SlideShare ist ein Scribd-Unternehmen logo

Thierer Internet Privacy Regulation

Als PPTX, PDF herunterladen
Mercatus Center
Mercatus Center
TechnologieNews & Politik
1 von 31
Privacy & The Internet: An Overview of Key Issues Adam Thierer Senior Research Fellow Mercatus Center at George Mason University May 19, 2011
Outline of Presentation 1) What do we mean by “privacy? 2) Different approaches to defining / protecting it 3) Trade-offs associated with privacy regulation 4) The challenge of information control 5) Specific regulatory proposals 6) An alternative vision / the “3-E Solution” 2
What is Privacy? • Privacy is a remarkably vague concept • Means different things to different people • Varies by cultures • An ever-changing concept • Reacts to evolving social norms & technological change • If it is a “right,” we must determine how it plays alongside other, well-established rights (ex: freedom of speech & press freedoms) 3
Privacy’s Fuzzy Concepts • “Harm” – How do we define and measure “harm”? – Is “creepiness” a harm? – Should “emotional harms” (feelings) be actionable? • “Ownership” – Who owns shared data? – What is personally identifying information? • “Informed Consent” – Are strict contracts possible? • “Sensitive Data” – Health, financial, what else? 4
Alan Westin’s 3 Visions / Paradigms 1. “Privacy Fundamentalists”: Absolutists about privacy being a “right” & one that trumps most other values / considerations 2. “Privacy Pragmatists”: Values privacy to some extent but also sees benefits of information sharing 3. “Privacy Unconcerned”: Have little concern about who knows what about them 5
How to Enforce / Protect Privacy? (U.S. vs. E.U. Visions) United States • Privacy not viewed as a fundamental right • Issue-specific / Sectoral approach • Bottom-up case law / torts • States have role; often more stringent than fed law • More focus on “opt-out” • “Big Brother” generally = govt • = a reactive regime European Union • Privacy viewed as a fundamental “dignity” right • Broad-based approach • Top-down “directives” • More focus on “opt-in” • “Big Brother” = private sector as much as govt • = a preemptive regime 6
The U.S. Sectoral / Issue-Specific Approach to Privacy Law • Privacy Act (1974) = govt data collection • FERPA (1974) = fed-funded education institutions • Cable Comm. Policy Act (1984) = cable data • Video Privacy Prot. Act (1988) = video rental records • Driver’s Privacy Prot. Act (1994) = DMV records • HIPPA (1996) = health records • Gramm-Leach-Bliley (1999) = financial records • COPPA (1998) = kids’ (under 13) online privacy • CAN-SPAM Act (1993) • Do Not Call registry (2003) 7
The Battle over Online Privacy • Policy battle has been raging since late 1990s • FTC & Congress appeared poised to act around 2000, but... – Industry self-regulation was given a chance – 9/11 preempted this debate to some extent • Framework for past decade: – Focus on Notice / Choice / Access / Security – Rise of self-regulatory bodies & mechanisms – Targeted FTC & state enforcement 8
New Fault Lines in the Online Privacy Wars (and the legislative response) • New activity driven by: – Fears of “targeting” & “tracking” = “creepy” factor – General unease with ubiquity of data access & availability Proposals: • “Baseline legislation” / FIPPS (Kerry-McCain, Rush, Stearns) • “Do Not Track” mechanism + regulation (Speier & Rockefeller bills) • “Do Not Track Kids” / COPPA expansion (Markey-Barton) • Internet “Eraser Button” (Markey-Barton) • Geolocation restrictions (Markey-Barton) • Data breach disclosure (Kerry-McCain) • Data minimization requirements (Kerry-McCain, Rush) • ECPA vs. Data retention laws 9
Privacy Trade-Offs & Opportunity Costs • Internet feels like the ultimate “free lunch;” most sites, services & content are free of charge. • But, in reality, there is no free lunch. • The implicit quid pro quo of online life: you gotta give a little to get a little (or a lot!). And most people like this deal. • The Net is powered by advertising & data collection. Information is lifeblood of Digital Economy. • Info may be collected to facilitate a better browsing experience or to help the site or service remain viable. • In essence, information used in lieu of payment. • Regulation could break this system & have other unintended consequences. 10
The Problem of Information Control Even if we agree privacy is important and worth protecting, it will be very hard. • “Information wants to be free” - Stewart Brand – and that includes personal information • “The Net interprets censorship as damage and routes around it.” - John Gilmore – and privacy regulation is, at root, a form of data flow censorship 11
10 Factors That Complicate Information Control Efforts Drivers Results Digitization Convergence Intangibility Decentralized, Distributed Networking Moore’s Law Scale & Scope Falling Storage Costs Volume Ubiquitous High-Speed Networks User-Generation of Content and Self-Revelation of Data 12
Some Facts (or ‘Why Putting Genies Back in Bottles is So Hard’) • Facebook: users submit @ 650,000 comments on the 100 million pieces of content served up every minute on its site. • YouTube: over 35 hours of video uploaded every minute. • Twitter: 300 million users produce 140 million Tweets / day, = a billion Tweets every 8 days. (@ 1,600 per second) • Apple: more than three billion apps have been downloaded from its App Store by customers in over 77 countries. “Humankind shared 65 exabytes of information in 2007, the equivalent of every person in the world sending out the contents of six newspapers every day.” - Hilbert and Lopez 13
“The Privacy Paradox” • “People value their privacy, but then go out of their way to give it up.” – Larry Downes, Laws of Disruption • “We give away information about ourselves— voluntarily leave visible footprints of our daily lives—because we judge, perhaps without thinking about it very much, that the benefits outweigh the costs. To be sure, the benefits are many.” – Abelson, Ledeen & Lewis, Blown to Bits 14
