telecoms

search

attitudes

harvests

landmarks

     costs and the privacy industry

This page highlights debate about the 'cost of privacy', largely driven by claims that strengthened privacy regimes will impose intolerable direct/indirect costs on business. The page also looks at the privacy industry, with a dissection of who's peddling policy, placebos or other products.

     costs

How much does privacy regulation cost? Does privacy legislation impose onerous burdens on business, government and nonprofit organisations?

Some advocacy organisations suggest that any cost is too much. Others, particularly those in the US seeking to shape new legislation, claim that it will cost billions, erode national competitiveness and destroy the new economy.

The answer is that there are few widely accepted studies. Most research has concentrated on costs but ignored benefits or dismissed the consumer concerns noted on the preceding page of this guide. Many statistics are contentious; much of the writing is essentially polemical.

We'll be assessing overall research in the near future. In the interim this page points to particular studies in the US.

     a 17 billion infotax?

In 2001 the Online Privacy Alliance (OPA), an advocacy group under the aegis of the US Direct Marketing Association, released a package of reports asserting that US privacy legislation would cost consumers billions of dollars annually.

The reports included Customer Benefits from Current Information Sharing by Financial Services Companies (PDF), The Impact of Data Restrictions on Consumer Distance Shopping (PDF) and The Value of Comprehensive Credit Reports: Lessons from the US Experience (PDF).

Restrictions on the corporate sale or sharing of customer information without permission would supposedly cost 90 of the largest financial institutions US$17 billion a year of added expenses, resulting in a US$1 billion 'information tax' on consumers as costs are passed on through snailmail catalogues and websites. Stronger privacy rules would increase the risk of fraud and identity theft and restrict available consumer credit.

Robert Hahn's 2001 An Assessment of the Costs of Proposed Online Privacy Legislation (PDF) for the Association for Competitive Technology (ACT) forecast direct costs of US$36 billion. (As a frame of reference we note estimates that the global market for haircare products is worth over US$28 billion annually, that US business spends around US$5 billion per year on consumer market surveys that the North American direct marketing sector turns over roughly US$600 billion each year.)

The Hahn study claimed that US websites will have to around US$100,000 each to comply with the legislation and concluded that "further regulation of online privacy is premature", because "the direct costs of compliance could be substantial, benefits of such regulation have yet to be quantified and the market continues to respond to consumer concerns about online privacy". Privacy protection, it seems, verges on being unpatriotic, since

our economy is at a fragile juncture, and we're counting on the information technology industry to pull us through. In a market where cash and labor are scarce commodities, shortsighted privacy regulations will lead to fewer choices and higher prices for consumers.

Hahn's figures were questioned by experts such as Peter Swire and Richard Smith of the Privacy Foundation (PF). Smith for example pointedly queried why the study appeared to have excluded business-to-consumer sites and criticised much of the analysis.

The DMA and its affiliates the Privacy Leadership Initiative and Progress & Freedom Foundation (PFF) released a 34 page report on The Impact of Data Restrictions on Fundraising for Charitable & Nonprofit Institutions (PDF) and a report on The Hidden Costs of Privacy: The Potential Economic Impact of 'Opt-In' Data Privacy Laws in California.

Those documents claim that "opt-in" legislation that restricts organisations from sharing customer data without explicit permission could cost US charities as much as US$16.5 billion each year. California-based charities would lose over US$1.5 billion each year and the state's tax base would "likely be reduced by $2.1 billion within several years" - mortgage interest payments would be several billion dollars higher and "employment in the construction industry alone would be reduced by thousands of jobs as new home sales were lost".

Consumer advocates such as Privacy Rights Clearinghouse (PRC) responded that the proposed Californian legislation - and similar laws across the US - will

simply require companies to offer better incentives to customers in exchange for permission to share their personal financial data. The real difference here is that companies would no longer be able to get this information for free.

The US Citizens Against Government Waste (CAGW) 2001 Keeping Big Brother From Watching You study argued that federal privacy legislation is unnecessary and an impediment to economic growth, with the cost of privacy laws - this time to the "online business community" - put at a "devastating $9 billion to $36 billion". CAGQ sniffed that

there is ample evidence that the federal government is incapable of sufficiently protecting the sensitive data it collects. ... The federal government’s vast incompetence to secure data puts it in an unsound position to legislate privacy issues.

A critique of several of the 'anti-privacy' studies is provided by Robert Gellman's 2002 report for EPIC on Privacy, Consumers, and Costs: How The Lack of Privacy Costs Consumers and Why Business Studies of Privacy Costs are Biased and Incomplete.








     next page (spatial)