strategic management of information technology under legal
TRANSCRIPT
Strategic Management of Information Technology Under Legal Turbulence –
The Genesis of Regulatory Opportunism
Introduction
The Chinese proverb “May you live in interesting times!” may sound much like a wish of
luck and good fortune; yet, it is a curse. This metaphor seems particularly befitting Information
Technology’s “interesting times”. The Information Systems (IS) function has undergone such a
rapid transition from its traditionally relegated role of a service function (to the presumably more
value-generating marketing, finance, and operations functions of the firm as a productive asset)
to its distinct position of front-row strategic enabler, facilitator, and advantage generator in the
new digital organization that many of the notions, concepts, constructs, and paradigms are
shifting and changing so very rapidly, that, at times, we struggle conceptualizing, internalizing,
absorbing, and adapting to the changes, let alone model them in a forward-looking and predictive
capacity for purposes of strategic behavior.
The information technology-intensive organization is now faced with yet another
particularly thorny challenge: the legal infrastructure of the fading industrial economic model is
increasingly incapable of capturing and resolving the novel issues of the digital economy. We
found this issue underscored in the IS literature, and an affirmative, activist stance
underrepresented in the legal literature.
Even if regulation perpetually lagged with respect to technological progress, it still
seemed adequately flexible and responsive to frame industrial transaction and transformation-
oriented technologies with stability, linearity, and continuity (Drucker 1980). This presumed
capability and purpose of the law is, however, entirely in question with respect to the digital
economy.
The original motivation for a regulatory environment evolved from a neo-Smithsonian
perspective of imperfect markets: with the increasing integration of social, organizational, and
political structures the, original assumption of markets, in principle, as natural and spontaneous
social orders, trading only rivalrous and excludable goods, became untenable. The discovery of
the socially undesirable behaviors of underproduction and overconsumption of public goods
along with the access and equitability problems of use of impure public goods, as well as the
non-regenerable depletion of commonpool resources, led to the recognition that markets are
social constructions and, to function properly, need rules and governance in the first place.
Without them, transacting in markets with information asymmetries, moral hazard and adverse
selection problems, externalities, bounded rationality, opportunism, and asset specificity became
too costly (Williamson 1975, 1985, cited in van Warden 2001).
But the scope of the law was merely emulating the focus of strategy of the time. In the
tradition of Adam Smith, Henry Watt, and Henry Ford, strategy was introverted, production-
dominated, and concerned with transformation at operational level and integration at
organizational level. Manufacturing and marketing products “cheaper, faster, better” was
paramount. This transaction cost-sensitive environment relied heavily on solutions to
structured problems. One important purpose and realm of the law was to establish such
structure-providing mechanisms by reducing risks, uncertainty, turbulence, and chaos - and thus
transaction costs, and by creating a regulated, reliable, and safe environment for transactions at
the lowest possible cost.
Some if the heritage of the ‘invisible hand’, however, was preserved: modern
implementations of regulated markets are compromises between the two extremes, striking a
balance between ‘freedom from’ and ‘freedom to’. The American model, specifically, realized
its maximum-incentives-through-minimum-intervention objectives with a composite approach
between a minmalist legal structure properly speaking, and a positivist-affirmative ethical
superimposition, commonly referred to a social corporate responsibility. This resulted in a
rather fragmented, sometimes uncohesive, and somewhat uncoordinated body of exception-based
rules respective of most of what is economically plausible, and limited to correcting the blatantly
socially undesirable activities and outcomes.
The transition to a post-industrial – or sometimes labeled post-capitalist (Drucker 1993)
economic model – with its new symmetries and a pronounced demand-side character is rapidly
liquefying previous paradigms, including the law. Based on services and knowledge-products,
the extroverted service economy of digital markets, digital and digitizeable goods, and intensely
networked and connected participants, is not merely characterized by a difference in degree of
intensity or pace of change. It is different in nature and by orders of magnitude. It is not merely
variable, but volatile, not merely unstable, but discontinuous. It is quickly disaggregating so
carefully crafted aggregated structures, quickly dismantling the realm of previous forms of
intermediation, and re-intermediating, and re-aggregating ever faster and truly thriving on
Schumpeter’s “creative destruction”.
The legal environment has not kept up with this revolutionary transition, however. The
law itself has become a source of uncertainty and risk, thus amplifying the already risk and
uncertainty fraught information technology innovation process. The legal and ethical guidelines
have lost their directive and governance authority in an environment of global monopolies,
questionable copyright motives, and proprietary standards.
The legal community has been addressing this problem virulently with a positivist
perspective. On the one hand, the extend of the current legal environment’s capacity to adapt (in
the areas of antitrust, copyright, and patent law), on the other, the exposures arising from the
existing and active body of law are being examined, especially in the context of e-commerce, the
Internet, and the open source movement. Attempts to enrich the inherently private and
contractual nature of business law with public extensions, such as criminal law (Freedman 1999),
or unconventional ones, such as custom (Polanski, Johnston 2002), are being proposed. These
tendencies have begun spilling over into the information technology and systems discipline that
has begun to investigate the problem more tentatively, tangentially, and peripherally (van
Waarden 2001; Martin 2002). To date we found addressing little research directly and
systematically addressing these issues. An article by Sutton and Dobbin (1996) entitled “The
Two Faces of Governance: Responses to Legal Uncertainty in U.S. Firms, 1995 to 1985” was
limited to investigating the (and, as we believe, ungeneralizeable) impact of grievance
procedures and employment-at-will clauses and a test of efficiency of labor-control theories.