What We Must Learn to Accept • “Once information is out there, it is very hard to keep track of who has it and what he has done with it.” -- David Friedman, Future Imperfect • Privacy is not “dead” as some have claimed, but it is different than it was in past – New realities of info dissemination, accessibility, searchability • Rushed, heavy-handed solutions will be costly and perhaps not effective anyway 15
Policy Responses (and their problems)
“Do Not Track” – The Theory • Could be voluntary, but might be mandated. • Would demand that websites honor a machine-readable header indicating that the user did not want to be “tracked.” • In theory, this will allow privacy-sensitive web surfers to signal to websites they would like to opt-out of any targeted advertising, or not have any information about them collected when visiting sites. 17
“Do Not Track” – Potential Downsides • Costs: If law breaks the quid pro quo something must give… – Paywalls and higher prices? – less relevant or more intrusive advertising? – Fewer services? Less media content? • Int’l Competitiveness: Goldfarb & Tucker - “after the [EU’s] Privacy Directive was passed [in 2002], advertising effectiveness decreased on average by around 65 % in Europe.” Because regulation decreases ad effectiveness, “this may change the number and types of businesses sustained by the advertising-supporting Internet.” • Practical? Does DNT scale? Apply internationally? To other devices? • Regulatory creep: Will it serve as a template for other forms of Net regulation? 18
COPPA Expansion – Background • Special concerns about youth & online marketing • COPPA (‘98) was first attempt to deal with it • Requires “verifiable parental consent” for sites “directed at” children that collect info • FTC defines rules (safe harbors) and enforces • Never constitutionally challenged 19
COPPA Expansion – Potential Problems • What works for under 13 not likely to work for teens • Would basically require mandatory age verification of all web surfers • COPPA becomes COPA? = unconstitutional • Serious free speech issues • Irony = in name of protecting privacy, more info about users would need to be collected! 20
Internet “Eraser Button” Concept • Goal: Make it easier for people (esp. kids) to delete posted comments or content they later regret • Practical Problem: Where is this button? Who controls it? What if info is shared content? Back- door to fraud / abuse? • Principled Problem: Conflicts mightily with freedom of speech & press freedoms 21
A Different Vision for Privacy Protection
The Conflict of Visions: Anticipatory Regulation vs. Resiliency • Long-standing conflict of visions about how to best manage risks: 1. Anticipation – Prevention is prime value – Focus on the “Precautionary Principle” 2. Resiliency – Experimentation is prime value – Focus on Learning / Coping 23
Anticipatory vs. Resiliency-Based Solutions Anticipatory Reg Approach • Mandatory “Do Not Track” • Mandatory “Opt-In” for all data collection • Bans on apps / functionality • Restrictions on sharing / all defaults to private • “Eraser Button” mandates / demands for data deletion Resiliency Approach • Voluntary “Do Not Track” • Offer opt-outs (encourages experimentation & innovation) • No preemptive bans on tech • No restrictions on sharing, but education about downsides • Voluntary data “purges” & “data hygiene” 24
Constructive Alternatives to Regulation 1. Be careful @ how “harm” & “market failure” defined. (ex: Creepiness not a likely harm; data breech likely a harm) 2. Focus on a “3-E Solution” to problems: Education, Empowerment, & (Targeted) Enforcement 3. Encourage corporate and personal responsibility 4. Think of privacy as an evolving set of norms, interactions & experiments 5. Don’t Panic! We can learn to cope with technological change. 25
26 The “3-E Solution”
#1: Educational Solutions • Education at all levels • Awareness campaigns from privacy advocates, govt, industry, educators, etc. • Encouraging better online “netiquette” and “data hygiene” • Push for better transparency across the board – Better notice & labeling – Need more watch-dogging of privacy promises made by companies 27
#2: Empowerment Solutions • = Helping users help themselves • User “self-help” tools are multiplying – AdBlockPlus, NoScript, other browser tools • Industry self-regulation – More cross-industry collaboration on privacy programs – More education efforts (better notice) – Best practices & better defaults – More and better tools to respond to new developments and needs 28
#3: Enforcement Solutions • Holding companies to the promises they make – stepped-up FTC Sec. 5 enforcement • Demand better notice & transparency • Mandatory disclosure of data breaches • Targeted regulation of sensitive data, but with flexibility 29
Conclusion / Key Takeaways • “Privacy” is incredibly complicated & contentious • Privacy can conflict with other values / rights • All regulation entails costs & trade-offs • There is no free lunch • Information control is very, very hard • “Silver-bullet” solutions rarely work • The more education & transparency the better • Resiliency is generally a smarter strategy compared to anticipatory, top-down regulation • And, once more… don’t panic! We’ll get through and adjust. 30
Further Readings • Adam Thierer, Filing to Federal Trade Commission in ‘Do Not Track’ Proceeding, February 18, 2011. • Adam Thierer, “Birth of the ‘Privacy Tax,’” Forbes, April 4, 2011. • Adam Thierer, “Online Privacy Regulation: Likely More Complicated (And Costly) Than Imagined,” Mercatus on Policy, Mercatus Center at George Mason University, December 6, 2010 . • Adam Thierer, “Erasing Our Past on the Internet,” Forbes, April 17, 2011. • Adam Thierer, “Unappreciated Benefits of Advertising and Commercial Speech,” Mercatus on Point 86, Mercatus Center, January 2011. • Berin Szoka and Adam Thierer, “COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech,” Progress on Point 16, no.11, The Progress & Freedom Foundation, May 21, 2009. 31

