“Consumer and Shareholder Protection”The FDA’s role in the approval and subsequent review of Vioxx, a pain medication with- drawn from the market by its manufacturer after it was associated with heart attacks and strokes, is discussed in a case at the end of this textbook.
In 2010, Congress established, as part of the Dodd-Frank Act (also discussed in Chapters 8 and 14), a new consumer regulatory body, called the Consumer Financial Pro- tection Bureau. The purposes and actions of this agency are described in Exhibit 15.B. The debate over whether government should become involved in protecting consumer privacy is discussed in the next section of this chapter.
All seven government regulatory agencies shown in Figure 15.2 are authorized by law to intervene directly into the very center of free market activities, if that is considered nec- essary to protect consumers. In other words, consumer protection laws and agencies substi- tute government-mandated standards and the decisions of government officials for decision making by private buyers and sellers.
Consumer Privacy in the Digital Age
In the early 21st century, rapidly evolving information technologies have given new ur- gency to the broad issue of consumer privacy. Shoppers have always been concerned that information they reveal in the course of a sales transaction—for example, their credit card or driver’s license numbers—might be misused. But in recent years, fast-changing tech- nologies have increasingly enabled businesses to collect, buy, sell, and use vast amounts of personal data about their customers and potential customers. The danger is not only that this information might rarely be used fraudulently, but also that its collection represents a violation of privacy and might lead to unanticipated harms.
Individuals are often unaware of how much information about themselves they reveal to others as they shop, interact with friends, play games, or look for information online. A variety of technologies make this possible. Many websites place cookies—or more power- ful Flash cookies—on a computer hard drive, to identify the user during each subsequent visit and to build profiles of their behavior over time. Web beacons embedded in e-mails and websites retrieve information about the viewer. In deep packet inspection, third parties access and analyze digital packets of information sent over the Internet, such as pieces of e-mails or Skype calls, to infer characteristics of the sender. Not just retailers, but also Internet service providers such as Comcast, search engine operators such as Google, and informational services such as Dictionary.com, also track their users. So-called data aggregators purchase and combine data about individuals collected from various sources and compile them into highly detailed portraits to be sold to retailers, service providers, and advertisers.15
An example of a data aggregator is Acxiom Corporation, based in Conway, Arkansas. Acxiom, called the “quiet giant” of the industry, has built the largest consumer database in the world, with an average of 1,500 data points on each of 500 million people. It not only collects information from multiple sources, but also analyzes it, placing individuals into categories such as “savvy singles,” “flush families,” and “downtown dwellers.” Acxiom’s customers include 47 of the Fortune 100 and such well-known companies as Wells Fargo, Toyota, and Macy’s, which pay for “360-degree views” of customers and prospective customers.16
“It’s a digital vacuum cleaner,” said the executive director of the Center for Digital Democracy, speaking of the data aggregation industry. “They’re tracking where your mouse is on the page, what you put in your shopping cart, and what you don’t buy. A very sophisticated commercial surveillance system has been put in place.”17
The main reason for all this tracking is to tailor commercial messages to individuals. The term behavioral advertising refers to advertising that is targeted to particular custom- ers, based on their observed online behavior. For example, a shopper might view a dress while browsing online for an outfit for an upcoming event, and then later when checking a news site might see an advertisement for the same dress pop up on her screen. According to AudienceScience, a digital marketing technology company, behavioral advertising was used by 85 percent of ad agencies in 2011, and these agencies planned to increase their spending on it significantly going forward. The reason most often cited by survey respondents was that targeted ads were simply “more effective.”18
Advertisements tailored to a user’s interests and preferences have many advantages for both buyer and seller. The buyer is more likely to receive messages that are relevant, and the seller is more likely to reach prospective customers. For example, Amazon tracks its customers’ preferences, so on subsequent visits to the website it can recommend books, electronics, and other products that a person might like—a potential benefit to shoppers.
