The intersection between privacy, big data, and competition #FTC-2018-0051-D-0018

Submission Number:
Randolph May
Free State Foundation
Initiative Name:
The intersection between privacy, big data, and competition
See attached file(s) for a complete set of the Free State Foundation comments. Here is a summary of the comments: To the FTC Commissioners and Staff: Introduction and Summary These comments express the views of Randolph J. May, President of the Free State Foundation, and Michael J. Horney, Research Fellow. The views expressed do not necessarily represent the views of others associated with the Free State Foundation. The Free State Foundation is an independent, nonpartisan, non-profit free market-oriented think tank focusing heavily on communications and Internet law and policy. Within the realm of that communications and Internet law and policy work, the Free State Foundation has focused on and devoted scholarly resources to researching and writing about the public policy privacy-related issues raised in the context of service offerings by content providers such as Facebook and Google (so-called "edge providers") on the one hand and Internet service providers such as Verizon and Comcast on the other. It is with this expertise and experience in mind that we offer these comments on "The Intersection between Privacy, Big Data, and Competition." The exchange of non-sensitive consumer information enables companies to sell targeted advertising, which covers the costs of offering free content and services to consumers. Substantial evidence shows that the overwhelming majority of consumers are willing to exchange personal information for free content and services. However, it is important that firms provide consumers with adequate disclosure regarding the collection and use of their personally identifiable data. This way, as part of the bargain, consumers are empowered to make informed choices that reflect their preferences. Because the functioning of much of the Internet ecosystem involves the exchange of non-sensitive consumer information, as a default, "opt-out" rules, as opposed to "opt-in" rules, spur the development of additional Internet content and services. This enables the monetization of a greater pool of consumer information, while still empowering consumers with a choice about whether or not they want their data collected and used. For certain clearly sensitive information, for example relating to health or financial services, the default should be opt-in rather than opt-out. Consumers expect the application of consistent privacy rules throughout the entire United States. Therefore, privacy regulation in the U.S. should reflect those expectations, whether consumers are doing business with an Internet service provider (ISP) or an edge provider. Internet communications do not stop or change at state borders and neither should privacy laws. To the extent state-by-state privacy regulations differ, this creates a "patchwork problem" for service providers that, at a minimum, imposes additional costs but also is likely to stifle investment and innovation. The FTC should regulate the privacy practices of both edge providers and ISPs in a consistent manner, and to the extent that a "patchwork" of state laws and regulations develop that impose more stringent requirements on service providers than those imposed at the federal level, then those state laws and regulations that conflict with federal policy should be preempted.