The present paper will depart from this current trend, however, with an innovative
approach. We argue that the issues are not completely elucidated with the current perspective of
legal parochialism. The law itself is being greatly impacted by the revolutionary advances in
information technology. The question arises if and to what extent the information technology
community affects the law.
Research Question
This paper poses the question of how strategic and associated structural decisions for
information technology and systems, their innovation, design, and execution, are conducted and
coalesce under legal turbulence. In order to not predicate our findings we initially choose the
more ambivalent - yet also more comprehensive - label “turbulence” rather than “risk” or
“uncertainty”; the latter are distinguishable concepts on the dimension of probability.
Probability, and thus cost, can be calculated under conditions of partial knowledge, i.e. risk, but
cannot be established but intuitively for conditions of uncertainty, i.e. absence of knowledge.
Since, however, either could be an antecedent in our research, we will initially use the terms,
including turbulence, interchangeably.
A secondary purpose of the paper is to define and measure the extent to which companies
either embrace legal turbulence or defend itself against it by proposing a new construct –
regulatory opportunism. This is in extension of previous work by Srinivasan, Lilien,
Rngaswamy (2002) and analogous to their proprietary construct of technological opportunism.
The attempt will be made to establish how cognizant of the potential and practice of regulatory
opportunism, and the ramifications of an activist strategy with respect to formulation and
articulation of new law, information technology-involved executives really are.
Our object of investigation is the “information technology-intensive” organization. Such
organizations can be stand-alone or part of larger entities. They can be entities for which IT is
an input or a tool for systems design and implementation, or a commodity-product in its own
right. They needn’t be intimately associated with the IT-industry. What imports is the
criticality and intensity of legal and regulatory implications for their information technology
strategy formulation, articulation, and implementation. Such complications are best observable
in the highly interactive, high-velocity, and high-stakes e-commerce environment. We are
therefore including companies of all industries, as long as their IT strategy is not exclusively
operational, but ultimately provides for competitive advantage at the level of the strategic apex.
Literature Review
The literature on the new strategic role of IT and the Information Systems function is still
evolving. Notably, recent research by Gottshalk [1999] is demonstrativ of the trend to focus on
the strategic role of information technology. In his study, he identifies (and evaluates by aid of a
matrix and the criterion of expired time horizon with respect to the strategy implementation) ten
content characteristics of formal information technology strategy from the research literature as
potential implementation predictors. These descriptions included (1) resources needed for the
implementation, (2) user involvement during the implementation, (3) analyses of the
organization, (4) anticipated changes in the environment, (5) solutions to potential resistance
during the implementation, (6) information technology to be implemented, (7) projects’
relevance to the business plan, (8) responsibility for the implementation, (9) management support
for the implementation, and (10) clarity of the documentation. Part of our contribution will be
to explode the above criterion that references change-anticipatory posture with respect to the
environment. We will differentiate ourselves from this comprehensive strategic IT management
perspective in two ways: (a) by isolating the regulatory and legal changes as such necessarily
anticipated ones; and (b) by zooming in on strategy, i.e. creation of competitive advantage in
order to generate above average returns, exclusively deriving from this environment.
To frame our research objective, we are bringing together three distinct areas of
literature: (a) Literature that gravitates around the question to what extent it is necessary to
address the new imperatives for information technology with a specific body of law. There is
rapidly intensifying inquiry from both the legal community and the business community into the
reality. Necessity, and existence of a new body of law termed labeled Cyberlaw; since it is new,
incomplete, and in transition, we consider this in support for our argument that strategic
decisionmaking would have to take into account the uncertainty and risk associated with the
genesis and mechanics of such a regime or system. (b) Secondly, we want to use the insights of
the literature that has researched the existence and effects of uncertainty with respect to
innovation in general. We consider the conclusions of this research transferable and extendable
to information systems and technology innovation today, in particular in the e-commerce
environment where IT itself has become a product with its own market(s) where technology is
externalized. (c) lastly, we will close in on the recent strategic theories that have recognized
turbulence, uncertainty, risk, and chaos as major determinants of the economic environment for
the firm and have begun introducing the new sciences into decisionmaking (i.e. game theory,
chaos theory, and the resulting “co-opetion” paradigm). Ancillary, we will name several other
attempts to reconcile the current legal environment with economic realities.
We will conclude this section with the proposed new construct of regulatory opportunism
that reconciles the two contexts of strategy and legal turbulence.
