Practically every week, it seems, we get some new revelation about the mishandling of user information that makes people very upset. Indeed, people have become so upset that people are actually talking about, dare we say it, “legislating” some new privacy protections. And no, I don’t mean “codifying existing crap while preempting the states.” For those interested, I have a whitepaper outlining principles for moving forward on effective privacy legislation (which you can read here). My colleagues at my employer Public Knowledge have a few blog posts on how Congress ought to respond to the whole Facebook/Cambridge Analytica thing and analyzing some of the privacy bills introduced this Congress.
Unsurprisingly, we still have folks who insist that we don’t need any regulation and that if we don’t have a market that provides people with privacy protection, it must be because people don’t value privacy protection. After all, the argument goes, if people valued privacy, people would offer services that protect privacy. So if we don’t see such services in the market, people must not want them. Q.E.D. Indeed, these folks will argue, we find that — at least for some services — there are privacy friendly alternatives. Often these cost money, since you aren’t paying with your personal information. This leads some to argue that it’s simply that people like “free stuff.” As a result, the current Administration continues to focus on finding “market based solutions” rather than figuring out what regulations would actually give people greater control over their personal information, and prevent the worst abuses.
But an increasing number of people are wising up to the reality that this isn’t the case. What folks lack is a vocabulary to explain why these “market approaches” don’t work. Fortunately, a Nobel Prize winning economist named George Akerlof figured this out back in the 1970s in a paper called the Market for Lemons. Akerlof’s later work on cognitive dissonance in economics is also relevant and valuable. (You can read what amounts to a high level book report on Akerlof & Dickens “The Economics of Cognitive Dissonance” here.) To summarize: everyone knows that they can’t do anything real to protect their privacy, so they either admit defeat and resent it, or lie to themselves that they don’t care. A few believe they can protect themselves via some combination of services and avoidance I will call the “magic privacy dance,” and therefore blame everyone else for not caring enough to do their own magic privacy dance. This ignores that (a) the magic privacy dance requires specialized knowledge; (b) the magic privacy dance imposes lots of costs, ranging from monthly subscription to a virtual private network (VPN) to opportunity cost from forgoing the use of services like Facebook to the fact that Amazon and Google are so embedded in the structure of the internet at this point that blocking them literally causes large parts of the internet to become inaccessible or slow down to the point of uselessness; and (c) Nothing helps anyway! No matter how careful you are, a data breach by a company like Equifax or a decision by a company you invested in to change their policy means all you magic privacy dancing amounted to a total expensive waste of time.
Accordingly, the rational consumer gives up. Unless you are willing to become a hermit, “go off the grid,” pay cash for everything, and other stuff limited to retired spies in movies, you simply cannot realistically expect to protect your privacy in any meaningful way. Hence, as predicted by Akerlof, rational consumers don’t trust “market alternatives” promising to protect privacy. Heck, thanks to Congress repealing the FCC’s privacy rules in 2017, you can’t even get on to the internet without exposing your personal information to your broadband provider. Even the happy VPN dance won’t protect all your information from leaking out. So if you are screwed from moment you go online, why bother to try at all?
I explore this more fully below . . .
Let me start with what should be a logical observation but rarely gets made. The idea that somehow it is your fault for being abused and if you were only smarter or cared more or whatever this wouldn’t happen is a refrain we hear all day every day, and 9 times out of 10 it is total baloney. I won’t get in to the psychology of victim blaming and why it’s so attractive. But we don’t say “hey, why have laws against theft when people can protect themselves by buying guns and vaults and burglar alarms and stuff. Why pay for police when we can privatize that? The market supplies lots of security protection services!” Well, OK, some people do say that. But most of us recognize this is idiotic. If you believe that government has an actual purpose, and that this purpose includes protecting people from abuse, then blaming people when they get abused is simply a way to evade responsibility and enable the abuse to continue.
