The Federal Trade Commission announced to some fanfare recently it would be investigating various health care Web sites, along with Internet advertising agency DoubleClick, Inc., for possible privacy violations. Whatever the merits of these specific cases, it’s important to note that the on-line privacy concerns on which they hinge are common among consumers. Too often, however, the issues involved are misunderstood by the press, the public, and the regulators.
Information about where people go on-line and what they buy is important to businesses seeking to streamline their marketing. The Internet is proving a fertile source for this type of data. The increase in ease and frequency with which consumer preferences are recorded, cross-referenced with other information, or sold has resulted in calls for new regulations, laws, and restrictions.
These measures may not be needed. Which is not to say that the public’s privacy desires are unimportant. But rarely discussed in the debate are the incentives currently encouraging businesses to cater to and address consumers’ privacy concerns–without the prompting of government.
In fact, government-imposed privacy dictates would set a dangerous precedent, opening up a Pandora’s Box for government meddling on the Internet and wasting untold dollars in compliance and enforcement costs.
A number of bills to regulate online privacy are under consideration by Congress. A proposal sponsored by Sen. Conrad Burns (R-MT) would require Web site operators to identify themselves, and to detail what information is collected from patrons of the site, how it’s used, and what aspects might be shared with other companies. Sen. Robert Torricelli (D-NJ) has introduced another bill focusing on the use of “cookies” (tiny files that Web sites send to users’ hard drives to monitor where they go and what advertisements catch their attention). This bill would mandate that sites gain permission from users before cookies can be used. Ideally, the bills would ensure that consumers are in control of their personal information and notified of what information about them is collected and who will see it. Sounds reasonable, right?
It’s in the interest of businesses to give consumers what they want. Simple as that sounds, it’s a notion foreign to bureacrats and legislators casting about for areas to intrude on and ways to justify their own existences. As more consumers make known their preference for privacy, more on-line sites will respond accordingly. And in the meantime, savvy Web surfers can stick to sites they trust, choose not to fill out registration forms, and set their browsers to consult them before accepting any cookies (for more information visit www.cookiecentral.com). New technologies allow for anonymous Web browsing, browsing under digital pseudonyms, and automatic screening of privacy policies.
Market forces are already granting consumers greater control over their personal information, making federal regulations unnecessary. Unfortunately, government action often runs a risk greater than merely being superfluous.
Regulations often come with harmful unintended consequences. New privacy guidelines likely would be no exception. The details of a scheme for enforcing Internet privacy regulations have yet to be articulated, but considering the track record of federal agencies for waste and inefficiency, one can bet it will be costly. The Internet is as decentralized as it is vast; an enormous amount of time and money would be needed to patrol it.
Whatever the FTC ultimately decides about DoubleClick and the health sites under investigation, Congress should practice restraint and opt not to mandate Internet privacy policies. Privacy concerns are already more than adequately being addressed in the private sector. Rules and protocols are being hashed out by the parties involved–Web site operators and consumers. Dictates and legislation from Washington would only lead in the wrong direction.
Jessica Melugin ([email protected]) is a CEI policy analyst.