Like most libertarians I’m concerned about government abuse of power. Certainly the secrecy and seeming reach of the NSA’s information gathering programs is worrying. But we can’t and shouldn’t pretend like there are no countervailing concerns (as Gordon Crovitz points out). And we certainly shouldn’t allow the fervent ire of the most radical voices — those who view the issue solely from one side — to impel technology companies to take matters into their own hands. At least not yet.

Rather, the issue is inherently political. And while the political process is far from perfect, I’m almost as uncomfortable with the radical voices calling for corporations to “do something,” without evincing any nuanced understanding of the issues involved.

Frankly, I see this as of a piece with much of the privacy debate that points the finger at corporations for collecting data (and ignores the value of their collection of data) while identifying government use of the data they collect as the actual problem. Typically most of my cyber-libertarian friends are with me on this: If the problem is the government’s use of data, then attack that problem; don’t hamstring corporations and the benefits they confer on consumers for the sake of a problem that is not of their making and without regard to the enormous costs such a solution imposes.

Verizon, unlike just about every other technology company, seems to get this. In a recent speech, John Stratton, head of Verizon’s Enterprise Solutions unit, had this to say:

“This is not a question that will be answered by a telecom executive, this is not a question that will be answered by an IT executive. This is a question that must be answered by societies themselves.”

“I believe this is a bigger issue, and press releases and fizzy statements don’t get at the issue; it needs to be solved by society.”

Stratton said that as a company, Verizon follows the law, and those laws are set by governments.

“The laws are not set by Verizon, they are set by the governments in which we operate. I think its important for us to recognise that we participate in debate, as citizens, but as a company I have obligations that I am going to follow.“

I completely agree. There may be a problem, but before we deputize corporations in the service of even well-meaning activism, shouldn’t we address this as the political issue it is first?

I’ve been making a version of this point for a long time. As I said back in 2006:

I find it interesting that the “blame” for privacy incursions by the government is being laid at Google’s feet. Google isn’t doing the . . . incursioning, and we wouldn’t have to saddle Google with any costs of protection (perhaps even lessening functionality) if we just nipped the problem in the bud. Importantly, the implication here is that government should not have access to the information in question–a decision that sounds inherently political to me. I’m just a little surprised to hear anyone (other than me) saying that corporations should take it upon themselves to “fix” government policy by, in effect, destroying records.

But at the same time, it makes some sense to look to Google to ameliorate these costs. Google is, after all, responsive to market forces, and (once in a while) I’m sure markets respond to consumer preferences more quickly and effectively than politicians do. And if Google perceives that offering more protection for its customers can be more cheaply done by restraining the government than by curtailing its own practices, then Dan [Solove]’s suggestion that Google take the lead in lobbying for greater legislative protections of personal information may come to pass. Of course we’re still left with the problem of Google and not the politicians bearing the cost of their folly (if it is folly).

As I said then, there may be a role for tech companies to take the lead in lobbying for changes. And perhaps that’s what’s happening. But the impetus behind it — the implicit threats from civil liberties groups, the position that there can be no countervailing benefits from the government’s use of this data, the consistent view that corporations should be forced to deal with these political problems, and the predictable capitulation (and subsequent grandstanding, as Stratton calls it) by these companies is not the right way to go.

I applaud Verizon’s stance here. Perhaps as a society we should come out against some or all of the NSA’s programs. But ideological moralizing and corporate bludgeoning aren’t the way to get there.

Filed under: business, corporate social responsibility, cost-benefit analysis, national security, politics, privacy, social responsibility, technology Tagged: John Stratton, National Security Agency, NSA, politics, Surveilance, Verizon, Verizon Communications

I’ll be headed to New Orleans tomorrow to participate in the Federalist Society Faculty Conference and the AALS Annual Meeting.

For those attending and interested, I’ll be speaking at the Fed Soc on privacy and antitrust, and at AALS on Google and antitrust.  Details below.  I hope to see you there!

Federalist Society:

Seven-Minute Presentations of Works in Progress – Part I
Friday, January 4, 5:00 p.m. – 6:00 p.m.
Location: Bacchus Room, Wyndham Riverfront Hotel

• Prof. Geoffrey Manne, Lewis & Clark School of Law, “Is There a Place for Privacy in Antitrust?”
• Prof. Zvi Rosen, New York University School of Law, “Discharging Fiduciary Debts in Bankruptcy”
• Prof. Erin Sheley, George Washington University School of Law, “The Body, the Self, and the Legal Account of Harm”
• Prof. Scott Shepard, John Marshall Law School, “A Negative Externality by Any Other Name: Using Emissions Caps as Models for Constraining Dead-Weight Costs of Regulation”
• Moderator: Prof. David Olson, Boston College Law School

AALS:

Google and Antitrust
Saturday, January 5, 10:30 a.m. – 12:15 p.m.
Location: Newberry, Third Floor, Hilton New Orleans Riverside

• Moderator: Michael A. Carrier, Rutgers School of Law – Camden
• Marina L. Lao, Seton Hall University School of Law
• Geoffrey A. Manne, Lewis & Clark Law School
• Frank A. Pasquale, Seton Hall University School of Law
• Mark R. Patterson, Fordham University School of Law
• Pamela Samuelson, University of California, Berkeley, School of Law

Filed under: administrative, announcements, antitrust, google, privacy Tagged: AALS, Federalist Society

On July 31 the FTC voted to withdraw its 2003 Policy Statement on Monetary Remedies in Competition Cases.  Commissioner Ohlhausen issued her first dissent since joining the Commission, and points out the folly and the danger in the Commission’s withdrawal of its Policy Statement.

Read the full piece here.

