FTC: A Three-Letter Way to Spell “Nanny”?

NTU Policy Paper #135 (pdf)

By Pete Sepp

June 3, 2015

Introduction

            When taxpayer advocates scan the horizon for threats that will expand government and curtail Americans’ freedoms, several familiar federal “faces” will inevitably appear – the IRS, TSA, EPA, or more recently the Department of Health and Human Services (HHS). Yet, one three-letter agency often seems to elude detection, even though the fiscal and economic damage it can inflict upon our nation’s future is potentially massive. The FTC, short for Federal Trade Commission, is showing troubling signs of overaggressive behavior seen in other federal entities like the tax collector, or the environmental regulator, or the government health insurance administrator.

            Taxpayers have a major stake in how the FTC approaches competition and consumer issues in the high-tech sector, well beyond questions of how it spends its annual funding. The FTC’s influence over our daily lives, whether it respects checks and balances, and most importantly the impact of its policies on the economy, are more vital matters now than ever before. Unless policymakers act to clarify and restrain the FTC’s role, Americans may find themselves unwitting (and ultimately unwilling) wards of an obsessive “nanny” that will dictate not only their everyday choices as consumers, but also the direction of technological innovation.

The Return of the Prodigal Nanny?

            How can taxpayers spot another nanny before one arrives at their front door? They can look to other federal agencies, like the ones described above. Most nanny-style agencies have several characteristics in common, including:

1) Vast powers to enforce vague laws whose interpretation is in flux.

2) Unpredictable, even hypocritical behavior that often shifts with changes in political control or agency management.

3) Heavy-handed tactics designed to garner headlines and create fear among citizens or businesses.

4) Intrusive methods of investigation that impose the burden of proof on the accused, who are often innocent of any wrongdoing.

5) Mission creep, as the agency attempts to continually justify larger budgets and more personnel.

6) Lack of accountability to elected officials and the citizens who pay for government.

7) A fear or aversion to change and innovation in the private sector, and a poor capacity to embrace such change in its own institutional practices.

This sort of behavior is evident in many incarnations to taxpayers, such as:

• Decades of abusive IRS activity toward innocent taxpayers that has prompted three separate reform packages from Congress between 1988 and 1998. Even today, additional IRS overhaul legislation is being proposed – some of it to address flaws in tax administration procedures toward constituencies such as small businesses and “innocent spouses.” Other bills attempt to clean up the IRS’s scandal-ridden “exempt organizations” division, blamed for suppressing the activities of legitimate citizen groups.[1]
• Information Technology failures that have cost taxpayers billions, spanning a panoply of agencies including the FBI, IRS, Department of Defense, and most recently the Centers for Medicare and Medicaid Services (with its Health Insurance Marketplace website debacle and botched state exchange grants).[2]
• Regulatory excesses ranging from the EPA’s power-grab over “greenhouse gas” emission rules to the FCC’s attempts to exercise jurisdiction over “network neutrality” policies.[3]

            A forthcoming National Taxpayers Union (NTU) paper will compare and contrast these as well as other agencies’ nanny-like tendencies with that of the FTC in-depth, providing additional recommendations for reform. This paper, however, will review the FTC’s recent conduct toward high-tech innovators in particular, and highlight how it has emulated the seven worrisome traits described above. Unfortunately, this is not the first time the FTC has reflected such bad habits.

A Nanny’s Conflicted Past

            Although our society and economy look quite different from those that existed 100 years ago, the tensions in the FTC’s mission and activities have been present since its founding in 1914. Marc Winerman, an FTC attorney, wrote in a 2003 Antitrust Law Journal article, “there emerged from 1914 a Commission with a broad and flexible mandate, wide-ranging powers, and the ability, at its best, to respond to the needs of changing times.”[4] As this paper will demonstrate, however, when the FTC is at its worst, that mandate and its attendant powers provide all too many opportunities to inflict great harm.

            Most would agree that the federal government should have some oversight role in connection with trade and commercial activities. However, it wasn’t until the so-called “trust-busting” era that Washington began concentrating regulatory energies toward everyday business practices. The FTC’s predecessor, the Bureau of Corporations, was founded in 1903 to build an institutional apparatus on roughly a decade of litigation under the Sherman Antitrust Act.

            But after much debate and deal-making between the two chambers of Congress, President Woodrow Wilson, initially skeptical of  broad regulatory powers to police trusts, backed legislation in 1914 (the FTC Act) that established a commission with investigative powers beyond what were initially envisioned. Section 5 of the Act, which originally blocked “unfair methods of competition in or affecting commerce” was the cornerstone of the Commission’s influence.

            According to Winerman’s excellent overview, Wilson touted another purpose for the FTC: offering assistance to businesses in how to best conduct their competitive affairs, a function Wilson called “powers of guidance and accommodation” that would relieve “businessmen of unfounded fears and set them on the road of hopeful and confident enterprise.” [5] This rather murky interpretation of the FTC’s mission – from its birth – is one reason why dangerous doctrines such as “non-law law” persist today.

            Like so many bureaucracies, the FTC would accumulate more and more powers. In 1938, Section 5 of the Act was augmented to cover “unfair or deceptive acts or practices” applying to consumers generally in addition to competitors, and by 1950, the expansion of another antitrust law on the books (the Clayton Act) gave the federal government more involvement in regulating mergers and acquisitions.

            In 1969 the machinery was put into place for taking the FTC into overdrive, thanks to a seminal report from the American Bar Association. According to William E. Kovacic, who wrote a penetrating and thorough history on Congressional oversight of antitrust policy in this era:

The document focused Congressional attention upon the FTC’s antitrust role and deeply influenced the legislature’s thinking in the early 1970s about the appropriate course of the agency’s competition work. The ABA Report proposed that the Commission devote its antitrust resources to economically significant problems in complex, unsettled areas of law and economics, stressing that the agency’s ability to perform this role depended heavily on the actions of institutions outside the agency – principally the Congress and the President.[6]

            Actually, all three branches of government obliged. In 1972 the U.S. Supreme Court effectively gave the nod to the FTC’s expansive interpretation of Section 5’s “unfairness” clause, which it used to pursue cigarette manufacturers in 1960s.[7] Among the factors in the so-called “Cigarette Rule” that the FTC would use to define unfairness were “immoral, unethical, oppressive, or unscrupulous” policy – an avenue of interpretation as wide and deep as any that could be built. Through the Magnuson-Moss Act of 1975, Congress gave affirmative license for the FTC to practice rulemaking with impacts on many industries. In the early and mid-1970s, the FTC went on what public management expert Phillip Heymann called a “vigorous recruiting effort” for “bright aggressive young attorneys.” [8] The confluence of all these developments would be felt in the area of consumer protection as well as business competition. Many of these rulemaking ventures would lead to dead-ends, even as they caused years of consternation and uncertainty in affected sectors. Among the FTC’s targets were hearing aids, fabric care labeling, funeral services, and gas station lotteries.

            While the FTC’s regulatory excesses may not be the first things that come to mind when people think of big government, the label of “nanny” was actually pinned on the agency decades ago. In March of 1978, the Washington Post’s editorial board weighed in on an FTC proposal to attack children’s consumption of sugary foods; “options” outlined in the government’s scheme involved a ban on television advertising for programs aimed at those younger than 8 years of age and a prohibition on ads for products causing tooth decay on programs designed for those under 12. Noting practical problems, such as determining when a show starts appealing to 13-year-olds or what constitutes a high-sugar food, the editorial inveighed against a flat-out prohibition because it would involve, “as it would have to, certain judgments a government shouldn’t be encouraged to make or enforce, [and] would make parents less responsible, not more.” Though the Post wasn’t opposed to all federal involvement in this area, it branded the FTC’s plan “a preposterous intervention that would turn the agency into a great national nanny.”[9]

            These incidents were part of the agency’s interpretation of its mission to stamp out “unfairness,” one which aimed at broad public policymaking instead of more practical ways of protecting consumers. Former FTC Bureau of Consumer Protection Director J. Howard Beales observed that this expansive attitude led to “many absurd and harmful results.” In response Congress actually voted to temporarily defund the FTC, and by 1980 had encouraged management to embrace new restrictions on how the perceptions of “unfairness” could be used to clamp down on advertising.[10]

