Today, Berin Szoka and I both testified at the first of three Federal Trade Commission workshops on “Exploring Privacy.” Today’s all-day event featured five panel discussions, and remarks by FTC Chairman Jon Leibowitz, Commissioner Pamela Jones Harbour, and David C. Vladeck, Director of the FTC’s Bureau of Consumer Protection. Our TLF co-blogging colleague Jim Harper also testified on the first panel of the day on “Benefits and Risks of Collecting, Using, and Retaining Consumer Data.” I was on the second panel of the day on “Consumer Expectations and Disclosures.” And Berin was on the third panel on “Online Behavioral Advertising.” The fourth panel was on “Information Brokers” and the fifth panel was on “Exploring Existing Regulatory Frameworks.” On my panel, we discussed the usefulness of privacy polls and surveys. I attempted to make a few simple points when asked for my opinions:
- While privacy polls and surveys may offer us some interesting insights into how some in the public think about advertising and privacy in the abstract, ultimately, they are no substitute for real-world experiments in which people make real choices, in real time, often with real money, and face many real trade-offs. [See this paper.]
- Moreover, such polls and surveys fail to account for the fact that consumers are empowered with real privacy controls so they can make the privacy choices that are right for them, rather than a one-size-fits-all choice imposed by someone else. [See this ongoing series and this paper.]
- (1) & (2) are especially the case since privacy is a highly subjective condition. [See this paper by Jim Harper.]
- It remains unclear what the harms are that we are trying to protect consumers against. [See this paper and this blog post.]
- Because of (1), (2), (3), and (4) we need to understand that rational ignorance may often be at work here. Many consumers likely won’t feel the need to read privacy policies or take steps to “protect their privacy” online.
In response to arguments heard on the panel that we should mandate “baseline” regulatory standards, I argued that we face a fundamental question about the future of the Internet and online commerce: Are we going to allow ongoing experimentation with disclosures, dashboards, and other privacy tools, or are we going to foreclose such experimentation and impose one-size-fits-all information regulation regimes?
I argued that it would be a serious mistake to foreclose innovation in this space since we cannot know what the future landscape will look like or what the issues might be we need technology to respond to. I used an example from the field of content regulation by contrasting how we went about labeling and rating television content back in the 1990s by mandating the V-Chip whereas we allowed a market for filtering to evolve spontaneously in the online space. As a result, innovation in the TV ratings arena was frozen and everyone was forced to use the V-Chip and the resulting ratings process. The upside of mandating that approach was that it encouraged everyone to flock to the same content labeling system and technological blocking mechanism on a very rapid basis. But that was also the downside of the scheme. It discouraged the sort of innovation we saw play out in the online space with the rich mosaic of parental control tools and methods that exist today. In other words, we rejected the “silver-bullet” approach for online media and it resulted in a lot more innovation.
Thus, when considering privacy regulatory models, I argued we should “let a thousand flowers bloom” and encourage a variety of models and tools in response to privacy concerns. That is especially the case in light of point #3 above, that privacy is a highly subjective condition and that no two people are households will feel the same way about privacy or online advertising. We need diverse tools and choices for our diverse citizenry.
Finally, I also pointed out that humility is crucial when considering sweeping privacy regulations based on polling questions and results. I asked the crowd to consider all the new online services and platforms that are wildly popular today — especially social networking sites — where we see users voluntarily sharing massive amounts of extremely personal information with their friends and, in some cases, the entire planet. In light of that, I asked the audience to consider how people might have answered a poll question just 5 years ago that read: “Would you feel comfortable sharing personal details about your private life in the form of an online diary that others could view and share?” I suspect that the vast, vast majority of people asked that question 5 years ago would have responded in the negative. And yet, that is exactly what people are doing every second of the day on Facebook, MySpace, LinkedIn, Ning, and a wide variety of other social networking platforms. We need to realize, as I said above, that real-world experiences and behavior often play out differently than artificial polls, surveys, or lab experiments might suggest.
[For more information about these issues, I encourage you to read Berin Szoka’s recent paper, “Privacy Polls v. Real-World Trade-Offs.” It is attached below as a Scribd document.]
Update: Here are some news stories that discuss yesterday’s workshop:
- “Groups Far Apart on Online Privacy Oversight,” NY Times
- “FTC to Consider Stricter Online Privacy Rules,” PC World
- “Chester Pushes For Under-the-Hood Privacy Check-Up,” Broadcasting & Cable
- “FTC Grapples With Privacy At Roundtable With Industry Professionals, Privacy Advocates, Academics,” Media Post
- “Extent, Need for Total Consumer Understanding of Targeted Ads Debated,” Washington Internet Daily [subscription-only]