Branding Privacy
By Paul Ohm. Full text here.
This Article focuses on the problem of the privacy lurch, defined as an abrupt change made to the way a company handles data about individuals. Two prominent examples include Google’s decision in early 2012 to tear down the walls that once separated data collected from its different services and Facebook’s decisions in 2009 and 2010 to expose more user profile information to the public web by default than it had in the past. Privacy lurches disrupt long-settled user expectations and undermine claims that companies protect privacy by providing notice and choice. They expose users to much more risk to their individual privacy than the users might have anticipated or desired, and they do so long after users stop paying attention to privacy policies. Given the special and significant problems associated with privacy lurches, this Article calls on regulators to seek creative solutions to address them.
For new solutions, we should look to trademarks and brands because the information qualities of trademarks can meet the notice deficiencies of a privacy lurch. The novel union of trademark and privacy law yields a new prescription called “branded privacy,” which would require every company that handles customer information to associate its trademark with a specified set of core privacy commitments. If a company someday decides to depart from its initial promises—for example, by embracing a new behavioral advertising business model—it may do so, but only under a new name. Under this rule, Facebook would have been allowed to make the switch it made from private to public, but only after it had changed the name of its service to something new, say “Facebook Public” or “Facebook Enhanced.” A close elaboration and evaluation of this solution reveals how well it strikes an appropriate balance between robust privacy protection and a dynamic, free market.