Category: Consumer Protection Law

What’s Wrong with the Financial Services Industry?

I tried to answer this question at length in a review of Robert Shiller’s Finance and the Good Society. But if you want the short version, look no further than Barry Ritholtz’s list. One could easily expand it into an ever-growing wiki, but sometimes succinctness is supreme. Here’s Ritholtz on the multiple intermediary problem:

Too many people have a hand in your pocket[.] The list of people nicking you as an investor is enormous. Insiders (CEO/CFO/Boards of Directors) transfer wealth from shareholders to themselves, with the blessing of corrupted Compensation Consultants. Active mutual funds charge way too much for sub par performance. 401(k)s are disastrous. NYSE and NASDAQ Exchanges have been paid to allow a HFT tax on every other investor. FASB and accountants have done an awful job, allowing corporations to mislead investors with junk balance statements. The media’s job is to sell advertising, not provide you with intelligent advice. The regulators have been captured.

And while we’re on the topic of the personal consequences of finance, do take a look at Helaine Olen’s Pound Foolish. Olen has been making the intellectual podcast rounds, and offers a devastating portrait of a personal finance industry warped by ideology and greed.

“The Creditor Was Always Right”

What would a world of totally privatized justice look like? To take a more specific case—imagine a Reputation Society where intermediaries, unbound by legal restrictions, could sort people as wheat or chaff, credit-worthy or deadbeat, reliable or lazy?

We’re well on our way to that laissez-faire nirvana for America’s credit bureaus. While they seem to be bound by FCRA and a slew of regulations, enforcement is so wan that they essentially pick and choose the bits of law they want to follow, and what they’d like to ignore. That, at least, is the inescapable conclusion of a brief but devastating portrait of the bureaus on 60 Minutes. Horror stories abound regarding the bureaus, but reporter Steve Kroft finds their deeper causes by documenting an abandonment of basic principles of due process:
Read More

Google Antitrust: the FTC Folds

Both Eric Goldman and James Grimmelmann have the details on the FTC’s rather extraordinary capitulation today. It is a big win for Google. Still, a few questions remain. I have the following:

1) Commissioner Rosch included this intriguing footnote in his concurrence/dissent:

I . . . have concerns that insofar as Google has monopoly or near-monopoly power in the search advertising market and this power is due in whole or in part to its power over searches generally, nothing in this “settlement” prevents Google from telling “half-truths”–for example, that its gathering of information about the characteristics of a consumer is done solely for the consumer’s benefit, instead of also to maintain a monopoly or near-monopoly position. . . .That is a genuine cause for “strong concern.”

Did Google ever say that it was gathering data purely for consumers’ benefit? That would seem to be an odd representation for a for-profit company to make.
Read More

Better, Simpler Disclosure

Here is an apt response to the question: “What would an ideal food label look like?:”

Even the simplest information — a red, yellow or green “traffic light,” for example — would encourage consumers to make healthier choices. That might help counter obesity, a problem all but the most cynical agree is closely related to the consumption of junk food.

Of course, labeling changes like this would bring cries of hysteria from the food producers who argue that all foods are fine, although some should be eaten in moderation. To them, a red traffic-light symbol on chips and soda might as well be a skull and crossbones. But traffic lights could work: indeed, in one study, sales of red-lighted soda fell by 16.5 percent in three months.

Having recently spent time at a roundtable with transparency advocates (including one author of this excellent book), I can attest to the fact that only the clearest signals tend to get through the noise in an era of information overload.

6

PETs, Law and Surveillance

In Europe, privacy is considered a fundamental human right. Section 8 of the European Convention of Human Rights (ECHR) limits the power of the state to interfere in citizens’ privacy, ”except such as is in accordance with the law and is necessary in a democratic society”. Privacy is also granted constitutional protection in the Fourth Amendment to the United States Constitution. Both the ECHR and the US Constitution establish the right to privacy as freedom from government surveillance (I’ll call this “constitutional privacy”). Over the past 40 years, a specific framework has emerged to protect informational privacy (see here and here and here and here); yet this framework (“information privacy”) provides little protection against surveillance by either government or private sector organizations. Indeed, the information privacy framework presumes that a data controller (i.e., a government or business organization collecting, storing and using personal data) is a trusted party, essentially acting as a steward of individual rights. In doing so, it overlooks the fact that organizations often have strong incentives to subject individuals to persistent surveillance; to monetize individuals’ data; and to maximize information collection, storage and use.

Read More

0

More on government access to private sector data

Last week I blogged here about a comprehensive survey on systematic government access to private sector data, which will be published in the next issue of International Data Privacy Law, an Oxford University Press law journal edited by Christopher Kuner. Several readers have asked whether the results of the survey are available online. Well, now they are – even before publication of the special issue. The project, which was organized by Fred Cate and Jim Dempsey and supported by The Privacy Projects, covered government access laws in AustraliaCanadaChinaGermanyIsraelJapanUnited Kingdom and United States.

Peter Swire’s thought provoking piece on the increased importance of government access to the cloud in an age of encrypted communications appears here. Also see the special issue’s editorial, by Fred, Jim and Ira Rubinstein.

 

2

On systematic government access to private sector data

The Sixth Circuit Court of Appeals has recently decided in United States v. Skinner that police does not need a warrant to obtain GPS location data for mobile phones. The decision, based on the holding of the Supreme Court in US v. Jones, highlights the need for a comprehensive reform of rules on government access to communications non-contents information (“communications data”). Once consisting of only a list of phone numbers dialed by a customer (a “pen register”), communications data have become rife with personal information, including location, clickstream, social contacts and more.