Empfohlen

Privacy & the Internet: An Overview of Key Issues
Privacy & the Internet: An Overview of Key IssuesPrivacy & the Internet: An Overview of Key Issues
Privacy & the Internet: An Overview of Key Issues
Adam Thierer
 
Data Protection & Risk Management
Data Protection & Risk Management Data Protection & Risk Management
Data Protection & Risk Management
Endcode_org
 
08 Ethics, Law and E-commerce
08 Ethics, Law and E-commerce08 Ethics, Law and E-commerce
08 Ethics, Law and E-commerce
monchai sopitka
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk
Endcode_org
 
Com 300 dl
Com 300 dlCom 300 dl
Com 300 dl
chiameity
 
Cyber Banking Conference
Cyber Banking Conference Cyber Banking Conference
Cyber Banking Conference
Endcode_org
 
Ethical, Social And Political Issues Raised By E Commerce
Ethical, Social And Political Issues Raised By E CommerceEthical, Social And Political Issues Raised By E Commerce
Ethical, Social And Political Issues Raised By E Commerce
Nicholas Davis
 
IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends
Endcode_org
 

Empfohlen

Privacy & the Internet: An Overview of Key Issues
Privacy & the Internet: An Overview of Key IssuesPrivacy & the Internet: An Overview of Key Issues
Privacy & the Internet: An Overview of Key Issues
Adam Thierer
 
Data Protection & Risk Management
Data Protection & Risk Management Data Protection & Risk Management
Data Protection & Risk Management
Endcode_org
 
08 Ethics, Law and E-commerce
08 Ethics, Law and E-commerce08 Ethics, Law and E-commerce
08 Ethics, Law and E-commerce
monchai sopitka
 
Social Media & Legal Risk
Social Media & Legal Risk Social Media & Legal Risk
Social Media & Legal Risk
Endcode_org
 
Com 300 dl
Com 300 dlCom 300 dl
Com 300 dl
chiameity
 
Cyber Banking Conference
Cyber Banking Conference Cyber Banking Conference
Cyber Banking Conference
Endcode_org
 
Ethical, Social And Political Issues Raised By E Commerce
Ethical, Social And Political Issues Raised By E CommerceEthical, Social And Political Issues Raised By E Commerce
Ethical, Social And Political Issues Raised By E Commerce
Nicholas Davis
 
IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends IAB Online Content Regulation: Trends
IAB Online Content Regulation: Trends
Endcode_org
 
Ethics in e commerce n it
Ethics in e commerce n itEthics in e commerce n it
Ethics in e commerce n it
amitmitkar
 
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...
Adam Thierer
 
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - SocioeconomicsMalcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Irish Future Internet Forum
 
Big Data and Privacy
Big Data and PrivacyBig Data and Privacy
Big Data and Privacy
mjsale781
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
Lilian Edwards
 
Cyber law and introduction for undergrad
Cyber law and introduction for undergradCyber law and introduction for undergrad
Cyber law and introduction for undergrad
Azmawati Lazim
 
Cyber law
Cyber lawCyber law
Cyber law
Azmawati Lazim
 
Ethics, Law, and E-commerce
Ethics, Law, and E-commerceEthics, Law, and E-commerce
Ethics, Law, and E-commerce
Dr. Prashant Vats
 
Legal & moral issues in e commerce
Legal & moral issues in e commerceLegal & moral issues in e commerce
Legal & moral issues in e commerce
Damo Ward
 
Pls780 week 2
Pls780 week 2Pls780 week 2
Pls780 week 2
Michael Germano
 
Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550
Brian Rowe
 
legal and ethcal issues of e business
legal and ethcal issues of e businesslegal and ethcal issues of e business
legal and ethcal issues of e business
Kdnk Kiriti
 
social, legal and ethical issues of e-commerce..
social, legal and ethical issues of e-commerce..social, legal and ethical issues of e-commerce..
social, legal and ethical issues of e-commerce..
home based
 