Most deregulatory types will agree in theory, but they will then postulate the idea of willing buyers and willing sellers as if the entire economic universe existed in this frictionless universe with perfect information and equal bargaining power. And you know what? Sometimes that comes close enough to describing the state of the universe that we say ‘hey, cool beans. No role for government here.’ But those circumstances turn out to be surprisingly rare in the modern economy. Likewise, the two standard corrective mechanisms that free marketeers point to — reputational harm and liability in court — work sometimes. But again, for a lot of our modern economy, they don’t provide effective means of deterrent of bad behavior or compensation after the fact. At this point, public policy needs to step in to clear up the problems with the market corrective. Sometimes that is simply curing the information asymmetry, sometimes it means creating more effective deterrents or compensation mechanisms. Cases vary.
None of which changes the pervasive and destructive myth that law should only protect the deserving who really try and do everything humanly possible to protect themselves. “The mark wants to be fleeced” is the credo of crooks and con men. It should not be the motto of legislatures and regulators sitting on their hands in the face of widespread and obvious consumer abuse.
But fine, the above is merely my opinion. I promised a rigorous economic analysis of why it is irrational to expect any true “market for privacy” to emerge, because the rational consumer understands that despite the incredible expense of attempting to comply with existing market mechanisms, such actions are effectively meaningless. So here goes.
Let’s Review Akerlof One More Time.
Regular readers know I cite to Akerlof’s “The Market for Lemons” a lot. I’m not alone. It is one of the most cited economic papers in economics literature. It revolutionized how people understand the role of public policy in protecting consumers and government regulation can actually improve the efficiency of the market.
Akerlof addressed the following. The used car market consists, according to dealers at the time, of two types of cars — “creampuffs,” meaning good cars that remained as mechanically sound as when originally purchased; and “lemons,” meaning defective cars that would relatively soon after purchase require significant repairs and maintenance. Akerlof observed that despite the fact that no one wants to either buy or sell “lemons,” the used car market was saturated with lemons. Probing why, Akerlof posited that buyers had two problems: 1. consumers could not, themselves, reliably determine whether the car offered for sale was a creampuff or a lemon. 2. If they discovered after the fact that the car was a lemon, they had no remedy. Accordingly, every rational consumer must operate on the assumption that there is an excellent chance she is being sold a lemon, not a creampuff, and must factor this risk into the price she is willing to pay.
This, in turn, creates a problem for the dealer. The dealer can never sell a creampuff for the value it should receive. Therefore, the dealer has no incentive, when buying the used vehicles, to distinguish between a creampuff and a lemon. The Dealer only has incentive to get the car fixed to a point where it can be passed off as a potential creampuff. The problem is perpetuated further down the chain because the dealer will never pay the initial owner of a creampuff the true wholesale value of the creampuff — even though the dealer does have the technical capacity to distinguish between a lemon and a creampuff. Why bother? The Dealer cannot resell a creampuff for its full value because the customer factors in the risk that the car is actually a lemon, so the dealer passes on the same discount to the initial owner of the car. This, in turn, creates an incentive on the part of the initial owner to wait until the car is defective before trying to sell it, since he can never get the true value of the car as a creampuff. As a consequence, the market for used cars is flooded with lemons, even though no one wants to buy them and despite the fact that the dealer could opt to only sell creampuffs.
Objections to Akerlof: If That’s True, How Does Commerce Work At All.
The paper was rejected multiple times because the logic faces many objections. What about reputation? Car dealers are in business a long time. They are not like the traveling snake oil salesman who skips town once the marks catch on. How do other areas of commerce avoid this problem without regulation? People buy and sell things every day. What makes this different from my buying a watch or a pair of shoes? Heck, what makes this different from buying a new car rather than a used car? The individual purchaser is no more knowledgable about the workings of a new model Ford on the show room floor than he or she is of the 5 year old Ford in the used car dealer’s lot.
