Reflections on the NC JOLT Symposium: The Privacy Self-Regulation Race to the Bottom

We are in the Wild West of privacy and security today. As was the case with consumers of food and drugs one hundred years ago, today’s consumers know little about the actual practices of companies that have their personal information. There is skyrocketing identity theft, stalking made possible through the sale of personal information, and a shift in power from individuals to business and government data collectors. There also are more subtle, cultural harms. Individuals feel more vulnerable to strangers and, as a result, are less likely to engage in social behaviors like exchanging phone numbers. There is an emerging field of activism that argues direct marketing pollutes the “mental environment” and that economists need to account for distraction as a harm or cost caused by privacy-invasive advertising.
Consumer advocates have called for broad ranging privacy protections—ones that not only require accurate notice but also place a ban on certain uses of personal information. The industry, perhaps best represented at the North Carolina Journal of Law and Technology Symposium by Chris Mustain of IBM, counters these calls with the same language and arguments used to avoid accountability in the food and drug debate—that privacy law will infringe upon innovation and free enterprise rights.