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)
Berin Szoka
 
Pls 780 week 3
Pls 780 week 3Pls 780 week 3
Pls 780 week 3
Michael Germano
 
10-22-13 Presentation on Google Glass and Privacy Challenges
10-22-13 Presentation on Google Glass and Privacy Challenges10-22-13 Presentation on Google Glass and Privacy Challenges
10-22-13 Presentation on Google Glass and Privacy Challenges
Jonathan Ezor
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoT
LAURA VIVET
 
Pls 780 week 8
Pls 780 week 8Pls 780 week 8
Pls 780 week 8
Michael Germano
 
Pls 780 week 9
Pls 780 week 9Pls 780 week 9
Pls 780 week 9
Michael Germano
 
What every product manager needs to know about online privacy
What every product manager needs to know about online privacyWhat every product manager needs to know about online privacy
What every product manager needs to know about online privacy
Trevor Fox
 
Mundial 2014
Mundial 2014Mundial 2014
Mundial 2014
Jeiixoon Kamiloo
 
Environment and climate: The space perspective - Simonetta Cheli
Environment and climate: The space perspective - Simonetta CheliEnvironment and climate: The space perspective - Simonetta Cheli
Environment and climate: The space perspective - Simonetta Cheli
estelconference
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ethics in e commerce n it
Ethics in e commerce n itEthics in e commerce n it
Ethics in e commerce n it
amitmitkar
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
Lilian Edwards
 
Legal & moral issues in e commerce
Legal & moral issues in e commerceLegal & moral issues in e commerce
Legal & moral issues in e commerce
Damo Ward
 
Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550
Brian Rowe
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoT
LAURA VIVET
 

Was ist angesagt? (20)

Ethics in e commerce n it
Ethics in e commerce n itEthics in e commerce n it
Ethics in e commerce n it
 
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...
The Challenge of Benefit-Cost Analysis As Applied to Online Safety & Digital ...
 
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - SocioeconomicsMalcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
Malcolm Crompton, IIS Partners Irish Future Internet Forum - Socioeconomics
 
Big Data and Privacy
Big Data and PrivacyBig Data and Privacy
Big Data and Privacy
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
 
Cyber law and introduction for undergrad
Cyber law and introduction for undergradCyber law and introduction for undergrad
Cyber law and introduction for undergrad
 
Cyber law
Cyber lawCyber law
Cyber law
 
Ethics, Law, and E-commerce
Ethics, Law, and E-commerceEthics, Law, and E-commerce
Ethics, Law, and E-commerce
 
Legal & moral issues in e commerce
Legal & moral issues in e commerceLegal & moral issues in e commerce
Legal & moral issues in e commerce
 
Pls780 week 2
Pls780 week 2Pls780 week 2
Pls780 week 2
 
Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550 Privacy law and policy 2 - LIS550
Privacy law and policy 2 - LIS550
 
legal and ethcal issues of e business
legal and ethcal issues of e businesslegal and ethcal issues of e business
legal and ethcal issues of e business
 
social, legal and ethical issues of e-commerce..
social, legal and ethical issues of e-commerce..social, legal and ethical issues of e-commerce..
social, legal and ethical issues of e-commerce..
 
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)
Cyber Libertarianism: Real Internet Freedom (Thierer & Szoka)
 
Pls 780 week 3
Pls 780 week 3Pls 780 week 3
Pls 780 week 3
 
10-22-13 Presentation on Google Glass and Privacy Challenges
10-22-13 Presentation on Google Glass and Privacy Challenges10-22-13 Presentation on Google Glass and Privacy Challenges
10-22-13 Presentation on Google Glass and Privacy Challenges
 
Privacy, Drones, and IoT
Privacy, Drones, and IoTPrivacy, Drones, and IoT
Privacy, Drones, and IoT
 
Pls 780 week 8
Pls 780 week 8Pls 780 week 8
Pls 780 week 8
 
Pls 780 week 9
Pls 780 week 9Pls 780 week 9
Pls 780 week 9
 
What every product manager needs to know about online privacy
What every product manager needs to know about online privacyWhat every product manager needs to know about online privacy
What every product manager needs to know about online privacy
 

Andere mochten auch

εντυπα οτε
εντυπα οτεεντυπα οτε
εντυπα οτε
epolychr
 
santa's grotto
santa's grottosanta's grotto
santa's grotto
sophie2306
 

Andere mochten auch (6)

Mundial 2014
Mundial 2014Mundial 2014
Mundial 2014
 
Environment and climate: The space perspective - Simonetta Cheli
Environment and climate: The space perspective - Simonetta CheliEnvironment and climate: The space perspective - Simonetta Cheli
Environment and climate: The space perspective - Simonetta Cheli
 