            Sensing that the “National Nanny” could still haunt every American household, in 1981 the incoming Reagan Administration initiated an internal agenda at the FTC – starting at the top with the appointment of Jim Miller as the agency’s first Chairman with a Ph.D. in economics.[11] Miller recounted at a recent George Mason University symposium how urgently the Reagan-Bush Transition Team viewed the necessity to reshape the agency’s entire institutional culture. One shocking finding was that the Bureau of Labor Statistics evaluated the FTC’s productivity by the number of lawsuits initiated on a per-employee basis. Above all, the FTC had to seek cases where there was demonstrable consumer harm. Miller remarked:

The transition report concluded that the FTC, as an agency, had put itself in great jeopardy because of its forays into social engineering and the relative neglect of fundamental competition and consumer protection responsibilities. Later, one of our colleagues, Tom Campbell, dubbed this ‘Star Trek law enforcement’ – to boldly go where no man or woman had dared go before. The conclusion was that we should return the FTC to its more traditional role, and to do this with greater effectiveness and at lower cost.[12]

            All told, 25 of the Reagan-Bush transition team’s 29 recommendations were fully implemented over three years (with “substantial progress” in two others) to reshape the FTC into a process-driven agency that had somewhat clearer mission parameters. In the decades since that time (to be discussed in sections that follow), The FTC’s activities have waxed and waned. In 1994, for example, the agency’s unfairness criteria were better codified so that “public policy considerations may not serve as the primary basis” for determining unfairness.[13] But Miller’s words are a powerful reminder of the need for taxpayers to exercise constant vigilance over this agency. That has never been truer today, as they face the very real danger of the National Nanny’s return.

Danger Comes Knocking: The FTC’s Expansion in the Obama Era

            How, exactly, is the FTC now in danger of reverting to “the bad old days” of nanny-ism? There are several visible indicators, the first of which was all too familiar to National Taxpayers Union.

Antitrust and Competition Policy – Micromanagement on an Unprecedented Scale. Despite claims that their views or tactics have evolved, antitrust authorities have continuously adhered to inflexible and unworkable doctrines that insist government can tinker with the scales of competition and achieve a better balance than the hand of the free market. Meanwhile, ambitious regulators, some of whom are bent on justifying higher budgets or more prominent headlines, shun legitimate functions of protecting consumers and fostering competition. A Policy Paper, written more than 10 years ago by then-Director of Programs Mark Schmidt for NTU’s research arm, captured these longstanding problems:

The greatest threat to free competition comes not from aggressive businesses, but from government intrusions into the marketplace. By undermining competition through antitrust enforcement or subsidies for failing industries, government uses tax dollars to make consumers pay higher prices. … If any party is guilty of engaging in ‘conspiracies in restraint of trade’ that keep costs high for consumers, it is government.[14]

            Like many politicians, Barack Obama tuned his antitrust rhetoric to fit the audience. A widely distributed campaign Fact Sheet claimed that if elected, he would “take steps to ensure that antitrust law is not used as a tool to interfere with robust competition or undermine efficiency to the detriment of U.S. consumers and businesses.”[15] In a speech before the American Antitrust Institute, candidate Obama promised that he would “step up review of merger activity and take effective action to stop or restructure those mergers that are likely to harm consumer welfare, while quickly clearing those that do not.”[16]

            Because U.S. antitrust policy involves jurisdiction from the Antitrust Division of the Department of Justice (DoJ) as well as the Federal Trade Commission, the nominees a President submits for both posts are seen as pivotal. His choice for FTC Chairman was Jon Leibowitz, who had been serving as an FTC Commissioner since 2004. The Antitrust Division head, Christine Varney, also had a stint with the FTC in the 1990s. According to a lengthy analysis by Ryan Thomas and Leslie Overton with Jones Day, both appointments (along with other key personnel) represented a more aggressive shift in philosophy from the previous Administration.[17]

            By early 2010, Leibowitz had testified before Congress for a relaxation of restrictions on the agency’s powers. Free-market advocates such as Reason magazine’s Peter Suderman became concerned about the Chairman’s “campaign to beef up the FTC’s reach and authority, lobbying Congress for a bigger budget, enhanced prosecutorial powers, and the ability to issue rules more swiftly with reduced public input….” His article was ominously subtitled “Trade Nanny.” Leibowitz’s assurances that the FTC would behave itself were not convincing to Berin Szoka, then with the Progress and Freedom Foundation, who said “Leibowitz wants Congress to write his agency a blank check” to go on a 70s-style power trip.[18]

            By April of 2010, the FTC was contemplating a move against Google’s acquisition of AdMob, at a time when the mobile advertising market in the U.S. was in its earliest formative stages. The Competitive Enterprise Institute’s Ryan Radia called the potential action “misplaced …; [g]overnment intervention would harm the very consumer interests the FTC is supposed to protect.”[19]

            Other subsequent targets of FTC scrutiny for “anticompetitive practices” in the tech world included Facebook, Intel, and Myspace. One example: an investigation of Facebook’s attempted acquisition of Instagram, the photo-sharing social media platform. On this front, a New York Times blogger thoughtfully asked, “how can it be anti-competitive? Instagram, after all, is one of several photo-sharing applications, even for mobile devices. By buying Instagram, at face value, Facebook does not seem to hurt the consumer’s ability to choose any of the others.”[20] The probe pushed forward and concluded without incident, even though Instagram has been consistently unprofitable.

But the Obama Administration’s defining FTC antitrust assault remains the 19-month investigation of Google’s search engine algorithms.

            In the 1990s the Clinton Administration signaled its intent to micromanage the high-tech sector when it ramped-up the budget of the Antitrust Division of the U.S. Department of Justice and took aim at emerging software companies as well as Internet companies, the highest-profile of which was Microsoft. These cases were brought largely due to competitor rather than consumer complaints, and involved issues such as “tying” browsers to operating software.[21] NTU vigorously opposed these actions.

            The Obama Administration’s probe, initiated in 2011, represented a new type of meddling from past high-tech witch-hunts. Primarily at issue was whether Google’s search results “unfairly” ranked some firms over others. Because the complaint was so granular in its nature, any “remedy” would necessarily go to outrageous lengths. Potentially, the government would be able to tell all search operators how results should appear on a given browser, down to typeface, colors, and placement. Washington could conceivably order a redesign of algorithms to ensure the search outcomes it desired.

            For their part, most consumers were either unimpressed or highly concerned about the FTC’s fervor. An IBOPE Zogby poll commissioned by National Taxpayers Union in the spring of 2012, at the height of the FTC’s investigation, showed just how far out of sync Washington was with the public:

• Respondents were asked whether “the federal government should regulate the content and appearance of search engines and their results.” A massive 79 percent strongly or somewhat disagreed with this idea, compared to 12 percent who strongly or somewhat agreed.
• When presented with arguments about more enforcement of federal antitrust laws, 76 percent agreed that “More government involvement and regulation will make the Internet worse for consumers,” while just 8 percent thought that the opposite.
• Skepticism over government’s role in the Internet was present among all major demographic groups, including age, income, and even ideology.[22]

            Other segments of society voiced reservations too. In May of 2012, National Taxpayers Union released an open letter to policymakers signed by 101 prominent economists from academic, institutions, analytical firms, and think tanks, who wrote, “Google, with its popular online search engine, is the latest target of regulators claiming to be acting in consumers’ interests, even though barriers to entry into the search market are exceedingly low and Google’s competition is but one click away for online users.”[23]

            Even the mainstream media, which reflexively rails against “big business,” began questioning the FTC’s approach. Time Magazine’s Sam Gustin observed, “there’s something unbecoming about companies that have been beaten in the marketplace appealing to Uncle Sam for relief. It’s kind of like a child who loses a schoolyard ballgame and then runs to the teacher claiming that Johnny didn’t let him win.”[24]

            Ultimately, it might have been better for Congress to have intervened and established some boundaries on the FTC’s behavior. Nonetheless, in January 2013, the FTC announced it had ended its investigation of Google’s search practices … but this was not the end of the agency’s nanny-like tendencies in the field of antitrust and competition. Six months later the FTC launched a “preliminary inquiry”[25] into Google’s acquisition of the traffic and navigation application Waze – even as Apple Maps, Mapquest, Bing, and others demonstrated that the market provided a wide selection of options for consumers. Although reports in October 2013 indicated that U.S. antitrust authorities had found nothing to keep up the inquisition, officials in the UK and Israel then took up the gauntlet.[26] Today Waze is under a different kind of government scrutiny – from sheriffs who, among other reasons, are apparently disgruntled over being less able to issue tickets to speeding drivers.[27]

            Even now, antitrust comprises one of the FTC’s heaviest hammers against the private sector, though sometimes that hammer is kept on the shelf. In 2014, for instance, the agency approved Google’s acquisition of Nest Labs, a combination which promises great advancements in the “Internet of Things,” especially with smart appliances. Ironically, however, opponents of the deal raised the same stunted arguments on behalf of competitors, not consumers, which were employed during antitrust actions in the 1990s. As one critic unpersuasively argued, by “dominating sectors like smart home appliances with troves of user data, Google will deny potential competitors a base to mount a successful run against Google’s search advertising service.”[28] Fortunately in the case of Nest, a firm with tiny market share, regulators focused on consumers. The government adhered to rule of law, leading former FTC advising attorney James Cooper to observe, “modern antitrust enforcement is not about protecting businesses from competitive threats, but rather ensuring that consumers enjoy the benefits of a vibrant marketplace.”[29]

            If only consumers could count on such actions consistently from the FTC, which, as the following section describes, has many implements in its destructive toolkit.

