I guess the search for market failure in the privacy area is interesting to me. I wrote about it the other week too. It’s nice that those who prefer regulation feel obligated to justify that preference. It’s acknowledgment of the fact, increasingly well-accepted worldwide, that functioning free markets do a better job of discovering and satisfying consumers’ interests than any other method for organizing societies’ resources.
A recent market failure blog post called “Privacy and the Market for Lemons, or How Websites Are Like Used Cars,” seems to have piqued Adam’s interest. (See the comments.) In it, privacy and anonymity researcher Arvind Narayanan makes the case for privacy market failure. (Evidently, it’s an argument that others have made before.)
“In the realm of online privacy and data collection,” he says, “information asymmetry results from a serious lack of transparency around privacy policies. The website or service provider knows what happens to data that’s collected, but the user generally doesn’t.” Several economic, architectural, cognitive and regulatory limitations/flaws “have led to a well-documented market failure—there’s an arms race to use all means possible to entice users to give up more information, as well as to collect it passively through ever-more intrusive means.”
Alas, there’s no link at “well-documented.” I would like to see that documentation. But more importantly, what Narayanan appears to be speaking of as market failure—an arms race to get more information from Web users—is not one. That’s market action that Narayanan doesn’t like.
So where’s the market failure? Continue reading →
Today, the U.S. Senate Commerce Committee held a hearing on “The State of Online Consumer Privacy.”
The push for online privacy regulation has real momentum, as proposed privacy legislation from numerous lawmakers, a Department of Commerce report proposing a compulsory Do Not Track mechanism to regulate business marketing practices, and the Obama Administration’s proposed “Privacy Bill of Rights” all indicate.
However, Congress should be very wary of such proposals. A politically defined Do Not Track regime risks undermining targeted advertising, impeding business transactions that occur between strangers, and stifling mobile ecosystems that are barely out of the cradle. Rattling consumers needlessly by encouraging them to opt-out of largely beneficial information collection is an especially unwise idea in our uncertain economic climate – especially when major industry participants are developing such mechanisms on their own.
The opportunity to undermine online marketing – wrongly called “surveillance” – appeals to some, but such privacy purists have no right to call the shots for anyone but themselves and those who agree with them. The right to use information acquired through voluntary transactions is no less important than the right to decide whether to disclose information in the first place.
Continue reading →
My thanks to Linton Weeks of NPR who reached out to me for comment for a story he was doing on the impact of the Internet and digital technology on culture and our attention spans. His essay, “We Are Just Not Digging The Whole Anymore,” is an interesting exploration of the issue, although it is clear that Weeks, like Nick Carr (among others), is concerned about what the Net is doing to our brains. He says:
We just don’t do whole things anymore. We don’t read complete books — just excerpts. We don’t listen to whole CDs — just samplings. We don’t sit through whole baseball games — just a few innings. Don’t even write whole sentences. Or read whole stories like this one. We care more about the parts and less about the entire. We are into snippets and smidgens and clips and tweets. We are not only a fragmented society, but a fragment society. And the result: What we gain is the knowledge — or the illusion of knowledge — of many new, different and variegated aspects of life. What we lose is still being understood.
After reading the entire piece I realized that some of my comments to Weeks probably came off as a bit more pessimistic about things than I actually am. I told him, for example, that “Long-form reading, listening and viewing habits are giving way to browse-and-choose consumption,” and that “With the increase in the number of media options — or distractions, depending on how you look at them — something has to give, and that something is our attention span.”
Luckily, however, Weeks was kind enough to also give me the last word in the story in which I pointed out that it would be a serious mistake to conclude “that we’re all growing stupid, or losing our ability to think, or losing our appreciation of books, albums or other types of long-form content.” Instead, I argued: Continue reading →
National Journal reports that the Department of Commerce (NTIA) will, at a Senate Commerce Committee hearing today, call for a “consumer privacy bill of rights”—a euphemism for sweeping privacy regulation:
“Having carefully reviewed all stakeholder comments to the Green Paper, the department has concluded that the U.S. consumer data privacy framework will benefit from legislation to establish a clearer set of rules for the road for businesses and consumers, while preserving the innovation and free flow of information that are hallmarks of the Internet,” [NTIA Administrator Larry] Strickling said in his prepared testimony obtained by Tech Daily Dose.
