It's become clear over the last year there is a strong need for a data privacy regulatory agency in US government. I understand that regulation hampers growth, but the tech industry is mature and developed to the point that it's time to reel in "moving fast and breaking things" a bit.
> It's become clear over the last year there is a strong need for a data privacy regulatory agency in US government.
I wouldn't trust a governmental regulatory agency to aggressively fulfill it's mission. My impression is that in general they're too much at the mercy of politicians.
I suspect a more effective strategy is to enact legislation that makes companies liable under civil law, with private citizens empowered to sue.
> I wouldn't trust a governmental agency to aggressively fulfill it's mission. My impression is that in general they're too much at the mercy of politicians.
I think this sort of attitude is a big problem - instead of throwing our hands up and deciding that regulatory agencies have always been and thus will always be toothless, we need to give said agencies more power to enable them to actually enforce the rules. Right now, companies regularly weigh the costs of compliance against the costs of non-compliance because to a multinational corporation, the usual fines and punishments just don't hurt that much.
Companies that break the law should regularly never, ever recover financially.
> Companies that break the law should regularly never, ever recover financially.
Personally I would have this reworded to "Companies that regularly break the law should never, ever recover financially."
As much as I believe things are tilted too far in favor of companies these days, it is true that over-harsh regulation on business can be very bad — particularly when it becomes harder to start new businesses.
But I agree with your sentiment. To a large degree the government is as good as we make it.
This is an important point, I think. If our ultimate goal is to incentivise good practice, we have to deal with a range of problems from simple ignorance of good practice or what the law requires through to gross negligence or "wilful ignorance" situations. If you have a business that is acting in good faith but makes an error in judgement or isn't aware of some specific regulation, there is no sense taking a punitive stance. Obviously if their actions have caused damage to another party then compensation may be appropriate, but otherwise constructive engagement is likely to work best. On the other hand, if you have a business that is knowingly and deliberately acting in bad faith, there may be little point in being constructive, and the penalties need to be significant enough to force them to change (or their business to fail).
> I wouldn't trust a governmental agency to aggressively fulfill it's mission. My impression is that in general they're too much at the mercy of politicians.
It is good when a governmental agency is at the mercy of politicians. As the electorate, we are responsible for the politicians we elect.
> a more effective strategy is to enact legislation that makes companies liable under civil law
Agree. But there is still a role for a public prosecutor to (a) collect complaints and (b) launching suits on behalf of the public, for when violations occur and no private action ensues.
You're screwed either way. If a government agency enforces it, opposition politicians attack it. If courts enforce it, courts are attacked instead and opposition politicians push for changes int eh law. the regulated industry will cheerfully spend shareholder money to drive public sentiment in a favorable direction. In US politics, money dominates everything else.
I'm not knowledgeable about how the US administration works, but I think it's a universal principle that when you write laws and regulations, it generally has to come with means to inspect and check that the rules are not violated.
It's especially difficult with anything digital. Do you really want to rely just on whistleblowers?
>I suspect a more effective strategy is to enact legislation that makes companies liable under civil law, with private citizens empowered to sue.
There's no chance that will happen. It should, but it won't. By taking away the ability of individual citizens to sue, and vesting that power in a government agency, it protects the companies while empowering the regulators. The end result is fair toothless regulation and more donations/lobbying dollars flowing from the private sector to the public sector/politicians.
Bad regulation hampers growth, good regulation induces growth.
As I see it, the problem in the U.S. is that the current political system is incapable of producing good regulation, partly because of the deeply flawed voting system and partly because of a collective belief that government cannot be effective (producing that exact outcome).
Some regulation is bad, but there are plenty of good examples. Regulation on the standards like GSM and use of SIM cards helped new entrants into the European markets. Net Neutrality, standardized electrical systems, etc have benefited everyone large and small. And of course, anti-trust regulations in the EU has not benefited Microsoft or Google.
That's truism that I don't think is accurate. You're assuming all regulation is complex and that this can directly drive administrative costs in linear fashion.
That generalization is pretty obviously wrong. The vast body of antitrust regulation is designed precisely to hurt the "already big". Regulations around net neutrality would also fall into the category of helping the little guy far more than a big player. Regulation certainly can hamper smaller businesses, but it really depends on how the regulation is designed.
>Lack of regulation is guaranteed to benefit already-big, though.
Not neccessarly, it depends on how educated market participants are. Shouldn't a world that becomes more and more informed, connected and educated not become less regulated?
>Unchecked corporations become oligopolies or monopolies.
But not forever, less regulation also means more opportunity for competitors. And educated customers would be aware of the situation and just ignore the monopolies if they can buy somewhere else.
Yes, all regulation hurts economic growth. The mechanism is simple: regulatory compliance is a cost. If it's a fixed cost like most regulation, it becomes a barrier to entry. If it's a variable cost, it reduces labor productivity.
