The Law of Unintended Consequences
Today’s Internet “blackouts” of the pending US SOPA and PIPA regulation (see the CRN slideshow for more details) exemplifies the “all or nothing” approaches deployed by both regulators and internet companies when it comes to regulation of sensitive issues such as IP, digital rights management and digital privacy.
The intent of the legislation is good: Who (other than criminals) could argue against protecting content owners from piracy? The problem is with the unintended consequences – holding a larger, deep pocket site responsible for things they may accidentally link to (programmatically) or better yet, that their users link to within the larger platform. While not perfect, most reputable sites do a good job of removing offending content.
Well, the same issue holds true for Web Privacy regulation. The Do Not Track (DNT) header initiative takes the same binary approach to privacy. Share or don’t share my information beyond this site. The unintended consequence is that the person being protected (me) gets a lousy choice and lousy Web experience.
Do I believe that regulating digital privacy is good? Yes. But once again, it should not be an all or nothing directive, such as DNT (which, while it will be included in most browsers, has no legal teeth to enforce it’s use). It has negative consequences for both Web users and marketers. Nobody wins and only lip service is paid to privacy, while nothing really changes.
Why not let the user determine what they want to share with whom? Make choice a law. Let the market develop techniques and tools to support compliance and let Internet businesses and companies that share their visitor data with others, pick the solution that best matches their business model and compliance needs. Companies such as TRUSTe and 3PMobile are two good examples of companies working towards that end – giving users the choice to make more finely tuned data sharing decisions. Decisions based on their personal sharing tolerance and the trust earned by each site or service collecting, using and sharing their data.