“For decades, standards development has been anchored in the idea that the Internet is (and should be) one global network. If we could just get everyone in the room—vendors, governments, engineers, and civil society—we could hash out common rules that worked for all.”
That premise is a lovely ideal, but it no longer reflects reality. The Internet isn’t collapsing, but it is fragmenting: tariffs, digital sovereignty drives, export controls, and surveillance regimes all chip away at the illusion of universality. Standards bodies that still aim for global consensus risk paralysis. And yet, walking away from standards altogether isn’t an option.
The real question isn’t whether we still need standards. The question is how to rethink them for a world that is fractured by design.
This is the fourth of a four-part series on what the Internet will look like for the next generation of people on this planet.
- First post: “The End of the Global Internet“
- Second post: “Why Tech Supply Chains, Not Protocols, Set the Limits on AI and the Internet“
- Third post: “The People Problem: How Demographics Decide the Future of the Internet“
- Fourth post: [this one]
You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.
And be sure to leave me a Rating and Review!
Global internet, local rulebooks
If you look closely, today’s Internet is already more a patchwork quilt of overlapping, sometimes incompatible regimes, and less global.
- Europe pushes digital sovereignty and data protection rules, with eIDAS2 and the AI Act setting global precedents.
- The U.S. leans on export controls and sanctions, using access to chips and cloud services as levers of influence.
- China has doubled down on domestic control, firewalling traffic and setting its own technical specs.
- Africa and Latin America are building data centers and digital ID schemes to reduce dependence on foreign providers, while still trying to keep doors open for trade and investment.
Standards development bodies now live in this reality. The old model where universality was the goal and compromise was the method is harder to sustain. If everyone insists on their priorities, consensus stalls. But splintering into incompatible systems isn’t viable either. Global supply chains, cross-border research, and the resilience of communications all require at least a shared baseline.
The challenge is to define what “interoperable enough” looks like.
The cost side is getting heavier
The incentives for participation in global standards bodies used to be relatively clear: access to markets, influence over technical direction, and reputational benefits. Today, the costs of cross-border participation have gone up dramatically.
Trade wars have re-entered the picture. The U.S. has imposed sweeping tariffs on imports from China and other countries, hitting semiconductors and electronics with rates ranging from 10% to 41%. These costs ripple across supply chains. On top of tariffs, the U.S. has restricted exports of advanced chips and AI-related hardware to China. The uncertainty of licensing adds compliance overhead and forces firms to hedge.
Meanwhile, the “China + 1” strategy—where companies diversify sourcing away from over-reliance on China—comes with a hefty price tag. Logistics get more complex, shipping delays grow, and firms often hold more inventory to buffer against shocks. A 2025 study estimated these frictions alone cut industrial output by over 7% and added nearly half a percent to inflation.
And beyond tariffs or logistics, transparency and compliance laws add their own burden. The U.S. Corporate Transparency Act requires firms to disclose beneficial ownership. Germany’s Transparency Register and Norway’s Transparency Act impose similar obligations, with Norway’s rules extending to human-rights due diligence.
The result is that companies are paying more just to maintain cross-border operations. In that climate, the calculus for standards shifts. “Do we need this standard?” becomes “Is the payoff from this standard enough to justify the added cost of playing internationally?”
When standards tip the scales
The good news is that standards can offset some of these costs when they come with the right incentives.
One audit, many markets. Standards that are recognized across borders save money. If a product tested in one region is automatically accepted in another, firms avoid duplicative testing fees and time-to-market shrinks.
Case study: the European Digital Identity Wallet (EUDI). In 2024, the EU adopted a reform of the eIDAS regulation that requires all Member States to issue a European Digital Identity Wallet and mandates cross-border recognition of wallets issued by other states. The premise here is that if you can prove your identity using a wallet in France, that same credential should be accepted in Germany, Spain, or Italy without new audits or registrations.