Innovation and Turbulence
Decisionmaking and Turbulence
The IT-intensive organization
Law and Turbulence
Figure 1: The Field Defined
Cyberlaw and the New Imperatives for IT-intensive Firms
There is a novel virulent debate ongoing in the legal community and, more recently, has
begun spilling over into the information technology community. At the center of the
controversy is the notion of Cyberlaw, and its existence as a distinct body of “law pertaining to
the Internet”. The mere existence of such a debate lends support to our argument for a turbulent
legal environment. Two views on how e-commerce and traditional commerce are converging
into a powerful and dominating new form of brick-and-click commerce for the future seem to be
emerging: the traditional lawyers’ perspective is a moderate and evolutionary one, in which
traditional fields of law will incrementally absorb the issues posed by cyberspace. Proponents of
Cyberlaw, also labeled “cyber-revolutionaries”, however, promote regulatory forbearance from
the existing law in favor of an entirely and fundamentally new legal field - or even discipline - in
its own right, designed to specifically address the threats posed by computer code. In their eyes,
computer code is more powerful than legal code and poses particularly grave threats to online
civil liberties and other acquired central values of American society left without explicit legal
protection by the framers of the Constitution (Lessig, 1999). What seems a rather explosive
engagement of scholars has been prompted by the advent of the Internet especially with its
commercial, global, and ubiquitous character. Thus circumscribed, it is cyberspace now that is
impacting the law considerably and in various areas.
Minda (2001), building on Lessig’s (1999) arguments, proposes an integrative approach
to these new categories that he labels “soft law” (code and regulation) and “hard law” (of nation-
states) in the context of international anti-trust regulability. “As Lessig’s groundbreaking
analysis of the internet has revealed, software technology is a form of regulation that is now
performing many of the functions heretofore performed by hard law. One could thus think of
the code running personal computers and other information technology as the “soft law
mechanisms” for regulating economic activity in cyberspace. “Soft” law and regulation, unlike
the hard law of nation-states, is plastic and hence malleable because there are infinite ways in
which instructions can be arranged. Hard law is relatively nonplastic and nonmalleable.
Judicial change is limited by judicial norms and doctrines like stare decisis, and the democratic
process is limited by inertia of legislation. Hard law mechanisms of international, regional and
domestic organizations also operate through governmental process that is also limited by the
sovereign reach of the government. On the international level, hard law is limited by entrenched
issues of comity, disharmony and nontransparency.” (Minda 2001). “The new networks of e-
commerce, linked globally by software programs, have constructed a new global economy based
on a new software technology that operates on a global scale to structure a totally new form of
soft regulation.” (Minda 2001)
Minda (2001) labels this new dominance of soft law “capitalism with the gloves off” or
“high-tech capitalism”. This evolution was promoted by the original commitment to
technological and competitive neutrality of the network architecture. This impartiality of a rather
straightforward mechanics of packet-switching promoted maximum intelligence outside of the
network and deliberately shifted innovative energy to private sector actors for ever evolving new
solutions, applications, and platforms to connect to the shared environment. In so favoring free
and unrestrained global information technology activity, it created the possibility for private
interests to contend for regulatory-like positions. Through an near infinite number of possible
arrangements of instructions with this highly malleable and plastic code private interests are now
in the position to (a) engage in regulatory arbitrage, by catering to the regulatory preferences of
the users, (b) to influence and shape the contours of the soft, making it “[…] gravitate to the
dominant private interests […]” (Minda 2001), and (c) promoting a “race to the bottom” (Minda
2001) of maximum possible deregulation by pitting regulation against regulation.
But nation-states are inherently partial. And our New Deal regulatory state especially
makes policy choices with respect to economic conduct and activity. A particularly manifest
example of such policy choices is the protective framework for intellectual property. Ironically,
it is this framework that enabled the genesis of the global network in the first place. But with its
monopoly-conducive character, it has also created a special problem with respect to antitrust
regulability, a social concern – in the words of Richard Hofstadter – based on “an enduring
American suspicion of concentrated power”. As nation-law, it is ultimately territorial. But the
impact of soft law is global and able to entirely escape individual national antitrust regulation.
This is so because “[n]etwork effects in turn allow the function of ownership of the design of the
network to entrench that [IP provided] monopoly power far beyond what would be justified b y
what is necessary to protect incentives to innovate.” (Minda 2001) This makes for locally
constrained regulation to become impotent in the face of a global phenomenon, the new
information technology monopolies. In the words of Minda (2001), this is the “iron law” of
globalization: monopoly power is global, antitrust is not.
Minda reconciles the dilemma in that what seems a manifest “un-regulability” of
Cyberspace is rather an inadequacy of the hard-law approach, but maybe an opportunity for the
soft-law approach. H e proposes to link the right to IP protection to the basic competitive norms
applicable to the markets where firms are found via voluntary commitment to minimum
standards enforced internationally, much in analogy to Van Wenzel Stones’s idea for global
labor markets. He also invoques the concept of “competitive operability”, “antitrust combines
with a global fair competition policy that recognized that freedom form monopoly power
limitations are necessary for market operability of IP products and markets.” (Minda 2001) Such
“[a]n integrative approach would permit a party to challenge a firm’s antitlement to IP protection
on the basis of monopolistic practices that have arisen as a result of the copyright misuse of IP
protection on the basis of competitive inoperability. An antimonopoly exception to IP protection
could be devised as a defense to infringement actions.” (Minda 2001) A less regulatory and more
private perspective, but nonetheless democratically and politically controversial, is to “build
within the soft of law of code a software technology that guards against anticompetitive
behavior.” (Minda 2001). This is in analogy to the automated rights management of software
with shrinkwrap, click-wrap, and expiration practices.
