The Washington Post carried an article earlier this week by Cecilia Kang that noted the Federal Trade Commission could gain enforcement power over online businesses as a result of the financial services legislation under discussion in Congress. Ms. Kang contrasted the possibility of an empowered FTC issuing fast-track regulations against the recent experience of the Federal Communications Commission, which has become bogged down in its search for legal authority to issue net neutrality regulations. 

The comparison is insightful, but not for the reasons you might expect. Part of the debate over the FTC revolves around language in the House financial services bill that would repeal the “Magnuson-Moss” provisions that govern FTC promulgation of consumer protection regulations. (The name comes from the fact that these restrictions on FTC rulemaking were included in the Magnuson-Moss Warranty Act, which got the FTC into the business of regulating car warranties.)

If the FTC wants to regulate some type of general business practice under the FTC Act, it has to establish a factual record substantiating that there is actually a systemic problem that regulation can solve, hold a public hearing, allow cross-examination on factual matters, and conduct an economic analysis of the regulation’s effects.  In short, the commission has to do the homework necessary to demonstrate that its proposed regulation will actually solve a widespread problem that actually exists.

When Tim Muris directed the FTC’s Bureau of Consumer Protection in the early 1980s, he authored an article in Regulation magazine pointing out that when the FTC does careful analysis before issuing a rule, the rule is more likely to benefit consumers, more likely to be upheld in court, and more likely to be issued expeditiously. He contrasted the evidence-based eyeglass rule, which took three years to issue, with the anecdote-based funeral rule, which took ten. Muris noted wryly, “Some critics of my position charge that it is revolutionary to ask a body of lawyers and economists not to impose its own view of proper regulation on the world without first systematically evaluating the problem.” Muris went on to serve as chairman of the FTC between 2001-04, and last month he defended the Magnuson-Moss restrictions in testimony before Congress.  

What does this have to do with the FCC?  The FCC lost its case against Comcast on appeal, precisely because the FCC tried to take shortcuts. The FCC tried to promote net neutrality by enforcing a set of “principles” that originated in a former chairman’s speech and were never promulgated in a notice-and-comment rulemaking. The FCC commissioners endorsed these principles without investigating whether there was a systemic problem (ie, more than a few anecdotes of misbehavior). Indeed, Chairman Martin’s Notice of Inquiry on “Broadband Industry Practices” that was launched around the same time the FCC took its enforcement action against Comcast turned up no evidence of a systemic problem. If the FCC now tries to impose net neutrality by reclassifying broadband as a “Title II” common carrier, it will have to do the difficult but necessary work of demonstrating, with real factual evidence, that broadband is more like a common carrier than like the lightly-regulated “information service” the commission previously decided it was.

We don’t need Congress to free the FTC from Magnuson-Moss. Instead, Congress should impose the same requirements on the FCC. Sometimes, taking the time to do your homework leads to better decisions, sooner.

I wrote here a couple of months ago about the shady practice among a few Internet retailers of handing off customers who accept a “special offer” to a company that charges people a monthly fee for some kind of credit monitoring service. And I argued hopefully that maybe technologists and the Internet community could generate a response to this problem:

Being a smart, informed, and aggressive consumer is each person’s responsibility if a free market is to operate well. The alternative is a negative feedback loop in which government authorities protect us, we rely on that protection and stop policing retailers. Thereby we abandon the field of consumer protection to government authorities, who—try as they might—can never do as good a job for us as we can for ourselves.

The Senate Commerce Committee is having a hearing today on “Aggressive Sales Tactics on the Internet and Their Impact on American Consumers.”

Our job here at TLF is generally to talk about policy as opinion leaders, but I tend to be a little campaign-y sometimes. When I see something I don’t like, I’ll use this platform to sound off about it.

It appears that ProFlowers.com engages in a shady practice: handing customers who accept a “special offer” from them to a company that charges people a monthly fee for what appears to be some kind of credit monitoring service. There are write-ups of varying depth and quality here, here, here, and here.

Question: Does the Internet provide enough feedback to suppress this practice? How could the e-commerce ecosystem be changed to alert people about this kind of thing ahead of time?

Being a smart, informed, and aggressive consumer is each person’s responsibility if a free market is to operate well. The alternative is a negative feedback loop in which government authorities protect us, we rely on that protection and stop policing retailers. Thereby we abandon the field of consumer protection to government authorities, who—try as they might—can never do as good a job for us as we can for ourselves.

Should we each run a “scam” search on new online businesses before we deal with them? Maybe so. But that’s a little clunky. With the popularity of Firefox plug-ins for problem solving around here, maybe one of the consumer review/complaint sites could develop a plug-in to provide people reviews of a retailer as they visit the site.

I hope that prompting a conversation around the apparent ProFlowers.com credit card ripoff scam will alert savvy shoppers to a risk of doing business with them. (For the sake of searchability, feel free to blog a little bit yourself about the apparent ProFlowers credit card ripoff scam.) Perhaps this discussion will also generate a systemic fix that preempts shady dealings of the type alleged here.