εντυπα οτε
εντυπα οτεεντυπα οτε
εντυπα οτε
 
Security and Privacy in Emerging Aerospace Scenarios - Pierangela Samarati
Security and Privacy in Emerging Aerospace Scenarios - Pierangela SamaratiSecurity and Privacy in Emerging Aerospace Scenarios - Pierangela Samarati
Security and Privacy in Emerging Aerospace Scenarios - Pierangela Samarati
 
santa's grotto
santa's grottosanta's grotto
santa's grotto
 
Nh intermediate (2003) tapes cripts hai
Nh intermediate (2003) tapes cripts hai Nh intermediate (2003) tapes cripts hai
Nh intermediate (2003) tapes cripts hai
 

Ähnlich wie Thierer Internet Privacy Regulation

[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
Adam Thierer
 
What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?
Nexsen Pruet
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentation
Chande Kasita
 
PLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalPLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics final
Sofie van der Meulen
 

Ähnlich wie Thierer Internet Privacy Regulation (20)

“Permissionless Innovation” & the Grand Tech Policy Clash of Visions to Come
“Permissionless Innovation” & the Grand Tech Policy Clash of Visions to Come“Permissionless Innovation” & the Grand Tech Policy Clash of Visions to Come
“Permissionless Innovation” & the Grand Tech Policy Clash of Visions to Come
 
The death of data protection
The death of data protection The death of data protection
The death of data protection
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
IoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the futureIoT & Big Data - A privacy-oriented view of the future
IoT & Big Data - A privacy-oriented view of the future
 
IT risk discusion qustion.pdf
IT risk discusion qustion.pdfIT risk discusion qustion.pdf
IT risk discusion qustion.pdf
 
Multimedia Privacy
Multimedia PrivacyMultimedia Privacy
Multimedia Privacy
 
Age Friendly Economy - Legislation and Ethics of Data Use
Age Friendly Economy - Legislation and Ethics of Data UseAge Friendly Economy - Legislation and Ethics of Data Use
Age Friendly Economy - Legislation and Ethics of Data Use
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with Privacy
 
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)[SLIDES] Internet of Things presentation at AEI (Sept 2014)
[SLIDES] Internet of Things presentation at AEI (Sept 2014)
 
Ohara winchester 21.4.15
Ohara winchester 21.4.15Ohara winchester 21.4.15
Ohara winchester 21.4.15
 
Data set Legislation
Data set Legislation Data set Legislation
Data set Legislation
 
3-Professional Ethics Issues.pptx
3-Professional Ethics Issues.pptx3-Professional Ethics Issues.pptx
3-Professional Ethics Issues.pptx
 
Ethical and social issues in information systems
Ethical and social issues in information systemsEthical and social issues in information systems
Ethical and social issues in information systems
 
3 - Social Media and Enterprise
3 - Social Media and Enterprise3 - Social Media and Enterprise
3 - Social Media and Enterprise
 
What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?What is the GDPR & What does it mean for YOUR business?
What is the GDPR & What does it mean for YOUR business?
 
chapter05 (1).ppt
chapter05 (1).pptchapter05 (1).ppt
chapter05 (1).ppt
 
How Can Policymakers and Regulators Better Engage the Internet of Things?
How Can Policymakers and Regulators Better Engage the Internet of Things? How Can Policymakers and Regulators Better Engage the Internet of Things?
How Can Policymakers and Regulators Better Engage the Internet of Things?
 
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
 
Kasita's presentation
Kasita's presentationKasita's presentation
Kasita's presentation
 
PLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalPLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics final
 

Mehr von Mercatus Center

Stephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI PanelStephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
Mercatus Center
 
David Stapleton Presentation for Mercatus Center SSDI Panel
David Stapleton Presentation for Mercatus Center SSDI PanelDavid Stapleton Presentation for Mercatus Center SSDI Panel
David Stapleton Presentation for Mercatus Center SSDI Panel
Mercatus Center
 
Jason J. Fichtner Presentation for Mercatus Center SSDI Panel
Jason J. Fichtner Presentation for Mercatus Center SSDI PanelJason J. Fichtner Presentation for Mercatus Center SSDI Panel
Jason J. Fichtner Presentation for Mercatus Center SSDI Panel
Mercatus Center
 
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI PanelStephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
Mercatus Center
 

Mehr von Mercatus Center (20)

ACA Has Worsened Medicaid's Structural Problems
ACA Has Worsened Medicaid's Structural ProblemsACA Has Worsened Medicaid's Structural Problems
ACA Has Worsened Medicaid's Structural Problems
 
Evaluating a Sluggish Economy with Bruce Yandle
Evaluating a Sluggish Economy with Bruce YandleEvaluating a Sluggish Economy with Bruce Yandle
Evaluating a Sluggish Economy with Bruce Yandle
 
Affordable Care Act's 6 Year Anniversary
Affordable Care Act's 6 Year AnniversaryAffordable Care Act's 6 Year Anniversary
Affordable Care Act's 6 Year Anniversary
 
Capitol Hill Campis March 2016
Capitol Hill Campis March 2016Capitol Hill Campis March 2016
Capitol Hill Campis March 2016
 
Nominal GDP Targeting
Nominal GDP TargetingNominal GDP Targeting
Nominal GDP Targeting
 
