I’ve complained mightily (here and here) about the agonizing technological awfulness that was, at least until recently the website of the FCC (you know, one of the two federal agencies—besides the FTC—that thinks it has the expertise necessary to regulate the Internet). My point wasn’t just that the FCC’s website made it very difficult to find and access data, but that this was a serious problem for transparency in government. I have to give the agency credit for improving many aspects of its site, though much work still remains to be done.
But then there are all the
other agencies of our sprawling regulatory Leviathan! And in particular, the Securities and Exchange Commission (SEC), which processes—crudely—huge amounts of financial data. A new report from House Oversight and Government Reform Committee Ranking Member Darrell Issa released today describes just how severe the SEC’s problems are:
The Commission’s securities disclosure processes are technologically backward. It reviews corporate filings manually, using printouts, pencils, and calculators. It has never developed the ability to perform large-scale quantitative analysis to find fraud. Commission staff use Google Finance, Yahoo! Finance, and other commercially-available resources to analyze corporate filings. If the Commission had a robust database of the financial information filed by its registrants, it could automatically prioritize the thousands of tips and complaints it receives. But no such database has ever been constructed.
Hence the biting title of the report: The SEC: Designed for Failure. Ouch! It’s really amazing how, when regulators fail to protect consumers, the default response by most in Congress is to assume that only sweeping new powers will fix the problem (which is what “financial reform” legislation would do) instead of, say, bringing the agency into the 21st century.
Similarly, there’s a move afoot to give the FTC vast new powers across the board or to protect our privacy online (from evil companies that don’t respect the privacy promises they made to consumers) with little thought given to data-driven technological through user empowerment. Continue reading →
In light of the discussion draft of privacy legislation recently released by Chairman Rick Boucher (our comments here and here), PFF is holding a special “Nuts & Bolts” luncheon briefing on the technical underpinnings of the ongoing privacy policy debate on Monday, May 24, 2010, 12-2 p.m. in 2123 Rayburn House Office Building.
Our panel of distinguished experts will provide an overview of the technical mechanics of online advertising and associated concerns about data collection, and discuss challenges and opportunities for empowering privacy-sensitive consumers to manage their online privacy without breaking the advertising business model that sustains most Internet content and services. I’ll moderate a terrific panel:
To Register: Space is limited, so an RSVP is required to attend. Please register online here. Event questions should be addressed to Adam Marcus at amarcus@pff.org. Media inquiries should be directed to Mike Wendy at mwendy@pff.org.
Adam Thierer & I offered our initial thoughts upon first reading the discussion draft of the privacy bill introduced by Rep. Rick Boucher (D-VA) & Cliff Stearns (R-FL). In PFF’s latest TechCast, I sat down to discuss the bill and my concerns about it with PFF’s VP for Communications, Mike Wendy:
Stay tuned for more from us on this. PFF plans to file written comments, as solicited by the bill’s authors, by June 4. For more on this, check out our comments to the FTC last December on these issues.
Subscribe now to PFF’s TechCast podcast (generally 5-8 minutes) by RSS or through iTunes!
I have a lot of respect for danah boyd and have had the pleasure to interact with her when we both served on the Harvard online child safety task force, and at other times. She’s a very gifted social media researcher. But there are three big problems with her argument that Facebook should be treated as a “utility” and regulated as such. (See: “
Facebook is a Utility; Utilities Get Regulated.”)
What a Utility Is, and Isn’t
First, and most obviously, the term “utility” has a fairly well-understood meaning in economic literature and Facebook does not possess the same qualities:
- A utility is usually something thought to be an “essential facility” in that the service or network in question is highly unique and possess few (or no) good alternatives. (Regulators typically require “non-discriminatory access” for that reason.)
- The service in question is also typically regarded as being something approximating a “life-essential” service, like water or electricity. (Regulators typically require all to be served in a fairly uniform fashion for that reason.)
- The service is also something that typically entails significant fixed costs and that requires us to pay good money to use. (Regulators typically impose price regulation for fear of “gouging” for that reason.)
Again, Facebook possess none of those qualities. Continue reading →
I’m recuperating today after wrist surgery #2 but I just had to say something about a hugely important proposal introduced today that would bring us one step closer to information socialism. No, I’m not talking about the discussion draft privacy bill released today by Reps. Boucher & Stearns (which Adam and I already commented on here) but about the amendment introduced today by Sen. Udall that would “require credit-rating agencies to divulge credit scores, free of charge, to consumers when they access their free annual credit report.”
Actually, there is an important analogy between the two bills: both will have populist appeal because they can claim to giving consumers a “right” to “their” information—but both would impose real costs that will ultimately be borne by consumers. On the privacy side, Adam Thierer and I have warned repeatedly that data collection is critical to the online advertising that supports the publishers of the Internet’s cornucopia of content and services. Everyone takes this for granted but few of us really think about the quid pro quo at work: users receive “free” content and services in exchange for seeing advertising and sharing data about their browsing habits, which makes advertising more relevant to them, more effective for advertisers, and therefore more profitable for publishers.
