The IPI Calls Privacy Template for “Opt-in” Bill an Inadequate and Inappropriate Resource for Privacy Legislation

The Information Policy Institute today called the Gellman study an inappropriate and inconclusive resource as an explanation of consumer privacy concerns. The study is currently being used as a source of support for legislation such as Senator Ernest “Fritz” Hollings’ (D-SC) privacy bill, which will be discussed in a hearing tomorrow.

“Our analysis shows that the Gellman study is flawed in so many ways, that for any legislator to use it as the basis for such a wide-ranging bill would be a great disservice to the millions of American consumers who rely on our government to protect their privacy,” said Dr. Michael Turner, president, The Information Policy Institute .

“The study does not fully take into consideration a number of important factors of the consumer privacy debate, including the different drivers. It is unlikely that someone is equally as concerned about having their credit card information stolen as they are with receiving an e-mail from a respected online retailer like Amazon. We are concerned that a study with such myopic conclusions about American consumers’ thoughts on privacy will steer lawmakers in the wrong direction,” Turner added.

Questionable theories in the Gellman study include:

  • Consumer privacy concerns are all the same: Gellman study implies that various types of consumer privacy concerns are all the same, thus requiring the same one-size-fits-all solution. For example, Gellman’s study asserts that all consumers’ are equally concerned about Internet stalkers, computer hackers, credit card fraudsters, identity thieves, Spammers, legitimate online advertisers, catalogers, direct mailers, and telemarketers including charities, nonprofits, and political fundraisers.
  • “Opt-in” is a catch-all solution: Gellman study concludes that unlawful spam would be remedied by the implementation of a broad range of “opt-in” data legislation. However, the recommendation for such legislation doesn’t take into consideration that such legislation would do nothing to stop unlawful spam coming either from parties outside of U.S. jurisdiction or those that blatantly flout the law. He further applies the same solution – sweeping “opt-in” legislation – to all privacy concerns, despite his own stated objections that “opt-in” fails as a catch-all solution.
  • High costs from no “opt-in”: Gellman’s attempt to quantify the cost of not having an “opt-in” rule is premised on dubious assumptions. His estimation of the total national “privacy toll” – an aggregation of privacy related costs for households and businesses – attributes costs to privacy concerns that are likely explained by a number of other reasons. For instance, individuals sometimes buy caller-id devices, have their telephone numbers unpublished, and abandon shopping carts for reasons that have nothing to do with privacy. As a result of attributing all behaviors to privacy concerns he calculates a grossly inflated “privacy toll.”