You may have noticed a surge of articles criticizing the Federal Trade Commission for its innovation-stifling, headline-chasing, out-of-control attacks on business. The timing of these articles, op-eds and jeremiads isn't an accident.
The FTC has spent the past decade ramping up its enforcement against privacy-invasive practices, trying to bridge the gap between the privacy norms espoused by business-leaders and the privacy expectations of the American public. FTC critics have argued that companies should only be punished when their use of stolen data, or leaks of data, cause actual harm to customers, and their version of "actual harm" is pretty extreme. One FTC-basher says that banks shouldn't be punished if they reveal your sensitive financial information to fraudsters who call up and impersonate you.
Companies that use and trade in personal information rely on the people involved not discovering what's going on. For example, one data-broker sells its services to retailers as a means of getting the home addresses and other information of their customers in secret, avoiding "losing customers who feel that you're invading their privacy."
Why is it so important to characterize privacy violations as harmless? The business lobby desperately wants to limit the FTC's powers so that the agency does not investigate or pursue information practices. For the FTC to pursue the most problematic and structural challenges in privacy, such as data brokers, the agency has to conceive of how a loss of control over information and sale of it to others constitutes a harm.
Understood in this way, objections about "harm" are a mask for an underlying ideological commitment against privacy rights. Swindle was honest enough to admit this underlying interest—he lamented that protecting consumers against pretexting would lead to a "foray into broader privacy regulation."
While the business community funds FTC critics, it does not understand how radical these advocates are. If the FTC were defanged according to its critics' tendentious reading of law and history, the agency could bring common law consumer fraud cases only. The FTC would have to prove specific intent to mislead the consumer, actual consumer reliance on the deception, and only cases involving economic harm could be remedied. In short, consumer protection would be left to the market. The market approach did not work in the 19th century and was rejected by state and federal legislators and even the business community itself.
Businesses are invading your privacy
[Chris Hoofnagle/The Hill]
(Image: Three Card Monte, Jaffa, Israel
, Ziodave, CC-BY-SA)