A second very powerful argument for a distinct legal framework is grounded in the new
imperatives of an information technology and Internet-centered organization. They can be
arranged in three categories: new business models based on monopolistic behavior, control of
information, and the propagation of private standards. These imperatives are in direct
contradiction to the underlying values of the traditional industrial economic model.
First, digital markets for digital goods have created a situation where competition seems
no longer a viable model. In the zero-variable-cost world of digital products and markets, e-
commerce II (Laudon 2002) business models cannot use the previous incremental growth model.
Reverse engineering and replication of digital products and processes makes for very quickly
eroding windows of opportunity. Due to zero variable cost, prices depress quickly between
competitors to unsustainable levels in the medium and long run. This requires that firms quickly
dominate the market by acquiring and securing large traffic and transaction volumes. The size
and convoluted structure of the Internet makes this increasingly costlier and results in extended
periods of up-front fixed cost. A competitive model would make recouping this accumulated
negative cashflow unpredictable. This, in turn would eliminate incentives for capital investment
and innovation. Only if a firm can immediately capture critical marketshare will it be in the
position to predictably recoup the initial investment.
It seems that the legal system in its current articulation cannot adequately capture this
atypical requirement. It continues to cater to an atomistic market with monopolistic competition
characteristics. But the successful examples of the new quasi-monopolies of e-Bay, Amazon,
Microsoft, and AOL, contrasted with the failures of WorldCom, Global Crossing, and Williams
Companies (in the absence of monopoly power), to name but a few, seem to suggest that we
should expect firms to actively pressure the system to include a model analogous to the
regulation of natural monopolies, be it based on the notion of return on capital investment, price
ceilings, or other.
Secondly, information is a dramatically appreciating asset. Organizations are now faced
with the following quandary: originally, the value of information increased through sharing. But
this was more true for intra-firm information. Inter-firm information, in contrast, has two
components: One that allows for the value creating effects of integration and networking
economics through openness, the other that is providing competitive advantage. This
competitive advantage derives, however, less from resource specificity or internal capability, but
from proposing a particular business process on a first mover basis. It thus needs to be
immediately secured and controlled. In parallel to the pharmaceutical industry, patents are used
to secure intellectual property rights and allow for a limited time monopolistic exploitation of
those rights. But the property rights were originally conceived for tangible products. Their
recent extension to business process and models with the State Street Bank decision in 1998
provided unprecedented momentum for monopoly structures. This in turn is gravely
inconsistent with the objectives of antitrust regulation. It furthermore makes increasingly
difficult to determine if, how, and to what extent originally public knowledge is being isolated,
converted to a private good, and appropriated. We expect firms to want to continue with their
patenting practices at high velocity to obtain the situation of effective “regulatory capture”.
Lastly, the above mentioned portion of knowledge that is shared is done so only with the
intention to destroy any remnants of strategic advantage. This is achieved by setting standards.
The value is greatest for the firm that is able to propagate its originally private technology
throughout the industry to become widely adopted as an industry standard. Even if subsequent
adopters derive value from some form of facilitated access to existing networks, their innovative
capacity and activity is predicated. This seems in contradiction with the regulatory perspective
of network and technology neutrality that evolved over the last two decades.
Finally, a reference to the European efforts in the area may yield additional insights.
Contrary to the rather uncoordinated and fragmented efforts of cyberspace and e-commerce
regulation in the U.S., The European Union has been attempting to govern with much more
regulatory activism. Several recent directives try to frame aspects of the sale of consumer goods
and associated guarantees, legal aspects of e-commerce activities in the common market,
harmonization of certain aspects of copyright and related issues, and establish a common ground
for he recognition of electronic signatures (Rekola, Pohjanpalo 2002). One can certainly remain
skeptical about the effectiveness and necessary dynamism of such efforts in the light of
traditional legal inertia and the heterogeneity of views of fifteen nations. It remains to bee seen
to what extent a necessary compromise will leading to a truly comprehensive, progressive, and
pragmatic regulation. However, it is a prime example of a high level of cognizance of the issues
on the part of the official regulators and the desire to curtail too much corporate mercantilism to
the detriment of consumer power.
Regulation, Innovation, Uncertainty, and Risk
The second body of literature where we found relevant and supporting notions for our
argument is comprised of the literature on innovation, and the tension between innovation and
regulation.
One strain of thought focuses on cultural dimensions.
