Articles by Jim Harper

Jim HarperJim is the Director of Information Policy Studies at The Cato Institute, the Editor of Web-based privacy think-tank Privacilla.org, and the Webmaster of WashingtonWatch.com. Prior to becoming a policy analyst, Jim served as counsel to committees in both the House and Senate.


FTC Commissioner J. Thomas Rosch puts the brakes on some of the Do-Not-Track excitement that has been bubbling up in this (wouldn’t you know it) Advertising Age piece.

The concept of do not track has not been endorsed by the commission or, in my judgment, even properly vetted yet. In actuality, in a preliminary staff report issued in December 2010, the FTC proposed a new privacy framework and suggested the implementation of do not track. The commission voted to issue the preliminary FTC staff report for the sole purpose of soliciting public comment on these proposals. Indeed, far from endorsing the staff’s do-not-track proposal, one other commissioner has called it premature.

Do-Not-Track does need more vetting and consideration. Don’t get your hopes up about being free of tracking anytime soon. (Do you even know what “tracking” is?)

If Do-Not-Track goes forward, don’t get your hopes up to be free of tracking either. When you take control of what your browser sends out over the Internet? Then you can rightly anticipate being free of unwanted tracking!

Kinda cool.

I guess the search for market failure in the privacy area is interesting to me. I wrote about it the other week too. It’s nice that those who prefer regulation feel obligated to justify that preference. It’s acknowledgment of the fact, increasingly well-accepted worldwide, that functioning free markets do a better job of discovering and satisfying consumers’ interests than any other method for organizing societies’ resources.

A recent market failure blog post called “Privacy and the Market for Lemons, or How Websites Are Like Used Cars,” seems to have piqued Adam’s interest. (See the comments.) In it, privacy and anonymity researcher Arvind Narayanan makes the case for privacy market failure. (Evidently, it’s an argument that others have made before.)

“In the realm of online privacy and data collection,” he says, “information asymmetry results from a serious lack of transparency around privacy policies. The website or service provider knows what happens to data that’s collected, but the user generally doesn’t.” Several economic, architectural, cognitive and regulatory limitations/flaws “have led to a well-documented market failure—there’s an arms race to use all means possible to entice users to give up more information, as well as to collect it passively through ever-more intrusive means.”

Alas, there’s no link at “well-documented.” I would like to see that documentation. But more importantly, what Narayanan appears to be speaking of as market failure—an arms race to get more information from Web users—is not one. That’s market action that Narayanan doesn’t like.

So where’s the market failure? Continue reading →

You have to wade through a lot to reach the good news at the end of Time reporter Joel Stein’s article about “data mining”—or at least data collection and use—in the online world. There’s some fog right there: what he calls “data mining” is actually ordinary one-to-one correlation of bits of information, not mining historical data to generate patterns that are predictive of present-day behavior. (See my data mining paper with Jeff Jonas to learn more.) There is some data mining in and among the online advertising industry’s use of the data consumers emit online, of course.

Next, get over Stein’s introductory language about the “vast amount of data that’s being collected both online and off by companies in stealth.” That’s some kind of stealth if a reporter can write a thorough and informative article in Time magazine about it. Does the moon rise “in stealth” if you haven’t gone outside at night and looked at the sky? Perhaps so.

Now take a hard swallow as you read about Senator John Kerry’s (D-Mass.) plans for government regulation of the information economy.

Kerry is about to introduce a bill that would require companies to make sure all the stuff they know about you is secured from hackers and to let you inspect everything they have on you, correct any mistakes and opt out of being tracked. He is doing this because, he argues, “There’s no code of conduct. There’s no standard. There’s nothing that safeguards privacy and establishes rules of the road.”

Securing data from hackers and letting people correct mistakes in data about them are kind of equally opposite things. If you’re going to make data about people available to them, you’re going to create opportunities for other people—it won’t even take hacking skills, really—to impersonate them, gather private data, and scramble data sets. Continue reading →

Twitter curmudgeon @derekahunter writes: “With all the medical advances of last 100 years, why hasn’t anyone created a cough drop that doesn’t taste like crap?” Dammit, he’s right! Why hasn’t the market for cold remedies produced a tasty cough drop? Put differently, the market for cold remedies has failed to produce a tasty cough drop. The market has failed. Market . . . failure.

We have now established the appropriateness of a regulatory solution for the taste problem in the field of cold remedies. Have we not? There is a market failure.

No, we haven’t.

“Market failure” is not what happens when a given market has failed so far to reach outcomes that a smart person would prefer. It occurs when the rules, signals, and sanctions in and around a given marketplace would cause preference- and profit-maximizing actors to reach a sub-optimal outcome. You can’t show that there’s a market failure by arguing that the current state of the actual market is non-ideal. You have to show that the rules around that marketplace lead to non-ideal outcomes. The bad taste of cough drops is not evidence of market failure.

