Overcoming the Advertising Duopoly
Sen. Ed Markey (D, MA.) hosted a press call for advocates of the FCC’s broadband privacy regulations today that failed to shed any new light on the issue. As is the way with these things, the Senator and his collection of lobbyists offered rose-colored glasses to the press in an attempt sell Chairman Wheeler’s proposed rules as an Internet privacy panacea. Markey praised Public Knowledge, the organizer of the event, as a “Paul Revere” on Internet privacy for sounding the alarm before the coming menace has fully arrived.
He swore to us that the Internet is online oxygen, without which we cannot live. He also bemoaned the state of broadband competition which, in his view, only provides American consumers with one or maybe two choices. In reality, American consumers have more choice for ISPs that merchants do for advertising; this is because Google and Facebook are an advertising duopoly with an 85% market share between themselves:
The bulk of spending by brands on digital advertising is going to Google and Facebook. Combined, they accounted for 75 per cent of all new online ad spending in 2015, according to the Internet Trends report published this month by Mary Meeker of Kleiner Perkins Caufield & Byers, the US venture capital fund. In the US, 85 cents of every new dollar spent on digital went to the two companies in the first quarter of 2016. [Note: my emphasis added.]
So that’s pretty much the whole dogma of the netroots movement in two or three minutes. Remarkably, the Senator invoked the name of Russia and implied that American consumers face the same “threat” to their privacy as do those whose email is stored on insecure servers. More on that later, as I asked a question about it.
Advertising the Oxygen of the Web
The oxygen metaphor struck me as particularly telling because advertising revenue is effectively the financial oxygen of free Internet services. The firms that profit from the lack of competition for behavioral advertising placements certainly appear to be terrified that the ISPs might enter their market and peel off significant share with lower prices for placements of equal or better quality.
Hence, they’re mounting a full court press for regulations that would prevent the ISPs from gathering and selling behavioral info in a major way. While the FCC’s proposed rules ostensibly put the consumer in charge of what to share and what not to share with their various ISPs, the “choice architecture” proposed by the FCC discriminates in favor of web-based services like Google and Facebook and against the ISPs.
Advertising sales by ISPs isn’t a reality today, but the established players are afraid it may become one unless the FCC lays down the law. The ISPs have an advantage over Facebook and Google not because of their placement in the Internet – they see less information than the websites do because of encryption – but because advertising sales for the ISPs will never be more than a gig.
ISPs pay their bills with subscription fees, so their interest in advertising is like an Uber driver with a full-time job who picks of a new nickels on the side bay picking up fares on trips they’re taking anyway. The advertising giants don’t want to become the taxi services of the web, so they’re seeking onerous regulations on their upstart competitors.
The Sales Pitch
The problem with the FCC’s approach to regulating advertising sales (that’s what this so-called “privacy” issue is about, obviously) is that it doesn’t follow the FTC’s logic in the way it separates sensitive from non-sensitive data. While the Commission has superficially adopted the FTC approach of requiring opt-in for sensitive data and using opt-out for non-sensitive data, it classifies too much of the data ISPs handle as sensitive.
If this classification were consistent, web surfing information held by Google and Facebook would be treated the same as web surfing data seen by ISPs, but the so-called “public interest” advocates cheerleading for the duoploy don’t see it that way.
Laura Moy, an activist affiliated with the predictably pro-advertiser Open Technology Institute, regards each bit of information seen by the ISPs as “communication” that warrants strict protection, even though that very same data would be considered non-sensitive data after it’s stored in website data centers. Consequently, Moy (and the FCC) seek to enact differential sensitivity classifications depending on how a given advertising merchant comes to possess the very same information.
This discriminatory approach is claimed to flow from the Communications Act, but it’s not really a necessary extrapolation. The FCC has ability to define sensitive data as it sees fit. The debate that’s taking place today is simply a line-drawing exercise where the duopoly advocates for two lines – one for itself and another for ISPs – which the ISPs want a single line.
Ranking Member Pallone
Congressman Pallone (D, NJ) recognizes that the FCC’s approach is discriminatory, but proposes to level the playing field by changing the FTC Act to the give that agency the power to restrict Google’s and Facebook’s abilities to sell personal information without opt-ins as well:
Pallone says that the harmonizing of the approaches should come from Congress strengthening the FTC’s privacy authority, not from the FCC failing to use its authority. The FCC is a rulemaking body, while the FTC is basically an enforcement agency, suing companies that fail to live up to privacy promises they have made.
“Unlike the FCC, the FTC must follow an arduous process that makes it virtually impossible to adopt similar rules,” he said. “Moreover, a recent court decision has thrown the legal landscape into chaos by potentially undermining the FTC’s already limited ability to protect consumers without the FCC’s help.”
This approach requires Congress to pass an Internet privacy bill, which is quite a tall order. Congress has been looking at privacy regulations for a decade without passing any significant legislation, so the Pallone approach is speculative at best.
A more reasonable approach would be for the FCC to subject ISPs to the same information sensitivity test that websites have to meet for opt-out data. Once that is done, Congress can begin the work to fine-tune a national privacy policy that potentially restricts the sale or enhances the protection of this data. Such an approach does not require us to discriminate for and against merchants of very same data at any time.
The Russia Canard
During the question and answer period I asked the advocates whether Markey meant to imply that the Russians could possibly have obtained John Podesta’s email from an ISP, either cooperatively or inadvertently. I pointed out that ISPs don’t archive email for which they don’t act as servers, and they were forced to admit that the Senator’s language was flowery embellishment.
Nobody likes it when innocent parties are blamed for the bad behavior of guilty ones, and that seems to be a lot of what this discussion is about: consumers fear spies, therefore we must punish ISPs for the spying they haven’t done.
Such misdirection would not really be necessary if the advocates were seeking rational and consistent regulations from all the active parties. But they’re not, so this debate is poorly formed.