By Thomas Lenard
July 17, 2012
(This piece was published in The Hill’s Congress Blog)
Can “self-regulation” adequately protect privacy online? That question was posed during a recent Senate Commerce Committee hearing focused on the current self-regulatory effort to develop a “Do-Not-Track” (DNT) mechanism – and answered in the negative by the committee’s senior Democrats, who believe privacy legislation is long overdue. Commerce Committee Chairman Rockefeller emphasized that he was speaking for consumers. But despite years of such hearings, the benefits to consumers of privacy regulation of any kind – let alone net benefits (i.e., benefits minus costs) – have yet to be demonstrated.
The DNT concept has also been endorsed by a Federal Trade Commission report. In the same report, however, the agency acknowledged that it did not know what the impact of DNT would be on online publishers, advertisers, or consumers – in other words, the FTC said that it had no idea what the costs or benefits would be. The example of Europe – which has more privacy regulation and less technological innovation than the U.S. – should be noted.
A bad idea does not become better if it is pushed through a “self-regulatory” process. DNT would either prevent users’ online browsing information from being collected or prevent them from seeing “behavioral advertising” – advertising targeted to their interests. Either way, DNT has the potential to strike at the heart of the Internet.
Information is the currency of the Internet. People routinely give up information about themselves, which is used to deliver advertising targeted to their interests. The revenues from these ads – which command rates more than double the rates for untargeted ads – fund the content and services we all enjoy, including free search and email, online news subscriptions, and many other things. So, consumers effectively are trading their information for services. By reducing the value of the Internet as an advertising medium, DNT would reduce the revenues available to support content for all Internet users. It is hard to imagine why this would be good for consumers.
The idea for DNT comes from the popular telemarketing Do-Not-Call List. But the similarities between the two end at their names. People sign up for the Do-Not-Call List in order to reduce unwanted marketing solicitations. A DNT mechanism would actually have the opposite effect because it would make it more difficult for advertisers to deliver targeted advertising. As a result, advertisers would sell more untargeted ads. So, consumers are likely to end up receiving a greater number of less-useful ads.
A DNT standard is being developed by technology companies, advertisers, and privacy advocates under the auspices of the World Wide Web Consortium (W3C), a respected international standard-setting organization. However, because this exercise is subject to heavy government pressure, it is not the typical industry standard setting exercise that often takes place in the economy. Various government officials are signaling that if self-regulation doesn’t do what they want, legislation will be on the way.
Self-regulation has an advantage over formal government regulation in that it can be more flexible, but self-regulation is inevitably going to be used by participants to try and gain a competitive advantage, as we are now seeing. For example, Microsoft recently announced that the next version of its Internet Explorer browser will include a DNT feature that will be turned on by default. It is reasonable to assume that Microsoft’s primary target is its long-time nemesis, Google, which would clearly be hurt if a large number of Internet users suddenly were cut off from behavioral advertising. The impact on Microsoft itself, which is primarily a desktop and server software company with a very limited advertising business, would be minor.
Microsoft’s announcement was not welcomed by the W3C, most of whose participants would also be harmed by a reduction in the value of online advertising, and they tentatively decided not to endorse DNT by default. The final outcome remains to be determined.
Self-regulation is an example of a “multistakeholder” process, which is in vogue these days. But such processes usually leave out many interested parties. Consumers are not directly represented, nor are those who might want to start a business with a new idea. The most powerful multistakeholder process – which reconciles the interests of many more stakeholders than possibly can be accommodated in a committee process – is still the market. And, there is no evidence the market is not working.
Thomas M. Lenard is president of the Technology Policy Institute.
The Technology Policy Institute
The Technology Policy Institute is a non-profit research and educational organization that focuses on the economics of innovation, technological change, and related regulation in the United States and around the world. More information is available at https://techpolicyinstitute.org/
