I Hear This Cries Out for Regulation!

by Dechert LLP

As we all marinate in the difficulties of Mr. Zuckerberg, who, at the end of the day, can certainly salve any wounds with a net worth measured in the tens of billions of dollars, I was struck by the continued drumbeat for “REGULATION.”  Now, perhaps I am ill equipped to discuss Facebook, not being a participant and therefore never having clicked through a lengthy agreement on privacy (or the lack thereof), but I have some thoughts.  I’ll largely leave the ethics of the privacy contretemps to others, but I was struck by the parallels between the current kerfuffle over Facebook and privacy and the Dodd-Frank mess, lo these ten years past.

Let’s start with this dictum:  Beware the politician bearing new and comprehensive regulatory gifts for the American people.

I’ve been listening to the Facebook chatter for several weeks now and I suspect this will go on for as long as our political class concludes there is some benefit in yammering on about it in front of a camera.  What I find interesting, no make that disturbing, is the homogeneity of the calls for regulation (a seemingly content free word based on how our chattering class is blithely throwing it around) without much concern that apparently no one knows what “regulation” might entail. I’ve been listening carefully and as far as I can tell, if someone has thoughtfully addressed what the regulatory fix for our privacy concerns might be, I’ve missed it.  Oh, there’s a couple of bills that have been introduced by sundry members of the House and Senate hoping to duct tape onto their otherwise undistinguished careers and little reptilian intellect some gravitas, but there’s really not much out there beyond the assertion that, “The American people demand regulation!”

Ontogeny recapitulates phylogeny” they say and the nattering inside and around government and academia suggests that the technocracy is intent on replicating the regulatory nightmare following the Great Recession with an eruption of new regulatory excreta around privacy and the internet.  Is there no learning from our mistakes?  “Act in haste, repent at leisure” is not just an hoary old dodge, but a fundamental truth.

Back in 2008, it was “skin in the game,” “too big to fail,” “gambling banks” misusing the public’s money, etc.; phrases redolent of certainty, clarity and perhaps even wisdom… Except what they led to was the embrace of faux solutions, air freshener wafting over the midden heap of a deeply damaged banking and capital formation sector.

At the time, I argued that the finance and banking industry made a near to existential error in not fighting back on those memes before they became permanently embedded in a national narrative that banks and bankers were bad and needed to be beaten regularly, made to disgorge billions of dollars for alleged bad conduct (and thereby damaging capital while at the same time we were trying to increase it) and needed to henceforth conform to an exhaustive and elaborate skein of rules and regulations that, in some chalkboard exercise we were assured, would make banking safer and perhaps even end the business cycle.  Didn’t happen.

And, of course, the financial sectors had to hire legions of staff, lawyers and accountants to make sure all the foregoing happened (or, as the case may be, didn’t).  Our Dodd-Frank regulatory torrent was ill-advised then and I am certain that the current cri de coeur for regulating the internet without further delay is ill-advised today.

First of all, what exactly does everyone mean by regulating the internet?  Does it mean some form of strict, HIPAA-type lockdown on privacy based on the apparently obvious assumption (to them) that the American public is too stupid to give informed consent?  (Maybe we shouldn’t let them vote either.  Wouldn’t that be easier?)  Presumably it means that data cannot be traded or otherwise monetized without some sort of super-informed consent?  Does it mean that contacts can’t be shared or connectivity delivered without something affirmative and informed?  What would that look like?  What’s to be kept private and what’s not?  If you shout your net worth in a crowded room are you entitled to privacy?  Do we criminalize misuse of personal data?  What’s the standard of care?  What if it’s inadvertent?  Who has the burden of proof that data was private and misused?  When does data that might have originally been private become not private, and hence outside of the restrictions from this regulatory regime?  How do we deal with the extra territoriality consequences of a global data sphere and US regulation?  I don’t know the answer to any of these questions and I am sure they are only a small cross-section of the issues that we are dealing with here, but we should take our time and sort it all out.

And unintended consequences?  What happens if the business model of many, if not most, of our internet services, which are generally about providing connectivity in exchange for access to big data, is fatally wounded?  Is everyone prepared to pay for the service?  Can you get enough advertising online to make up for the loss of the ability to compile and use data?  Are we okay with trading more privacy for a woefully diminished online experience?  I don’t know, but someone should probably think this through before imposing a set of new, elaborate and intrusive rules.

After the Great Recession, look what happened and what’s finally being done to fix it now.  After larding capital charge on top of capital charge on top of capital charge, we started to wonder whether we have impaired the efficiency of global finance and that’s not good.  The inanity of the Step-In Rule and Liquidity Coverage Ratio might be permanently sidelined but what’s shocking is that the technocracy thought those were really good ideas!  We finally figured out that all those lawyers, accountants and consultants mentioned above can choke a bank to death.  Allegedly there have been something like 70,000 pages of regulations promulgated in the wake of Dodd-Frank.  How can that possibly be good?

How about the Volcker Rule and its impact on markets and trading.  What’s a proprietary trade?  We still don’t know, so the liquidity of all securities in the capital markets has been meaningfully diminished.  That was clearly not part of the plan.  And following all this burst of regulation, the weaponization of regulations turned our banking sector into a giant piggybank for the government which unabashedly sued Bank A for selling dodgy residential securities to Bank B while suing Bank B for selling the self-same securities to Bank A.  Have we no shame?

I’m not saying that privacy is not important, I certainly don’t want my information spread across the web without reflecting on what I’m doing.  Indeed, maybe there is a materially broader role for the government here.  But let’s stop for a second and give it some thought.  Let’s not replicate the mess that is Dodd-Frank and then spend the next eight years trying to undo the negative externalities and unintended consequences of a burst of feel-good, faux intellectualized, politically motivated regulation.  Someone said we become insane collectively and regain our sanity one by one.  Seems right.  The internet is too important.  Connectivity is too important.  We can’t afford to embrace insanity and then wait for regrets.

Written by:

Dechert LLP

Dechert LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.