Can privacy and consumer protection coexist online?

A paper suggests privacy legislation could hurt online services

Legislation that would create privacy regulations for online advertising could cause consumers to get fewer free services and isn't necessary because privacy advocates have shown no harm from data collection, the co-author of a study on online advertising said.

Online services have been tracking consumer behavior for a decade without creating problems for consumers, said Paul Rubin, a fellow at the Technology Policy Institute (TPI), a free-market think tank, and an economics and law professor at Emory University.

"Everyone talks about how consumers don't know what's going on, and if they knew what's going on, they'd be horrified," Rubin said. "The reason they don't know about it is they haven't bothered to learn about it, and the reason they haven't bothered to learn about it is because nothing bad has happened."

There's little evidence of data collected by online ad networks being used for identity theft, Rubin said. Instead, consumers see multiple benefits from giving up some personal data, such as information about what sites they visit, he added.

Several lawmakers have said privacy legislation is likely to be introduced later this year, but too many regulations could mean that now-free services like search, maps and Web mail could start to cost money or no longer be available, said Rubin, co-author of a TPI report on privacy and online services.

"More privacy, however, would mean less information, less valuable advertising, and thus fewer resources available for producing new low-priced services," the TPI paper argues. "It is this trade-off that Congress needs to take into account as it considers new privacy legislation."

But other speakers at the TPI event suggested that the U.S. Congress does need to pass some online privacy rules.

While targeted advertising serves a useful purpose, consumers deserve to know who's collecting their data online and how it's being used, said Representative Cliff Stearns, a Florida Republican. Stearns predicted that Congress would release a draft of privacy legislation later this year.

However, Stearns also called for lawmakers to move cautiously. Although some have called for legislation that would require online businesses to get opt-in approval from consumers before collecting any information, Stearns said such a rule would go too far.

"It's easy to demagogue this issue and say consumers have a right to know everything and nothing happens unless you get their name on the bottom line," he said.

Leslie Harris, president and CEO of the Center for Democracy and Technology, and Alan Davidson, director of U.S. public policy for Google, disagreed with the TPI paper's premise that there are trade-offs between privacy protection and data-based Internet services. Transparency about data collection is necessary, Harris said, so that consumers will have confidence in online services.

Legislation is needed, she added, because in many cases consumers don't know how much information is being collected about them and how easy it is to identify an individual using a couple of pieces of data.

Online companies can protect user privacy and still deliver useful services, Davidson added.

Privacy advocate Jeffrey Chester, executive director of the Center for Digital Democracy, called the TPI paper flawed. TPI's assertion that new privacy rules could cause major harm to online services is "an absurd, reductionistic, and intellectually-dishonest claim," Chester wrote on his blog.

"Consumer privacy laws are required to ensure that our financial, health and other personal transactions online are conducted in a responsible manner," Chester added. Anyone -- or group -- who believes that we can't have both privacy and a robust online marketplace is out of touch."

Join the CSO newsletter!

Error: Please check your email address.

Tags securityprivacy

More about Emory UniversityGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts