About a month ago, I was asked by some friends about the shift from the first-to-invent patent system to a first-to-file patent system in the America Invents Act of 2011 (AIA). I was involved briefly in the policy debates in the spring of 2011 leading up to the enactment of the AIA, and so this query prompted me to share a short essay I wrote in May 2011 on this issue. In this essay, I summarized my historical scholarship I had published up to that point in law journals on the legal definition and protection of patents in the Founding Era and in the early American Republic. I concluded that a shift to a first-to-file patent system contradicted both the constitutional text and the early judicial interpretations of the patent statutes that secured patent rights to first inventors.

Read the full piece here.

Summary

The NPRM and many of the comments supporting it reflect an ill-considered approach to privacy regulation for ISPs. Getting regulation right is always difficult, but it is all the more so when confronting evolving technology, inconsistent and heterogeneous consumer demand, and intertwined economic effects that operate along multiple dimensions.

[S]ecuring a solution that increases social welfare[] isn’t straightforward as a practical matter. From the consumer’s side, the solution needs to account for the benefits that consumers receive from content and services and the benefits of targeting ads, as well as the costs they incur from giving up data they would prefer to keep private. Then from the ad platform’s side, the solution needs to account for the investments the platform is making in providing content and the risk that consumers will attempt to free ride on those investments without providing any compensation—in the form of attention or data—in return. Finally, the solution must account for the costs incurred by both consumers and the ad platform including the costs of acquiring information necessary for making efficient decisions.

The NPRM fails adequately to address these issues, to make out an adequate case for the proposed regulation, or to justify treating ISPs differently than other companies that collect and use data.

Perhaps most important, the NPRM also fails to acknowledge or adequately assess the actual market in which the use of consumer data arises: the advertising market. Whether  intentionally or not, this NPRM is not primarily about regulating consumer privacy; it is about keeping ISPs out of the advertising business. But in this market, ISPs are upstarts
challenging the dominant position of firms like Google and Facebook.

Placing onerous restrictions upon ISPs alone results in either under-regulation of edge providers or over-regulation of ISPs within the advertising market, without any clear justification as to why consumer privacy takes on different qualities for each type of advertising platform. But the proper method of regulating privacy is, in fact, the course that both the FTC and the FCC have historically taken, and which has yielded a stable, evenly administered regime: case-by-case examination of actual privacy harms and a minimalist approach to ex ante, proscriptive regulations.

Summary

The Commission’s interest in protecting the privacy of its citizens is commendable. This concern, however, should be well tempered by humility, and the Commission’s ultimate decision should be guided by the understanding that contemporary technology and market innovations have afforded consumers a degree of choice unparallelled in the history of the European Union. While some firms may build their products with the requirement that consumers allow them to use personal information, others will not. And when consumers defect from products that do not meet their individual mix of privacy, price, and other preferences, firms will take notice and change their behavior accordingly.

This leads to another related point: innovation moves so quickly today that uniform prescriptive regulation intended to govern the behavior of many thousands of firms and millions of consumers is doomed to frustration if not outright failure. Moreover, broad regulations meant to bring industry to heel frequently work to the benefit of incumbents, driving out smaller competitors or making entry nearly impossible, only further narrowing consumer choices and guaranteeing less than optimal results for all of society.

With that said, there are certainly actions for the Commission to take that ensure a competitive environment in which consumer interests are adequately protected. Chief among these areas would be to enact regulations that control the damaging effects of costly data localization rules. Overall, however, the Commission would do best to leave much of the implementation of privacy regulations to the individual EU members who are most in touch with the challenges and desires of their own constituents.

As regulatory review of the merger between Aetna and Humana hits the homestretch, merger critics have become increasingly vocal in their opposition to the deal. This is particularly true of a subset of healthcare providers concerned about losing bargaining power over insurers.

Fortunately for consumers, the merger appears to be well on its way to approval. California recently became the 16th of 20 state insurance commissions that will eventually review the merger to approve it. The U.S. Department of Justice is currently reviewing the merger and may issue its determination as early as July.

Read the full piece here.

We are now on the last step in transitioning oversight for Internet address and domain name functions from the US Government to global stakeholders, a transition that was anticipated 18 years ago when the US established ICANN. It’s said that “if you love something you have to let it go”, but some in Washington aren’t ready to let go of the unique role for US government in the domain name system.