The Nanny’s “Guiding Hand” – Often an Iron Fist. As the introduction to this paper recounted, from its very conception the FTC was given a task by the President that was not readily apparent in its enabling legislation – the “powers of guidance.” Today this “guidance,” along with weapons such as consent decrees, has become coercion.

            A prime example was the FTC’s “supplemental guidance,” which it issued about six months after the Google search investigation ended. Although the agency had been prescribing boundaries such as distinguishing paid advertising from “natural” search results for more than a decade, its missive drilled so deeply into online practices as to be painful. Media accounts related how the FTC’s memo complained that search engines “have introduced background shading that is significantly less visible, or ‘luminous’….” Therefore firms ought to “select hues of sufficient luminosity to account for varying monitor types, technology settings, and lighting conditions.” The guidance also recommended that search engines must display any text label for depicting advertising results “immediately in front of an advertising result, or in the upper left-hand corner of an ad block ….” Why? Because, according to the regulators, users pay less attention to the right-hand side of their screens.[30] Apparently the ability of users themselves to render their own judgment was not as important in this calculus.

            In other cases the FTC promulgated “advice” to bloggers. In October 2009, the FTC issued one of its “Facts for Business” publications entitled “Revised Endorsement Guides: What People Are Asking.” The brochure contained eight pages of questions and answers, followed by links to longstanding guidelines that were revised to cover blogs – not just large concerns that review products or have a great deal of advertising. Tellingly, one of the questions in the “Facts” memo was whether FTC had received any consumer complaints about deceptive practices on blogs. The answer: “No. As it happens, many bloggers and advertisers already are disclosing their ties to each other. Industry associations and self-regulatory groups advocate disclosure, too.”[31] A new, more benign set of Endorsement Guides questions was issued last month.

            Another form of coercion relates to administrative complaints and consent decrees that the FTC effectively imposes on innovator companies. Such judgments, which avoid a formal court verdict, nonetheless can bind the firm on the receiving end to substantially altered business practices, onerous compliance regimes, and large fines.

            For several years the FTC has been on the hunt for what it considered to be “unfair” or “deceptive” practices in the privacy policies of social networks. Among the first to be bagged with complaints, followed by consent decrees, was Twitter (June of 2010), followed by Google (October of 2011) Myspace (May of 2012), and Facebook (August of 2012).[32]

            In each instance, the terms of the agreement were onerous – the companies were subjected to “regular, independent assessments” or “audits” of their privacy procedures for 20 years. This yawning time period is virtually inconceivable in the world of the Internet. Consider, for example, that in 1995, about 20 years prior to the publication of this paper, the Internet was responsible for barely 1 percent of all worldwide two-way communication traffic.[33] The privatized Internet Corporation for Assigned Names and Numbers was about three years away from formation.[34] A handful of full-text search engines, such as WebCrawler, Lycos, and Yahoo! were either in development or had just made their debuts.[35]

            Indeed, the character of the companies targeted by these 20-year “nanny contracts” can change dramatically in a much shorter timeframe. More than a year before the consent decree was imposed on Myspace, the site had reached the height of its popularity at over 90 million unique visitors. As of this writing, the figure was a fraction of that size; the site ranked 1,200^th in the United States in terms of traffic.[36] In an aptly-titled article issued the day after the decree was announced – “The FTC Has Faith That Myspace Will Still Be Around in 2032” – Forbes’ Kashmir Hill observed with less humor that, “By forcing major companies into 20-year privacy monitoring agreements, the FTC is making itself a much more powerful regulator in the space.”[37]

            The noxious nature of this process should be apparent to limited government advocates, but the FTC unwittingly summarized the problematic situation quite well with the following boilerplate that appeared (in various forms) on news releases regarding the decrees:

            The Commission issues an administrative complaint when it has ‘reason to believe’ that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. The complaint is not a finding or ruling that the respondent has actually violated the law. A consent agreement is for settlement purposes only and does not    constitute an admission by the respondent that the law has been violated. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions.[38]

            Yet, what evidence does the FTC often marshal in favor of its position when it strong-arms businesses to sign consent decrees? Perhaps, the very same “guidance” it claims to have no legal force. In a dissenting opinion to a seminal FTC 2012 report on privacy principles for companies (a.k.a. “The 2012 Privacy Report”[39]), Commissioner J. Thomas Rosch summed up the contradictory situation perfectly:

[E]ither these practices are to be adopted voluntarily by the firms involved or else there is a federal requirement that they be adopted, in which case there can be no pretense that they are ‘voluntary.’ It makes no difference whether the federal requirement is in the form of enforceable codes of conduct or in the form of an act of Congress. Indeed, it is arguable that neither is needed if these firms feel obliged to comply with the ‘best practices’ or face the wrath of ‘the Commission’ or its staff.[40]

            The “do-it-or-else” mentality is not lost on legal experts in the private sector or academia. The University of Chicago’s Randal Picker, one of the foremost authorities in privacy and antitrust law, believes these reports could amount to intimidation. In a paper whose title, “Unjustified by Design,” is a fitting rebuke to the FTC’s concept of “privacy-by-design,” he wrote:

The reports sidestep the statutory standards that the FTC would otherwise face and make it possible for the FTC to issue non-rule “rules,” rules that the FTC hopes will shape the relevant industry but without obvious direct legal effect. Of course, the line between actual rules and faux rules may not be clear to all involved and the FTC may indeed welcome that ambiguity.

… I assume that most teenage developers don’t start writing their mobile app by reading the FTC Mobile App report, but if they did, they might easily conclude that the FTC had imposed on them a legal obligation to develop their apps with the principle of privacy-by-design.[41]

            Yet it is the FTC’s latest headline-making settlement that is leading even seasoned observers to wonder whether the agency has completely lost its legal moorings. In April the FTC announced another 20-year consent decree against Nomi, a firm that allows retailers to track customers’ movement patterns within stores.[42] The agency accused Nomi of misleading consumers by claiming to offer an opt-out from the data collection both in each individual store, and online (which would apply to all stores using the technology). At one point in time, only the online method was actually available.

            There are a number of common elements in this settlement to those previously outlined in this paper. One of them is that Nomi, on its own, remedied the problem of not offering in-store opt-outs a year and a half ago. Still, the Nomi case is a standout in the realm of bureaucratic mischief for a number of reasons:

• The decision was a split 3-2 among Commissioners to proceed with the action, a rare occurrence.
• According to a public comment filed by NetChoice, the company made huge efforts to follow the FTC’s own edicts about “privacy-by-design.” Nomi took diligent steps to avoid storing consumer Media Access Control (MAC) addresses, which are unique device tags that offer little in the way of personal details about the individual user. Even so, this information was not shared with stores. As NetChoice put it, “None of these efforts to protect consumer privacy was required by law. Despite Nomi’s efforts to give consumers more privacy controls than legally required, the fact that one of the privacy features (opt‐out) was not accurately described (available online but not in stores) resulted in this FTC enforcement action.”[43]
• Instead of proving genuine consumer harm from Nomi’s omission, the FTC’s three Commissioners hypothesized that some consumers might have been deprived of a remedy they could have preferred. This, despite the fact that the online remedy, which 146 consumers did use, applied “globally” to wherever Nomi existed, whereas the in-store remedy would only be in force for that one particular establishment. As Thomas Lenard of the Technology Policy Institute put it, “Since benefits consist of the reduction of harms, in order to have benefits there must be harms that can be reduced.”
• The message to businesses from the case is particularly nettlesome, given that the settlement appears to conflate a small omission with a material breach of the law. Daniel Castro of the Center for Data Innovation observed that the Nomi case amounted to “a typo in their privacy policy. This is the wrong signal to send the market. Right now, it’s ‘you better spend a lot of money on privacy lawyers.’”[44]

