regulationsI’m optimistic about the future of Internet technology software because the innovation potential keeps blossoming and accelerating.

But I’m worried that local, global or national regulation could easily stunt the creation and emancipation of some of the most exciting and useful technological innovations that have yet to emerge. Specifically, let’s take the case of cryptography-based software technologies, also called blockchain, along with new services of the peer-to-peer variety.

The blockchain has fundamental characteristics that puzzle regulators, central authorities and large corporations because it challenges centrally orchestrated trust, and enables a new kind of trust: one that is decentralized and not centrally controlled.

And peer-to-peer services, such as UBER or Airbnb sit squarely in the permissionless innovation category, where services are paid for and rendered via methods that start by circumventing conventionally regulated ones.

The school of regulation believes in applying constraints and preventative measures, as a way to license, control or prevent usage, even before adoption is allowed to exist. But the school of innovation prefers to wait and see the shape and implications of widespread adoption, before any regulations are even discussed, because we still don’t know where or how to regulate. In those cases, premature regulation wrongfully targets areas that may appear as the most obvious, but not as the most useful.

There is yet another school of thought coming from already regulated corporations that purports to make regulators as co-operating partners and proposes that innovation can be guided to live within the regulators satisfaction zones, but that is also a flawed conclusion. For one, innovation tends to always emerge from outside existing regulation. And secondly, when large companies talk about innovation and refer to technologies that emanated outside of their boundaries, they are really talking about applying such innovation, and not creating it.

On this topic, I’ve already written that Blockchain Inside Regulations Is NOT Innovation and explained Why I’m Being Tough on the Banks Re: Blockchain.

As it turns out, the blockchain brings some solutions to the dilemma of juggling data, identity and transactions privacy and security.

The old ways of securing data was to centrally protect it, but central trust is eroding, in light of security breaches from large/central corporations such as Target, Sony, Blue Cross, and Ashley Madison. Their incidents are making us wonder if large companies are fit to store our data, yet alone manage increasingly large transaction databases.

Enter the blockchain and decentralized applications based on it, where data is manipulated via cryptographically secured encryption schemes as a standard practice. By virtue of the decentralized architecture of blockchain applications, each user can and should own their data. In the blockchain world, “central” players are less vulnerable to data losses or breaches because they only store encrypted information and coded pointers to distributed storage locations that are spread across virtual computer networks, therefore hackers cannot reconstruct or make sense of whatever partial information they might access. In this new world of decentralized technologies, security, privacy and data ownership requirements are part of the design and not an afterthought. They come first.

And in the area of Anti-Money Laundering/Know Your Customer (AML/KYC) practices, whereas upfront customer due diligence is currently the norm, the follow-through monitoring of these measures reveals weaknesses, because the walls between financial institutions aren’t easily traversable. However, with the advent of the Bitcoin blockchain as a unified global network, one can peer through the complete end-to-end lifecycle of transactions across companies because the network is more porous. Therefore, it should be possible to relax upfront KYC requirements, in favor of increased transactional analysis transparency afforded by the blockchain. Hopefully, law enforcement authorities, financial institutions and regulators will embrace this shift by seeing its potential benefits.

Decentralization and less control doesn’t mean doing illegal things. It means that the individual user is more empowered and less restricted. Typically, more good than bad comes out of such scenarios.

In the case of peer-delivered services, the visibly obvious legal and regulatory fights are rooted by the incumbents’ fears of losing control of their monopolies. And the regulators natural response is to over-react and over-shoot with regulations, as a knee-jerk step to compensate, but these measures end-up killing innovation even faster, while increasing the damage costs and exacerbating delays in potential recovery.

In reality, existing actors are stunting innovation via their collectivist protectionism positions. Collectivism doesn’t innovate well, because it lines the bar against the lowest acceptable denominator, which in most cases is the status quo. In the case of Airbnb and UBER, they are the new platforms, and the wind is in their sails because consumers have voted with their usage patterns.

That said, there is a flipside to platform success, because monopolies also exist in the online world. As platforms get big, their operations tend to become a black box that holds customers hostage to usage addiction and data opacity. Whether they are older online platforms (Google) or newer ones (Facebook), these companies retain our data and don’t tell us exactly what they do with it, while creating high switching costs. Even UBER stores data that could get a driver booted out of their system for low satisfaction ratings.

But as consumers, we must ask what big companies do with our data, a question directed to both the online and traditional ones. Can we take our data and move it to another provider, like we might take our medical record to another doctor? Do we know what they know about us or how they are using our data? Do we have a say into it? Can we commingle our data with other data to extract meaningful intelligence?

In the increasingly digital world, data is a valuable currency, yet as consumers, we control and own little of it. Today, data can also be a pivot point for regulatory decision-making.

Maybe there is a case for regulating big companies so they give more control of the data to their users and customers. And maybe the regulators can barter with them so they can share aggregate data where a public benefit could result from that insight.

From the startup world, entrepreneurs are developing decentralized applications where users are in control of their data, their transactions and their privacy; and they decide what to do with it, and what to commingle it with. This will turn a lot of centrally controlled businesses on their head.

Regulation has a role, and it might come later to protect consumers, not large companies. Today’s big monopolies and dinosaurs hide behind regulations or lack thereof, to protect their business models, but future intermediaries have data as a trump card to lure customers and cement their habits. If regulators were proactive, they could turn their attention to studying that, and proposing interesting solutions that enable users to have more ownerships and freedoms in moving their own data around while providing policymakers with useful insights.

Regulators should re-shuffle their attention to being a check-point on companies that are already big, not a choke-point on startups that are trying to get big.

In truth, innovation will always happen at the peripheries of regulation. Innovation doesn’t ask for permission. It just happens. And regulation will never be able to catch-up. Regulators and monopoly stakeholders who are chasing innovation are mounting futile fights.

In hindsight, the Internet could have been more regulated earlier, but its growth and evolution would have been much more constrained.

We are lucky that online technologies are quite permeable, and we need to be reminded that bits travel well afar and across boundaries. Online services are our only chance to efficiently spread positive opportunities around the world.

Rethinking regulation is a global message, not a North/South American, European, African or Asian one. The Internet is supposed to be that global platform, destined to level the playing field for all involved, and it doesn’t need multilateral and chopped-up regulatory agreements to govern it. We just need a dose of common understanding about its intended usage.

For the sake of online technologies, let’s lead with innovation and lag with regulation. The only type of innovation that knows how to thrive is the permissionless type. And the only type of sound regulation is the one that comes after innovation, way after.

Regulation is not a starting point. It’s an ending footnote.