The answer is that the used car industry has several features to it that prevent the standard market solutions (competition and reputation) from operating here, although variations on these work for the new car market. First, we must start with the problem that, unlike shoes or watches, cars are fairly expensive items. If I buy a lemon, the cost is quite significant. The used car market in particular is noted for price sensitivity, as people who can afford to buy new cars prefer to do so and thus pay a premium to avoid the risk. Furthermore, the initial new car’s reputation is established not by the character of the individual car salesman, but by the auto manufacture — whose products are only sold through an “authorized dealer.” Establishing reputation takes lots of time and expense and lots of actual sales. Car manufacturers are huge — especially compared to the individual used car dealership — and make lots and lots of sales nationally or even globally, allowing them to establish reputation for new cars. Additionally, reviews of major car models for new cars are more readily available than for any specific used car. A buyer may have good reason to trust Ford or GM or Toyota, and believe a review from Consumers Report or some industry magazine. But the purchaser of the used car has no such resources. This is compounded by the fact that, whatever good will used car dealers may have had initially, by the time of Akerlof’s paper the reputation of the used car industry as a whole was profoundly negative.
So while the “authorized dealer” of new model cars relies on the reputation of the manufacturer and the generally good reputation of the new car industry, the individual used car merchant must invest very heavily for a very long time hoping to not just overcome the initial skepticism problem, but the uphill struggle against the well-known negative reputation of the industry as a whole. But how? Everyone claims to be the exception, the “honest” used car merchant, unlike those crooks. Compounding the problem of the expense of trying to establish reputation is that until reputation is sufficiently established so that the merchant can sell creampuffs at the value of a creampuff, she must eat the loss of the consumer assumption of risk for a lemon.
What about the fact that the honest merchant sells good used cars so buyers can test the reputation? Here again, we have several problem for the would be creampuff only car salesperson. Prior to the widespread development of review sites, it was extremely difficult for people to find out information about the reputation of the individual merchant. The rational consumer is once again stuck with an information asymmetry problem. How do I trust that you are the exception to the general bad reputation of the industry? I can’t easily collect reviews — and those are only worthwhile if you have sold a lot of cars. Remember, some cars are, in fact, creampuffs. The used car dealer has no incentive to expend energy to downgrade the car. So one or two good reviews doesn’t provide me with any particular assurance. By contrast, a single negative review confirms my bias that this merchant is just like all the others. Additionally, unless i know the reviewer or have some good reason to trust this reviewer, I have the same uncertainty problem with the review. How do I know the review is not written by the used car dealer, or the used car dealer’s friend? If the source of the reviews is the dealer itself, I obviously will suspect that the reviews are cherry-picked.
Additionally, the used car merchant has the same advertising problem to initial owners. How do I, the owner of a creampuff I wish to sell, know that you are giving me the actual value for my car (less reasonable mark up)? I can’t. So the would-be honest car dealer must somehow establish reputation on the other side of the platform as well. Meanwhile, while struggling to build reputation on both ends, the merchant must incur the additional cost of either having low inventory or repairing lemons to turn them into creampuffs.
But let’s imagine the used car merchant is willing to continue to take a loss by paying more for the car from the initial buyer while still selling the cars at the risk-of-lemon discount. How long is it going to take to establish sufficient reputation by word of mouth to enable the would-be creampuff merchant to buy and sell creampuffs for their actual price. People only sell their cars, or buy used cars, very infrequently. So the fact that you sold me a creampuff this one time (or paid me the value of my creampuff this one time, which is somewhat harder to confirm) may mean I will come back the next time, but that is unlikely to be for years (especially if you really sold me a creampuff). So the repeat individual customer is not particularly useful. Word of mouth? After all, won’t my friends ask me when they are searching for used cars? Possibly. but within the circle of people who are likely to ask me, they are also very infrequent purchasers of used cars. Additionally, while my initial good experience may help, it is hardly conclusive. After all, the market contains both lemons and creampuffs. People simply cannot tell the difference. So the fact that I had a good experience may make my brother or work buddy likely to start with the would-be creampuff-only merchant, but they are still likely to demand some discount in the price for the risk that the sale to me was simply fortuitous rather than a result of you being the exception to the general reputation of the used car industry. Additionally, if enough time passes, the rational consumer must factor in the risk that you have reverted to standard industry practice.