Van Waarden (2001), in his recent comparative study of the Dutch and U.S. regulatory
environments, unravels a seeming paradox: Van Waarden’s posited that a more capable
innovative environment required a more stable and robust legal system. The U.S. legal
system, albeit manifestly detailed in nature and strictly enforced at first sight, is ultimately more
ambivalent. Due to legal pluriformity from a contentious federalist structure, activist litigation,
and a large production of case law, it is actually comparably less effective in reducing
uncertainty. In spite of this apparently less conducive regulatory environment, the U.S.,
however, disproportionately outperforms with respect to innovative capacity and activity. Van
Waarden ascribes this seemingly inconsistent result to cultural phenomena based on Hofstede’s
dimensions of cultural differences: The U.S. is more innovative because of its lower risk-averse
culture and uncertainty avoidance propensity.
Perel (2002) has advanced a similar conclusion on another of Hofstede’s dimensions. He
contrast American venture capitalism with the inferiority of Japanese consensus-style
management. He suggests the construct of “corporate courage” but criticizes shortcomings in
this area in the boardrooms and governance structures of publicly traded firms.
A more organo-technical explanation is advanced by Srinivasan, Lilien, and
Rangaswamy (2002). In extending the resourcebased view of the firm (Wernerfelt 1984, cited
in Srinivasan, Lilien, Rangaswamy 2002), the authors propose a new construct, labeled
technological opportunism. They distance themselves form the early research on the negative
form of opportunism, and approach their construct to the benign form originally explored by
Hunt, Reingen, and Ronchetto (1988) and Isenberg (1987). They identify two components:
technology-sensing and technology-response capability, and generalize the construct as an
additional firm-level capability in line with traditional strategy theory on resources and
capabilities, and consistent with the research on organizational traits.
They differentiated their construct form other related concepts of innovation
management, like organizational innovativeness (Deshpande, Farley, and Webster 1993) and
technological orientation (Gatignon and Xuereb 1997). They finally assimilate it conceptually to
market orientation of Jaworski and Kohli (1993).
This organizational trait is consistent with prior research on strategy that posited that
organizations proactively manipulate their environments to achieve their objectives. The
authors embed the construct in a model along institutional pressures on the firm to adopt the
technology, as well as complementary assets that facilitate the generation of value from the new
technologies. Basedcon prior research by Venkatesh and Davis (2000, cited in Srinivasan,
Lilien, and Rangaswamy 2002), perceived usefulness of the technology is included as an
explanatory variable. We find particularly relevant the contribution that invalidates the
previously held notion of the existence of some sole factor to drive “[…] firms to seek and
respond to technologies of their own volition, even in the absence of external pressures. Our
results of the role of technological opportunism on e-business adoption suggest that such a
perspective is misleading. An integrated model of technology adoption that includes a proactive
driver (technological opportunism) and a reactive driver (institutional pressures) provides a more
complete depiction of the adoption process.” (Srinivasan, Lilien, and Rangaswamy 2002) It is in
analogy to this construct that we will propose our construct of technological opportunism.
Finally we want to point to research preoccupied with other determinants of innovation.
Souitaris’s (2002) contribution is indicative of some interest in determinants of innovation, but
the scope of his study allows for little transposition into the current American situation. He
tested the applicability of Pavitt’s (1984) taxonomy of pattern’s of technological change
(socalled technological trajectories) with 105 manufacturing firms in Greece and identified
moderators for the inconsistent results of the management literature on the determinants of
technological innovation. He demonstrated that firms in different trajectories of Pavitt’s
taxonomy had differences in the rate of technological innovation. Especially “science-based”
firms (i.e. the category closest to our own scope) were found to dpend upon technology-related
variables, such as education and experience of personnel growth in profitability, and panel
discussions with lead customers. (Souitaris 2002)
Decisionmaking under Turbulence and the New Sciences
The third body of literature that circumscribes our issue is the established body of
knowledge on decisionmaking under turbulence in general. We will propose extensions to it
with respect to the legal environment in particular.
The organizational responses to turbulence have been investigated along the two
dimensions of structure and strategy.
Traditional contingency theories of management (Burns and Stalker 1961; Scott 1981,
cited in Ashmos, Duchon, McDaniel 2000) initially focused on structural responses and
established that, in order to adequately respond to variability in their environments, firms will in
fact align their structural complexity with the environmental complexity. They become more
complex and organic in the light of increasing variance around them, and conversely, under
conditions of stability, reduce their complexity and become more mechanistic.
Subsequent work by Boisot and Child (1999, cited in Ashmos, Duchon, McDaniel 2000)
identified organizations that would adopt mechanistic and simple structures despite
environmental turbulence. This is considered inconsistent with complexity theory that views
organizations exclusively as complex adaptive systems (Capra 1996; Stacey 1995; Wheatley
1992, cited in Ashmos, Duchon, McDaniel 2000) […] “that should be organized accordingly –
with multiple and conflicting goals, a variety of strategic priorities, increased connectivity among
people, as well as structural variety intended to maximize the flow of information and meaning
in the organization.” (Ashmos, Duchon, McDaniel 2000, 578). This contrarian approach was
termed “complexity reduction response” and the original “complexity absorption response”.
Ashmos, Duchon, McDaniel (2000) then tested the theory with a study of eight hospitals.