Kristian Stout joined a panel at IGF-USA to discuss the impending the transition plan and new accountability mechanisms for ICANN, offering views on what Congress and the Administration should do next. Video of the panel is embedded below.

As regulatory review of the merger between Aetna and Humana hits the homestretch, merger critics have become increasingly vocal in their opposition to the deal. This is particularly true of a subset of healthcare providers concerned about losing bargaining power over insurers.

Fortunately for consumers, the merger appears to be well on its way to approval. California recently became the 16th of 20 state insurance commissions that will eventually review the merger to approve it. The U.S. Department of Justice is currently reviewing the merger and may issue its determination as early as July.

Read the full piece here.

I’d like to begin by discussing Geoff’s post on the pending legislative proposals designed to combat strategic abuse of drug safety regulations to prevent generic competition. Specifically, I’d like to address the economic incentive structure that is in effect in this highly regulated market.

Read the full piece here.

Brand drug manufacturers are no strangers to antitrust accusations when it comes to their complicated relationship with generic competitors — most obviously with respect to reverse payment settlements. But the massive and massively complex regulatory scheme under which drugs are regulated has provided other opportunities for regulatory legerdemain with potentially anticompetitive effect, as well.

Read the full piece here.

Summary

The Commission’s NPRM would shoehorn the business models of a subset of new economy firms into a regime modelled on thirty-year-old CPNI rules designed to address fundamentally different concerns about a fundamentally different market. The Commission’s hurried and poorly supported NPRM demonstrates little understanding of the data markets it proposes to regulate and the position of ISPs within that market. And, what’s more, the resulting proposed rules diverge from analogous rules the Commission purports to emulate. Without mounting a convincing case for treating ISPs differently than the other data firms with which they do or could compete, the rules contemplate disparate regulatory treatment that would likely harm competition and innovation without evident corresponding benefit to consumers.

Concerns relating to online privacy have been extensively studied by regulators and others over the past two decades. By and large, regulators responded to these concerns with a combination of a general case-by-case approach alongside tailored rules derived from the relevant information involved in particular areas of privacy concern. Few, if any, regulators have adopted an “opt-in” privacy regime for non-sensitive data such as the FCC proposes. The FCC’s proposed regime may have been cutting-edge in the 1980s and 1990s — but it makes no sense in today’s information economy in which firms from different segments of the economy fluidly enter each other’s markets and effectively compete in a separate, cross- sector, informatics and advertising market. The proposed rules instead dig in the heels of the Commission against the irresistible tide of progress, attempting to maintain arbitrary industry firewalls between firms.

The “problem” the Commission attempts to fix with this proposed rulemaking is not one of preventing ISPs from using personal information to prevent new entrants from effectively competing with their incumbent businesses — which was, in fact, the genesis of the CPNI rules.1 Rather, these rules are designed to keep ISPs from competing with edge providers like Google, Facebook, and Netflix. But, in truth, both edge providers and ISPs actually need general rules of broad applicability. This is what the FTC and other regulators have largely done to date. Such broadly applicable rules are designed to be competitively neutral, and to offer the flexibility needed to address the various concerns that may come up in these markets while balancing legitimate economic and privacy interests and providing an adequate level of notice to those subject to regulation about their expected norms of conduct.

In short, the Commission has not made a convincing case that discrimination between ISPs and edge providers makes sense for the industry or for consumer welfare. The overwhelming body of evidence upon which other regulators have relied in addressing privacy concerns urges against a hard opt-in approach. That same evidence and analysis supports a consistent regulatory approach for all competitors, and nowhere advocates for a differential approach for ISPs when they are participating in the broader informatics and advertising markets. Absent the collection and analysis of substantial evidence — which at this point has not been articulated by the Commission or those advocating the Commission’s proposed approach, and which is far beyond the scope of the present NPRM — the proposed approach is not supportable.

And all of the foregoing is particularly perplexing in light of the fact that the Commission will inadvertently create more consumer harm than benefit. At the same time, the Commission has not shown that regulatory efficacy, administrative efficiency or anything else demands such rules. Particularly given TerraCom and the demonstrated ability of the Commission to handle harms as they arise even absent prescriptive rules, the need for these aggressive new rules simply cannot be justified.