In other words: “We’ve taken the time to think this through very carefully and have reluctantly come to the conclusion that regulation is necessary.” Sorry, but I’m just not buying it—not just the wisdom of the recommendation but the process that produced it. Let’s consider the timeline here:
- October 27, 2010 – NTIA Administrator Strickling announces Green Paper is coming but says nothing about timing and little about substance
- December 16, 2010 – NTIA/Commerce releases its Privacy Green Paper
- January 28, 2011 – deadline for public comments (28 non-holiday business days later)
- ??? – Commerce decides regulation is necessary
- March 16, 2011 – Commerce is ready to ask Congress for legislation (31 non-holiday business days later)
The Commerce Department gave the many, many interested parties the worst four weeks of the year—including Christmas, New Year’s and Martin Luther King Day—to digest and comment on an 88 page, ~31,000 tome of a report on proposed regulation of how information flows in our… well, information economy. Oh, and did I mention that those same parties had already been given a deadline of January 31, 2011 to comment on the FTC’s 122 page, ~34,000 word privacy report back on December 1 (too bad for those celebrating Hanukkah)? In fairness, the FTC did, on January 21, extend its deadline to February 18—but that hardly excuses the Commerce Department’s rush to judgment. Continue reading →
One of the arguments [I’ve been making](http://techliberation.com/2010/10/20/what-is-the-evidence-for-cybersecurity-regulation/) about proposed cybersecurity regulation and legislation is that despite a lot of hype about a massive online threat, there is little evidence to corroborate the dire warnings. Almost every article I’ve read revealing a breach or cyberattack only quotes anonymous government sources, then defense contractors and politicians point to these articles and proclaim, “If you only knew what we know, you’d be taking action now!”
Fear, however, is poor driver of public policy. Before we start telling private companies how to run their security, we should analyze the threat and asses whether there is a legitimate concern and whether government could do a better job. That’s impossible as long as most evidence of a threat is classified.
So I’m glad to see former NSA and CIA chief Gen. Michael Hayden call for less secrecy in order to get better analysis. In the [new issue](http://www.au.af.mil/au/ssq/spring11.asp) of Startegic Studies Quartley, he writes [[PDF]](http://www.au.af.mil/au/ssq/2011/spring/hayden.pdf):
>Let me be clear: This stuff is overprotected. It is far easier to learn about physical threats from US government agencies than to learn about cyber threats. In the popular culture, the availability of 10,000 applications for my smart phone is viewed as an unalloyed good. It is not—since each represents a potential vulnerability. But if we want to shift the popular culture, we need a broader flow of information to corporations and individuals to educate them on the threat. To do that we need to recalibrate what is truly secret. Our most pressing need is clear policy, formed by shared consensus, shaped by informed discussion, and created by a common body of knowledge. With no common knowledge, no meaningful discussion, and no consensus . . . the policy vacuum continues. This will not be easy, and in the wake of WikiLeaks it will require courage; but, it is essential and should itself be the subject of intense discussion. Who will step up to lead?
Who indeed. Congress may be getting secret briefings that outline a potential cyberthreat. If they are, they should recognize that they may be only getting one view of the issue. Also, the people on whose behalf they are legislating also deserve to have a clear understanding of the risks against which Congress might legislate. “Trust us,” is not good enough. By reducing the over-classification Hayden writes about, Congress could allow economists, computer scientists, and other academics delve into the weeds of determine what is the true nature of the threat and whether a market failure exists that calls for government intervention.
Over at [Neighborhood Effects](http://neighborhoodeffects.mercatus.org/), the Mercatus Center’s state and local policy blog, my colleague Dan Rothschild [compares wireless taxes to sin taxes](http://neighborhoodeffects.mercatus.org/2011/03/14/cell-phones-cigarettes/). His analysis is too good not to reprint here in large part:
The purpose of taxes is to raise money for necessary governmental functions. To that end, economists frequently prescribe that rates be low and broad in order to minimize the impact on consumers’ behavior — so-called tax neutrality. This is because taxation should be about raising revenue, not changing behavior.
Some economists tweak this prescription through the Ramsey Rule, which holds (in a nutshell) that the more influenced by tax rates consumers are (demand elasticity) the less something should be taxed (and vice versa).
Sin taxes are the opposite; they’re about reducing a behavior that policy makers judge to be morally offensive (like many people view smoking).
Relatedly, Pigouvian taxes seek to bring the costs to society (the social cost) in line with the costs born by a buyer. (For instance, some people advocate higher alcohol taxes on the theory that drinkers impose costs on others, though this argument is fraught with difficulties.)
Cell phone taxes above regular sales taxes levied by states and localities do not fit any of the four rationales provided here. On the one hand, taxing them at over twenty percent of a user’s bill is hardly neutral. Nor does it likely fit the Ramsey Rule prescription; consumers respond to cell phone taxes by buying less of it or by avoiding taxes by pretending to move. (Just look around you at how consumer takeup and use of cell phones has changed as prices have fallen over the last decade.) Cell phones are not sinful or offensive. And there’s no serious case to be made that the social cost of cell phones exceeds the cost born by users. In short, by any principle of public finance, high cell phone taxes are a bad bad bad idea.
Now here’s hoping he takes this awesome analysis and turns it into a paper!
On numerous occasions here and elsewhere I have cited the enormous influence that Virginia Postrel’s 1998 book, The Future and Its Enemies, has had on me. Her “dynamist” versus “stasis” paradigm helps us frame and better understand almost all debates about technological progress. I cannot recommend that book highly enough.