(Albeit an IT-unrelated industry, we think that their study deserves respect for its
generalizeability). Measuring goals, strategies, decisionmaking relationships, and structure
along the two dimensions of cognitive (i.e. measuring information content flow between agents)
and relational complexity (i.e. measuring structure of interactions among members) found that
complexity reduction responses were significantly outperformed by complexity absorption
responses. We believe that our proposed construct of regulatory opportunism, for its embracing
and leveraging character with respect to legal turbulence, would be categorized under the latter.
However, we also found indications, that, absent a formal model such as the above,
earlier views on managing legal risk focused on another dimension of structure, i.e.
formalization. “Policies and procedures should be created to promote the understanding of
potential legal risks. This understanding will encourage organizations to obtain help from legal
experts to design controls to subdue such risks.” (Bandyopadhyay, Mykytyn, Mykytyn 1999,
442) But this perspective is limited to the traditional reactive stance towards a presumably fixed
legal environment where the organization violates for example anti-trust and privacy in pursuit
of competitive advantage via IT deployment (Lightle and Sprohge 1992). A summary review of
popular industry publications confirmed the emphasis of an analytical-reactive stance with
respect to existing law in terms of liability, exposures, litigation, and compliance issues
(Newman 2001; Martin 2002; Greisiger 2002; Morris 2001; Croydon 2002; Bardy, Monin,
Tingley, Skelton 1999; Aldred 2000; Walter 2000; Dyson 1999). This strain of ideas stresses a
reactive and submissive posture, respectful of the status quo and focused on avoiding litigation.
It ultimately assimilates legal risks to other categories of risk and extends risk management logic
to it. We differentiate ourselves from this perspective by promoting an activist and proactive
stance: organizations should - and actually do - proactively engage in governance, shaping,
crafting, or creation of new and additional law. We intend to capture this potential via our
proposed construct of regulatory opportunism.
A review of more academically oriented literature validated the above tendencies.
Haapio (2001) proposes to capture the various forms of legal risk management practices, legal
audits, and compliance programs with the concept of “preventive law and contracts” and “Safe
Sales”.
In the management literature, the concept of scanning pushes the preemptive-reactive
attitude even further upstream (Lozada, Calantone 2001). Their research and emphasis on the
importance of anticipating important environmental changes is consistent with our proposed
construct of regulatory opportunism.
A second trend in desisionmaking analysis has been to look outside of the immediate
rational logic of business. This was the inclusion of game theory. Marrying game theoretical
concept seems especially appropriate since they originated in the ranks of Computer Science .
First formalized for economics by the mathematicians Nash, Harsanyi, and Selten (1994), it
recently was popularized for business and strategy by Brandenburger and Nalebuff with the
construct of co-opetition (1996, 6): “Game theory makes it possible to move beyond overly
simple ideas of competition and cooperation to reach a vision of co-opetition more suited to the
opportunities of our time. To many, this will come as a surprise. The image game theory often
conjures up is business-as-war. That’s to be expected, since the field was born during World
War II and grew up during the Cold War. The mentality was one of winners and losers – the
zero-sum game, even the zero-sum society. But that’s only half the subject. Contemporary
game theory applies just as well to positive-sum – or win-win – games. The real value of Game
theory for business comes when the full theory is put into practice: when game theory is applied
to the interplay between competition and cooperation.” So characterized, we believe that game
theory represents a fertile ground for response strategies given the tension between control over
information and the need for standards.
Finally, chaos theories of change management also capture some of the issues of
managing the information technology-intensive firm in a climate of legal turbulence: Brown and
Eisenhardt (1998) conducted grounded theory research on strategy and structure of twelve firms
in the computer industry representative for their ability to change and manage change. In their
study published under the title “Competing on the Edge – Strategy as Structured Chaos” they
motivated their choice as follows (1998, 249): “We focused our research on the computer
industry because it is the prototypical illustration of a high-velocity industry for which managing
change is the key strategic challenge. Each of the twelve businesses we studied competes in
industry segments that are extremely competitive and have high rates of technological change.
These businesses are thus ideal for studying strategy and organization in situations where the
ability to change is central to superior performance.” They contrast their approach with “[…]
other approaches to strategy that assume clear industry boundaries, predictable competition, or
knowable future. As such, these other approaches are insightful for setting a broad strategic
direction for markets in which change is slow enough that a sustainable advantage or defensible
position can be identified as lasting for a long period, perhaps even […] a decade or more […].
A more dynamic approach like game theory, gets closer to the competitive reality of fast-paced
change that many firms face. It is incomplete, however, because it focuses on “where do you
want to go?” and neglects the other half of strategy – “how are you going to get there?” In
contrast, competing on the edge assumes that industries are rapidly and unpredictably changing
and, therefore, that the central strategic challenge is managing change.”
“The underlying insight behind competing on the edge is that strategy is the result of a
firm’s organizing to change constantly and letting a semicoherent strategic direction emerge
from that organization. In other words, it is about combining the two parts of strategy by
simultaneously addressing where you want to go and how you are going to get there. A
semicoherent strategic direction is fundamentally different form what is traditionally called
strategy. What is unique and even provocative about it […] is [that it is] unpredictable […],
uncontrolled […], inefficient […], proactive […], continuous […], diverse.”