Unfortunately, a similar free lunch mentality is at work with credit scores. If we think about them at all, most of us probably resent and/or fear them. Yet credit scores, and the entire credit reporting system, are truly one of the wonders of information capitalism and a boon for consumers. Before they developed, lending decisions were far riskier because lenders didn’t really know whom to trust with their money. Thus they had to build in a risk premium into their interest rates to account for the fact that some users might default or fall behind on payments. This punished good borrowers and rewarded bad ones. Getting a loan was difficult, often required special connections, and was often arbitrary and thus sometimes downright discriminatory.
This situation was bad for everyone. While nobody likes being in debt, we often forget how radically empowering credit can be in allowing us to expand our opportunities in life. Continue reading →
Today, the House Committee on Energy and Commerce, Subcommittee on Communications, Technology and the Internet, released its long-awaited online privacy bill discussion draft, requiring that users opt-in to certain types of online data collection. Berin Szoka and I issued the following statement in response:
By mandating a hodge-podge of restrictive regulatory defaults, policymakers could unintentionally devastate the “free” Internet as we know it. Because the Digital Economy is fueled by advertising and data collection, a “privacy industrial policy” for the Internet would diminish consumer choice in ad-supported content and services, raise prices, quash digital innovation, and hurt online speech platforms enjoyed by Internet users worldwide.
Before imposing prophylactic regulation, policymakers should first identify specific consumer harm that requires government intervention. They should next ask whether there are less restrictive alternatives to regulation, such as enhancing enforcement of existing laws, bolstering limitations on government access to online data, education efforts about online privacy, and promoting the development and uptake of technological empowerment solutions that allow users to manage their own privacy preferences.
Continue reading →
I have a blog post up at Cato@Liberty today about Senate Democrats’ national ID plans. The thing is nine printed pages long. It doesn’t get my recommendation that you read the whole thing—unless you really jones for identity-systems talk. Here’s a summary:
The plan is confusing, disorganized, repetitive, and sometimes contradictory. Summarizing it is a little like trying to piece together the egg when all you have is the omelet, but three themes emerge: First, this summary backs away from an earlier claim that there would not be a biometric national identity database. There will be a national biometric database. Second, repeating the word “fraud-proof” does not make this national ID system fraud proof. Third, this national ID system definitely paves the way for uses beyond work authorization. This is the comprehensive national identity system that people across the ideological and political spectrum oppose.
I pity the Hill staffer who had to write the national ID parts of the plan. He or she almost certainly doesn’t know enough to write sensibly about the design of identity systems, and the demands of politics require the plan to talk about impossible things as if they’re possible, and even easy.
Facebook is in the spotlight—unfairly.
Yesterday, four Democratic U.S. senators — Charles Schumer (D-N.Y.), Michael Bennet (D-Col.), Mark Begich (Alaska) and Al Franken (D-Minn.) — published a letter to Facebook expressing their concern over Facebook’s privacy policies. They asked Facebook to “fix” its privacy policy?
Privacy is a complex and often personal concept – how do these four senators know it’s broken?
Well, the letter follows the announcement of Facebook’s new Open Graph API that could revolutionize social networking. As one commentator wrote on ReadWriteWeb, “the bits of this platform bring together the visions of a social, personalized and semantic Web that have been discussed since del.icio.us pioneered Web 2.0 back in 2004.” The future of the web is not just knowing whether a user is interacting with a webpage, but knowing whether users are liking a specific kind of thing (referred to as the semantic web).
This sounds like very interesting stuff (understatement intended). And here’s the thing that many people (including many members of Congress) forget: Facebook is a new model of business that has shaken up the way we communicate. And it’s operating in uncharted territory, miles ahead of the Washington, D.C. crowd that would like to put their own stamp on the company. This is a company that is driving innovation, the last thing we need are politicians attempting to fine-tune the engine.
Which company is the next target of a letter? What’s the precedent being set by these demands for Facebook and other innovative web-based companies? I imagine there are a lot of concerned entrepreneurs across the country wondering if they’re next.
Last week, the Electronic Privacy Information Center released a petition from a group it spearheaded, asking the Department of Homeland Security to suspend deployment of whole-body imaging (aka “strip-search machines”) at airports.
The petition is a thorough attack on the utility of the machines, the process (or lack of process) by which DHS has moved forward on deployment, and the suitability of the privacy protections the agency has claimed for the machines and computers that display denuded images of air travelers.
The petition sets up a variety of legal challenges to the use of the machines and the process DHS has used in deploying them.
Whole-body imaging was in retreat in the latter part of last year when an amendment to severely limit their use passed the House of Representatives. The December 25 terror attempt, in which a quantity of explosives was smuggled aboard a U.S.-bound airplane in a passenger’s underpants, gave the upper hand to the strip-search machines. But the DHS has moved forward precipitously with detection technology before, wasting millions of dollars. It may be doing so again.
My current assessment remains that strip-search machines provide a small margin of security at a very high risk to privacy. TSA efforts to control privacy risks have been welcome, though they may not be enough. The public may rationally judge that the security gained is not worth the privacy lost.
Wouldn’t it be nice if decisions about security were handled in a voluntary rather than a coercive environment? With airlines providing choice to consumers about security and privacy trade-offs? As it is, with government-run airline security, all will have to abide by the choices of the group that “wins” the debate.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.