Numerous other experts who weighed in on the FTC’s settlement voiced concern that the agency was simply engaging in arbitrary retribution – “a game of ‘gotcha,’” as one media source commented. But perhaps the most persuasive remarks about the danger of this case came from FTC Commissioner Joshua Wright, in his dissent from the majority:

[T]he Commission finds itself in the unfortunate position of trying to fix a problem that no longer exists by stretching a legal theory to fit the unwieldy facts before it. …The Commission’s reliance upon a presumption of materiality as to the additional representation of the availability of an in-store opt out is dubious in light of evidence of the opt-out rate for the webpage mechanism. …The data allow us to know with an acceptable level of precision how many consumers – 3.8% of them – reached the privacy policy, read it, and made the decision to opt out when presented with that immediate choice. The Commission’s complaint instead adopts an approach that places legal form over substance, is inconsistent with the available data, and defies common sense.[45]

As the next sections will show, the FTC’s new-found fervor for “privacy” issues affords the agency yet another opportunity to continue sowing uncertainty and fear of reprisal in the business sector – to the detriment of taxpayers and consumers.

“Big Data” and “The Internet of Things” – The Nanny’s Newest Wards. Even though the FTC had been wading into issues of data security and privacy during much of 2012, incoming FTC Chair Edith Ramirez took the discussion to a much higher level. During her first major public interview with the International Association of Privacy Professionals in March 2013, she defended the agency’s more aggressive stance on privacy of consumer data online but also tried to reassure those in the business community that it was “not a blank check for the FTC in going after privacy violations.”[46]

            Whatever confidence interested parties may have taken away from that event was soon badly shaken. In a carefully-worded (and closely followed) August 19, 2013 address before the Technology Policy Institute’s Aspen Forum, Chairwoman Ramirez described the FTC’s role in the emergence of a data-driven consumer economy as that of a “lifeguard” – one that would not “spoil anyone’s fun” but would instead “make sure no one gets hurt.” Behind her analogy, however, were several ominous assertions that suggested the regulatory landscape for future innovation could prove to be anything but a sunny beach:

• Ramirez proudly trumpeted the FTC’s dozens of separate data security actions (including the flawed consent decrees described above), and urged companies “to follow the three core principles laid out in the FTC’s 2012 Privacy Report.”
• She dismissed the notion that the FTC had a warped view of policing online security by arguing, “The fact that ‘big data’ may be transformative does not mean that the challenges it poses are, as some claim, novel or beyond the ability of our legal institutions to respond.” She also called on Congress for greater powers, including repeal of the “common carrier” exception to the FTC’s jurisdiction (thereby giving the entity greater authority over telecom providers) and allowing the FTC to impose civil penalties against firms that fail to provide “reasonable” security of customer data.
• The “Internet of Things,” where objects such as appliances, thermostats, and even unmanned aerial vehicles interface automatically online, means that an “already intricate data-collection ecosystem is becoming even more complex.” She noted that the FTC had already intended to explore the “implications” of this development through a stakeholder workshop.
• The Chairwoman issued a short but sweeping cautionary note against “the indiscriminate collection of data,” even boiling down her thought into a “commandment” that “thou shall not collect and hold on to personal information unnecessary to an identified purpose. …And remember, not all data is created equally. Just as there is low quality iron ore and coal, there is low quality, unreliable data. And old data is of little value.”[47]

            Sometimes, too much can be read into public officials’ remarks, but the impact of Ramirez’ address – billed as a major shift in policy – is difficult to overstate. Alan Friel, an attorney experienced in privacy issues, wrote in Advertising Age that the contents of Ramirez’s remarks “suggested not recommendations of best practices or industry guidance, but what could be interpreted as mandates for industry.”[48] Friel asserted that key words from the FTC Chairwoman seemed to be making a case for consumer harm when companies collect more data than is absolutely necessary for a given transaction. This is important because Congress has attempted to limit the FTC’s Section 5 authority to prosecute “unfairness” by requiring that it establish conditions such as likelihood to “cause substantial injury” that is “not outweighed by countervailing benefits to consumers or to competition.”[49]

            Friel’s advice to businesses in light of Ramirez’s words? “[C]ompanies should be looking at the FTC’s privacy best practice expressions, such as in its 2012 Privacy Report or else be prepared to challenge them as less than required in a potential unfairness enforcement action.”[50]

            Of equal weight – and worry – to high-tech economy expert Adam Thierer of the Mercatus Center was Ramirez’s “stunning arrogance” in her pronouncements on data security. As he wrote immediately after her remarks:

[T]he cornucopia of innovation information options and opportunities we have at our disposal today was driven in large part by data collection, including personal data collection. …For example, many of the information services and digital technologies that we enjoy and take for granted today – language translation tools, mobile traffic services, digital mapping technologies, spam and fraud detection tools, instant spell-checkers, and so on – came about not necessarily because of some initial grand design but rather through innovative thinking after-the-fact about how preexisting data sets might be used in interesting new ways.[51]

            By Thierer’s estimation, Ramirez’s speech pushed the FTC even closer to embracing the “precautionary principle”: that in the absence of positive, copious proof a new technology or innovation is harmless to privacy or some other policy concern, public authorities should prevent or discourage its development.

            Largely an outgrowth of environmental and public health matters, this doctrine can be taken to wild excesses. In 2008, a lawsuit was filed to prevent the Department of Energy from engaging in physics experiments with an atom smasher known as a supercollider. The plaintiffs claimed standing on the basis that they were acting on a precautionary principle to prevent “the end of all mankind.” Not even the notoriously nanny-istic Ninth Circuit Court of Appeals would buy this logic. [52]

            The precautionary principle is at the heart of current debates among elected and appointed officials over whether or how they will respond to the “challenge” (itself a loaded term) of Big Data, the Internet of Things, and other as-yet unknown breakthroughs. And as the next section shows, too many of these debates are being guided by the experiences of over-regulated economies.

“Discipline,” Old World Style – The Nanny Looks to Europe. Many parents with means seek nannies from abroad, hopeful that their manners will rub off on their children. American taxpayers and consumers should hope this does not happen to tech sector regulation.

            One major sign of how far the fervor to import European-style rules is the excitement among would-be micromanagers in the policy community. National Taxpayers Union’s staff witnessed it firsthand in a September 12, 2013 panel discussion regarding the future of antitrust (and to some degree the FTC’s Google proceedings) that was sponsored by the FairSearch coalition. NTU Communications Manager Doug Kellogg, who sat in on the proceedings, found them “incredibly disturbing” because of what appeared to be a consensus “that a long-term government ‘management’ role/entity is a real possibility (and more or less likely, depending on the speaker).” Most of the regimes discussed were European-type arrangements.[53]

            Europe’s antitrust laws are indeed more onerous than in the United States, as are personal privacy directives (which, to be fair, are rooted in the continent’s experiences of World War II and the Communist Era). Yet apparently they do not prevent concentration of industrial power in the hands of one entity: government. Europe is littered with examples of state-owned or state-supported enterprises that enjoy subsidized competition against private U.S. companies. These would include airlines, telecommunications concerns, energy firms, banks, and postal services.[54]

            As with state-owned enterprises, EU countries continue to exhibit a certain degree of hypocrisy in privacy rules by exempting many categories of government activity. This contradiction is not completely lost on citizen advocates in the region, who for several years have pressured their governments to revise a Data Retention Directive (DRD) that allows member states to gather and keep all kinds of information from telecom and Internet providers on residents that would be “proportionate to the general interest” (e.g., national security).[55] In 2013 Phil Zimmermann, inventor of the PGP encryption service and founder of the Smart Circle mobile encryption company, told Forbes his firm was setting up servers in Switzerland to steer clear of EU’s data retention laws. He called those strictures “worse than the U.S.”.[56] In December of that year an EU Court issued an opinion that DRD was a violation of fundamental rights, but that action alone did not strike down the rules.[57]

            Last year, the EU’s Court of Justice contemplated a case brought through the Spanish Courts by an individual who claimed Google violated his privacy by allowing newspaper details about his financial life to be displayed in search results for his name.[58] The Court ruled against Google and for the individual, deciding that the “right to be forgotten” required search engine companies to delete “inadequate, irrelevant, or no longer relevant” information from the public domain if an affected individual requests it.[59] In this process firms like Google could essentially be classified as data controllers instead of intermediaries. A subsequent report in from the U.K. House of Lords’ European Union Committee termed the entire “right to be forgotten” dictate “unworkable and wrong.”[60]

            Although search engines had been honoring many such requests prior to the ruling, the court decision raised far more questions than it settled. Could politicians with track records of misusing tax dollars have embarrassing facts erased? Does the right to privacy trump the right to free expression? What about the deletion of information that protects public safety? The controversies keep piling up, as search companies try to sort out numerous legal details.[61]

            There are other questions of direct relevance to fiscal and trade policy. As Carl Szabo, Policy Counsel for NetChoice, pointed out in Roll Call, both Spain and Germany have instituted taxes on search engines and news aggregators that link to media articles. He stated that “While many argue privacy concerns and revenue generation motivate these actions, a fundamental motivation has to be limiting the dominance of U.S.-based Internet companies in Europe.”[62] Public officials who pay careful attention to this trend and avoid it will be standing up for free trade as well as limited government.