We find that this perspective can readily be extended to account for the degree and
intensity of firms’ adaptive, adoptive, and directive capacity with respect to the legal and
regulatory environment.
The Case for Regulatory opportunism of the IT-intensive Organization
Especially the above study on technological opportunism (Srinivasan, Lilien, and
Rangaswamy 2002) provides impetus for further development. Combined with the insights on
the new powers of private actors to shape and craft Cyberlaw, we propose an additional construct
for the purpose of the present paper, labeled regulatory opportunism. We believe that,
analogous to the above technological opportunism, there exists a measurable organizational trait
of a benign form of opportunism that defines law-sensing and law-response capabilities of the
information technology-intensive firm. This construct can be distinguished from the existing
ones as elaborated by Srinivasan, Lilien, and Rangaswamy (2002). We posit that firms that are
aware of changes and turbulence in their legal environment are likely to create pressures to make
the legal environment gravitate towards them. Strategy research has already established that
organizational decision makers are more likely to exert affirmative and proactive measures in the
light of strategic issues perceived as opportunities. Dutton and Duncan (1987, cited in
Srinivasan, Lilien, and Rangaswamy 2002) suggested that managers perceive such situations as
positive and more controllable. We feel that regulatory opportunism will prompt those firms to
perceive legal turbulence as a potential source of growth for the firm (through entrenching their
monopoly position for example) and will respond actively to absorb the inefficacies of the
regulators. This leads us to compare the new situation to the previous of regulatory capture. The
difference is that in regulatory capture, the firm had to be large, or part of an entire industry with
critical mass. It affected the decisionmaking process of the regulator itself, whereas, today, any
size firm is equally capable of neutralizing and predicate regulatory efforts through its own code.
These are not evasive political tactics or maneuvers like regulatory capture activities. These are
truly regulating, standard-setting activities substituting for the incapacity of the regulators.
Regulatory Capture
Regulator IT Innovator l
Figure 2 – Traditional Regul
Lega
Certainty
atory Capture
Regulator
IT Innovator
Regulatory Opportunism
Code/Soft Law and Regulation
Figure 3 – Regulatory Opportunism
Bibliography
Ashmos, D.P., D. Duchon, R.R. McDaniel (2000), “Organizational Responses to Complexity:
The Effect on Organizational Performance”, Journal of Organizational Change Management,
Vol. 13, No. 6, pp. 577-607
Aldred, C. (2000), “Internet Brings Global Liabilities”, Business Insurance, Vol. 34, No. 22,
pp. 17-18
Bagby, J.W. (2002), “Cyberlaw: A Forward”, Amercian Business Law Journal”, Vol 39, No. 6,
pp. 521-530
Bandyopandhyay, K., P.P. Mykytyn, K. Mykytyn, (1999), “A Framework for Integrated Risk
Management in Information Technology”, pp. 437-444
Brandenburger, A., B.J. Nalebuff, “Co-opetition”, Currency, New York, 1996
Brady, M.J., L.O. Monin, C.R. Tingley, T.L. Skelton (1999), “The World Wide Weband the
New World of Litigation: A Basic Introduction”, Defense Counsel Journal, Vol. 66, No. 4, pp.
497 - 536
Brown, S.L., K.M. Eisenhardt, “Competing on the Edge – Strategy as Structured Chaos”, HBS,
Boston, 1998
Croydon, H. (2002), “Making Sense of Cyber Exposures”, National Underwriter, Vol. 106, No.
24, pp 26-30
Doherty, S. (2002), “Managing Your Digital Rights”, Network Computing, Vol. 13, No. 19,
pp. 65-68
Don, B. (1999), “Revolutionary Adaptations”, Harvard International Review”, Vol. 21, No. 3,
pp. 42-46
Drucker, P., “Post-Capitalist Society”, Harper Business, New York, 1993
Dyson, B. (1999), “trying to Keep Pace With the Internet”, Reactions, Vol. 19, No.7, pp. 48-50
Fitzgerald, Brian F., (2000) “Software as Discourse: The Power of Intellectual Property in
Digital Architecture”, 18 Cardozo Artz& Ent LJ 337.
Freedman, C.D. (1999), “The Extension of the Criminal Law to Protecting Confidential
Commercial Information: Comments on the Issues and the Cyber-Context”, International Review
of Law, Computers & Technology, Vol 13, No. 2, pp. 147-162
Greenstein, S. (2002), “Markets ofr Technology: The Economics of Innovation and Corporate
Strategy”, Academy of Management Review, Vol. 27, No. 4, pp. 624-626
Greisiger, M. (2002), “The Perils of Web Site Liability”, Risk management, Vol. 49, No. 7, pp.
26-34
Gottschalk, P. (1999) “Strategic Information Systems Planning: The IT Strategy Implementation
Matrix”, European Journal of Information Systems, vol. 8, no. 2, pp. 107-118.
Gottschalk, P. (1999), “Implementation of Formal Plans: The Case of Information Technology
Strategy”, Long Range Planning, Vol. 32, No. 3, pp. 362-372
Gottschalk, P. (1999), “Implementation Predictors of Strategic Information System Plans”,
Information & Management, Vol. 36, pp. 77-91
Grover, V., P. Ramanlal (1999), “Six Myths of Information and Markets: Information
Technology Networks, electronic commerce, and the Battle for Consumer Surplus”, MIS
Quarterly, Vol. 23, No. 4, pp. 465-495.