HOWEVER, some regulation may improve net economic growth by improving the functioning of markets such that it overcomes the costs that compliance imposes. Therefore the discussion of regulation cannot be divorced from the quantitative and qualitative merits of the specific regulation proposed, and therefore must be considered on a case by case basis. The idea that regulation can be proven good or bad in aggregate is a fools errand.
Yes, all regulation hurts economic growth. The mechanism
is simple: regulatory compliance is a cost.
I've heard it said [1] that banning cigarette advertising is good for cigarette companies, as previously they had to compete to outspend one another to avoid losing market share. In other words, legislation moved competitors from an expensive Nash equilibrium to a cheap global optimum.
Of course, this is a rare example, and a questionable one; it assumes tobacco advertising does not increase the total market for tobacco products. Given that tobacco companies lobby against such advertising bans, they clearly don't see such regulations as a net benefit for them.
> all regulation hurts economic growth [...] some regulation may improve net economic growth
What definition of "economic growth" are you using for your first claim? It doesn't seem to match the common expectation. I'd assume that net growth is what we care about in the context of public policy.
What about the proof of that? What basis are you making the assertion on?
It seems like some regulation can promote growth. For instance, regulation on product safety increases consumer confidence in the safety of those products and creates a broader market for them.
Upon careful reading of the comment to which you are responding, I found that it neatly addresses very precisely the keen, sensible, and reasonable point you have raised. Perhaps you have had an experience significantly from mine?
That comment assumes we can all agree upon a textbook definition of 'economic regulation'. An economic regulation is generally defined as any legislation or administrative act that impacts either pricing a good or entering a market. If you follow that strict, conventional (in economics circles) definition, it's tough to argue with the comment.
Outside of textbooks, economic regulation has a much bigger meaning such that a statement like that would be highly confusing and inflammatory. Outside of textbooks, economic regulation can refer to anything from health/safety legislation to antitrust legislation to taxes/tariffs/freer trade. Economic regulation = increased costs only works if you use a conventional definition of regulation...
I understand where you're coming from and what you mean. I even understand why some people, reading the original comment, would stop after the confusing and inflammatory statement and not finish reading the rest of the fine comment.
It's possible that such people might be best served to read the rest of the comment and cogitate for a moment before objecting.
In this context, I found that the parent comment covers health, safety, anti-trust, and more under the umbrella of improving market function. I understand that others may have arrived at a different understanding of the comment.
Its like saying static checking always hurts productivity because you need to be compliant with the compiler. What if complying with regulations reduces costs? Why does it have to necessarily increase them?
Your analogy is spot on, because both are true. Regulation increases costs, and it may also reduce costs. Static checking increases costs, and it may also reduces costs.
The whole point of what I wrote is that the net benefit depends on the tradeoff that is made between the two costs and that tradeoff will depend entirely on context and details, which excludes the possibility of coming to an aggregate conclusion (such as static typing is always better, or regulation is always good).
For example, I would never do exploratory data analysis using Scala, but I would also never write a production system in R. In each scenario it is useful to separate the various costs and benefits and weigh them against each other, as opposed to taking an ideological stand like "STATIC TYPING OR DIE".
But seriously I'm tired of so many armchair Libertarians spouting their one semester of economics understanding. Most of them never read past your first statement.
I point out there are three armchair points-of-view that are possible here which are, in my experience, equally tiresome:
(1) All regulation is bad.
(2) All regulation is good.
(3) All regulation which is net positive is good.
(3) may be more complex, but it can be an armchair position because it excludes the political and moral questions of who wins, who loses, and who decides.
Importantly, (1) and (3) can also both be non-armchair points of view. It really depends what arguments are made in their defense. A libertarian, fully cognizant of the points made by the GP, can still believe (1) if his basis is moral grounds. Likewise (3), if it is defended on utilitarian grounds. Sure, if a libertarian argues (1) on an economic basis, it suggests a certain ignorance we could call 'armchair'.
But I would argue that we largely ignore moral arguments. So, even a libertarian arguing (1) from an economics standpoint may actually be doing so not because he believes it, but because he believes his audience will reject his argument from his core belief; and I would be hesitant to call him 'armchair' (even though he is annoying) just as I would be hesitant to call a utilitarian 'armchair' if he avoids the political questions. Both can be wrong without being wrong.
This shouldn't be in the hands of a regulatory agency. Serious privacy violations should be legislated and treated as outright crimes, not just regulation infringements.
Violating basic civil rights should not just result in the off chance of having to pay a fine. People like Zuckerberg belong in jail way more than the average drug dealer.
> This shouldn't be in the hands of a regulatory agency. Serious privacy violations should be legislated and treated as outright crimes, not just regulation infringements.
IHIPAA is largely in the hands of HHS as a regulatory body, and yet violation of its privacy mandates (including those HHS is empowered to detail by regulation) are “outright crimes” as well as also potential civil offenses, not some distinct and lesser category of “regulatory violations”.
Your argument seems deeply grounded in an incorrect assumption about what it means to involve a regulatory agency.