Understanding the U.S. Health Care System
Understanding the U.S. Health Care SystemUnderstanding the U.S. Health Care System
Understanding the U.S. Health Care System
 
Wireless Spectrum in 2016: A Policy Update
Wireless Spectrum in 2016: A Policy UpdateWireless Spectrum in 2016: A Policy Update
Wireless Spectrum in 2016: A Policy Update
 
Buchanan Speaker Series: Education, Inequality, and Incentives
Buchanan Speaker Series: Education, Inequality, and IncentivesBuchanan Speaker Series: Education, Inequality, and Incentives
Buchanan Speaker Series: Education, Inequality, and Incentives
 
Modernizing Freight Rail Regulation: Recommendations from the TRB Study
Modernizing Freight Rail Regulation: Recommendations from the TRB StudyModernizing Freight Rail Regulation: Recommendations from the TRB Study
Modernizing Freight Rail Regulation: Recommendations from the TRB Study
 
Modernizing the SSDI Eligibility Criteria: Trends in Demographics and Labor M...
Modernizing the SSDI Eligibility Criteria: Trends in Demographics and Labor M...Modernizing the SSDI Eligibility Criteria: Trends in Demographics and Labor M...
Modernizing the SSDI Eligibility Criteria: Trends in Demographics and Labor M...
 
An Economic Situation Update with Bruce Yandle
An Economic Situation Update with Bruce YandleAn Economic Situation Update with Bruce Yandle
An Economic Situation Update with Bruce Yandle
 
What Should We Do about Cyber Attacks?
What Should We Do about Cyber Attacks?What Should We Do about Cyber Attacks?
What Should We Do about Cyber Attacks?
 
Tools for Tracking the Economic Impact of Legislation
Tools for Tracking the Economic Impact of LegislationTools for Tracking the Economic Impact of Legislation
Tools for Tracking the Economic Impact of Legislation
 
The Sharing Economy: Perspectives on Policies in the New Economy
The Sharing Economy: Perspectives on Policies in the New EconomyThe Sharing Economy: Perspectives on Policies in the New Economy
The Sharing Economy: Perspectives on Policies in the New Economy
 
Sustaining Surface Transportation: Overview of the Highway Trust Fund and Ide...
Sustaining Surface Transportation: Overview of the Highway Trust Fund and Ide...Sustaining Surface Transportation: Overview of the Highway Trust Fund and Ide...
Sustaining Surface Transportation: Overview of the Highway Trust Fund and Ide...
 
Bootleggers and Baptists in the Garden of Good and Evil: Understanding Americ...
Bootleggers and Baptists in the Garden of Good and Evil: Understanding Americ...Bootleggers and Baptists in the Garden of Good and Evil: Understanding Americ...
Bootleggers and Baptists in the Garden of Good and Evil: Understanding Americ...
 
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI PanelStephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
 
David Stapleton Presentation for Mercatus Center SSDI Panel
David Stapleton Presentation for Mercatus Center SSDI PanelDavid Stapleton Presentation for Mercatus Center SSDI Panel
David Stapleton Presentation for Mercatus Center SSDI Panel
 
Jason J. Fichtner Presentation for Mercatus Center SSDI Panel
Jason J. Fichtner Presentation for Mercatus Center SSDI PanelJason J. Fichtner Presentation for Mercatus Center SSDI Panel
Jason J. Fichtner Presentation for Mercatus Center SSDI Panel
 
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI PanelStephen C. Goss Presentation for Mercatus Center SSDI Panel
Stephen C. Goss Presentation for Mercatus Center SSDI Panel
 

Kürzlich hochgeladen

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Kürzlich hochgeladen (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 