Last week the New York Times ran an article, “Building the Next Facebook a Tough Task in Europe“, by Eric Pfanner, discussing the lack of major high tech innovation in Europe.  Eric Pfanner discusses the importance of such investment, and then speculates on the reason for the lack of such innovation.  The ultimate conclusion is that there is a lack of venture capital in Europe for various cultural and historical reasons.  This explanation of course makes no sense.  Capital is geographically mobile and if European tech start ups were a profitable investment that Europeans were afraid to bankroll, American investors would be on the next plane.

Here is a better explanation.  In the name of “privacy,” the EU greatly restricts the use of consumer online  information.  Josh Lerner has a recent paper, “The Impact of Privacy Policy Changes on Venture Capital Investment in Online Advertising Companies” (based in part on the work of Avi Goldfarb and Catherine E. Tucker, “Privacy Regulation and Online Advertising“) finding that this restriction on the use of information is a large part of the explanation for the lack of tech investment in Europe.  Tom Lenard and I have written extensively about the costs of privacy regulation (for example, here) and this is just another example of these costs, although the costs are much greater in Europe than they are here (so far.)

Filed under: advertising, consumer protection, intellectual property, privacy, regulation, technology

Today at 11AM PT I will be participating on the live webcast “This Week in Law” along with TechFreedom Senior Adjunct Fellow Larry Downes. Denise Howell will be hosting and we will also be joined by fellow participant Evan Brown. This week we will be discussing various topics in tech policy including Senator Al Franken’s lambast of Facebook and Google, the newly opened antitrust investigation of Motorola Mobility by the European Commission, and the continued problem of spectrum crunch.

This Week in Law is recorded live every Friday at 11:00am PT/2:00pm ET and covers topics primarily in law, technology, and public policy. You do not have to register, just follow this link at 11:00am PT/2:00pm ET to watch.

Filed under: antitrust, general, net neutrality, politics, privacy

The EU is apparently thinking of adopting common and highly restrictive privacy standards which would make use of information by firms much more difficult and would require, for example, that data be retained only as long as necessary.  This is touted as pro-consumer legislation.  However, the effects would be profoundly anti-consumer.  For one thing, ads would be much less targeted, and so consumers would get less valuable ads and would not learn as much about valuable prodcts and services aimed at their interests.  For another effect, fraud and identity theft would become more common as sellers could not use stored information to verify identity.  Finally, costs of doing buisness would increase, and so we would expect to see fewer innovations aimed at the European market, and some sellers might avoid that market entirely.

Filed under: privacy

By now everyone is probably aware of the “tracking” of certain cellphones (Sprint, iPhone, T-Mobile, AT&T perhaps others) by a company called Carrier IQ.  There are lots of discussions available; a good summary is on one of my favorite websites, Lifehacker;  also here from CNET. Apparently the program gathers lots of anonymous data mainly for the purpose of helping carriers improve their service. Nonetheless, there are lawsuits and calls for the FTC to investigate.

Aside from the fact that the data is used only to improve service, it is also useful to ask just what people are afraid of.  Clearly the phone companies already have access to SMS messages if they want it since these go through the phone system anyway.  Moreover, of course, no person would see the data even if it were somehow collected.  The fear is perhaps that “… marketers can use that data to sell you more stuff or send targeted ads…” (from the Lifehacker site) but even if so, so what?  If apps are using data to try to sell you stuff that they think that you want, what is the harm? If you do want it, then the app has done you a service.  If you don’t want it, then you don’t buy it.  Ads tailored to your behavior are likely to be more useful than ads randomly assigned.

The Lifehacker story does use phrases like “freak people out” and “scary” and “creepy.”  But except for the possibility of being sold stuff, the story never explains what is harmful about the behavior.  As I have said before, I think the basic problem is that people cannot understand the notion that something is known but no person knows it.  If some server somewhere knows where your phone has been, so what?

The end result of this episode will probably be somewhat worse phone service.

Filed under: advertising, consumer protection, privacy, regulation, technology, telecommunications, wireless

Today’s Wall Street Journal has a long article-debate on privacy.  The strongest pro-privacy is Christopher Soghoian of the Open Society Institute.  He confuses commercial privacy with government privacy:

“The dirty secret of the Web is that the “free” content and services that consumers enjoy come with a hidden price: their own private data. Many of the major online advertising companies are not interested in the data that we knowingly and willingly share. Instead, these parasitic firms covertly track our web-browsing activities, search behavior and geolocation information. Once collected, this mountain of data is analyzed to build digital dossiers on millions of consumers, in some cases identifying us by name, gender, age as well as the medical conditions and political issues we have researched online.”

When asked “Why is that a problem” he replies

“Many of the dangers posed by digital dossiers do not occur regularly, but are incredibly destructive to people’s lives when they do. An unlucky few will be stalked, fired, surveilled, arrested, deported or even tortured, all as a result of the data kept about them by companies and governments. Much more common are the harms of identity theft or public embarrassment. Even when companies follow best practices—and few do—it is impossible to be completely secure.”

Note that “parasitic firms” are collecting the data which is then used for arrest, deportation, and torture.  A bit of a disconnect. Identity theft is a problem, but the risk is decreasing and the costs are almost always low.  Moreover, identity thieves are crooks, not firms.

What is particularly interesting about the article is the survey data reported.  It demonstrates peoples’ confusion about the issues.  92% of the adults surveyed  “Think that there should be a law that requires websites and advertising companies to delete all stored information about an individual” but between 32% and 47% would like websites to provide information of some sort (ads: 32%, discounts: 47%, or news: 40%) “tailored to their interests.”  But of course these numbers are totally inconsistent.  If websites cannot keep any information about an individual, then they cannot provide tailored information since there will be nothing on which to base the tailoring.  The relevant questions are tradeoff questions, but the reported survey does not address these.

Filed under: advertising, privacy