The following op-ed was published today in the Morning Consult.
Democratic Presidential candidate Andrew Yang recently rolled out his plan to regulate technology in the 21st century. His first point highlights a hot topic this year: consumer data privacy. Yang believes we need to establish data as a property right, along with a whole new regulatory approach echoing the sentiments of recent European and California data privacy laws.
While the proposed policy is noble in its intentions, if it were implemented, the costs on Americans would be staggering and scale back the pace of innovation drastically.
Part of the reason for Yang’s desire to regulate the industry is due to the perceived lack of corporate security of personal data. This has been highlighted, for example, by the Equifax data breach in 2017, which was settled with federal and state regulators to pay up to $700 million in damages and fees. In August, Capital One was one of the latest to experience a large scale data breach, with over 106 million customers and applicants personal information exposed.
However, there are laws that already address data breaches and exposure of personal information (social security, addresses, income data, phone numbers, etc.). If that information gets exposed, Americans have been harmed. Federal agencies can fine the company at fault. A class action suit would likely be filed and customers can be made whole from any harm the company has done to them through monetary damages. In the meantime, customers could take necessary action to secure their personal data (i.e. freezing their credit, reporting to their credit card companies etc.)
Data breaches are not exclusive to the private sector; the government is not any better, and in some cases worse, at protecting personal data from cyber attacks. Since 2014, local and federal government entities have reported over 443 data breaches, exposing the data of over 168 million Americans, 81 million of which came in 2018 alone.
Databases with sensitive information provoke a constant battle between system security and those trying to hack into them. Both government entities and corporations are constantly working to secure their systems from a stream of constant attacks.
In his proposal, Yang highlights how the industry that is responsible for collecting consumer data will be worth as much as $197.7B by 2022. For a relatively new industry, those are impressive numbers. That means the data of each American will be worth about $617.8 and would definitely back the claim of data being worth more than oil.
However, this is also a narrow-minded view. It only looks at the benefits of the data as a monetary gain for a corporation and disregards the high costs associated with storing and managing this data. What it also overlooks is the simple fact that our consumer data is not going to be worth $617 dollars, as the value of individual data is often disputed. In fact, consumer data could be valued as low as $0.0005 per individual. The true value in the data comes from possessing and analyzing it in the aggregate, rather than information about the individual consumer him or herself.
In truth, data gathering companies have saved Americans significant amounts of money. For example, a grocery store with a loyalty card program often saves families hundreds of dollars a year alone. This is because the data customers are providing to the store enable employees to adjust what they carry in their stores to provide goods that the customers actually want at a better price than they otherwise would be able to. Data drives decisions which benefit the customer.
Even for a large company like Amazon, the data that is generated by its users searching their website for goods is pivotal to the success of e-commerce. By knowing what a customer is looking for, Amazon can find the same or similar product for cheaper prices, saving families money. If data was treated as a property right of the consumer, and outright assigned to one party, then loyalty card programs would not exist and Amazon would not be able to offer goods at competitive prices because the cost of compliance would be too high.
Data privacy is an important issue, on a state, national, and international level. People have every right to be concerned by data breaches and exposure of their personal data. While Yang’s intention with this policy are noble, if implemented, it would hurt the very people he aims to help.
While Americans are not directly compensated for the data they provide to the companies they interact with, they have been the benefactors of cheaper goods and services at a higher quality—an indirect benefit that cannot be discounted. Regulating this industry is not the answer, as it will saddle companies with heavy compliance burdens while likely causing Americans to lose out on significant savings.