Opinion: Why privacy should be viewed and regulated as a value exchange
State and federal politicians, fueled by the indignity of woken consumers, have started taking steps to sanitize the use of personal information online. Emboldened by sensationalized news reporting and a conflation of headlines about credit card hackings at major retailers, Wikileaks, Cambridge Analytica and any number of scheduled Facebook Congressional hearings, regulators have neatly packaged privacy using the politics of fear. Consumers hate the idea of being taken advantage of, especially when it is by one of the overlords of the Internet.
Ironically, there is little debate over the real issues in online privacy. Consumers should always have a choice. The information that consumers are willing to share in exchange for value is not even a hard concept to grasp. Seems that most rational folks think some information is OK to share. What is hard to grasp is how exactly does my anonymous digital ID turn into a threat? That said, protecting victims is important and it may be time to supplement the laws that protect consumers who actually have experienced online privacy abuse.
Strict privacy laws will stifle innovation
Privacy is an uncommonly bipartisan ground for legislators to pursue in an election year because by most accounts, it is noble to appear to protect your constituents. Just like the PPP program for small businesses or the COVID-19 response by state governors, protecting people is a good idea in principle. There is only one problem—and it is in the execution.
The issue with legislation like the California Consumer Protect Act (CCPA) and the half dozen other states with similar laws coming online is that, in their zeal to provide protection against the possibility of bad actors, they are placing an undue burden on internet commerce. Without cookies, IDs, locations or devices, there is no way to monitor performance. The inability to optimize digital marketing will consolidate control with a few companies and throttle and choke out future innovation.
What legislators fail to realize is that the innovation economy isn’t just about cool direct-to-consumer business models or disruptive technological innovations; it is about companies being able to get the word out and have smart conversations with qualified customers in a clear and efficient manner. This capacity for communication is built entirely on the proper and ethical use of data to prioritize and optimize online communication. Being able to reach the people who are in the market and who can afford the products being offered is table stakes.
It has nothing whatsoever to do with Russian troll farms or phishing emails from Nigeria. Thoughtful use of data means less market friction and more efficient outreach. This, in turn, results in higher margins and that leads to more investment in more innovation. From there, it’s rinse and repeat.
What does a reasonableness standard for data and privacy look like?
The missing piece in CCPA and other proposed regulations is a qualified reasonableness standard. A reasonableness standard recognizes that proper and ethical use of data is a test that must be passed by the party making the offer and the party executing the campaign. What goes into ‘proper’ and ‘ethical’ is up for debate, but it logically starts with the idea that any use of consumer data should have a defensible legal purpose that will benefit the consumer. It should respect the choice of users to opt out, and any offer of service or product based on a digital profile should meet a reasonableness standard based on the potential to provide benefit to the consumer.
For example, if you register to vote it stands to reason you want information on candidates. Your party registration history provides guidance and access to candidates to inform their choices on who to approach with their message. Outreach to voters of a registered party is reasonable and expected. It is also equally reasonable for an unregistered voter to receive advertising that encourages them to participate in an election. However, if that outreach is overly partisan, obscene or full of misinformation, then the advertisement fails the reasonableness test.
If the whole idea of online ads upsets you in the same way that it upset those backing CCPA, maybe you should pull out your credit card and start subscribing to all the online content you now access. If you don’t want to do that, then unplug your computer. Reasonableness is a standard that applies to both sides of the privacy debate.