The incentives are potentially powerful. Citizens gain convenience by using one credential for many services. Businesses reduce onboarding friction across borders, from banking to telecoms. Governments get harmonized assurance frameworks while retaining the ability to add national extensions. Yes, the implementation costs are steep—wallet rollouts, legal alignment, security reviews—but the payoff is smoother digital trade and service delivery across a whole bloc.
Regulatory fast lanes. Governments can offer “presumption of conformity” when products follow recognized standards. That reduces legal risk and accelerates procurement cycles.
Procurement carrots. Large buyers, both public and private, increasingly bake interoperability and security standards into tenders. Compliance isn’t optional; it’s the ticket to compete.
Risk transfer. Demonstrating that you followed a recognized standard can reduce penalties after a breach or compliance failure. In practice, standards act as a form of liability insurance.
Flexibility in a fractured market. A layered approach—global minimums with regional overlays—lets companies avoid maintaining entirely separate product lines. They can ship one base product, then configure for sovereignty requirements at the edges.
When incentives aren’t enough
Of course, there are limits to how far incentives can stretch. Sometimes the costs simply outweigh the benefits.
Consider a market that imposes steep tariffs on imports while also requiring its own unique technical standards, with no recognition of external certifications. In such a case, the incentive of “one audit, many markets” collapses. Firms face a choice between duplicating compliance efforts, forking product lines, or withdrawing from the market entirely.
Similarly, rules of origin can blunt the value of global standards. Even if a product complies technically, it may still fail to qualify for preferential access if its components are sourced from disfavored regions. Political volatility adds another layer of uncertainty. The back-and-forth implementation of the U.S. Corporate Transparency Act illustrates how compliance obligations can change rapidly, leaving firms unable to plan long-term around standards incentives.
These realities underline a sad reality that incentives alone cannot overcome every cost. Standards must be paired with trade policies, recognition agreements, and regulatory stability if they are to deliver meaningful relief. Technology is not enough.
How standards bodies must adapt
It’s easy enough to say “standards still matter.” What’s harder is figuring out how the institutions that make those standards need to change. The pressures of a fractured Internet aren’t just technical. They’re geopolitical, economic, and regulatory. That means standards bodies can’t keep doing business as usual. They need to adapt on two fronts: process and scope.
Process: speed, modularity, and incentives
The traditional model of consensus-driven standards development assumes time and patience are plentiful. Groups grind away until they’ve achieved broad agreement. In today’s climate, that often translates to deadlock. Standards bodies need to recalibrate toward “minimum viable consensus” that offer enough agreement to set a global baseline, even if some regions add overlays later.
Speed also matters. When tariffs or export controls can be announced on a Friday and reshape supply chains by Monday, five-year standards cycles are untenable. Bodies need mechanisms for lighter-weight deliverables: profiles, living documents, and updates that track closer to regulatory timelines.
And then there’s participation. Costs to attend international meetings are rising, both financially and politically. Without intervention, only the biggest vendors and wealthiest governments will show up. That’s why initiatives like the U.S. Enduring Security Framework explicitly recommend funding travel, streamlining visa access, and rotating meetings to more accessible locations. If the goal is to keep global baselines legitimate, the doors have to stay open to more than a handful of actors.
Scope: from universality to layering
Just as important as process is deciding what actually belongs in a global standard. The instinct to solve every problem universally is no longer realistic. Instead, standards bodies need to embrace layering. At the global level, focus on the minimums: secure routing, baseline cryptography, credential formats. At the regional level, let overlays handle sovereignty concerns like privacy, lawful access, or labor requirements.
This shift also means expanding scope beyond “pure technology.” Standards aren’t just about APIs and message formats anymore; they’re tied directly to procurement, liability, and compliance. If a standard can’t be mapped to how companies get through audits or how governments accept certifications, it won’t lower costs enough to be worth the trouble.
