While Congress has been holding hearings, poking tech execs, and dancing the legislative Fandango, the marketplace has imposed actual sanctions. Between the time Facebook’s Cambridge Analytica scandal was revealed, March of last year, and March of this year, shareholders lost more than $61.6 billion adjusted for overall market (NASDAQ) fluctuations. In contrast, Sen. Wyden’s 4 percent fine—even if applied to global sales, and instantly—would whack just $2.2 billion from the Facebook moguls.
This paragraph is from Thomas Hazlett, “Zuckerberg’s Plea: Regulate Me Before I Violate People’s Privacy Again!”, Reason, April 17.
Another great paragraph:
Third, Congress protecting our privacy…you’re joking, right? In 2014 and 2015, hackers deployed by the Chinese government snuck onto U.S. government servers and helped themselves to extensive records on over 20 million Americans. The Office of Personnel Management had stored employee files unencrypted, leaving the data muffins warm and delicious. Millions lost their Social Security numbers, medical histories, and fingerprints to cyber thieves.
Since, as (then) a federal employee, I had just finished updating my data with OPM, I’m pretty sure I was one of the people whose data were hacked.
The whole piece is in Tom’s beautiful style of tight economic reasoning, tight reasoning generally, and humorous wording. Recommended.
READER COMMENTS
Jon Murphy
Apr 20 2019 at 12:49pm
The first quoted paragraph about the difference between the market’s punishment and the government’s proposed punishment (to the tune of $59.4 billion!) gives us an interesting public choice story. Typically, public choice economists will argue that firms will lobby for regulation as a way to reduce competition. However, the difference in fines indicates another possible story: the marketplace is a harsher punisher than government! Firms want regulations because the fines paid for maleficence under those regulations may be lower than those the market deals out.
Mark Z
Apr 21 2019 at 3:28am
But even if the government imposed a fine of x that the market regarded as insufficiently discipline (the appropriate response being a fine of X + b), wouldn’t one still expect the share price to drop by b?
I’m wondering if, rather, Facebook favors regulation because the government would inevitably have to bear some of Facebook’s security costs. In keeping with my quantitative oversimplification, if the market ‘wants’ Facebook to obtain a given level of security, and the government demands a lesser level of security, then Facebook can comply with the lesser security level demanded by the government (saving some money) while, should another security breach happen (due to what the market considers insufficient security), the government will now be considered at least partly responsible and expected to make up the difference. And markets may expect this – that is, expect that the government will ‘bail out’ Facebook (not in the form of money, like with banks that fail while under the implicit protection of the government, but in government devoting more resources to Facebook’s cybersecurity) – then Facebook may know that markets won’t punish it as harshly if it has the imprimatur of government regulation stamped on it.
David Henderson
Apr 21 2019 at 10:04am
My guess is that Zuckerberg favors regulation for the reason he has stated publicly: economies of scale in compliance. It would be easier for his large firm to deal with it than for small upstarts competing with Facebook to deal with it.
Dylan
Apr 20 2019 at 1:29pm
I find the market cap comparison unconvincing, since surely the drop in market cap at least partially considers the impact from potential regulatory fallout? And how does something like a 4% fine on revenues impact the kinds of business decisions Facebook makes, and might those have further reaching consequences beyond just the fine?
Also, in the article he refers to the changes that Facebook made after the most recent scandal as if the market was spurring them to action, without acknowledging that this has been the result of every privacy scandal at Facebook for over a decade now without having any real change, indeed because users seem to value Facebook at such a high value, that they don’t really need to make meaningful change.
This isn’t an argument for regulation, as much as I might lament that most people seem to value privacy much less than I do. It does bug me though that Facebook collects information on me, even though I’ve never been a customer of theirs, and that there is nothing I can do about it short of not using the internet, or being friends with people who use Facebook. Yet I’m not sure that government regulation would be able to improve the situation.
David Henderson
Apr 21 2019 at 6:53pm
Dylan,
You write:
How does it collect information on you if you’r not using it?
Dylan
Apr 21 2019 at 7:12pm
Facebook creates what are generally referred to as “shadow profiles” for people that don’t have an account. They do this in two main ways:
When you browse the internet, many sites will have a Facebook advertising pixel that sends data on your browsing history back to Facebook
If any of your friends uploads their contacts to Facebook (which most people do because it makes it easier to connect with their friends) then Facebook gets info on you that way, and depending on how much data they have in their contact, that could be a fair amount of info.
There’s no way to opt-out of this kind of data collection, and with it Facebook is able to build a pretty comprehensive profile of where you live, where you work, what sites you visit online, what kind of phone you have, etc.
David Henderson
Apr 22 2019 at 12:52pm
Thanks.
Thomas Sewell
Apr 24 2019 at 9:21pm
This is a good description of the process Facebook follows, but “There’s no way to opt-out of this kind of data collection…” isn’t correct.
Sure, you can’t go to Facebook and click a button saying don’t ever track me, but you can stop proactively sending Facebook your information by blocking any network connections to their domains and IP addresses. For most people, that’s probably simplest accomplished at the device or browser level, but can be done most completely at the network level. Most large corporations in the US do it that way for their employees while at work.
Google on the other hand… has contributed so much to the various ways web sites work nowadays that it’s much more difficult to continue using the Internet if you decide to completely block access to their stuff.
Comments are closed.