By the Numbers: How a National Nanny = a National Nightmare

            So far this paper has concentrated on the broader dangers that taxpayers, consumers, and innovators face from the FTC’s shifts in its perceived mission and enforcement capabilities. But what are some of the more specific, detrimental outcomes that Americans should consider? The following are just a few possibilities, rooted not in speculation about the future but in contemporary experience.

American Consumers are Grown-Ups – and They Like What They Have Online. Even as the FTC goes down rabbit holes chasing innovators, everyday Americans continue to speak rather plainly about technology in their lives and where they think authorities ought to be focusing their energies.

            One source that provides strong clues is the highly regarded American Consumer Satisfaction Index, which surveys peoples’ views of their experiences with various actors in the U.S. economy. The most recent favorability ratings (for 2014 as of this writing) by industry show most people are pleased with technological innovators:

Personal computers – 78 percent

Internet social media – 71 percent

Internet portals and search engines – 80 percent

Software – 76 percent

Cell phones – 78 percent

Internet retail – 82 percent[63]

            These benchmarks tend to compare favorably with other industries like apparel and manufacturing. Although individual companies experience ups and downs from year to year, this is as it should be. A firm’s given product, service, or marketing strategy succeeds – or fails – based on the perceptions of its customers.

            The IBOPE Zogby Poll mentioned earlier in this paper confirms that consumers can and do find information online through a variety of choices: 84 percent of those polled use a search engine, 72 percent directly access a website, 36 percent utilize social media, and 18 percent employ another method such as a mobile phone application. Eighty-seven percent agreed with the statement “I feel I can easily switch to a competing search engine if I’m not happy with the results I receive;” just 8 percent said they were “stuck with using a particular search engine and don’t have the ability to switch.”[64]

            Based on these findings, there would appear to be little justification for the FTC to pursue a “precautionary principle” against so many tech innovations. On the other hand, consumer complaint statistics show what Americans fear the most – and the FTC well knows them. The Consumer Sentinel Network (CSN) is an FTC-sponsored online database available to law enforcement officials. Since 1997 it has cataloged data not only from federal entities but also state and local authorities and private concerns like the Better Business Bureau. According to CSN’s latest Data Book (calendar year 2014), invasion of privacy was not even among the 30 top categories of complaints. Heading the list, at 13 percent, was “identity theft,” followed by debt collection, “impostor scams,” telephone services, and banks.[65]

            Some would argue that a central problem underlying identity theft is the lack of privacy protections built into the services and products of firms like Facebook, Myspace, Intel, or the other firms that the FTC has been pursuing. But a closer examination of CSN statistics shows the situation is much more complex. Nearly 39 percent of the identity theft complaints (the largest plurality) involved issues related to taxes and wages, benefit applications, driver’s licenses, and other official documents – a clear sign that governments need to do a better job of policing their services and programs.[66] Chief among these is the IRS, which both the Government Accountability Office (GAO) and the National Taxpayer Advocate have cited for shortcomings in identity theft protections and resolution procedures.[67]

            Such data are noteworthy because a multitude of federal, state, and even local agencies have long possessed major conventional investigative powers to combat these problems, among them the Department of Justice, the Federal Communications Commission, the Consumer Financial Protection Bureau … and, the FTC. All told, reported instances of identity theft directly related to “Internet/email” amounted to 1.5 percent of CSN’s total. [68]

            The FTC’s Strategic Plan for Fiscal Years 2014-2018 specifically outlines the need to continuously evaluate “whether enforcement activities are tracking the areas of greatest concern” reported by consumers and other agency officials. It also called for targeting “law enforcement efforts on violations that create the greatest amount of consumer harm.”[69] Judging by the evidence presented here, The FTC needs to more carefully examine its own data if it is to reach these aims.

A Nanny Would Stunt the Continued Growth of the High-Tech Economy. Few other sectors are as dynamic or important to the future prosperity of all Americans than the Internet. Far from being simply a giant online shopping mall, the Internet provides the backbone for the whole economy. According to the most recent Census Bureau statistics, e-commerce represented about half of all shipments, sales, or revenues in the manufacturing area, and roughly one-fourth in the wholesale area.[70] Behind these proportions are a multitude of activities – e-commerce allows factories to order and have transported raw materials, or those with finished goods to get their products to the right markets. It is, in short, not just about purchases, but about logistics that make the economy more efficient.

            The resulting efficiency pays off handsomely for workers, consumers, business owners, and investors. A 2012 study by The Boston Consulting Group estimated that the Internet itself was responsible for 4.7 percent of U.S. Gross Domestic Product Growth in 2010, when the economy was still in the throes of a severe slowdown. The report projected that by 2016, the Internet would, if it were a national economy, be the fifth-largest on the planet – ahead of Germany’s.[71]

            All of this activity has led to larger workforces. In May of 2011 the McKinsey group conducted an exhaustive survey of 13 countries called “Sizing the Internet.” One fascinating finding came from a sub-survey of 4,800 small businesses, which determined that for every job “lost” due to “technology-related efficiencies,” 2.6 jobs were created. And, confirming the trends observed in the Census numbers, roughly three-fourths of the benefits from the Internet accrue to “traditional sectors” outside of high-tech.[72]

            Such benefits are brought into sharper view when specific parts of the Internet economy are examined. A separate McKinsey study from 2011 calculated that search technologies alone added $780 billion of value to the global economy. In the U.S., fully 96 percent of that value went to sectors beyond the search industry.[73] In late 2012 the Interactive Advertising Bureau determined that in just four years – 2007 to 2011 – direct employment in the U.S. “ad supported Internet ecosystem” doubled. Including indirect jobs, some 5.1 million people work in this area.[74] Furthermore, when it comes to online applications, the slogan “there’s an app for that” also means “there’s a job for that.” CTIA, the wireless association, reported in 2012 that the “app economy” was responsible for 512,000 jobs, and will more than quadruple its revenues by 2016 (to $46 billion).[75]

            Although the Great Recession took a toll on the Internet economy as it did with most others, the bounce-back has been solid. An Organization for Economic Cooperation and Development assessment, published in December of last year, concluding that, “The ICT [Information and Communications Technology] sector outperformed the rest of the economy in terms of net business population growth between 2009 and 2012 and involved relatively high shares of medium and high-growth firms. New ICT enterprises also have higher survival rates than their counterparts in manufacturing and services.”[76]

This recitation of statistics may seem repetitive, but it serves a point – undue or unnecessary government interference in this prosperous sector could translate to real economic harm (unlike the FTC’s fanciful constructions of “harm” that it uses to justify some regulatory actions).

When the Nanny Smothers Innovation, Everyone Suffers. But how can such harm occur? One problem with tallying the damage from lost economic opportunities or innovations is that the task is akin to measuring something that never existed. But that doesn’t mean the effects aren’t real.

