Privacy and Security Through the Lens of the Federal Trade Commission's Bureau of Economics

Hoofnagle, Chris Jay

Download This Paper

Open PDF in Browser

Add Paper to My Library

Privacy and Security Through the Lens of the Federal Trade Commission's Bureau of Economics

Workshop on the Economics of Information Security (WEIS 2016)

UC Berkeley Public Law Research Paper No. 2787116

22 Pages Posted: 1 Jun 2016

See all articles by Chris Jay Hoofnagle

Chris Jay Hoofnagle

University of California, Berkeley - School of Law; University of California, Berkeley - School of Information

Date Written: June 13, 2016

Abstract

At the Federal Trade Commission (FTC), all privacy and security matters are assigned to a consumer protection economist from the agency’s Bureau of Economics (BE). The BE is an important yet often ignored element of the FTC. Advocates and others operating before the Commission have been inattentive to the BE, choosing to focus instead on persuading Commissioners and staff attorneys to take privacy and security cases. This article describes the BE, discusses the contours of its consumer protection theories, and discusses how these theories apply to privacy and security. I explain why the FTC, despite having powerful monetary remedy tools, almost never uses them: this is because the BE sees privacy and security injuries as too speculative and because the FTC’s remedies come too late to deter platform-age services. The BE is also skeptical of information privacy rights because of their potential impact on innovation policy and because privacy may starve the market of information. In this, the BE hews to certain interpretations of information economics, ignoring research in traditional and behavioral economics that sometimes finds benefits from regulation of information.

The article concludes with a roadmap for fostering a BE that sees invasions of privacy and security problems as causing harms worthy of monetary remedy. The roadmap includes the consideration of existing markets for privacy as a proxy for the value of personal information. For example, tens of millions of Americans pay money to keep non-sensitive information, such as their home address, secret. Additionally, the FTC’s civil penalty factors, which consider issues such as how to deny a defendant the benefits from illegal activity, could justify interventions to protect privacy and security. Finally, the BE could explore how existing information practices have inhibited the kinds of control that could lead to a functioning market for privacy.

Keywords: Civil Penalties, Monetary Relief, FTC, Privacy

JEL Classification: K2

Suggested Citation: Suggested Citation

Hoofnagle, Chris Jay, Privacy and Security Through the Lens of the Federal Trade Commission's Bureau of Economics (June 13, 2016). Workshop on the Economics of Information Security (WEIS 2016), UC Berkeley Public Law Research Paper No. 2787116, Available at SSRN: https://ssrn.com/abstract=2787116