What about offering a warranty? Here again, the consumer has a problem. Warranties are generally hard to read, hard to understand, and require significant time and energy to enforce. Nor do I get to recoup the cost of enforcing the warranty. Worse, because the consumer is unlikely to also be a contracts lawyer, the consumer must factor in a reasonable chance that the warranty contains “loopholes” that will render it unenforceable. So the rational consumer regards the promised protection of the warranty with considerable skepticism. We are back once again to the same problem, how do I, as a purchaser of a used car, trust the dealer that this is a creampuff? Answer, I can’t. Of course, it might be a creampuff, so I will pay more than I would if I were certain it were a lemon. But I will want a discount for the risk of it being a lemon, which is likely to be substantial in light of my bearing a substantial cost if it is a lemon.
If this is true, why does the used car market exist at all? Because people need cars, and if they can’t afford the new car premium to avoid the risk, they must assume the risk of buying a used car. The fact that people buy used cars in a market that contains both creampuffs and lemons does not mean that they are indifferent to lemons or happily willing to take the risk in exchange for a lower price. Nor does it mean that used car merchants are uninterested in offering creampuff-only dealerships. The extent consumers (or even used car dealers) have a choice, it is Hobson’s Choice – take this risk or take nothing. Which is why (at the time of Akerlof’s article), used car dealers sold both lemons and creampuffs, consumers assumed the risk, and consumers generally hated the used car market even though they still used it.
(Please note, btw, that this market failure problem persists despite the presence of a highly competitive market. it is one of the more seriously damaging (and annoying) fallacies of Policyland to believe that competition eliminates all consumer problems. Even if we assumed that all consumer problems are caused by “market failure” (itself either a fallacy or a tautology, in that anytime a competitive market fails to produce what we regard as desired policy outcomes, the market has “failed”), the argument in Policyland that the only reason to regulate is a lack of competition would still be wrong. Not all market failure is a failure of competition, and competition does not solve all market failures.)
Remind Me How This Relates To Privacy?
So, we have now established that, under certain conditions, the market will not naturally reflect the actual desires of consumers, even though sellers are (a) aware of the demand; (b) have interest in meeting the demand; and, (c) it is theoretically possible to meet the demand profitably, but for the particular circumstances that prevent the market from functioning properly (or, more accurately, as we expect it should). Now we bounce back to the privacy market to see if the same conditions (or similar enough conditions) identified by Akerlof apply in the privacy market. Spoiler alert: Yes they do — although with some differences.
Once again, we have a situation where the consumer cannot, without being in possession of a rare set of skills and far greater resources than it is remotely reasonable to expect people to have at their disposal, determine whether the service provider is respecting my privacy. Sure, the provider usually provides access to a privacy statement (although this is not always required by any specific law) that purportedly discloses what information the service collects and for what purposes. But, like all the advertised promises and supposed warranties of our Akerlof-era used car salesman, no consumer can trust these things in any way shape or form. First, they are enormously long and complicated (as the NYT editorial board observed recently, it would take Americans an average of 78 days to read through all the privacy policies to which they agree in a year.) But even worse, let’s assume you did read through them, or we created an addition service (at additional expense, of course!) to analyze privacy agreements. Even then, you have the problem that they are written so as to make it possible for the company to do whatever the heck it wants without telling you whether or not it is actually doing it by saying like, “we may or may not collect information based on your use of this product after you purchase it. You agree that, in the event we activate an external detection and transmission device, capable of sensing audio, visual, or other information, or any type of information in combination, that we may, without any further notification, collect, store, analyze, sell or otherwise use this information, either in aggregate or otherwise, in combination with any other data we may obtain.”
To translate into English: “You agree we can use that lightbulb you just bought as a spycam and do whatever we want with the information collected, including post videos of you doing naughty things on YouTube and Twitter with the caption “YOU WON’T BELIEVE WHAT THIS GUY DOES WITH PEANUT BUTTER AND CAT LTTER!!!” Odds are good that, even if you made it through those dense pack sentences without your eyes glazing over, you probably didn’t realize that your lightbulb could potentially spy on you, let alone that your interest in making peanut butter & cat litter figurines (why, what were you thinking?) would get posted on social media by your lightbulb. My employer Public Knowledge and a bunch of other advocacy orgs filed a complaint about how cable operators sluck up your data using these kinds of vague notices despite the fact that you are paying a boatload for cable already with both the FCC and the FTC back in 2016. We have heard absolutely nothing from either agency ever since.
