Congress Meddling in Online Privacy Protection May Backfire, Harm Consumers

D.C., November 18, 2009—A House
subcommittee on Thursday will take a step closer to inserting government as the
arbiter of consumer privacy online. But relying on Big Government to protect
privacy is hardly the best solution to fears over who has access to private
information online, explains Competitive Enterprise Institute technology policy
expert Wayne Crews, in the following

Statement of Wayne Crews, CEI Vice
President for Policy 

At tomorrow’s U.S.
House Subcommittee on Commerce, Trade, and Consumer Protection hearing
“online and offline collection and use of consumer information,” some will urge
federal privacy legislation for the purpose of limiting data collection and
restricting the use of consumer information for marketing purposes.

However, the real question that policymakers should be
asking is not whether competitive enterprise can offer strong privacy
assurances, but rather, will government allow it?

If Congress wants to protect Americans’ privacy interests,
its first priority should be reforming U.S. data retention laws, the
PATRIOT Act, and privacy protections regarding information stored in the
“cloud.”  Congress should also reject proposals that would create a new
national identification regime (REAL ID) and impose burdensome requirements on
telecom firms to retain customer data.

Information collection – both online and offline – is
crucial to targeted advertising, which enables firms to offer free services
that benefit consumers enormously. Attempts to legislate privacy will
invariably constrain data collection capabilities, endangering
consumer welfare and even privacy itself
. Politicians should remember that
privacy is a relationship, not a “thing” that bureaucracies are well suited to

Privacy and anonymity are important consumer values that benefit from competition.
Healthy, competitive markets are best equipped to strengthen anonymity, provide
for secure online commerce, and develop novel security guarantees.

Legislation undermines voluntary, private arrangements – known as “privacy
policies” in the online world – by overruling such contracts and, therefore, obstructing the emergence of new institutions, like
privacy insurance, that are likely to emerge alongside innovation in
information collection. And if history is any guide, any privacy legislation is
likely to stay on the books long after technological evolution renders it
obsolete and even counterproductive.

Privacy doesn’t exist in a vacuum, and the “consumer advocates” dominating the
show in Congress tomorrow cannot properly define optimal privacy for anyone but
themselves. Moreover, many groups advocating privacy legislation explicitly do
not even support the preemption of state law
, which is perhaps the most
important demand of businesses going along with this campaign for federal
standards to avoid a patchwork of rules.

For these and many other reasons, data collection mandates
are anti-consumer and should be rejected in the interest of protecting commerce
and individual privacy.