Tag: FCRA

FTC Issues Groundhog Report on Privacy

The Federal Trade Commission issued a report today calling on companies “to adopt best privacy practices.” In related news, most people support airline safety… The report also “recommends that Congress consider enacting general privacy legislation, data security and breach notification legislation, and data broker legislation.”

This is regulatory cheerleading of the same kind our government’s all-purpose trade regulator put out a dozen years ago. In May of 2000, the FTC issued a report finding “that legislation is necessary to ensure further implementation of fair information practices online” and recommending a framework for such legislation. Congress did not act on that, and things are humming along today without top-down regulation of information practices on the Internet.

By “humming along,” I don’t mean that all privacy problems have been solved. (And they certainly wouldn’t have been solved if Congress had passed a law saying they should be.) “Humming along” means that ongoing push-and-pull among companies and consumers is defining the information practices that best serve consumers in all their needs, including privacy.

Congress won’t be enacting legislation this year, and there doesn’t seem to be any groundswell for new regulation in the next Congress, though President Obama’s reelection would leave him unencumbered by future elections and so inclined to indulge the pro-regulatory fantasies of his supporters.

The folks who want regulation of the Internet in the name of privacy should explain how they will do better than Congress did with credit reporting. In forty years of regulating credit bureaus, Congress has not come up with a system that satisfies consumer advocates’ demands. I detail that government failure in my recent Cato Policy Analysis, “Reputation under Regulation: The Fair Credit Reporting Act at 40 and Lessons for the Internet Privacy Debate.”

Information Regulation that Hasn’t Worked

When Senator William Proxmire (D-WI) proposed and passed the Fair Credit Reporting Act forty years ago, he almost certainly believed that the law would fix the problems he cited in introducing it. It hasn’t. The bulk of the difficulties he saw in credit reporting still exist today, at least to hear consumer advocates tell it.

Advocates of sweeping privacy legislation and other regulation of the information economy would do well to heed the lessons offered by the FCRA. Top-down federal regulation isn’t up to the task of designing the information society. That’s the upshot of my new Policy Analysis, “Reputation under Regulation: The Fair Credit Reporting Act at 40 and Lessons for the Internet Privacy Debate.” In it, I compare Senator Proxmire’s goals for the credit reporting industry when he introduced the FCRA in 1969 against the results of the law today. Most of the problems that existed then persist today. Some problems with credit reporting have abated and some new problems have emerged.

Credit reporting is a complicated information business. Challenges come from identity issues, judgments about biography, and the many nuances of fairness. But credit reporting is simple compared to today’s expanding and shifting information environment.

“Experience with the Fair Credit Reporting Act counsels caution with respect to regulating information businesses,” I write in the paper. “The federal legislators, regulators, and consumer advocates who echo Senator Proxmire’s earnest desire to help do not necessarily know how to solve these problems any better than he did.”

Management of the information economy should be left to the people who are together building it and using it, not to government authorities. This is not because information collection, processing, and use are free of problems, but because regulation is ill-equipped to solve them.