So, from the rational consumer perspective, the idea loudly touted by FCC Chairman Ajit Pai that he doesn’t have to enforce even the privacy laws still on the books at the FCC because the mighty FTC will protect us by “enforcing the mandatory disclosure privacy statement” is about as valuable as telling consumers “if you through a dime in the magic wishing well, Comcast will stop sucking up all your private data and the private data of what you 10 year old is watching and selling it to advertisers, or leaving it on the open internet for stalkers or whatever.” Heck, at least when I throw a dime in the wishing well, I hear the splash when the dime hits the water. With the Mighty Federal Trade Commission, I don’t even hear the flush when they put my complaint in the toilet. (As for the FCC, Ajit Pai has made it clear his attitude toward industry is not so much “cop on the beat” but “indulgent grandma/favorite uncle.” “Does little woogums AT&T want dereguation? What that make little woogums AT&T happy? Yes it would! And do you promise to be a good little woogums and deploy some broadband? Good boy! You make Uncle Ajit so proud!”)
And, of course, if by some miracle the FTC or a state agency actually does find that a company violated its terms of service, the company has a little fix for that. They simply tweak the language and say somewhere on their website: “We have now updated our privacy policy to serve you better. This new privacy policy supplants the old privacy policy in its entirety, so whatever we said before doesn’t matter anymore. Want to know what’s different? We suggest you print out all 50 pages and read the old privacy policy (assuming you still have it) and the new privacy policy side by side. Remember, your privacy is important to us.”
So once again, you have the Hobson’s choice of either doing without (which, as Equifax demonstrated, may not even be possible) or sucking it up. in fact, it is even worse than with the used car market. At least with used cars, I either bought a lemon or a creampuff and it would be fairly obvious in a relatively short period of time which one it was. If I got the car home and then two days later the radiator exploded, I was out a car and the cost of the car. But if nothing went wrong in the first month, I could breathe a sigh of relief that, this time at least, I won the lottery and actually got a creampuff like the dealer promised.
Not so with privacy. As 23AndMe and Ancestry.com just reminded everyone, you can sign up and get invested in the service after doing all your due diligence and satisfying yourself that they have a decent privacy policy. Then they change their policy. Psyche! What are you going to do? They already have your information. Suckers!!! Don’t like it? Hey, we totally disclosed we could change our privacy policy at any time in any way. Loser! Whiny Whiny Loser! (Or, as Ajit Pai and Maureen Ohlhausen would say “informed consumer making voluntary choice. Total market working!”) And heck, even if they give you the little “click here to agree or we boot you off the site/service,” what are you supposed to do. Even if you decide to suddenly lose access to whatever the service is, possibly paying an early termination fee to do so, you are going to incur all the cost of trying to find a competitor (assuming their is one) when you know that at some point in the future they might change their mind, or get bought out by someone who changes their mind, or that they might go bankrupt and the bankruptcy court will sell all the collected data as an asset?
So yeah. We have the same situation that Akerlof identified with the used car market. Even if you are the most ethical company in the world, totally willing to forgo all the extra potential revenue from slucking up data. Even if you get recommendations and glowing commendations from EPIC, EFF, CDD and everyone else in the privacy advocacy alphabet, a rational consumer is still going to have to worry that you might wake up tomorrow morning and shifted from “We are totally committed to protecting your privacy,” to “meh, not so much. Just not feeling it anymore.”
But It Does Happen In Used Cars Markets That You Find An Honest Salesman Everybody Trusts, Sometimes. It’s Not Impossible. It Could Happen in Privacy Markets Too. Sometimes. Maybe. Look at Duck Duck Go!