Finally, standards bodies must move closer to deployment. A glossy PDF isn’t sufficient if it doesn’t include reference implementations, test suites, and certification paths. Companies need ways to prove compliance that regulators and markets will accept. Otherwise, the promise of “interoperability” remains theoretical while costs keep mounting.
The balance
So is it process or scope? The answer is both. Process has to get faster, more modular, and more inclusive. Scope has to narrow to what can truly be global while expanding to reflect regulatory and economic realities. Miss one side of the equation, and the other can’t carry the weight. Get them both right, and standards bodies can still provide the bridges we desperately need in a fractured world.
A layered model for fractured times
So what might a sustainable approach look like? I expect the future will feature layered models rather than a universal one.
At the bottom of this new stack are the baseline standards for secure software development, routing, and digital credential formats. These don’t attempt to satisfy every national priority, but they keep the infrastructure interoperable enough to enable trade, communication, and research.
On top of that baseline are regional overlays. These extensions allow regions to encode sovereignty priorities, such as privacy protections in Europe, lawful access in the U.S., or data localization requirements in parts of Asia. The overlays are where politics and local control find their expression.
This design isn’t neat or elegant. But it’s pragmatic. The key is ensuring that overlays don’t erode the global baseline. The European Digital Identity Wallet is a good example: the baseline is cross-border recognition across EU states, while national governments can still add extensions that reflect their specific needs. The balance isn’t perfect, but it shows how interoperability and sovereignty can coexist if the model is layered thoughtfully.
What happens if standards fail
It’s tempting to imagine that if standards bodies stall, the market will simply route around them. But the reality of a fractured Internet is far messier. Without viable global baselines, companies retreat into regional silos, and the costs of compliance multiply. This section is the stick to go with the carrots of incentives.
If standards fail, cross-border trade slows as every shipment of software or hardware has to be retested for each jurisdiction. Innovation fragments as developers build for narrow markets instead of global ones, losing economies of scale. Security weakens as incompatible implementations open new cracks for attackers. And perhaps most damaging, trust erodes: governments stop believing that interoperable solutions can respect sovereignty, while enterprises stop believing that global participation is worth the cost.
The likely outcome is not resilience, but duplication and waste. Firms will maintain redundant product lines, governments will fund overlapping infrastructures, and users will pay the bill in the form of higher prices and poorer services. The Internet won’t collapse, but it will harden into a collection of barely connected islands.
That’s why standards bodies cannot afford to drift. The choice isn’t between universal consensus and nothing. The choice is between layered, adaptable standards that keep the floor intact or a slow grind into fragmentation that makes everyone poorer and less secure.
Closing thought
The incentives versus cost tradeoff is not a side issue in standards development. It is the issue. The technical community must accept that tariffs, sovereignty, and compliance aren’t temporary distractions but structural realities.
The key question to ask about any standard today is simple: Does this make it cheaper, faster, or less risky to operate across borders? If the answer is yes, the standard has a future. If not, it risks becoming another paper artifact, while fragmentation accelerates.
Now I have a question for you: in your market, do the incentives for adopting bridge standards outweigh the mounting costs of tariffs, export controls, and compliance regimes? Or are we headed for a world where regional overlays dominate and the global floor is paper-thin?
📩 If you’d rather have a notification when a new blog is published rather than hoping to catch the announcement on social media, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here]
Transcript
[00:00:29] Welcome back to A Digital Identity Digest.
Today, I’m asking a big question that’s especially relevant to those of us working in technical standards development:
Can standards survive trade wars and sovereignty battles?
For decades, the story of Internet standards seemed fairly simple — though never easy:
get the right people in the room, hammer out details, and eventually end up with rules that worked for everyone.
[00:00:58] The Internet was one global network, and standards reflected that vision.
[00:01:09] That story, however, is starting to fall apart.
We’re not watching the Internet collapse, but we are watching it fragment — and that fragmentation carries real consequences for how standards are made, adopted, and enforced.