            The late Nobel Laureate Milton Friedman described one such effect, in a 1999 interview with National Taxpayers Union’s then-President. Friedman warned that renewed antitrust activity against Microsoft, initiated at the behest of its competitors, would lead to reduced innovation:

The end result will be that an industry that up to now has been able to proceed at a marvelous pace ... is now going to have government all over it. It’s going to spend in legal fees over the next ten or twenty years, money which society would benefit from much more if it were spent on the kind of research and development that has brought us the many miracles in the area of Internet, in the area of home computers, industry computers, and all the rest.[77]

Over a decade later Stanford and Singularity University’s Vivek Wadhwa made a similar observation about the FTC’s probes of search engine results, noting that “these investigations, whatever results from them, won’t level the playing field. They will only stifle innovation and yank lawyers out of the unemployment lines.”[78]

            Aside from legal fees that are diverted from more productive pursuits, innovator companies lose money even if they decide it’s less of a hassle to settle through a consent decree. In 2014, Apple chose to settle an FTC action regarding a feature in one of its apps which, some parents complained, allowed their children to make unauthorized purchases. Part of the consent decree was a $32.5 million fine, even though Apple took steps prior to the settlement to make restitution to consumers.[79] The government took $22.5 million from Google in connection with claims of privacy-policy misrepresentations with its Safari platform.[80] The practice ended immediately after the problem was discovered months prior to the FTC’s investigation, and no harm to consumers was established.

            Some would argue that these assessments are pittances for multi-billion-dollar companies, but it is important to remember that after overhead, employee costs, taxes, and other expenses are accounted for, the remaining funds for research and development are much smaller. In this context, even industry giants like Apple and Google eventually have to adjust their budgets in some fashion to account for the costs of government harassment. The FTC, of course, comes out a winner in these agreements because its considerable but not unlimited taxpayer-funded resources can be trained on more formal proceedings against other firms.

            Those “other firms” include two businesses far apart in their avocations. Between 2008 and 2010 the popular Wyndham lodging chain’s reservation recordkeeping system was attacked in three separate instances by Russian hackers. In a 2012 complaint the FTC alleged that Wyndham “failed to employ reasonable measures” to detect the breaches and safeguard personal information. This along with other practices were “unfair and deceptive” under the FTC Act.[81]

            On its face such a “blame the victim” approach is incongruous. After all, an average citizen who had personal property stolen from a vehicle would not expect to be charged by the police for having locks that weren’t effective enough. Equally important, however, is the FTC’s blatant attempt to retroactively determine when a company has not met the agency’s security expectations … based on standards that were never fully articulated as regulations in the first place.

            Wyndham sought dismissal of the charges on the grounds that the FTC has never been given the authority for this sort of regulation-by-intimidation, but lost on that legal round when, in April, the U.S. District Court for the District of New Jersey upheld the government’s ability to flex its muscle under the “unfairness” doctrine. Fortunately, the U.S. Court of Appeals for the Third Circuit has agreed to rehear Wyndham’s contention.[82] As this paper was being published, the fate of the case was pending, with oral arguments having taken place in March 2015.[83] But the fact that Wyndham was granted a fast pre-trial appeal on authority grounds means the stakes of the outcome have been raised. Unlike previous arm-twisting efforts, this first legal test of the FTC’s attempt to claim broad retaliatory powers over data security will not be obviated through an extorted settlement.

            In August of 2013, the FTC filed a case against LabMD, a clinical company, effectively stating that even though there were no federal guidelines or rules for the type of data security it needed to practice over patient records, the company should have followed a more careful protocol anyway. And like its larger-sized brethren, LabMD was offered the same “generous” terms if it submitted to FTC’s assertions: years of intricate third-party security oversight.

            After the FTC rejected LabMD’s dismissal motion, the firm’s CEO Michael Daugherty told Computerworld that, “We are exhausted. When you are a small company you have only that much energy.” LabMD contends it had to close its doors and lay off its employees because of FTC’s persecution.[84]

            Daugherty, who has written a book about his ordeal, may yet prevail. Thanks to legal assistance from the nonprofit group Cause of Action, LabMD filed a lawsuit alleging that the FTC’s actions were wrong because Congress never authorized the agency to use its police power over “unfair” and “deceptive” practices to pursue companies’ data breaches.[85]  Although the federal case was dismissed last year for lack of jurisdiction, Cause of Action continues to defend LabMD against the FTC’s complaint.

            Just a few weeks before this paper was published, the government was dealt a serious credibility blow. The FTC confirmed that it would not try to refute the testimony of a key witness who contended his data-security firm, Tiversa, exaggerated the seriousness of the security at LabMD’s premises as a mere to win business. The FTC’s contention of negligence against LabMD is based heavily on Tiversa’s claims.[86] How ironic it would be if the FTC were itself duped by a business tactic.

            There is research to suggest that the FTC’s latest angle of attacking firms on data security could have a negative impact throughout the world of high-tech; the precedent comes from the days of antitrust muscle-flexing. In a 1999 working paper, economist George Bittlingmayer determined that the accelerated rate of antitrust prosecutions in the late 1950s, early 1960s, and 1970s help to explain the low level of investment in the U.S. economy during those years. Examining antitrust activity in 21 major industries from 1947-91, he determined that each antitrust case cut overall investment in the range of $34 million to $110 million.[87]

            Bittlingmayer and Thomas W. Hazlett joined together to examine market data for more than 150 companies between 1991 and 1997, near the time that Microsoft was targeted by the Department of Justice. They determined that returns on most computer industry stocks (not just Microsoft’s), were negatively impacted when antitrust activity was heightened. [88]

A Euro-Nanny Would Only Import Misery. European-style privacy practices present equally daunting prospects for maintaining the vitality of the tech sector. Shortly after the release of FTC’s 2012 Privacy Report outlining its own preferences, the Information Technology and Innovation Foundation (ITIF) responded, “Consumers should have options to protect their privacy but there are important trade-offs and costs in creating those protections. The FTC’s recommendations would create economic burdens that could stifle the efficiency and innovation that consumers also want from the Internet.”[89]

            But how? ITIF’s Daniel Castro connected the dots for Congress a full two years before the FTC’s privacy report, when he testified before a hearing of the House Energy and Commerce Committee on “Do- Not-Track” legislation. The proposal would have created a government mechanism blocking all data profiling in the private sector for advertising purposes (but naturally allowed the government itself to keep doing so for its own uses). Castro recounted how huge swaths of Internet services, from Facebook to YouTube, are free to users precisely because they are supported largely by advertising. He warned that this type of regulation would mean “not only fewer websites and less valuable content, but also less spending by Internet companies on servers and bandwidth. The net result will be fewer jobs.”[90]

            The Mercatus Center’s Adam Thierer agrees. In a mid-2013 Washington Post Live interview, he observed the scarcity of innovation from across the pond:

If we went down the path Europe went down we should understand there are serious consequences associated with that. The reality is that the European Internet community really struggles to deal with what is a very top down oriented data directive, and it’s hard for me to even name many Internet entrepreneurs or big companies from Europe. … All of Europe’s leading names in the tech sector are American companies. Part of the reason for that certainly has to be the lighter touch we took with the regulatory approach to data and privacy issues.[91] 

            Backing up these experts’ opinions are some solid economic projections. Castro’s testimony cited a study by Avi Goldfarb of University of Toronto and Catherine Tucker of MIT, which found that the EU’s Privacy and Electronic Communications Directive (promulgated in 2003 following the original 1995 Data Protection Directive) decreased online advertising effectiveness by two-thirds relative to that of the environment in the rest of the world. Their conclusion: “The empirical findings of this paper suggest that even moderate privacy regulation does reduce the effectiveness of online advertising, that these costs are not borne equally by all websites, and that the costs should be weighed against the benefits to consumers.”[92]

            A subsequent analysis by Josh Lerner of Harvard University discovered that the Privacy and Electronic Communications Directive led to a $249 million decrease in venture capital investment toward European online entrepreneurs in an 8-1/2 year period. However, because venture capital often delivers a greater “bang for the buck,” he concluded that “this may be the equivalent of approximately $750 million to $1 billion in traditional R&D investment.”[93]

            Another less quantifiable impact from Euro-regulation could be a ramp-up in a malady that already afflicts parts of American industry: crony capitalism. Milton Friedman identified a “suicidal instinct” in some U.S. businesses when they seek to aim government regulators at their rivals. In his dissent to the FTC’s 2012 privacy report, FTC Commissioner Rosch raised a similar point:

‘Unfairness’ is an elastic and elusive concept. What is ‘unfair’ is in the eye of the beholder …. Not surprisingly, large enterprises in highly concentrated industries, which may be tempted to raise the privacy bar so high that it will disadvantage rivals, also support adopting more stringent privacy principles.[94]

The Bottom Line: Taxpayers Would Lose Out on Serious Savings. Government and information technology have often mixed together like oil and water, producing disastrous results for taxpayers. This topic will be explored in greater detail, as it relates to the FTC, in a forthcoming NTU publication. Nonetheless, “e-government,” when properly applied, has managed to deliver clear efficiency and effectiveness dividends to taxpayers at all levels. A primary reason why NTU advocates for a nimble policymaking approach toward private-sector innovation is because of the potential spillover savings for the public sector.

