Hacker News new | ask | show | jobs
by wpietri 2845 days ago
Whether it would be better is a really interesting question.

For this specific case, I think energetically enforced regulation would be clearly better. But in general, I'm not so sure. The American system of "let people do what they want; if there's harm, they can sue" allows a lot more room for innovation than a system of up-front regulation.

I think the difference for me lies in the extent to which an issue is a) in a stable context, b) causes significant harm, and c) is unlikely to be fixed through market mechanisms or self regulation.

Here, since consumer privacy is basically an externality to these companies and the market is an oligopoly, I think stronger regulation is a pretty good bet. But in general I think private right of action is underappreciated. Especially class action suits, which aren't burdensome for most plaintiffs.
1 comments
Aeolun 2844 days ago
I think the problem with that strategy is that harm is generally done on a large scale until someone prevents it from continuing.
link
wpietri 2844 days ago
Well, generally it isn't. Most businesses go along doing good things for their customers and getting paid in return. Really, given the way that the Internet has changed everything, we've had surprisingly few major problems.

As a tiny example, look at phone calls. They used to be absurdly expensive. In college I remember having phone bills costing ~30 hours of (minimum-wage) labor. Now it would be hard to explain to an 18-year-old what a long-distance call even was. These days I have effectively unlimited calling from anywhere to anywhere via a handheld device that costs ~7 hours of (minimum-wage) labor/month, and I see lower-cost vendors that provide it for ~4 hours/month.

If we had taken a regulation-first approach, where each new service had to get regulatory approval, I could imagine us still being stuck in the old paradigm, where each phone call had to go through a monopoly operator, and things like Skype were illegal. Or maybe we'd be part-way along the curve, but with incumbents pushing to increase regulatory burden and hobble startups.

So I agree the problem with a default-permit model is that you have more problems to fix, and some can be big. But the problem with a default-deny model is that you miss out a lot of gains. And those, being hypothetical, are easy to underweight against the benefits of the status quo.

link