When we first started to focus on policy development at Go Daddy, the company was quite small and there was no corporate history to review to determine what approach the company had taken in the past. Instead, the management team left it to me as in-house counsel to determine what needed to be done. They were all busy growing the business and making really cool products. As a person who likes to be in charge, and make stuff up from scratch, this was ideal. I would basically get to write the playbook, step by step.
What I learned, by trial and error, was that I needed to know who could make a difference in the Internet policy world, and who I needed to know to get things done. It didn’t take very long to understand that in order to succeed, you need to know your audience.
For example, intellectual property is a big issue on the Internet. The laws relevant to protecting trademarks and copyrights on the Internet are mostly contained in federal statues, like the Lanham Act, the Digital Millennium Copyright Act (DMCA), and the Anticybersquatting Consumer Protection Act (ACPA). Jurisdiction over intellectual property statutes usually falls to the judiciary committees of the US House and US Senate, although there are, of course, exceptions. In the case of intellectual property protection on the Internet, therefore, I found out I needed to engage with members of the judiciary committees of both the House and Senate in order to make new or different policy.
In the Internet context, and again, knowing your context is very important, it turned out most key policy was initially shaped by the federal government. Statutes like the Communications Decency Act (CDA), the Electronic Communications Privacy Act (ECPA), the Unlawful Internet Gambling Enforcement Act (UIGEA), the Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM), and the Fraudulent Online Identities Sanctions Act (FOISA) became as familiar to us as any set of acronym-laden abbreviations could. Again, each statute enacted by the federal government.
But, there is also the Uniform Domain Name Dispute Resolution Policy (UDRP), which is not a law at all, but rather, a contractual agreement that binds domain name registrars and registrants to handle domain name disputes in certain top-level domains a certain way. The federal government had nothing to do with that policy, but yet, it governs every domain name registration in the .com, .net. and .org name spaces, among others.
And, there are also a variety of computer crimes and privacy statutes enacted by various states and foreign countries, some very recently, with which we became familiar at Go Daddy.
So, at least in our case, we had law and policy from a variety of sources impacting our business, including many states, the federal government, foreign governments, and contracting parties. To shape policy, and make new or different laws, it was important to understand the regulators and processes that gave rise to each.
To begin to determine your policy audience, you should know the answers to at least the following questions:
- Does your business operate mostly under local or state rules? Or, is it controlled principally by federal statutes?
- Are there non-statutory legal requirements with which your business must comply? This would be more than the standard business contracts with which we all have to live, of course. Non-statutory legal requirements could take the form of contractually binding dispute resolution procedures, collective bargaining agreements, industry standards, like accounting pronouncements, for example, or other similarly binding, and potentially liability-producing, mandates.
- Do you have operations outside the US, where foreign rules may vary widely from those applicable in the US? While it seems thoughtful and conscientious to monitor policy development, and engage policymakers, at every level, all but the most well-funded, policy-focused organizations have to determine where they will place their limited resources. Most organizations do not have the luxury of being everywhere and working on every issue. So, you have to know your audience.
Who can and should you engage on policy issues? Who can make the biggest difference, positive or negative, in the ongoing operations of your company? Who is responsible for establishing the set of rules or laws that will have the most detrimental impact if your company fails to comply? And, what policymakers are paying attention to your company’s space? Those people and/or groups comprise your audience. You must figure out who they are and then, absolutely, get to know them.