            For roughly a decade the White House has made annual reports to Congress on e-government initiatives throughout the federal bureaucracy. A few examples from the FY 2013 and FY 2014 reports include:

• The Electronic Official Personnel Folder initiative, which will supplant numerous manual human resources recordkeeping procedures, has a projected savings of $111 million applied across some 2.1 million active and retired federal employees.
• A larger project, the Human Resources Line of Business program, seeks a government-wide transformation of HR information technology by focusing on modernization, integration, and performance assessment. A key element is the use of “shared service centers” that all agencies will be able to access. Projected savings amount to $1.6 billion through the year 2015.
• The automated Electronic Federal Asset Sales system has broadened public awareness and the customer base to expedite disposal of surplus federal equipment, while generating measurable increases in returns to taxpayers.[95]

      End-users of e-government benefit from the quality of service as well. As the following comments indicate, NTU has long lauded the success of the IRS Free File program, a public-private partnership for federal tax return preparation and online filing:

The results from this program have yielded impressive metrics: 33 million returns have been processed through Free File since the program was launched in 2003, at no cost to taxpayers. In fact, official federal estimates show a savings to the government from Free File. According to estimates acknowledged among several executive and legislative branch agencies, nearly $92 million in paper-return handling costs have been avoided so far.[96]

            Nor are benefits like these confined to the federal level. NIC, a private technology provider, lists numerous “case studies” on its own website of how state and local governments (and in turn taxpayers) reaped rewards from technology as well. These include improved management of facilities, better matching of vehicle insurance and licensing methods, and paperless permitting and regulatory compliance systems.[97]

            Data sharing of the kind Chairwoman Ramirez might deplore in the private sector can help to combat government waste in a number of ways, such as preventing improper payments to those who are deceased or incarcerated.

            But perhaps the most important transformative technology for government in recent years has been the use of cloud-based data management and communication services, with savings as high as 50 percent over conventional services.[98] As the federal government moves to the cloud, taxpayers could be relieved of billions in annual costs. In 2011, NTU partnered with the U.S. Public Interest Research Group to produce a report for Congress’s deficit reduction “Super Committee” that outlined more than $1 trillion in budget savings over 10 years. One key recommendation of the report was to implement federal IT management reforms by consolidating data centers.[99]

            It is clear that hi-tech innovation can change the quality and cost of government for the better, if federal managers properly embrace it. Yet, they may have fewer opportunities to do so, if the pipeline of private- sector development is slowed or cut off because meddling FTC investigations force them to divert resources away from laboratories and into courtrooms instead.

Conclusion: A New Nannyism Can – But Need Not – Happen Here

            A new national nanny may be on our front porches. Some would argue that it is already well-ensconced in our living rooms. Wherever it may be, taxpayers need not allow this unwelcome guest to bring down its heavy hand on our economy and our daily lives. The following recommendations provide a starting point for policymakers and citizens alike going forward.

Congress Must Lead – and Clarify the FTC’s Boundaries. For far too long, Section 5 of the FTC Act has given the agency excessive latitude to don the garb of National Nanny when it sees fit. As noted earlier, steps were taken to clarify part of Section 5, not only through legally binding policy statements but also statutes from Congress. Yet the FTC still has large loopholes through which to embark on exotic legal theories that now hobble hi-tech innovators.

            Even where there do appear to be clear limits on the FTC’s powers, the agency displays a willingness to “push the envelope.” Randal Picker, cited previously, explains one of them:

The Federal Trade Commission has latched on to its broad Section 5 authority over unfair or deceptive acts or practices to jump in to regulate privacy and data security with an entrepreneurial nimbleness worthy of the private sector. … The parties that it targets find it advantageous to negotiate consent decrees and those targets care most about the remedies that they face under those decrees and much less about the theories of liabilities alleged. That dynamic has made it possible to build up a common law of privacy and data security and to move beyond a deceptive practice framing towards one        tied more directly to unfairness.[100]

First and foremost, the Judiciary Committees and Commerce Committees of the House and Senate should jointly revise the Sherman, Clayton, and Federal Trade Commission Acts to establish sensible limits for the federal government’s role in competition regulation. Special emphasis must be placed on tightening Section 5 of the FTC Act, and updating it to reflect the following principles:

• The law is intended to protect and promote competition, not competitors;
• The law is NOT intended to grant the FTC extraordinary power to micromanage business innovation under a “precautionary principle”; and
• The FTC must be guided into litigating more issues or obtaining genuine public input on formal rulemaking, rather than leveraging companies with consent decrees or issuing “recommendations.”

            FTC experts cited in this paper such as Berin Szoka, Geoffrey Manne, and James Cooper tend to agree that the practical place for Congress to begin this task might be to “tether” Section 5 of the FTC Act prohibiting “unfair” competition to the more specific language of the Sherman Antitrust Act, which defines an “invitation to collude.” Congress needs to take other steps, however, outside of antitrust law and into consumer protection law, so as to foster a more productive and predictable regulatory environment for an evolving, tech-based economy. Broader fiscal policy reforms, such as an overhaul of the tax system, safeguards against excessive regulations, improvements to government’s own data-breach policies, and an end to market-distorting federal subsidies, would also have a salutary effect on the innovation-based economy.

Rethink the “Culture of Consent” – and, in Turn, the FTC’s Institutional Culture. Much discussion in this paper has revolved around how the FTC’s tactics can pressure small and even large firms into settling investigations rather than litigating them. According to New York University Law Professor (and Senior Circuit Judge) Douglas Ginsburg and Joshua Wright (writing at the time as a Professor at George Mason University), this “shift toward a more bureaucratic and less litigation-oriented regime” can have many adverse impacts.

            For example, investigations have less persuasive evidence – and more intimidation – behind them. Moreover, such settlements often contain concessions that would not be possible in a court ruling, all while “economizing on scarce agency resources.” Equally troubling is the motivation the government has to “settle upon terms that serve its bureaucratic interests,” whether that means expanding its mission, rewarding political allies, or “accumulating power over the regulated community.”[101]

            Though Ginsburg and Wright confined their analysis to antitrust cases, their observations are entirely applicable to the whole range of the FTC’s investigative tactics and proceedings.

But how might a remedy be fashioned? One way would be to involve public-interest litigators on a greater scale than is currently available. Organizations such as TechFreedom and Cause of Action have performed a magnificent service to consumers and the economy by assisting with higher-profile cases such as those involving Wyndham Hotels and LabMD. Perhaps some enterprising individuals could form a more permanent “legal defense fund” for small businesses to fight back against FTC overreach.

The FTC could also issue new guidelines regarding the Section 5 “unfairness” language that has given the agency so much latitude for mischief. James Cooper, now Director of Policy and Research at George Mason University’s Law and Economics Center, provides a useful framework that would “proscribe a narrow domain.” The FTC should turn its attention toward conduct that is:

• Undeniably and clearly harmful to consumers due to its detrimental impact on competition;
• “Is unlikely to generate any cognizable efficiencies”; and
• Would have no remedy except for the existence of Section 5.[102]

Here again, while conceived for antitrust, this “test” would have useful applications to FTC’s consumer protection function. Berin Szoka and Geoffrey Manne have recommended that even prior to the issuance of guidelines like these, the FTC should be compelled by Congress to “convene a public workshop aimed at identifying what a valid standalone Section 5 case could cover….”[103] This would be a valuable exercise to many stakeholders, especially on the heels of the agency’s September 14, 2014 event on “Big Data.”

Restore and Retool Cost-Benefit Analysis. Some 30 years ago Timothy J. Muris, the FTC’s then-Director of the Consumer Protection Bureau, analyzed a spate of FTC rulemaking proceedings subsequent to the Magnuson-Moss Act, and found that most were withdrawn, made obsolete, or delayed.

            Muris compared and contrasted several of these rules, concluding that most failures stemmed from two factors: 1) A lack of clear theory to show how a given practice violated the law and why a government remedy is superior to the market; and 2) A lack of “systematic projectable evidence” that confirms, not just coincides with, the theory.

