US FTC's Wilson on a privacy mission

Coronavirus infections are mounting, and so are threats to Americans’ privacy. From her West Virginia home, Federal Trade Commission member Christine Wilson is sheltering from the former while on a mission to decry the latter.

Far from displacing privacy fears, the pandemic has inflamed them as the consequences of a regulatory-free zone for technology come into even sharper relief: for most Americans, privacy rights in the general marketplace barely exist.

As a result, large slices of the American public simply don’t trust Big Tech anymore. Not even when it attempts to help individuals avoid a deadly virus.

Wilson shares those concerns, and then some. The Republican FTC commissioner believes the pandemic highlights ongoing consumer-data privacy issues and, maybe more worryingly, a state of affairs where constitutional protections guarding against invasive law enforcement are in jeopardy. Actions permitted in the marketplace today can become open gateways for authorities tomorrow, thanks to American jurisprudence’s heavy reliance on subjective “expectations of privacy” for limiting police action.

“If consumers have no expectation that any of their data will remain protected, then under the standard that exists in Fourth Amendment cases today, the Fourth Amendment gets eviscerated,” Wilson said during a recent webinar hosted by the Brookings Institution.

Wilson has been a prolific webcaster, joining online events with a frequency unusual for members of this commission, who lately have been keeping low profiles.

During one week, Wilson spoke on a Wednesday at the Brookings Institution and a Friday at the Cato institute. She published an editorial with the Wall Street Journal and wrote a coronavirus privacy post that drew national attention to an often-sleepy economics blog. She appeared online for the Hispanic Technology & Telecommunications Partnership and consulting firm Bates White.

In effect, Wilson has become the face of privacy activism at the FTC during the pandemic.

"It is absolutely fair to say that I have been pretty vocal for the need for federal privacy legislation for a while, but it has ramped up during the pandemic,” Wilson told MLex during a telephone interview.

For Wilson, like many, watching smartphones with their volumes of location and other data get recruited into the pandemic fight without regulatory assurances for their owners’ privacy was a turning point.

“A number of those efforts raised red flags for me, including whether the location and health information of people was being adequately protected,” she said.

Maybe it would be different if Congress — as it’s been discussing for more than a decade — had passed a national privacy law.

“I think it would have been great if we had federal privacy legislation in place to help provide guardrails for companies, for researchers, and for governments at all levels, local, state, federal, with respect to the treatment of location data, health data, other sensitive data that’s being collected during this time,” Wilson said.

“With appropriate consumer privacy legislation in place, we would solve issues in the commercial arena. We would solve issues in the Fourth Amendment space — probably not entirely, but it would be a help.”

What that privacy measure should consist of is, of course, the sticking point that’s prevented such a law from coming into being.

Wilson’s perspective is that the state of privacy today, or the lack of it, is a market failure. Even for a self-identified believer in the optimizing qualities of supply and demand, that opens the door for regulation.

The problem’s root lies with the edge that tech companies have over consumers. They know what data is being harvested from consumers, what it’s used for and what it’s worth. Consumers generally don’t.

“I believe that consumers are rational actors, who can make informed choices that are in their short- and long-term best interest,” Wilson said. They keyword in that sentence, she emphasized, is “informed":  When consumers don’t understand the data that’s being collected and how it’s being used, the choices about which products and services to use aren't informed.

That information asymmetry between corporations and individuals explains another oft-cited objection to privacy regulation, Wilson says — the so-called “privacy paradox” in which consumers say they care about their privacy but appear willing to give it up for next to nothing.

“There’s an explanation for that,” Wilson said, one that doesn’t undermine her belief in humans as rational actors.

Americans, pressed for time between the demands of the job, family and home, literally lack time to understand the privacy implications of every online service they sign up for.

“And so, I need to take shortcuts. It is a rational thing to take shortcuts in that situation, and one rational choice is essentially called ‘privacy resignation.’” Consumers care about privacy, but they can’t execute on their preferences. They accede to the onslaught on privacy rather than actively approve it.

Wilson avoids endorsing any one particular privacy bill, citing her role as an unelected official.

She is willing to limn some broad prerequisites. “Some of the onus for privacy choices needs to move from consumers to companies,” she said. Corporations should be accountable for the way they make choices about the collection and use of data.

“They should be conducting risk assessments, they should be engaging in risk management, they should engage in vendor management. In other words, companies should bear much more of the burden to make sure consumer privacy information is being handled appropriately.”

She doesn't favor having states pass their own consumer privacy laws, citing the potential for incompatible legal frameworks.

Unusually for a Republican commissioner, Wilson freely dubs the large American technology corporations “Big Tech,” a term with trustbusting valences. It’s a favorite of Harvard professor Shoshana Zuboff, author of “The Age of Surveillance Capitalism,” a book critical of Silicon Valley’s data-collection business model.

After being sworn into office in 2018, Wilson said she took a dive into privacy literature, including Zuboff’s book. “She provides a very detailed examination of privacy scandals, and she attempts to explain the business of social media and digital engagement. She also raises the issue of whether we should be collecting all of the data that’s available to tech companies in the first place,” Wilson said.

But if there’s one recent book that’s had a big impact, it's “Habeus Data: Privacy vs. the Rise of Surveillance Tech” by journalist Cyrus Farivar, Wilson said. “That has been just a fantastic resource for me on the history of privacy law and its interrelationship with Fourth Amendment law.” The book’s central thesis is that surveillance technology has outpaced privacy law, a concern central to Wilson’s thinking about privacy.

Wilson admits to reading, a lot. “When people ask me what my vices are, I will say that Amazon’s One-Click for Kindle is my biggest vice,” Wilson said.