Friday January 28 is Data Privacy Day. Unlike so many special-purpose days on the public calendar, this one’s not a ploy to sell greeting cards or flowers. Data Privacy Day is designed to prod Internet users to take a critical look at how they share and communicate their private information online.
Data Privacy Day occurs at an opportune time this year, since multiple arms of our federal government are looking to regulate privacy practices in our economy’s strongest growth engine – online services. Congress, the Commerce Department, and the Federal Trade Commission each have proposed new rights and rules for data privacy.
It’s good to see attention focused on privacy, but when the government plans new restrictions on private activities, rule number one must be, do no harm.
The public and our economy have undoubtedly benefitted from prior light-touch regulation of the Internet and online interactions. As President Obama noted in his State of the Union Speech:
Thirty years ago, we couldn’t know that something called the Internet would lead to an economic revolution. What we can do – what America does better than anyone – is spark the creativity and imagination of our people. We are the nation that put cars in driveways and computers in offices; the nation of Edison and the Wright brothers; of Google and Facebook. In America, innovation doesn’t just change our lives. It’s how we make a living.
It was great to hear our President acknowledge some American companies whose innovations lead the world. Later in his speech, the President went one better, warning that government regulations can be barriers to innovation:
To reduce barriers to growth and investment, I’ve ordered a review of government regulations. When we find rules that put an unnecessary burden on businesses, we will fix them.
The President understands that government must avoid regulatory “fixes” that actually do more harm than good. In the privacy realm, there are harms in limiting user choice and restricting how companies design innovative technologies and business models. Any regulator that thinks they can anticipate the creative ways that consumers and companies will interact five years from now is sadly deluded.
The role for government should be in areas where users and business cannot act alone, including law enforcement, international data flows, and pre-empting a patchwork of state laws. Government should use its powers to pursue online fraud and criminal misuse of data, not to create rules that narrowly prescribe what and how data should be used.
Overall, we support the notion that companies and customers – not governments — must take the lead on data privacy. Companies need to pursue innovation without asking for permission from government agencies. And consumers must understand the decisions they make, but they have to be allowed to make those decisions.
Online services like Yahoo, Google, and Facebook – and even AOL – are continually going through cycles of innovation and experimentation, often followed quickly by self-correction . While changes often upset some users (and drive privacy advocates crazy) social media services listen to the feedback and come up with better privacy settings and controls. And for any users who still aren’t satisfied, competing social media services are easy to find.
Could government regulators adapt and upgrade their own rules so quickly? It’s doubtful. But there are positive signs that regulators understand the inherent shortcomings of prescriptive rules and restrictions. For instance, the Commerce Department’s proposed Privacy Framework leaves time and space for self-regulatory efforts to continue to evolve.
Online privacy is certainly important enough to have its own special day.
But our present pace of Internet innovation will only be sustainable if consumers and companies continue to lead the way.