As we all remember from the logic problem of the black swan, a single white swan falsifies the statement “all swans are black.” It is certainly the case that you will find the individual used car dealer who enjoys good reputation and therefore sells creampuffs at creampuff prices. But we must also remember the limits of the black swan principle. The idea of falsification is a question of disproving a categorical statement. The examples I used in the blog post linked to above are “ISPs will never block or degrade content for fear of losing customers” and “telephone companies will never abandon or degrade services for fear of losing customers.”As I noted in the blog post, “anecdotal evidence” — by which people mean a single or relatively small number of occurrences even if they are highly documented and impact millions of people — doesn’t tell us much. All it really does is tell us that the categorical statement that it can never happen is false. To the extent we are willing to tolerate cases of such bad behavior, and we openly acknowledge that they will occur and that there is no remedy so suck to be you, that’s a perfectly legitimate policy outcome. We do this for a large number of things where we consider the risk minimal and/or the cost of the event occurring to be relatively modest. As every law student learns in Basic Torts, if the potential for harm * cost of harm< the burden of taking steps to avoid the harm, then you are obligated under the common law to take the steps to avoid the harm in order to avoid liability for failure to observe the common law duty of care.
The trick, of course, as I pointed out after the recent net neutrality oral argument, is that regulators rarely like to say “sucks to be you, average consumer. We understand this could happen and you would get totally screwed, but we think something else is more important (like, say, giving our favorite incumbents what they want. Whose my little woogums, AT&T? Is it you? Yes it is!).” But if we are comfortable with the policy outcome, then fine. We can do that.
Similarly here in privacy. Keep in mind, of course, that we have a bunch of survey evidence showing that most consumers don’t mind trading some information and getting some targeted advertising as a trade off for free services, although some do. But the point is you aren’t going to have a choice. You can either do the equivalent of buying a new car and pay a premium for privacy (possibly, y’all are paying a boatload for cable/broadband and they still feel entitled to suck down all your data to do whatever they want with it), or accept that you have zero control or right to even find out what information these companies collect or what the heck they do with it. Sure, you may luck out. Maybe the above described super privacy loving guy will forgo all additional revenue associated with collecting data forever, and maybe he will never change his terms of service, and maybe he will never be bought out or go bankrupt or whatever. It could happen. And if we are comfortable, we certainly can tell people their choices are: (a) hope against all reason to the contrary that someday your privacy prince will come; (b) “suck it up, snowflake. What you got something to hide, or don’t want people marketing directly to your toddler? Socialist;” Or, (c) you quit your job and go live in a “radio quiet zone” with a tinfoil hat, no credit card, no bank account, no car or other “smart” device that can monitor you and report back your information and move into an oak tree with a squirrel colony (totally an option if you really cared about privacy).
Mind you, up until now, that pretty much has been our official policy — although you get a choice between a squirrel colony and bird’s nest if you act quickly. The trick has been that industry and official Washington have persisted in believing that option (a) is totally real and totally going to happen. It is time to admit that while a “market based solution” is technically possible, and does sometimes happen, it is a lot like basing your retirement planning on buying a weekly lottery ticket. It totally could happen, especially if you buy two tickets rather than just 1! What, don’t you trust the lottery market?
Well that’s depressing. Is there any hope?
Sure. Akerlof didn’t just point out the problem. He pointed out the solution as well.
Great! What Is It.
Sorry dude, we have crossed the 5K word mark, and you know what that means.
YOU MEAN YOUR JUST GONNA LEAVE ME LIKE THIS UNTIL YOU WRITE ANOTHER BLOG?
Yup. just remember, your satisfaction is important to us here at ToTSF!
You @$#!
Stay tuned . . .
I think I agree with most or all of the conclusions regarding privacy.
However, I think the discussion of used car markets is slightly out of date.
There are ways avoid buying lemons (with high probability). They are (1) manufacturer-sponsored “certified” used cars.
See a description of Toyota’s program at
https://www.toyotacertified.com/
(2) buy from CarMax and (a) drive it a lot in the first week—returning if problems show up and (b) buy the extended service contract from CarMax.
Of course, not only do these practices avoid lemons but they cost more.
Chuck
PS. I have omitted a long anecdote regarding a lemon that was offered to my daughter by a private seller. Carfax can be a big help.