The FTC has said time and time again that “consumers don’t read privacy policies.” They’ve been doing this for nearly a decade. In 2007, then-Federal Trade Commissioner Jon Leibowitz declared that “in many cases, consumers don’t notice, read, or understand the privacy policies.” Likewise, study after study has substantiated this fact.
Of course, it doesn’t take an FTC chairman, or a researcher to tell us this, we all know that we rarely, if ever, read the privacy policies we’re presented.
Unfortunately, in the past it felt like the FTC wasn’t seeing this conundrum or following the lessons of the 2007 FTC – at least when it came to enforcement action.
If the goal of the FTC is to protect against consumer harm, then there should be a likelihood of harm before bringing an action.
Now I’m not saying that intentionally deceiving consumers is okay. Or that privacy policies aren’t just as enforceable as the terms in a home mortgage.
With a dozen years of work with the FTC, Ohlhausen is an ideal candidate to bring this renewed focus. In 2015, she pointed out, “the commission should use its limited resources to pursue cases that involve consumer harm” and raised concerns with “procrustean problem with prescriptive regulation.”
This might also help the FTC better serve consumers. As I mentioned in a previous editorial, the FTC’s own data shows that of the 2,582,851 consumer complaints reported for 2014, complaints about Internet services ranked last – 83 percent of consumer complaints had nothing to do with privacy policies.
Rather than appropriating valuable resources on privacy-policy “gotcha” cases, the FTC should find consumer harm, like was suggested in 2007.
Fortunately, it’s possible that the 2017 FTC doesn’t need to enforce these errors in privacy policies. The 2007 FTC suggested that market competition will improve privacy policies. “The leading search engines have been tripping over each other to have the strongest privacy protections,” Leibowitz said at the time. Likewise, a 2012 FTC staff report said, “Consumers pay more for better privacy policies.”
And we are seeing this today. The industry is moving away from just using long-form privacy policies. They are adding “just in time notification” to provide consumers the privacy information they need when they are making decisions.
So perhaps we need neither a carrot nor a stick from the FTC when it comes to privacy policies. Instead, the competitive landscape is driving businesses to protect consumer privacy, not fear of the FTC.
Carl Szabo is senior policy counsel for NetChoice, a trade association of eCommerce businesses including AOL, Facebook, and 21st Century Fox.
The views expressed by contributors are their own and are not the views of The Hill.