|
It’s part of economic orthodoxy — and almost certainly correct — that property rights solve market failures. Sometimes the failure of functioning markets to emerge causes goods to be spoiled and depleted. Sometimes adverse effects from market activity fall on nonparticipants. And sometimes markets simply do not produce the most efficient outcomes in the estimation of observers. Better property rights can help improve results.
But that doesn’t mean that any formulation of property rights is good. I appreciated my colleague Mark Jamison’s recent post debunking three myths he sees animating proposals to give property rights to users of online services in aid of their privacy. There isn’t a property-rights magic wand to wave over the online privacy challenge and solve it in one stroke. He addresses some of the worst (or presumed worst) proposals for establishing property rights in personal information.
For me, the “forced market” concept captures what’s wrong with creating property rights in pursuit of given outcomes. Unlike a free market, in which people come together and exchange what’s theirs as they will, a forced market starts from some fundamental reallocation that planners think is salutary. They take some right or power away from one group and make it a marketable commodity of another. Maybe good things result. Maybe the law of unintended consequences prevails.
One paper Professor Jamison links to in his critique is explicit about transferring things from one group to another in pursuit of forced-market engineering. “[G]iving the data property rights to consumers can generate allocations that are close to optimal,” say Professors Charles Jones and Christopher Tonetti from the Stanford Graduate School of Business and the National Bureau of Economic Research. They compare scenarios arising from different allocations of property rights in data to the ideal outcome chosen by the social planner.
The idea that some authority should allocate rights to data about a transaction to one party or the other would be profoundly difficult to administer. Take the proposal for a “New Deal on Data” made to the World Economic Forum in the late aughts. It sounds appealing to create “open information markets” by giving internet users something akin to common law rights to possess, use, and dispose of personal data about themselves.
“If you’re not happy with the way a company uses your data, you can remove it. All of it.” That’s quite a power. But there would be great cost and complexity in retooling systems so that each user could extricate and delete their personal data. Among many challenges, what happens if a user (or a user’s estate, or an impostor) decides to make Swiss cheese of online historical records by deleting his or her contributions?
One could mitigate this problem by gerrymandering the property right to apply only against commercial entities. Domains on .org could be where historic preservation happens. But that creates or exacerbates First Amendment problems. In the United States, legislation with content- or speaker-based restrictions on the sale, disclosure, and use of personal information is constitutionally suspect. And what happens if historical preservationists mirror social media sites? “Owners” could delete their personal information from its original commercial location without improving their privacy much at all.
New technologies and techniques could change their minds, but consumers don’t currently seem to want to become stewards of data they own in full. There would be little benefit from the massive retooling it would take to allow these rights to be exercised. That retooling would open security holes by allowing impersonation fraudsters to get all of their victims’ data.
Property rights imposed from above as a planning tool seem only a bit less clumsy than direct command-and-control regulations. But there is another way to generate property rights frameworks: the original way. Property law has traditionally developed bottom-up, by courts recognizing and enshrining common practice into law.
Here’s a little mental exercise: Consider how data is routinely traded, bought, and sold. There are literal markets for data, and implicit markets in the trade of personal information for advertising-supported services. There are markets for stolen data. People hoard and covet some personal information. They freely abandon other personal information. All this is at least property-like treatment, even if the goods are incorporeal.
Now take a look at how privacy policies and terms of service statements allocate rights in digital data between service providers and customers. The heart of the typical privacy policy says something like: “Verizon does not sell, license or share information that individually identifies our customers, people using our networks, or website visitors.” There is typically a short list of exceptions in the contract allowing sharing for such things as defending the service provider, counteracting fraud, responding to valid legal process, and so on. These are the metes and bounds, covenants and easements of digital property, if you will.
When technology users leave data in the possession of service providers, all is not lost for them. According to their contracts, the general right to exclude remains theirs, an essential privacy protection. In a recent dissent inviting the criminal defense bar to assert that personal data are constitutionally protected property of data subjects, Supreme Court Justice Neil Gorsuch suggests characterizing the relationship of the customer and service provider as that of a bailor and a bailee.
Like spectrum, information is highly divisible, and it has different characteristics than movable and real property. (In their time, movables had to earn full-fledged status as property.) It helps to return to the “bundle of sticks” notion of property rights taught in law school. Property rights include the right to possession, the right to use, to profit, to sell, and especially to exclude others. People and businesses exercise all these rights over data all the time.
Representative Doug Collins (R-GA) has proposed to recognize data as the property of consumers in federal law. Professor Jamison implicitly panned the idea in his post, but I’m inclined to give it the benefit of the doubt. In a release, Collins, the ranking member of the House Judiciary Committee, said, “The private sector and the government must recognize consumer data as the property of the consumer.” It’s crucially important — and welcome — that he proposes to recognize property rights, not establish them in the first instance. I do fault word choices in the release for suggesting that all property rights might automatically accrue to consumers, but I’m an optimist. Representative Collins calls for “privacy rights and protections that are much more flexible and adaptive,” which suggests leaving to contract the original assignment of rights in data as I discussed above. Not all will be satisfied with the allocations that have emerged, but they are always subject to renegotiation in the marketplace.
Mark Jamison is right: Property rights are not likely to work when they grossly amend the space they encounter. Property rights in data are more likely to work when they are “found” in common practice. I think they can be found in common practice today. We will be better off in a variety of ways when personal data is more clearly recognized as common law property.
Property rights in data can be found in common practice today, and attempts to significantly change that practice are likely to create unintended consequences.
|
|