Thierer Internet Privacy Regulation

  • 1. Privacy & The Internet: An Overview of Key Issues Adam Thierer Senior Research Fellow Mercatus Center at George Mason University May 19, 2011
  • 2. Outline of Presentation 1) What do we mean by “privacy? 2) Different approaches to defining / protecting it 3) Trade-offs associated with privacy regulation 4) The challenge of information control 5) Specific regulatory proposals 6) An alternative vision / the “3-E Solution” 2
  • 3. What is Privacy? • Privacy is a remarkably vague concept • Means different things to different people • Varies by cultures • An ever-changing concept • Reacts to evolving social norms & technological change • If it is a “right,” we must determine how it plays alongside other, well-established rights (ex: freedom of speech & press freedoms) 3
  • 4. Privacy’s Fuzzy Concepts • “Harm” – How do we define and measure “harm”? – Is “creepiness” a harm? – Should “emotional harms” (feelings) be actionable? • “Ownership” – Who owns shared data? – What is personally identifying information? • “Informed Consent” – Are strict contracts possible? • “Sensitive Data” – Health, financial, what else? 4
  • 5. Alan Westin’s 3 Visions / Paradigms 1. “Privacy Fundamentalists”: Absolutists about privacy being a “right” & one that trumps most other values / considerations 2. “Privacy Pragmatists”: Values privacy to some extent but also sees benefits of information sharing 3. “Privacy Unconcerned”: Have little concern about who knows what about them 5
  • 6. How to Enforce / Protect Privacy? (U.S. vs. E.U. Visions) United States • Privacy not viewed as a fundamental right • Issue-specific / Sectoral approach • Bottom-up case law / torts • States have role; often more stringent than fed law • More focus on “opt-out” • “Big Brother” generally = govt • = a reactive regime European Union • Privacy viewed as a fundamental “dignity” right • Broad-based approach • Top-down “directives” • More focus on “opt-in” • “Big Brother” = private sector as much as govt • = a preemptive regime 6
  • 7. The U.S. Sectoral / Issue-Specific Approach to Privacy Law • Privacy Act (1974) = govt data collection • FERPA (1974) = fed-funded education institutions • Cable Comm. Policy Act (1984) = cable data • Video Privacy Prot. Act (1988) = video rental records • Driver’s Privacy Prot. Act (1994) = DMV records • HIPPA (1996) = health records • Gramm-Leach-Bliley (1999) = financial records • COPPA (1998) = kids’ (under 13) online privacy • CAN-SPAM Act (1993) • Do Not Call registry (2003) 7
  • 8. The Battle over Online Privacy • Policy battle has been raging since late 1990s • FTC & Congress appeared poised to act around 2000, but... – Industry self-regulation was given a chance – 9/11 preempted this debate to some extent • Framework for past decade: – Focus on Notice / Choice / Access / Security – Rise of self-regulatory bodies & mechanisms – Targeted FTC & state enforcement 8
  • 9. New Fault Lines in the Online Privacy Wars (and the legislative response) • New activity driven by: – Fears of “targeting” & “tracking” = “creepy” factor – General unease with ubiquity of data access & availability Proposals: • “Baseline legislation” / FIPPS (Kerry-McCain, Rush, Stearns) • “Do Not Track” mechanism + regulation (Speier & Rockefeller bills) • “Do Not Track Kids” / COPPA expansion (Markey-Barton) • Internet “Eraser Button” (Markey-Barton) • Geolocation restrictions (Markey-Barton) • Data breach disclosure (Kerry-McCain) • Data minimization requirements (Kerry-McCain, Rush) • ECPA vs. Data retention laws 9
  • 10. Privacy Trade-Offs & Opportunity Costs • Internet feels like the ultimate “free lunch;” most sites, services & content are free of charge. • But, in reality, there is no free lunch. • The implicit quid pro quo of online life: you gotta give a little to get a little (or a lot!). And most people like this deal. • The Net is powered by advertising & data collection. Information is lifeblood of Digital Economy. • Info may be collected to facilitate a better browsing experience or to help the site or service remain viable. • In essence, information used in lieu of payment. • Regulation could break this system & have other unintended consequences. 10
  • 11. The Problem of Information Control Even if we agree privacy is important and worth protecting, it will be very hard. • “Information wants to be free” - Stewart Brand – and that includes personal information • “The Net interprets censorship as damage and routes around it.” - John Gilmore – and privacy regulation is, at root, a form of data flow censorship 11
  • 12. 10 Factors That Complicate Information Control Efforts Drivers Results Digitization Convergence Intangibility Decentralized, Distributed Networking Moore’s Law Scale & Scope Falling Storage Costs Volume Ubiquitous High-Speed Networks User-Generation of Content and Self-Revelation of Data 12
  • 13. Some Facts (or ‘Why Putting Genies Back in Bottles is So Hard’) • Facebook: users submit @ 650,000 comments on the 100 million pieces of content served up every minute on its site. • YouTube: over 35 hours of video uploaded every minute. • Twitter: 300 million users produce 140 million Tweets / day, = a billion Tweets every 8 days. (@ 1,600 per second) • Apple: more than three billion apps have been downloaded from its App Store by customers in over 77 countries. “Humankind shared 65 exabytes of information in 2007, the equivalent of every person in the world sending out the contents of six newspapers every day.” - Hilbert and Lopez 13
  • 14. “The Privacy Paradox” • “People value their privacy, but then go out of their way to give it up.” – Larry Downes, Laws of Disruption • “We give away information about ourselves— voluntarily leave visible footprints of our daily lives—because we judge, perhaps without thinking about it very much, that the benefits outweigh the costs. To be sure, the benefits are many.” – Abelson, Ledeen & Lewis, Blown to Bits 14