To a non-American, the US v. Jones ruling is truly astounding in its narrow scope. Clearly, the Justices aimed to sidestep the obvious question of expectation of privacy in public spaces. The Court did hold that the attachment of a GPS tracking device to a vehicle and its use to monitor the vehicle’s movements constitutes a Fourth Amendment “search”. But it based its holding not on the persistent surveillance of the suspect’s movements but rather on a “trespass to chattels” inflicted when a government agent ever-so-slightly touched the suspect’s vehicle to attach the tracking device. In the opinion of the Court, it was the clearly insignificant “occupation of property” (touching a car!) rather than the obviously weighty location tracking that triggered constitutional protection.

Suffice it to say, that to an outside observer, the property infringement appears to have been a side issue in both Jones and Skinner. The main issue of course is government power to remotely access information about an individual’s life, which is increasingly stored by third parties in the cloud. In most cases past – and certainly present and future – there is little need to trespass on an individual’s property in order to monitor her every move. Our lives are increasingly mediated by technology. Numerous third parties possess volumes of information about our finances, health, online endeavors, geographical movements, etc. For effective surveillance, the government typically just needs to ask.

This is why an upcoming issue of International Data Privacy Law (IDPL) (an Oxford University Press law journal), which is devoted to systematic government access to private sector data, is so timely and important. The special issue covers rules on government access in multiple jurisdictions, including the US, UK, Germany, Israel, Japan, China, India, Australia and Canada.

Read More

Lochner Boo Boo: Free Self-Exploitation?

American legal history has featured many battles over “freedom of contract,” often interpreted as the “right” of workers to sell their labor at any price, under any terms. Given the recent resurgence of extreme freedom of contract views, I thought this reflection on the reality TV show “Here Comes Honey Boo Boo” might interest readers:

Americans, it turns out, can’t get enough of Honey Boo Boo, mom June, and the rest of the clan . . . some of whom come with nicknames that seem straight out of a quaint novel about those colorful southerners, like Sugar Bear. That Here Comes Honey Boo Boo trafficked in and showcased the grossest of gross stereotypes about lower middle class southern white folk was deemed inconsequential. The family, led by matriarch June, was in on the joke. How could the family be exploited if they actively wanted to be exploited?

Read More

3

Big Data for All

Much has been written over the past couple of years about “big data” (See, for example, here and here and here). In a new article, Big Data for All: Privacy and User Control in the Age of Analytics, which will be published in the Northwestern Journal of Technology and Intellectual Property, Jules Polonetsky and I try to reconcile the inherent tension between big data business models and individual privacy rights. We argue that going forward, organizations should provide individuals with practical, easy to use access to their information, so they can become active participants in the data economy. In addition, organizations should be required to be transparent about the decisional criteria underlying their data processing activities.

The term “big data” refers to advances in data mining and the massive increase in computing power and data storage capacity, which have expanded by orders of magnitude the scope of information available for organizations. Data are now available for analysis in raw form, escaping the confines of structured databases and enhancing researchers’ abilities to identify correlations and conceive of new, unanticipated uses for existing information. In addition, the increasing number of people, devices, and sensors that are now connected by digital networks has revolutionized the ability to generate, communicate, share, and access data.

Data creates enormous value for the world economy, driving innovation, productivity, efficiency and growth. In the article, we flesh out some compelling use cases for big data analysis. Consider, for example, a group of medical researchers who were able to parse out a harmful side effect of a combination of medications, which were used daily by millions of Americans, by analyzing massive amounts of online search queries. Or scientists who analyze mobile phone communications to better understand the needs of people who live in settlements or slums in developing countries.

Read More

FTC Agonistes: From the Nader Report to the Wired Report

In 1968, a group of law student researchers helped Ralph Nader publish a highly critical report on the Federal Trade Commission. They concluded that the FTC failed to “detect violations systematically,” to “establish efficient priorities for its enforcement energy,” to “enforce the powers it has with energy and speed,” and to “seek sufficient statutory authority to make its work effective.” As Tim Muris notes, the report “lambast[ed] the agency and characteriz[ed] its overall performance as ‘shockingly poor.'”

The FTC has taken many important initiatives to respond to concerns identified in the report. But we must now reconsider agency’s record, as the digital world changes kaleidoscopically and budget restraints hamstring even the best-intentioned FTC staff.

About the closest thing we’re likely to get to another “Nader Report” was Peter Maass’s expose in Wired on challenges facing privacy enforcement and consumer protection in the digital age. Here’s one of the many issues he identifies:

The mismatch between FTC aspirations and abilities is exemplified by its Mobile Technology Unit, created earlier this year to oversee the exploding mobile phone sector. The six-person unit consists of a paralegal, a program specialist, two attorneys, a technologist and its director, Patricia Poss. For the FTC, the unit represents an important allocation of resources to protect the privacy rights of more than 100 million smartphone owners in America. For Silicon Valley, a six-person team is barely a garage startup. Earlier this year, the unit issued a highly publicized report on mobile apps for kids; its conclusion was reflected in the subtitle, “Current Privacy Disclosures Are Disappointing.” It was a thin report, however. Rather than actually checking the personal data accessed by the report’s sampling of 400 apps, the [17 page] report just looked at whether the apps disclose, on the sites where they are sold, the types of personal data that would be accessed and what the data would be used for.

As Maass notes, “The agency can take companies to court, but its overworked lawyers don’t really have the time to go the distance against the bottomless legal staffs in Silicon Valley.” Like an SEC pushed by budget constraints to pursue mere “cost of doing business” settlements, the FTC too often has to capitulate to symbolic penalties with dubious deterrent effect.
Read More