU, non-US countries: Australia, Canada, and one country in the Global South of your choice. For each: What regulation has been enacted or proposed? What is its primary focus? What enforcement experience exists? What does the diversity of approaches suggest about the political and cultural determinants of regulatory philosophy?

Discussion and Group Exercises

Exercise 31: Regulatory Philosophy Debate Divide into three groups representing the EU precautionary principle approach, the US speech-protective approach, and a critics' position arguing both approaches miss the fundamental economic restructuring needed. Each group presents the strongest version of their position and then responds to the others. What areas of genuine disagreement emerge?

Exercise 32: Mock Regulatory Proceeding Role-play a regulatory proceeding on dark pattern prohibition. Assign roles: FTC or European Commission regulator, major platform company (represented by its lawyers), consumer protection advocate, civil liberties organization, mental health researcher, advertising industry representative. Each presents their perspective on a proposed dark pattern prohibition rule. What tensions emerge?

Exercise 33: The Velocity Media Regulatory Analysis Based on Dr. Aisha Johnson's audit findings at Velocity Media (described throughout Part VI), identify the specific practices documented in the audit and analyze: Which are prohibited or regulated under existing law? Which fall in regulatory gaps? What new regulation would address the gaps? Present your analysis as a regulatory impact assessment.

Exercise 34: The Lobbying Response Research the lobbying spending of major technology companies on platform-related legislation. How much have Meta, Google, Amazon, and Apple spent on lobbying in recent years? What specific legislative proposals have they opposed? What does this spending pattern reveal about the political economy of platform regulation? Discuss: What counterweights to industry lobbying exist?

Exercise 35: Designing Effective Regulation Drawing on the full analysis of this chapter, design a comprehensive platform regulation framework for a hypothetical democracy. Your framework should: define regulated entities, specify the primary harms to be addressed, identify the mechanisms for each harm, specify enforcement institutions and penalties, address the First Amendment analog (how to regulate content-adjacent practices without suppressing speech), and build in adaptation mechanisms. Present and defend your framework to the class.