Most debates–from privacy to net neutrality–about consumer protection in Internet policy come down to the following increasingly-cliched exchange:

1. Advocate of Regulation: “The government must intervene to protect users against Companies who want to [___________] by writing new laws or regulations!”

2. Regulatory Skeptic: “Why don’t we rely on the FTC’s enforcement of End User License Agreements (EULAs), privacy policies and other terms of service (TOS) under existing law?  If companies spell out their policies clearly and then are required to stick to them, those policies will become part of competition:  Companies will compete for consumers by offering attractive policies the same way they compete for consumers by offering attractive products & prices.”

3. Advocate of Regulation: “That doesn’t work because nobody actually reads all that legalese!  They’re impossibly dense for non-lawyers, so companies always make such agreements as broad as possible to allow them to do whatever they damn well please–and bury all the really scary provisions.”

And yet… within 12 hours of releasing its new Chrome Browser, Google removed a clause from the Chrome EULA that essentially would have Given Google the right to whatever it liked with all content posted by users anywhere online using Chrome.  If this incident demonstrates anything, it’s that there are significant “market forces” at work to restrain companies from writing agreements & policies that allow them to screw consumers.  Indeed, it beautifully demonstrates why the Regulatory Skeptic ultimately wins this debate with one final response:

4. Regulatory Skeptic: “It doesn’t matter if 99%+ of users never read a EULA or TOS.  No matter how hard companies might try to bury some ominous provision, the relatively small number of consumer protection watchdogs who do read such provisions protect everyone else by calling attention to true areas of concern.  Not every blogger who complains about something he doesn’t like in a EULA is going to make Slashdot, but overall, provisions that cross a certain line will get public attention and most companies will bend over backwards to avoid bad PR.  So, the market does work to protect consumers without the need for further government regulation.”

Google made the following change:

11. Content licence from you 11.1 You retain copyright and any other rights that you already hold in Content that you submit, post or display on or through the Services. By submitting, posting or displaying the content, you give Google a perpetual, irrevocable, worldwide, royalty-free and non-exclusive licence to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content that you submit, post or display on or through the Services. This licence is for the sole purpose of enabling Google to display, distribute and promote the Services and may be revoked for certain Services as defined in the Additional Terms of those Services.

Google has explained that the company simply made a mistake by essentially copying and pasting this provision from the EULAs for other Google products:

Google’s Rebecca Ward, Senior Product Counsel for Google Chrome, now tells Ars Technica that the company tries to reuse these licenses as much as possible, “in order to keep things simple for our users.” Ward admits that sometimes “this means that the legal terms for a specific product may include terms that don’t apply well to the use of that product”

The outcry over this provision has produced 189 stories (according to my last Google News search)–and even made The Nerd York Times, a/k/a Slashdot.

Mehan Jayasuriya of PublicKnowledge (an organization best known for its multiple Emmy-winning performances in the role of “Advocate of Regulation” alluded to above) has decried Google’s over-reach and echoed the same general themes the advocates of regulation always resort to about the inadequacies of EULAs:

the Google Chrome EULA controversy is just another case of a high-profile company lazily copying and pasting together a EULA with little regard for the terms therein. And as humorous as the entire 12-hour fiasco might be, Google’s misstep reminds us yet again why it’s important for end-users to read the EULAs that come attached to software and services and why it’s doubly important for companies to run a fine-tooth comb over the language in their EULAs before releasing them into the wild. In all honesty, though, end-users shouldn’t have to dig through every EULA for fear that something like this might be buried inside. If a EULA requires that a user relinquish significant rights in order to use a piece of software or a service, that fact should be made abundantly clear to the user, through some means other than a condition buried deep inside a click-through EULA.

But this incident demonstrates why the ordinary user doesn’t “have to dig through every EULA!”  As long as there are bloggers eager for a “big story,” the truth will get out, and as we’ve seen with Google Chrome, that’s generally going to be enough to cause companies to back down–not merely because they want consumers to use that particular service but because, in the case of a company like Google with a larger reputation to uphold, it’s just not worth damaging their public image.

Mehan himself applauds the blogosphere for its role in spreading the story “like wildfire” and gives Google credit for having “acted quickly to rectify the situation”–but doesn’t seem to connect the dots and recognize the broader policy implications:  That this process of public pressure might not only eliminate the need for regulation, but work even work better than attempts by bureaucrats to keep pace with rapidly evolving technologies and changing expectations of privacy–especially online.  Simply put, consumers always look to experts as surrogates.  Thanks to the Internet, surrogate-expertise is far more effective (and rapidly so) than ever before:   The blogosphere itself plays the role of collective experts & consumer protection watchdogs.

I’ll take that process–messy as it is–any day of the week over clumsy, one-size-fits-all regulation by would-be techocrats who don’t really understand technology.