In her latest Wall Street Journal column, Postrel considers what makes the iPad such a “magical” device and in doing so, she takes on the logical set forth in Jonathan Zittrain 2009 book, The Future of the Internet and How to Stop It, although she doesn’t cite the book by name in her column. You will recall that in that book and his subsequent essays, Prof. Zittrain made Steve Jobs and his iPhone out to be the great enemy of digital innovation — at least as Zittrain defined it. How did Zittrain reach this astonishing conclusion and manage to turn Jobs into a pariah and his devices into the supposed enemy of innovation? It came down to “generativity,” Zittrain said, by which he meant technologies or networks that invite or allow tinkering and all sorts of creative uses. Zittrain worships general-purpose personal computers and the traditional “best efforts” Internet. By contrast, he decried “sterile, tethered” digital “appliances” like the iPhone, which he claimed limited generativity and innovation, mostly because of their generally closed architecture.
In her column, Postrel agrees that the iPad is every bit as closed as Zittrain feared iPhone successor devices would be. She notes: “customers haven’t the foggiest idea how the machine works. The iPad is completely opaque. It is a sealed box. You can’t see the circuitry or read the software code. You can’t even change the battery.” But Postrel continues on to explain why the hand-wringing about perfect openness is generally overblown and, indeed, more than a bit elitist: Continue reading →
Twitter could be in for a world of potential pain. Regulatory pain, that is. The company’s announcement on Friday that it would soon be cracking down on the uses of its API by third parties is raising eyebrows in cyberspace and, if recent regulatory history is any indicator, this high-tech innovator could soon face some heat from regulatory advocates and public policy makers. If this thing goes down as I describe it below, it will be one hell of a fight that once again features warring conceptions of “Internet freedom” butting heads over the question of whether Twitter should be forced to share its API with rivals via some sort of “open access” regulatory regime or “API neutrality,” in particular. I’ll explore that possibility in this essay. First, a bit of background.
Understanding Forced Access Regulation
In the field of communications law, the dominant public policy fight of the past 15 years has been the battle over “open access” and “neutrality” regulation. Generally speaking, open access regulations demand that a company share its property (networks, systems, devices, or code) with rivals on terms established by law. Neutrality regulation is a variant of open access regulation, which also requires that systems be used in ways specified by law, but usually without the physical sharing requirements. Both forms of regulation derive from traditional common carriage principles / regulatory regimes. Critics of such regulation, which would most definitely include me, decry the inefficiencies associated with such “forced access” regimes, as we prefer to label them. Forced access regulation also raises certain constitutional issues related to First and Fifth Amendment rights of speech and property. Continue reading →
With all the attention on net neutrality this week, I thought I’d bring your attention to a debate on the-issue-that-won’t-go-away between Tom Hazlett and Tim Wu, which took place earlier this year at Harvard Univerisity. Below is the MP3 audio of the event, but if you want to check it out in living color, [check out the video](http://iep.gmu.edu/event/harvard-law-school-net-neutrality-discussion-thursday-january-13-2011) at the Information Economy Project wabsite.
Hazlett vs. Wu Net Neutrality Debate – Jan. 2011
Yet another hearing on privacy issues has been slated for this coming Wednesday, March 16th. This latest one is in the Senate Commerce Committee and it is entitled “The State of Online Consumer Privacy.” As I’m often asked by various House and Senate committee staffers to help think of good questions for witnesses, I’m listing a few here that I would love to hear answered by any Federal Trade Commission (FTC) or Dept. of Commerce (DoC) officials testifying. You will recall that both agencies released new privacy “frameworks” late last year and seem determined to move America toward a more “European-ized” conception of privacy regulation. [See our recent posts critiquing the reports here.] Here are a few questions that should be put to the FTC and DoC officials, or those who support the direction they are taking us. Please feel free to suggest others:
- Before implying that we are experiencing market failure, why hasn’t either the FTC or DoC conducted a thorough review of online privacy policies to evaluate how well organizational actions match up with promises made in those policies?
- To the extent any sort of internal cost-benefit analysis was done internally before the release of these reports, has an effort been made to quantify the potential size of the hidden “privacy tax” that new regulations like “Do Not Track” could impose on the market?
- Has the impact of new regulations on small competitors or new entrants in the field been considered? Has any attempt been made to quantify how much less entry / innovation would occur as a result of such regulation?
- Were any economists from the FTC’s Economics Bureau consulted before the new framework was released? Did the DoC consult any economists?
- Why do FTC and DoC officials believe that citing unscientific public opinions polls from regulatory advocacy organizations serves as a surrogate for serious cost-benefit analysis or an investigation into how well privacy policies actual work in the marketplace?
- If they refuse to conduct more comprehensive internal research, have the agencies considered contracting with external economists to build a body of research looking into these issues (as the Federal Communications Commission did in a decade ago in its media ownership proceeding)?
- Has either agency attempted to determine consumer’s “willingness to pay” for increased privacy regulation?
- More generally, where is the “harm” and aren’t there plenty of voluntary privacy-enhancing tools out there that privacy-sensitive users can tap to shield their digital footsteps, if they feel so inclined?
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.