[00:01:21] In this episode, we’ll explore:
- Why the cost of participating in global standards has gone up
- How incentives can still make standards development worthwhile
- What happens when those incentives fall short
- And how standards bodies need to adapt to stay relevant
[00:01:36] So, let’s dive in.
The Fragmenting Internet
[00:01:39] When the Internet first spread globally, it seemed like one big network — or at least, one big concept.
[00:01:55] But that’s not quite true anymore.
Let’s take a few regional examples.
- Europe has leaned heavily into digital sovereignty, with rules like GDPR, the AI Act, and the updated eIDAS regulation. Their focus is clear: privacy and sovereignty come first.
- The United States takes a different tack, using export controls and sanctions as tools of influence — with access to semiconductors and cloud services as leverage in its geopolitical strategy.
- China has gone further, building its own technical standards and asserting domestic control over traffic and infrastructure.
- Africa and Latin America are investing in local data centers and digital identity schemes, aiming to reduce dependency while keeping doors open for global trade and investment.
[00:02:46] When every region brings its own rulebook, global consensus doesn’t come easily.
Bodies like ISO, ITU, IETF, or W3C risk stalling out.
Yet splintering into incompatible systems is also costly:
- It disrupts supply chains
- Slows research collaborations
- And fractures global communications
[00:03:31] So let’s start by looking at what all of this really costs.
The Rising Cost of Participation
[00:03:35] Historically, incentives for joining standards efforts were clear:
- Influence technology direction
- Ensure interoperability
- Build goodwill as a responsible actor
[00:03:52] But that equation is changing.
Take tariffs, for example.
- U.S. tariffs on imports from China and others now range from 10% to 41% on semiconductors and electronics.
- Export controls restrict the flow of advanced chips, reshaping entire markets.
- Companies face new costs: redesigning products, applying for licenses, and managing uncertainty.
[00:04:33] Add in supply chain rerouting — the so-called “China Plus One” strategy — and you get:
- More complex logistics
- Longer delays
- Higher inventory buffers
Recent studies show these frictions cut industrial output by over 7% and add 0.5% to inflation.
[00:04:58] It’s not just the U.S. — tariffs are now a global trend.
Then there are transparency laws, like:
- The U.S. Corporate Transparency Act
- Germany’s Transparency Register
- Norway’s Transparency Act, which even mandates human rights due diligence
[00:05:33] The result?
The baseline cost of cross-border operations is rising — forcing companies to ask if global standards participation is still worth it.
Why Standards Still Matter
[00:05:50] So, why bother with standards at all?
Because well-designed standards can offset many of these costs.
[00:05:56] Consider the power of recognition.
If one region accepts a product tested in another, companies save on duplicate testing and reach markets faster.
[00:06:07] A clear example is the European Digital Identity Wallet (EUDI Wallet).
In 2024, the EU updated eIDAS to:
- Require each member state to issue a European Digital Identity Wallet
- Mandate mutual recognition between member states
This means:
- A wallet verified in France also works in Germany or Spain
- Citizens gain convenience
- Businesses reduce onboarding friction
- Governments maintain a harmonized baseline with room for local adaptation
[00:06:56] Though rollout costs are high — covering legal alignment, wallet development, and security testing — the payoff is smoother digital trade.
Beyond recognition, strong standards also offer:
- Regulatory fast lanes: Reduced legal risk when products follow recognized standards
- Procurement advantages: Interoperability requirements in public tenders
- Risk transfer: Accepted standards can serve as a partial defense after incidents
[00:07:34] In effect, standards can act as liability insurance.
[00:07:41] But not all incentives outweigh the costs.
When countries insist on unique local standards without mutual recognition, “one audit, many markets” collapses.
[00:08:05] Companies duplicate compliance, fork product lines, or leave markets.
Rules of origin and political volatility add further uncertainty.
[00:08:44] So yes — standards can tip the scales, but they can’t overcome every barrier.