But the vast collection of information that makes behavioral advertising possible also car- ries risks. For example, in a practice called weblining, individuals may be denied opportu- nities, such as credit, based on their online profiles. Some people are simply worried that information collected for the purpose of advertising might fall into the wrong hands, with- out their knowledge or consent. Consumer Reports found in a 2012 survey that 71 percent of respondents were “very concerned” about companies sharing information about them without their permission.19
The dilemma of how best to protect consumer privacy in the digital age, while still fos- tering legitimate commerce, has generated a wide-ranging debate. Three major solutions have been proposed: consumer self-help, industry self-regulation, and privacy legislation.
• Consumer self-help. In this view, the best solution is for users to employ technologies that enable them to protect their own privacy. For example, special software can help manage cookies, encryption can protect e-mail messages, and surfing through interme- diary sites can provide user anonymity. Individuals can learn about and use privacy settings on websites they access. Specialized services, such as one called Privacy- Choice, score various sites on how they handle personal data, offering consumers tools for choosing which to do business with. “We have to develop mechanisms that allow consumers to control information about themselves,” commented a representative of the Center for Democracy and Technology, a civil liberties group.20 Critics of this approach argue that many unsophisticated web surfers are unaware of these mechanisms, or even of the need for them. A recent survey of Facebook users, for example, estimated that 28 percent of them shared all or almost all of their “wall” posts with the general public— not just their “friends.”21
• Industry self-regulation. Many Internet-related businesses have argued that they should be allowed to regulate themselves. In their view, the best approach would be for compa- nies to adopt voluntary policies for protecting the privacy of individuals’ information disclosed during electronic transactions. For example, the Digital Advertising Alliance, a marketing trade group, developed an icon—a turquoise triangle placed in the upper right-hand corner of some online ads—that users could click to shield their behavior from tracking.22 One advantage of the self-regulation approach is that companies, pre- sumably sophisticated about their own technology, might do the best job of defining technical standards. Critics of this approach feel, however, that industry rules would inevitably be too weak. After all, companies often made money from selling personal information to advertisers, giving them a disincentive to protect it.
• Privacy legislation. Some favor new government regulations protecting consumer pri- vacy online. In 2012, the Federal Trade Commission issued a comprehensive report on protecting consumer privacy. The commission recommended that businesses adopt a number of best practices, including greater disclosure of how they collected and used consumers’ information, simple “opt out” tools, improved security, and time limits on the retention of data. The FTC also recommended that Congress consider enacting new
legislation addressing these issues.23 Consumer privacy protections are generally stronger in the European Union than in the United States. Under European data protec- tion laws, people must be notified when information is collected about them and be given a chance to review and correct it if necessary. An Austrian law student recently used these rules to force Facebook to give him thousands of pages of data about him it had collected, and then used this information to press the company publicly for stronger privacy protections.24
Any approach to online privacy would face the challenge of how best to balance the legitimate interests of consumers—to protect their privacy—and of business—to deliver increasingly customized products and services in the digital age. The issue of online pri- vacy is also explored in the discussion case that appears in Chapter 12.
Special Issue: Product Liability
Who is at fault when a consumer is harmed by a product or service? This is a complex legal and ethical issue. The term product liability refers to the legal responsibility of a firm for injuries caused by something it made or sold. Under laws in the United States and some other countries, consumers have the right to sue and to collect damages if harmed by an unsafe product. Consumer advocates and trial attorneys have generally supported these legal protections, saying they are necessary both to compensate injured victims and to de- ter irresponsible behavior by companies in the first place. Some in the business commu- nity, by contrast, have argued that courts and juries have unfairly favored plaintiffs, and they have called for reforms of product liability laws. This section describes this debate and recent changes in relevant U.S. law. The special issue of whether or not food compa- nies and restaurants should be held liable for obesity is profiled in the discussion case at the end of this chapter.
Strict Liability
In the United States, the legal system has generally looked favorably on consumer claims. Under the doctrine of strict liability, courts have held that manufacturers are responsible for injuries resulting from use of their products, whether or not the manufacturers were negligent or breached a warranty. That is, they may be found to be liable, whether or not they knowingly did anything wrong. Consumers can also prevail in court even if they were partly at fault for their injuries. The following well-publicized case illustrates the extent to which businesses can be held responsible under this strict standard.