Haapio, H. (2001), “Quality and E-Commerce Online Sales, Automated Contracts, Legal
Issues”, Quality Congress, ASQ’s Annual Quality Congress Proceedings 2001, pp. 37-52
Hackney, Ray, S. Little, (1999) “Opportunistic Strategy Formulation for ID/IT Planning”,
European Journal of Information Systems, vol. 8, no. 2, pp. 119-126.
Kobrin, S.J. (2002), “Territoriality and the Governance of Cyberspace”, Journal of International
Business Studies, Vol. 32, No. 4, pp. 687-704
Ku, R.S.R (2002), “The Creative Destruction of Copyright: Napster and the new Economics of
Digital Technology”, Vol. 69, No. 1, pp. 263-324
Laudon, K.C., C.G. Traver, “E-Commerce: Business, Technology, Society”, Addison Wesley,
Boston, 2002
Lessig, L., “Code and other Laws of Cyberspace”, Basic Books, 1999
Lessig, L. “The Future of Ideas; The Fate of the Commons in a Connected World”, Random
House, New York, 2001
Lightle, S., H. Sprohge, “Strategic Information System Risk”, Internal Auditing, Vol 8, No. 1,
pp. 31-36
Martin, R. (2002), “Managing IT in a Regulated Environment”, MSI, Vol. 20, No. 10, pp. 39-
40
Martindale, R. (2002), “Copy Fights: The Future of Intellectual Property in the Information
Age”, Library Journal, Vol. 127, No. 15, pp. 100
Minda, G. (2001), “Antitrust Regulability and the new Digital Economy: A Proposal for
Integrating “Hard” and “Soft” Regulation”, Antitrust Bulletin, Vol. 46, No. 3, pp. 439-511
Morris, B.A. (2001), Addressing E-Commerce Exposures”, Financial Executive, Vol. 17, No.
8, pp. 40-43
Nadel, M.S. (2000), “Computer Code vs. Legal Code: Setting the Rules in Cyberspace”,
Federal Communications Law Journal, Vol. 52, No. 3, pp. 821-836
Newman, S. (2001), “Legal Risk Analysis: legal Risk management via Dependency Modeling”,
Computer Law & Security Report, Vol. 17, No. 6, pp. 409-414
Patel, N.V. (2002), “Emergent Forms of IT Governance to Support Global E-Business Models”,
Journal of Information Technology Theory and Application, Vol. 4, No. 2, pp. 33-48
Perel, M. (2002), “Corporate Courage: Breaking the Barrier to Innovation”, Research and
Technology Management, May-June 2002, pp. 9-17
Polanski, P.P., R.B. Johnston (2002), Potential of Custom in Overcoming Legal Uncertainty in
Global Electronic Commerce, Jorunal of Information Technology Theory and Application, Vol.
4, No. 2, pp 1-16
Radcliffe, M.F., J. Sazama (2002), “Hollywood Confronts the Napster Challenge”, Managing
Intellectual Property, No. 123, pp. 73-79
Rekola, K., P. Pohjanpalo (2002), “Finland: Developing Regulation ofr the IT Regime”,
International Financial Law Review, Supplement: The IFLR Guide to the Nordic Region, pp.
69-77
Rowden, R.W. (2001), “The Learning Organization and Strategic Change”, S.A.M. Advanced
Management Journal, Vol. 66, No. 3, pp. 11-16
Somendra, P., H. Cheng, (1999) “ An Integrated Framework for Strategic Information Systems
Planning”, Information Resources management Journal, vol. 12, no. 1, pp. 15-25.
Souitaris, V. (2002), “Technological Trajectories as Moderators of Firm-Level Determinants of
Innovation”, Research Policy, Vol. 31, pp. 877-898
Srinivasan, R., G.L. Lilien, A. Rangaswamy (2002), “Technological Opportunism and Radical
Technology Adoption: An Application to E-Business”, Journal of Marketing, Vol. 66. No. 3,
pp. 47-60
Sutton, J.R., F. Dobbin (1996), “The Two Faces of Governance: responses to Legal Uncertainty
in U.S. Firms, 1955 to 1985”, American Sociological Review, Vol. 61, No. 5, pp. 794-811
Trott, B., J. Jones (2000), “Microsoft’s Legal Gambit”, InfoWorld, Vol. 22, No. 15, pp. 1, 32
Van Waarden, F. (2001), Institutions and Innovation: The Legal Environment of Innovating
Firms”, Organization Studies, Vol. 22, No. 5, pp. 765-795
Walter, P. (2000), “Privacy Provisions of Gramm-Leach-Bliley: No Small Compliance Task”,
ABA Bank Compliance, Vol. 21, No. 5, pp. 7-11
Zilner, T. (2002), “The Future of Ideas: The Fate of the Commons in a Connected World”,
Information Technology and Libraries, Vol. 21, No. 3, pp135-137