Privacy is important, but government regulation is not the answer. It will stifle marketing and business and harm society. And it won't actually protect people.
We've discussed a report the Federal Trade Commission released this week setting forth best-practices for businesses to protect the privacy of American people. The FTC called on businesses to self-regulate, but it also said Congress should enact privacy legislation, as well as data security and breach notification laws and legislation that would regulate data brokers.
The European Commission is promoting a "right to be forgotten" law to stop companies from tracking shopping habits, Web movements, cellphone locations, and more. Every request to process individual data needs to be explained separately, with the consumer getting a choice to opt in.
This government action is a response to a long-building groundswell of public concern about privacy.
These are serious problems and abuses. But government regulation is not the answer. At least not today. The technologies involved are too new and changing fast. The potential harm outweighs the benefit.
The Internet provides a broad array of services available at no financial cost to the user, in exchange for focused advertising and collecting information for targeted marketing. Too-stringent privacy regulations would stifle Internet advertising and social media. Users might have to get used to paying for Facebook, Webmail, and newspaper and TV sites. It's likely they wouldn't pay. Instead, those services would wither.
Equally likely, more frequent privacy warnings and agreements would simply be ignored, just as terms of service are now ignored. That's a shame, because this would train people to agree to anything and everything to get access to the latest appealing social media service. When people really need to be warned, you can't get their attention. Internet services become the boy who cried wolf. (Remember the end of that story: The wolf eventually came. Frequent false alarms are as bad as no warnings at all).
Moreover, the "right to be forgotten" threatens free speech, as Reporters Without Borders said. It lets people erase any information about them that they don't like. Politicians caught in sex scandals or taking payoffs would be able to have that record expunged from the Internet (and, as a result, expunged from the public memory).
It's virtually impossible to imagine the government would be able to craft a law that protects people's privacy at all, let alone one that does so while protecting innovation and business. Consider the 2003 CAN Spam law. Supporters said it would end the flood of spam overwhelming inboxes, but opponents said it was so gutted it would be better named the you-can-spam law. Nine years later, the skeptics look to be right. Our servers are as full of spam as ever.
Or consider the Transportation Security Administration -- long lines; $8 billion per year in expenditures; assaults on the dignities of shoeless, beltless air travelers, who have themselves and their luggage groped by strangers. The result: Not a single terrorist has been caught, and not a single terrorist plot has been thwarted.
It's hard to imagine the same organization (the US government) that submits people to "naked scanners" is going to protect people's privacy. Government agencies are some of the employers requiring job applicants to turn over their Facebook logins. Governments aren't the protectors of privacy. They're among the attackers.
So what's the solution? Do nothing. Or, rather, let people and businesses figure this one out on their own for a while.
Business is already acting. Yahoo has announced a "Do Not Track" tool, following the lead of Google, Mozilla, and Microsoft, which are building tools into their browsers.
Companies shouldn't be learning about pregnancies before people are willing to give up that information, but is there any evidence that this is a trend, or was it just an isolated case? Where laws and regulations are needed, we should regulate outcomes, not processes. But even there, we should tread cautiously.
Both privacy and business are important -- too important to be stifled by premature regulation.
— Mitch Wagner , Editor in Chief, The CMO Site