  • 15. What We Must Learn to Accept • “Once information is out there, it is very hard to keep track of who has it and what he has done with it.” -- David Friedman, Future Imperfect • Privacy is not “dead” as some have claimed, but it is different than it was in past – New realities of info dissemination, accessibility, searchability • Rushed, heavy-handed solutions will be costly and perhaps not effective anyway 15
  • 17. “Do Not Track” – The Theory • Could be voluntary, but might be mandated. • Would demand that websites honor a machine-readable header indicating that the user did not want to be “tracked.” • In theory, this will allow privacy-sensitive web surfers to signal to websites they would like to opt-out of any targeted advertising, or not have any information about them collected when visiting sites. 17
  • 18. “Do Not Track” – Potential Downsides • Costs: If law breaks the quid pro quo something must give… – Paywalls and higher prices? – less relevant or more intrusive advertising? – Fewer services? Less media content? • Int’l Competitiveness: Goldfarb & Tucker - “after the [EU’s] Privacy Directive was passed [in 2002], advertising effectiveness decreased on average by around 65 % in Europe.” Because regulation decreases ad effectiveness, “this may change the number and types of businesses sustained by the advertising-supporting Internet.” • Practical? Does DNT scale? Apply internationally? To other devices? • Regulatory creep: Will it serve as a template for other forms of Net regulation? 18
  • 19. COPPA Expansion – Background • Special concerns about youth & online marketing • COPPA (‘98) was first attempt to deal with it • Requires “verifiable parental consent” for sites “directed at” children that collect info • FTC defines rules (safe harbors) and enforces • Never constitutionally challenged 19
  • 20. COPPA Expansion – Potential Problems • What works for under 13 not likely to work for teens • Would basically require mandatory age verification of all web surfers • COPPA becomes COPA? = unconstitutional • Serious free speech issues • Irony = in name of protecting privacy, more info about users would need to be collected! 20
  • 21. Internet “Eraser Button” Concept • Goal: Make it easier for people (esp. kids) to delete posted comments or content they later regret • Practical Problem: Where is this button? Who controls it? What if info is shared content? Back- door to fraud / abuse? • Principled Problem: Conflicts mightily with freedom of speech & press freedoms 21
  • 22. A Different Vision for Privacy Protection
  • 23. The Conflict of Visions: Anticipatory Regulation vs. Resiliency • Long-standing conflict of visions about how to best manage risks: 1. Anticipation – Prevention is prime value – Focus on the “Precautionary Principle” 2. Resiliency – Experimentation is prime value – Focus on Learning / Coping 23
  • 24. Anticipatory vs. Resiliency-Based Solutions Anticipatory Reg Approach • Mandatory “Do Not Track” • Mandatory “Opt-In” for all data collection • Bans on apps / functionality • Restrictions on sharing / all defaults to private • “Eraser Button” mandates / demands for data deletion Resiliency Approach • Voluntary “Do Not Track” • Offer opt-outs (encourages experimentation & innovation) • No preemptive bans on tech • No restrictions on sharing, but education about downsides • Voluntary data “purges” & “data hygiene” 24
  • 25. Constructive Alternatives to Regulation 1. Be careful @ how “harm” & “market failure” defined. (ex: Creepiness not a likely harm; data breech likely a harm) 2. Focus on a “3-E Solution” to problems: Education, Empowerment, & (Targeted) Enforcement 3. Encourage corporate and personal responsibility 4. Think of privacy as an evolving set of norms, interactions & experiments 5. Don’t Panic! We can learn to cope with technological change. 25
  • 27. #1: Educational Solutions • Education at all levels • Awareness campaigns from privacy advocates, govt, industry, educators, etc. • Encouraging better online “netiquette” and “data hygiene” • Push for better transparency across the board – Better notice & labeling – Need more watch-dogging of privacy promises made by companies 27
  • 28. #2: Empowerment Solutions • = Helping users help themselves • User “self-help” tools are multiplying – AdBlockPlus, NoScript, other browser tools • Industry self-regulation – More cross-industry collaboration on privacy programs – More education efforts (better notice) – Best practices & better defaults – More and better tools to respond to new developments and needs 28
  • 29. #3: Enforcement Solutions • Holding companies to the promises they make – stepped-up FTC Sec. 5 enforcement • Demand better notice & transparency • Mandatory disclosure of data breaches • Targeted regulation of sensitive data, but with flexibility 29
  • 30. Conclusion / Key Takeaways • “Privacy” is incredibly complicated & contentious • Privacy can conflict with other values / rights • All regulation entails costs & trade-offs • There is no free lunch • Information control is very, very hard • “Silver-bullet” solutions rarely work • The more education & transparency the better • Resiliency is generally a smarter strategy compared to anticipatory, top-down regulation • And, once more… don’t panic! We’ll get through and adjust. 30
  • 31. Further Readings • Adam Thierer, Filing to Federal Trade Commission in ‘Do Not Track’ Proceeding, February 18, 2011. • Adam Thierer, “Birth of the ‘Privacy Tax,’” Forbes, April 4, 2011. • Adam Thierer, “Online Privacy Regulation: Likely More Complicated (And Costly) Than Imagined,” Mercatus on Policy, Mercatus Center at George Mason University, December 6, 2010 . • Adam Thierer, “Erasing Our Past on the Internet,” Forbes, April 17, 2011. • Adam Thierer, “Unappreciated Benefits of Advertising and Commercial Speech,” Mercatus on Point 86, Mercatus Center, January 2011. • Berin Szoka and Adam Thierer, “COPPA 2.0: The New Battle over Privacy, Age Verification, Online Safety & Free Speech,” Progress on Point 16, no.11, The Progress & Freedom Foundation, May 21, 2009. 31