The failure of property rights to account for environmental values leads to market failure. A coal-fired electric plant might belch smoke into the air, giving everyone downwind a bad day and a shorter life. If the company and its customers don’t have to pay the costs of that, they’re going to over-produce and over-consume electricity at the expense of the electric plant’s downwind neighbors. The result is sub-optimal allocation of goods, with one set of actors living high on the hog and another unhappily coughing and wheezing.

Take an issue that’s closer to home for tech policy folk: People seem to underweight their privacy when they go online, promiscuously sharing anything and everything on Facebook, Twitter, and everyplace else. Marketers are hoovering up this data and using it to sell things to people. The data is at risk of being exposed to government snoops. People should be more attentive to privacy. They’re not thinking about long-term consequences. Isn’t this a market failure?

It’s not. It’s consumers’ preferences not matching up with the risks and concerns that people like me and my colleagues in the privacy community share. Consumers are preference-maximizing—but we don’t like their preferences! That is not a market failure. Our job is to educate people about the consequences of their online behavior, to change the public’s preferences. That’s a tough slog, but it’s the only way to get privacy in the context of maximizing consumer welfare.

If you still think there’s a market failure in this area—I readily admit that I’m on the far edge of my expertise with complex economic concepts like this—you haven’t finished making your case for regulation. You need to show that the rules, signals, and sanctions in and around the regulatory arena would produce a better outcome than the marketplace would. Be sure that you compare real market outcomes to real regulatory outcomes, not real market outcomes to ideal regulatory outcomes. Most arguments for privacy regulation simply fail to account for the behavior of the regulatory universe.

Adam has collected quotations on the subject of regulatory capture from many experts. I wrote a brief series of “real regulators” posts on the SEC and the Madoff scam a while back (1, 2, 3). And a recent article I’m fond of goes into the problem that many people think only consumers suffer, asking: “Are Regulators Rational?”

There’s no good-tasting cough drop because the set of drops that remedy coughing and the set of drops that taste good are mutually exclusive. Not because of market failure.

That will be the subject of a Cato on Campus session this afternoon entitled: “The Internet and Social Media: Tools of Freedom or Tools of Oppression?” Watch live online at the link starting at 3:30 p.m., or attend in person. A reception follows.

The delight that so many felt to see protesters in Iran using social media has given way to delight about the use of Facebook to organize for freedom in Egypt. But this serial enthusiasm omits that the “Twitter revolution” in Iran did not succeed. The fiercest skeptics even suggest that the Tweeting during Iran’s suppressed uprising was mostly Iranian ex-pats goosing excitable westerners and not any organizing force within Iran itself. Coming to terms with the Internet, dictatorships are learning to use it for surveillance and control, possibly with help from American tech companies.

So is the cause of freedom better off with the Internet? Or is social media a shiny bauble that distracts from the long, heavy slog of liberating the people of the world?

Joining the discussion will be Chris Preble, Director of Foreign Policy Studies at Cato; Alex Howard, Government 2.0 Correspondent for O’Reilly Media; and Tim Karr, Campaign Director at Free Press. More info here.

Experienced debaters know that the framing of an issue often determines the outcome of the contest. Always watch the slant of the ground that debaters stand on.

The Internet kill-switch debate is instructive. Last week, Senators Lieberman (I-CT), Collins (R-ME) and Carper (D-DE) introduced a newly modified bill that seeks to give the government authority to seize power over the Internet or parts of it. The old version was widely panned.

In a statement about the new bill, they denied that it should be called a “kill switch,” of course—that language isn’t good for their cause after Egypt’s ousted dictator Hosni Mubarak illustrated what such power means. They also inserted a section called the “Internet Freedom Act.” It’s George Orwell with a clown nose, a comically ham-handed attempt to make it seem like the bill is not a government power-grab.

But they also said this: “The emergency measures in our bill apply in a precise and targeted way only to our most critical infrastructure.”

Accordingly, much of the reportage and commentary in this piece by Declan McCullagh explores whether the powers are indeed precisely targeted.

These are important and substantive points, right? Well, only if you’ve already conceded some more important ones, such as:

1) What authority does the government have to seize, or plan to seize, private assets? Such authority would be highly debatable under any of the constitutional powers kill-switchers might claim. Indeed, the constitution protects against, or at least severely limits, takings of private property in the Fifth Amendment.

and

2) Would it be a good idea to have the government seize control of the Internet, or parts of it, under some emergency situation? A government attack on our private communications infrastructure would almost certainly undercut the reliability and security of our networks, computers, and data.

The proponents of the Internet kill-switch have not met their burden on either of these fundamental points. Thus, the question of tailoring is irrelevant.

I managed to get in a word to this effect in the story linked above. “How does this make cybersecurity better? They have no answer,” I said. They really don’t.

No amount of tailoring can make a bad idea a good one. The Internet kill-switch debate is not about the precision or care with which such a policy might be designed or implemented. It’s about the galling claim on the part of Senators Lieberman, Collins, and Carper that the U.S. government can seize private assets at will or whim.

