The changing landscape of information technology means uncertainty about the traditional balance between the free flow of information and privacy. California has become the focus of much of this debate. Right now, the main issue is, opt-out or opt-in for financial privacy?
I offer this letter as a starting point in understanding how an open economy relies on the consumer information flows permitted by opt-out. Economists are just beginning to study this. Privacy is sometimes presented as a simple issue of consumers versus business, but the reality is much more complex.
The Competitive Enterprise Institute is a non-profit public policy organization dedicated to the principles of free enterprise and limited government. Our Project on Technology & Innovation has made privacy a major focus of its study. Please feel free to contact me at 202-331-1010 or email [email protected] with comments or questions.
Senior AnalystProject on Technology and Innovation
California’s financial privacy debate:
By Solveig Singleton[i]
The Gramm-Leach Bliley Act says states may pass financial privacy rules stricter than the federal “opt out” rules. But is this a good idea for California? We outline the arguments and our conclusions.
Opt-in is not needed for consumer protection. Opt-in is sometimes presented as “consumer protection.” But the use of information about consumers by lawful businesses does not threaten consumers; only under extraordinary circumstances does it harm someone to learn about his behavior and preferences.
Opt-in will not prevent identity theft. Much of the push for privacy regulation comes from concerns about identity theft. But there is no link between opt-in and preventing identity theft. Experienced investigators know that few cases of identity theft arise from databases created by lawful businesses. Many identity thieves are relatives or coworkers of the victim. Another group consists of dumpster divers looking for utility bills and other unshredded documents. The most persistent problem for victims of identity theft is lack of law enforcement resources. Finally, creditors will be less able to identify perpetrators of fraud given less information in their databases. Many information services use consumer data for authentication and other security functions.
Opt-out increases consumer choice of new financial services and companies. Detractors of opt-out say that opt-in gives consumers more power to choose privacy. But consumers value low prices and new products as well as privacy. U.S. West, one of few businesses to operate under opt-in, found it cost $30 per customer to obtain consent.[ii] As a result of opt-in, information about consumers becomes scarcer, less updated and more expensive. What does this mean for consumers? As the dot.com collapse shows, many businesses experimenting with new business models fail to anticipate consumer preferences. Businesses use information about consumer’s behavior to gauge those consumer needs and preferences. This is used to design new financial services—in short, to reduce the risks and costs to new companies and new products. Using information to target marketing can lower the costs to a business for each sale from (for example) $9.00 per sale to $2.00 per sale.[iii] These savings are passed on to consumers. The high costs of non-targeted marketing under opt-in mean that some products will never be offered to consumers at all. That means less competition, which in turn means higher prices, lower quality, and fewer choices of products for consumers.
Opt-out benefits consumers. In competitive and fast-changing financial services markets, businesses’ desire to learn more about their customers is not sinister and harmful, it is natural and normal. And it benefits consumers. In the United States, cost savings from information sharing in financial services alone have been estimated at $17 billion per year for the customers of just one group of companies. (The savings would be larger still for the entire financial services industry.)[iv] Dr. Peter Johnson and Robin Varghese of Columbia University estimate that the 90 largest California financial services businesses could pass on as much as $1.02 billion in increased costs to consumers as a result of opt-in.[v]
A double layer of state and federal regulation will chill the California economy. Today, financial companies must compete in global markets, and every additional layer of regulation within a state makes that state a less attractive location for financial ventures within the United States and internationally.
[i] Solveig Singleton is a lawyer and senior analyst with the Competitive Enterprise Institute Project on Technology and Innovation and the author of many key articles on privacy and commerce.
[ii] Coalition for Sensible Public Records Access, The Limits of Opt-In, at http://www.cspra.org/ (accessed February 18, 2002).
[iii] See J. Jovan Philyaw, CEO of DigitalConvergence.com, Transcript of A Cato Institute Roundtable: Privacy vs. Innovation, May 7, 1999, p. 48 (describing use of information to lower costs from nine dollars per order to two dollars).
[iv] Ernst & Young for the Financial Services Roundtable, Customer Benefits from Current Information-Sharing by Financial Services Companies, December, 2000, available at http://www.bankersround.org/PDFs/custbenefits.PDF.
[v] Peter A. Johnson and Robin Varghese, “The Hidden Costs of Privacy: The Potential Economic Impact of ‘Opt-In Data Privacy Laws In California,” January 24, 2002.