            Muris cited two cogent examples to illustrate his point – proposed rules that would lift states’ restrictions on advertising for eyeglasses and regulations disclosing funeral home pricing. In the former case, the FTC relied on systemic projectable evidence that states with advertising proscriptions had “significantly higher prices” than those offering consumers more access to information. In the latter, the FTC plowed ahead with requiring price disclosures via telephone and point of sale, relying on “no more than a score of anecdotes” in a funeral industry with (at that point) some 2 million transactions a year.[104]

            Although he noted at the time that the FTC had begun to establish set criteria for judging a business action as “unfair,” it had not done so for a practice deemed “deceptive.” Since then the FTC has grappled with both terms under Section 5, also claiming that rigorous cost-benefit analysis informs all of its investigative decisions. But the issue remains controversial. Commissioner Wright claimed that the consent decree the FTC imposed on Apple “most problematic agency action I have seen in terms of the potential to cause harm to consumers.”[105]

            The FTC must return to more robust and transparent cost-benefit analysis in its decision-making – whether through rules, consent decrees, or investigations –following Muris’ guidance from 1982:

[A] proposal should not become a rule until systematic evidence has been collected to test its factual premises. Anecdotes, the Commission’s own expertise, and the testimony of experts rarely, if ever, provide the necessary confirmation. Such evidence may be consistent with the theory, but cannot test it. And an untested theory should not be imposed on society at large.[106]

            This “first, do no harm” philosophy is reflected in more modern contexts. In a brilliant panel presentation last summer for TechFreedom and the International Center for Law and Economics, Commissioner Wright reiterated the need to engage the agency’s independent Bureau of Economics in more comprehensive cost-benefit examinations beyond the Apple case. Using the FTC’s report on “data brokering” as an example, he explained the difference between analysis of net consumer harm in enforcement actions that was serious as opposed to superficial:

What I mean by ‘serious’ analysis is to reject the methodology, often employed in debates over privacy regulation, of merely pointing to survey evidence purporting to elicit consumer preferences by asking consumers whether ‘they are concerned about privacy.’ I would also like to see evidence of the incidence and scope of consumer harms rather than just speculative hypotheticals about how consumers might be harmed before regulation aimed at reducing those harms is implemented. Accordingly, the FTC also would need to quantify more definitively the incidence or value of data broker practices to consumers before taking or endorsing regulatory or legislative action.[107] 

            Lawmakers could aid this process through legislative language that would strengthen the role of the Bureau of Economics in FTC decision-making.

Refocus the FTC’s Mission by Refocusing Dollars. Instead of being allowed to “play” in the private-sector’s tech space and hound companies acting in good faith, thereby endangering jobs, economic value, and innovation, Congress and the FTC’s management should work more on its core mission of protecting consumers from real threats: scammers and fraudsters. This too can be achieved through legislative guidance in the appropriations process.

            Ongoing oversight hearings would therefore also be useful. NTU offered praise for a hearing, held in late 2011, by a subcommittee of the House Judiciary Committee on the topic of the FTC’s recent antitrust actions. In a letter to the Subcommittee, NTU wrote that “competition … may occur among a wide range of markets serving fast-shifting consumer preferences, not merely among similarly-situated companies in the same industrial sector. Furthermore, government regulators have become increasingly overzealous in crafting supposed ‘solutions’ to perceived competition ‘problems’ that involve manipulation of companies’ business decisions at their most basic levels.”[108]

            Encouragingly, the House Committee on Oversight and Government Reform (OGR) is continuing its investigations of FTC practices. In July 2014, OGR focused on what Committee Chairman Darrell Issa (R-CA) called the FTC’s “often erroneous inquisitions” into businesses’ privacy-protection practices. Echoing many of the concerns expressed in this paper, he also accused the agency of “using its regulatory authority not to help protect consumers but in fact to get simple consent decrees using the unlimited power it has to not only sue at government expense but to force [businesses without vast legal resources] before administrative law judges.”[109]

            The full Oversight Committee of the House, as well as the Senate Homeland Security and Governmental Affairs Committee, should schedule hearings on broader topics concerning the FTC’s mission and focus, especially toward “privacy” issues and the tech sector.

Recognize the Role of Consumers as “Cops.” While the federal government does have a role in prosecuting fraud, protecting consumers from scams, and providing information to help Americans stay safe, policymakers too often overlook the role that hi-tech users themselves have in policing the industry.

            As far as competition goes, this paper has already pointed out the way meddlesome antitrust policies can undermine the discipline of markets and consumers. Vivek Wadhwa aptly sums up these observations:

The technology sector moves so quickly that when a company becomes obsessed with defending and abusing its dominant market position, countervailing forces cause it to get left behind…. The personal-computer revolution did IBM in; Microsoft’s Waterloo was the Internet. This – not punishment from Uncle Sam – is the real threat to Google and Twitter if they behave as IBM and Microsoft did in their heydays.[110]

            So it is with privacy concerns. The public trust factor has disciplined companies like Google and Facebook when they fail to pay sufficient heed to protection of personal information. But this process is far more responsive and interactive than government investigations or prosecutions could possibly be – an important factor given the pace of technological development. Adam Thierer cited a cogent tract on how exactly this process can work best:

As Deirdre Mulligan and Kenneth Bamberger have noted, increasingly, it is what happens ‘on the ground’ – the day-to-day management of privacy decisions through the interaction of privacy professionals, engineers, outside experts and regular users – that is really important. They stress how ‘governing privacy through flexible principles’ is the new norm. ….To continuously improve upon this model, they argue that the ‘daily work [of privacy professionals] requires trusted insider status’ and ‘full and early access and ongoing dialogue with business units.’ Success, they note, ‘is best accomplished by a diverse set of distributed employees with privacy training who are nonetheless viewed as part of the business team.’[111]

            Thierer’s conclusion, apt for the theme of this paper, is that “permissionless innovation” rather than “Mother, May I?” is a better fit for our economy and society.

            Much has been made of FTC Chairwoman Ramirez’s analogy of her agency as a “lifeguard” that will allow private sector companies to swim competitively, but will also patrol the waters to ensure everyone is following the rules of the pool. Yet Thierer was able to dig up an earlier, more appropriate reference to “swimming pools” that accurately captures the importance of education-based discipline versus rules-based discipline. The following passage comes from a 2002 National Research Council Report on a past privacy challenge, entitled Youth, Pornography, and the Internet:

Technology – in the form of fences around pools, pool alarms, and locks – can help protect children from drowning in swimming pools. However, teaching a child to swim – and when to avoid pools – is a far safer approach than relying on locks, fences, and alarms to prevent him or her from drowning. Does this mean that parents should not buy fences, alarms, or locks? Of course not – because they do provide some benefit. But parents cannot rely exclusively on those devices to keep their children safe from drowning, and most parents recognize that a child who knows how to swim is less likely to be harmed than one who does not.[112]

            Both the private and public sector have roles in better instructing adults and children how to protect their personal information and to beware of scams. Existing education budgets could easily be reoriented in a very slight degree toward classroom instruction on these matters, even as students are being taught how to use the Internet for research.

            Resources can be redirected from other overlapping programs, thereby avoiding any net increase in the already bloated federal government. According to a July 2012 GAO report, Washington expended $68 million on 15 financial literacy initiatives in the year 2010 alone, not counting efforts by the Consumer Financial Protection Bureau.  GAO identified “multiple programs with similar goals and activities – in areas such as housing counseling and the financial education of youth” that could very well be candidates for consolidation.[113] The resulting savings, along with other windfalls from cost-cutting measures elsewhere, could be reprogrammed into “privacy literacy,” which has a direct relationship to financial well-being.

A Final Word – “No” to a Nanny, “Yes” to a New Age of Prosperity

            Hopefully the evidence presented here will help to convince taxpayers, consumers, and most of all public officials that the FTC has, like other overbearing federal agencies, become more than a nuisance to our economy and our freedom.

            Even though this paper has employed examples of small and large entities targeted by the FTC, ultimately the imperative of sending the “National Nanny” packing has less to do with Facebook, or Apple, or Google, or LabMD … and more to do with the next generation of dynamic, inventive businesses that are in their infancy. Inserting a nanny into their lives could strangle them in their cradles, and deprive us of new products and services that will yield incalculable economic and social advances. For the sake of tomorrow’s innovators, today’s grown-ups must make sure the national nanny never darkens America’s promising doorstep.

About the Author

Pete Sepp is President of National Taxpayers Union (ntu.org), a nonprofit, nonpartisan citizen group founded in 1969 to work for lower taxes, limited government, and economic freedom at all levels.

Notes