You’ll want to visit, follow, friend, and whatever-the-hell-else-people-do the new Digital Liberty project from Americans for Tax Reform.

Digital Liberty’s introductory blog post says:

Digital Liberty is dedicated to preserving a free market by pushing back against heavy regulation and taxation of all things Internet, tech, telecom, and media. DigitalLiberty.net will serve as a resource for those who believe in constitutionally limited government by providing news updates and policy briefs on tech issues, sharing research from likeminded organizations, and serving the grassroots who believe that technology and media innovation thrives best when markets are free and individuals are free to choose.

Sounds good to me.

Digital Liberty isn’t really new, but an expansion of ATR’s work on tech freedom. They tell us that their Web site will provide news and policy briefs, share research from like-minded free-market organizations, and serve the grassroots focusing on free-market tech policy.

That’s DigitalLiberty.net. Right on to my brethren and sistren from the happy home of the leave-us-alone coalition!

A Texas tax official estimates in this story that Texas loses an estimated $600 million in Internet sales taxes every year. Its part of a long-running debate about whether state governments should be able to collect taxes from out-of-state retailers who send goods into their jurisdictions.

What happens with the $600 million depends on what you mean by “Texas.” If you mean the government of the state of Texas in Austin, why, yes, the government appears not to collect that amount, which it wants to. If by “Texas” you mean the people who live, work, and raise their families throughout the state—Texans—they actually save $600 million a year. They get to do what they want with it. After all, it’s their money.

The Texas tax collector is complaining because the last thing state taxing agents want to do is collect money on in the form of use taxes, which means something like going door to door to collect money from voters based on what they bought from out-of-state. Revenuers intensely prefer to hide the process, collecting their residents’ money from out-of-state companies.

Amazon.com is Texas’ target—it’s the great white whale for tax-hungry jurisdictions nationwide. With no retail outlets and few offices or fulfillment centers around the country, it’s not subject to tax jurisdiction in lots of places that would like to tap it for revenue. Having a fulfillment center in Texas may make Amazon liable for $600 million of its customers’ money, so it’s doing the sensible thing: getting out.

And thank heavens it can! Amazon is a cog in the extremely virtuous process of tax competition. Its ability to move operations means that it can escape states with burdensome taxes and tax collections oblibations, like Texas. Tax competition among states puts downward pressure on taxes, which in turn puts upward pressure on the wealth and well-being of state residents.

The pro-tax folks have been working for years to eliminate tax competition. The “Streamlined Sales Tax Project” continues work it began in 2000 to pave the way for nationwide sales taxation. “Streamlining” sounds so good, doesn’t it? But the result would be uniform—and uniformly high—sales taxes that every state might impose on every retailer that sends goods across state lines.

The Web site of the pro-tax coalition sounds good, too: the “Alliance for Main Street Fairness,” at the URL standwithmainstreet.com. Who wouldn’t want to “stand with Main Street”? Lovers of limited government, for one.

“Fairness” here means uniform high sales taxes and interstate tax collection obligations. The site doesn’t say who’s behind it, but the campaign to impose taxes on Amazon and other remote sellers is almost certainly a project of big national chain retailers. Rather than fight to lower taxes nationwide, they think they should just saddle their online competitors with tax collection obligations.

As long as the Streamlined Sales Tax Project continues to fail, tax competition in this area survives, and retailers like Amazon can provide lower costs to all of us—including that $600 million in savings enjoyed by Texans each year.

If you haven’t been following the intrigue around Wikileaks and the security companies hoping to help the government fight it, this stuff is not to be missed. Recommended:

The latter story links to a document purporting to show that a government contractor called Palantir Technologies suggested unnamed ways that Glenn Greenwald might be made to choose “professional preservation” over his sympathetic reporting about Wikileaks. A later page talks of “proactive strategies” including: “Use social media to profile and identify risky behavior of employees.”

Wikileaks has no employees. I take this to mean that the personal lives of Wikileaks supporters and sympathizers would be used to undercut its public credibility. Because Julian Assange hasn’t done enough…

While we’re on credibility: This may well be Wikileaks’ rehabilitation. Wikileaks erred badly by letting itself and Julian Assange become the story. We’re not having the discussion we should have about U.S. government behavior because of Assange’s self-regard.

But now defenders of the U.S. government are making themselves the story, and they may be looking even worse than Wikileaks and Assange. (n.b. Palantir has apologized to Greenwald.) That doesn’t mean that we will immediately focus on what Wikileaks has revealed about U.S. government behavior, but it could clear the deck for those conversations to happen.

The concept of “miscalculation” seems more prominent in international affairs and foreign policy than other fields, and it comes to mind here. Wikileaks and its opponents are joined in a negative duel around miscalculation. The side that miscalculates the least will have the upper hand.