Like coffee, the Internet comes with a price.

Photographer: Andrew Burton/Getty Images

A Lonely Celebration of Data Privacy Day

Stephen L. Carter is a Bloomberg View columnist. He is a professor of law at Yale University and was a clerk to U.S. Supreme Court Justice Thurgood Marshall. His novels include “The Emperor of Ocean Park” and “Back Channel,” and his nonfiction includes “Civility” and “Integrity.”
Read More.
a | A

I suspect that not too many people know that today, Jan. 28, is Data Privacy Day. The intriguing question is whether many people would care. It’s become a commonplace of discussions about online privacy to assert that few people actually worry that much about the digital trails they leave as they travel through cyberspace. Or, as Natasha Lomas proposes at TechCrunch, “Perhaps the truth is not so much that people don’t care about privacy, but they are being socially engineered not to care by those with a vested interest in getting their hands on the data.”

Her point makes a degree of sense. Nobody reads all that privacy-destroying boilerplate before clicking “I accept.” When I discuss this with my first-year contracts students, they freely admit that they don’t see the point of bothering to scrutinize the language. And courts have generally held the click-through contracts (or click-wrap, as many call them) are fully enforceable. Failure to read what you’re agreeing to doesn’t mean that you haven’t agreed.

But none of this means that Internet users don’t actually care about their privacy. They just don’t care enough to stop using the Internet.

A Pew Research Center survey released in September 2013 suggests some interesting trends. A solid majority of those surveyed -- 59 percent -- believed that online anonymity is impossible. But that doesn’t mean they don’t wish that it were. Some 68 percent of respondents said it was “very important” to them to keep the contents of their e-mails private, versus 46 percent who said the same about the websites they visit.

What’s most interesting is that some 68 percent of those surveyed also said it was very important to them that only those they authorize should have access to their personal information. Yet the behavior doesn’t reflect the preference -- or, more precisely, however important it might be to restrict access to their online data, it isn’t important enough to cause them to drop off the grid.

Lomas suggests that we think of the yielding of personal information as part of the price of the goods and services purchased online. Actually economists have made this point for years. A fully informed consumer can make a rational decision that the trade-off is worthwhile. For example, you might decide that the utility you derive from using Facebook outweighs the cost in privacy when the company tracks your journey through cyberspace.

The savvy consumer might even understand that the economics of the Internet make the trade-off inevitable. Facebook and Google aren’t giving away their consumer services free. They are selling their consumer services in return for information they can use to market other services to paying clients. If they have no information to repackage and resell, they won’t have a product. That online companies can’t always figure out the least intrusive way to profit from user data doesn’t mean that profiting from user data isn’t the business they’re in.

The Pew report suggests that users are more concerned about protecting their personal information from advertisers than protecting it from government. But here I suspect the reason is less an anti-corporate or pro-statist ideology than the availability heuristic: The barrage of online ads is more immediately annoying than whatever distant use a federal agency might make of an individual’s metadata.

In any case, government and corporate use of data might not remain so separate. The Cyber Intelligence Sharing and Protection Act, or CISPA, which died in the Senate a couple of years ago and has just been reintroduced in the new Congress, has at its heart a data-sharing system. Under certain vaguely defined circumstances involving cyberthreats or national security, private companies would be allowed, without facing liability, to share consumers’ personal information with government agencies, and even with one another. (There are privacy protections in the proposed statute, but they might charitably be described as thin.) CISPA is unlikely to be enacted in its current form, but at some point the various barriers that keep online data from commingling are bound to fall.

All of which is to say that those of us who are always howling about the importance of privacy -- a group in which I proudly number myself -- will at some point have to recognize that in the long run we’re not likely to preserve very much of it. Still, the battle is well worth fighting. After all, Sisyphus didn’t quit.

  1. Minor exceptions involve mostly what are known as “browse-wrap” contracts, where the user takes no action -- clicks nothing -- but merely continues on the site. These are frequently held not be enforceable.

  2. Incidentally, the Pew report noted that the users who have tried hardest to hide their identities online are also more likely to have posted personal information online. The report called this "one of the most revealing contradictions" in the data. But if you think about it for a moment, you'll see that it's not a contradiction at all; it's exactly what you'd expect. After all, no one would think it odd if it turned out that those who have the most advanced home security systems happen to be those who keep the most valuables around their houses.

  3. The suggestions of years past that consumer demand will lead to the development of a market in privacy, where companies will compete to gather less information, seem not to have come to fruition.

This column does not necessarily reflect the opinion of Bloomberg View's editorial board or Bloomberg LP, its owners and investors.

To contact the author on this story:
Stephen L Carter at scarter01@bloomberg.net

To contact the editor on this story:
Stacey Shick at sshick@bloomberg.net