The Changing Role of Standards Bodies
[00:08:54] Saying “standards still matter” is one thing — ensuring their institutions adapt is another.
[00:09:02] The pressures shaping today’s Internet are not just technical but geopolitical, economic, and regulatory.
That means standards bodies must evolve in two key ways:
- Process adaptation
- Scope adaptation
[00:09:19] The old “everyone must agree” consensus model now risks deadlock.
Bodies need to move toward a minimum viable consensus — enough agreement to set a baseline, even if regional overlays come later.
[00:09:39] Increasingly, both state and corporate actors exploit the process to delay progress.
Meanwhile, when trade policies change in months, a five-year standards cycle is useless.
[00:10:16] Standards organizations must embrace:
- Lighter deliverables
- Living documents
- Faster updates aligned with regulatory change
[00:10:32] Participation costs are another barrier.
If only the richest governments and companies can attend meetings, legitimacy suffers.
Efforts like the U.S. Enduring Security Framework, which supports broader participation, are essential.
[00:11:10] Remote participation helps — but it’s not enough.
In-person collaboration still matters because trust is built across tables, not screens.
Rethinking Scope and Relevance
[00:11:31] Scope matters too.
Standards bodies should embrace layering:
- Global level: focus on secure routing, baseline cryptography, credential formats
- Regional level: handle sovereignty overlays — privacy, lawful access, labor rules
[00:11:55] Moreover, the scope must expand beyond technology to include:
- Procurement
- Liability
- Compliance
If standards don’t reduce costs in these areas, they won’t gain traction — no matter how elegant they look in PDF form.
[00:12:12] Standards also need to move closer to deployment:
- Include reference implementations
- Provide test suites
- Define certification paths that regulators will accept
Without these, interoperability remains theoretical while costs keep rising.
[00:12:53] Ultimately, this is both a process problem and a scope problem.
Processes must be faster and more inclusive.
Scopes must be realistic and economically relevant.
The Risk of Fragmentation
[00:13:11] Some argue that if standards bodies stall, the market will route around them.
But a fractured Internet is messy:
- Cross-border trade slows under multiple testing regimes
- Innovation fragments into narrow regional silos
- Security weakens as incompatible implementations open new vulnerabilities
[00:13:45] And perhaps worst of all, trust erodes.
Governments lose faith in interoperability; companies question the value of participation.
[00:13:55] The outcome isn’t resilience — it’s duplication, waste, and higher costs.
[00:14:07] The Internet won’t disappear, but it risks hardening into isolated digital islands.
That’s why standards bodies can’t afford drift.
[00:14:26] The real choice is between:
- Layered, adaptable standards that maintain a shared baseline
- Or a slow grind into fragmentation that makes everyone poorer and less secure
Wrapping Up
[00:14:38] The incentives-versus-cost trade-off is no longer a side note in standards work — it’s the core issue.
Tariffs, sovereignty, and compliance regimes aren’t temporary distractions.
They’re structural realities shaping the future of interoperability.
[00:14:52] The key question for any new standard is:
Does this make it cheaper, faster, or less risky to operate across borders?
If yes — that standard has a future.
If no — it risks becoming another PDF gathering dust while fragmentation accelerates.
[00:15:03] With that thought — thank you for listening.
I’d love to hear your perspective:
- Do incentives for adopting bridge standards outweigh the rising costs of sovereignty battles?
- Or are we headed toward a world of purely regional overlays?
[00:15:37] Share your thoughts, and let’s keep this conversation going.
[00:15:48] That’s it for this week’s Digital Identity Digest.
If this episode helped clarify or inspire your thinking, please:
- Share it with a friend or colleague
- Connect with me on LinkedIn @hlflanagan
- Subscribe and leave a rating on Apple Podcasts or wherever you listen
[00:16:00] You can also find the full written post at sphericalcowconsulting.com.
Stay curious, stay engaged — and let’s keep the dialogue alive.